 Hello and welcome back to another episode of a Z update. I'm Anthony Bartolo joined as always by Pierre Roman Pierre. How are you doing? I am doing wonderful. Yes, congratulations to the Montreal Canaries last night for winning against the Las Vegas Knights. So they move on to the finals. I think tonight is New York versus. King of the North. In other news, Euro Cup, the round of 16 happens tomorrow where Italia takes on Austria at 3 p.m. Looking forward to that match. Pierre, there's a lot of news we got to talk about today. It was a very busy week. We've always had a busy week and this one was even more so because there was the announcement yesterday of Windows 11. What announcement? So the Windows 11 launch, you know, yesterday was talking about, you know, hey, this is what's coming. Windows 11 and you look and feel to Windows. A lot of cool stuff that they were talking about the big things. The ability to an easier way to snap your Windows inside of the Windows desktop, which is really cool. You can, you know, select through a menu in terms of how you want to set that up for me who has multiple monitors. This is, you know, a huge opportunity to have that capability to quickly snap where it's required. The other piece was the inclusion of teams native inside of the browser. So no more, you know, third-party application. Now you have teams embedded inside of Windows, which is really cool. In the OS, not in the browser. Correct. In the OS. So it'll be part of the OS itself. And then the last thing that was really exciting for me was the whole inclusion of Android apps. Now, I know they show Tik Tok and Pierre, I think I've seen you on Tik Tok doing one of those dances. Nope. No, I refuse. Nobody wants to see that. Nobody wants to see the white man tornado on Tik Tok. I had that video. So if you're interested, let me know. The interesting piece with that Android native on Windows without an emulator. Really cool because there's a plethora of applications that may be of interest to be running natively on Windows. So I'm very excited about that. But the other thing that was exciting that also got announced yesterday. Yes. Windows Server 2022 Azure Edition is now in public preview. And this for us, it was very big. And it was something where, you know, the announcement came out yesterday. Pierre, did you catch any of the highlights on the announcement? On the announcement on Windows 2022? Yes. Yeah, I'm really looking forward to SMB over Quick and SMB compression. And all of the ways that we're in grading even, excuse me, even more into the Windows and MinCenter. It's generally just going to make everybody's life a little easier and a little bit more secure when running servers. I find it interesting, you know, this offering will be available for Azure IaaS VMs or running on Azure Stack HCI cluster. This is not something that you would install on a bare bones, which means it's optimized for cloud. And I'm very interested to see how that's going to, you know, how they go. I am running the preview on bare bones. Okay. So you can install it and you can run it. There are some features like the hot patch that only applies when you are running it either in Azure and on HCI, because the way it patches the machine in memory and not directly on, it's just, I haven't gone into all of the details of the mechanics of how it does it, but that's, some of those features are only going to be applied when it's running either in Azure or on Azure Stack HCI. Very cool. Okay, so let's jump into the other news that's out there and I think, Pierre, you're up first. Do we do in the, oh, okay. So Azure Key Vault Manage HCMs is now generally available, which is really cool for environments that are like highly, highly secure that require by compliance requirement like FIPS 140-2 Level 3 security or because really what they are is hardware backed key storage of your encryption keys. So now that that's generally available using the exact same APIs as you would for normal Key Vault, except that your keys are stored in a hardware or backed by a hardware module to protect them. Of course, this is not, this is not something that everybody should just jump on. It really comes down to what the requirements are because there is a difference in price from storing your keys in Azure Key Vault versus Azure Key Vault Manage HCM, HSM, sorry. It's interesting though, like the offering was asked of by our customers in terms of this type of enablement. The heightened version of security having it hardware based, it's something that like financial institutions and medical institutions would want to have full governance on and that this is a way that they can have that availability. But yes, of course, cost would be a factor in something like this and you have to make sure that this meets the needs of your organization. Yep. So, but it really, do you need to spend that much or spend that much? I don't know. I haven't even looked at what the pricing is specifically. I just know that it's additional to standard Key Vault. Very good. So, you know, definitely check it out and we have the link on ASAN Updates latest post on itopstalk.com for full details in terms of the availability of HSM and what's involved in terms of deployment and enablement. Let's continue on with the news. Next up is how's your role-based access control implementation been going Pierre for the last little while? My role-based access control. Have you done any implementations of role-based access control? Actually, I did because I'm troubleshooting an issue with a product group in a subscription that is our internal subscription. So, it's fairly sensitive. And I've had to go to role-based access control to grant some of the product people that I'm working with access to that specific subscription and to give them just the amount of rights that they needed to check the logs and check the status of the deployment without allowing them to make any changes to it. And so, what's been interesting is, you know, you have the ability to utilize existing templates for those roles when you're doing a deployment to allow for certain access to data amidst those environments, correct? Yeah. So, now that same type of functionality has come to machine learning. And so, those organizations that are looking to spin up workbenches for machine learning exercises also now have a template called the data scientist template, which allows for specific rules for data scientists to use the functionality on the workbench for machine learning and negate the need for spinning up a new resources or any other type of functionality, specifically focusing on the machine learning exercise in nothing more. So, this is something that, you know, the operations teams at organizations can set up, they can set up the resources, they can enable that role of the data scientist and assign it to those inside of the organization to gain access to those resources and conduct their experiments, but not modify or delete or create new resources so there's full governance on the deployment of that workbench when it's out there. Very cool. I'm not commenting much because I'm not much of a data scientist. Well, you know what, from an operations perspective, and this is the challenge, right? So, IT, you know, their depth in terms of data science is whatever the individual's passion is. And, you know, if you're passionate about it, you're going to learn about it, right? Yeah. Some people, it's just another resource, another, you know, the VM that I need to spin up for the allow these data scientists to do their work. So, in terms of governance, when we're doing the best practice of enabling those to serve themselves, but, you know, also making sure they stay within the garden, made available by the organization that they support, you know, it's something where you're, hey, here's the, you know, the resource that's made available to you. You can go in, you have full control, you can do what you want, but still within the guidelines of the organization. And then Microsoft taking it a step further by creating that role as a template inside of RBAC so that administrators can deploy, can assign this role to patrons or employees inside of an organization and have that availability for them to be self-serviced inside of the sandbox that's been created for them. I'm a big, big, big believer in RBAC or giving appropriate rights to one of my old jobs in my previous lives. I was the most hated IT director for a multinational that I was working for because my approach to it is when somebody would say, well, how come I can't do this on my laptop? And I would say it's not your laptop, it's corporation laptop, it's corporate assets, and I will be treating as such. So the right roles, the right access for the right people at the right time, I am a very, very big believer in that. I'm happy to see that the number of templates and pre-determined roles is now growing to include different types of access needs and access roles. Paul Jensen actually asks a great question. Data scientists have a lot of access to data. Will RBAC help them with their data access as well? So I don't have the specifics in terms of what the governance is on the RBAC role for data sciences specifically. But as you know, you can actually extract that role and is a JSON template and make modifications as required, right? So there are specific data requirements that they have. You can actually create a custom template if the existing data scientists template doesn't work 100% for your organization and then make those modifications to have that available to specific data sets so that they don't, you know, run carte blanche on all the data sets that are out there that they may not be able to have access to. I think one of the issue that Paul is thinking about is when you're looking at these massive data sets that may have sensitive information in them, it's one thing to build the data studio to analyze the data, but what is the risk of somebody taking that data out and maybe doing something nefarious with it? I think if the job requires access to it, you just got to put enough guardrails around it and enough safeguards to log when somebody accesses it or specifically copies it or moves it somewhere else. Let's continue on with the news. Pierre, you're up next. Yes, we are talking about NFS, NFS, which, whoops, NFS, which for a long time has been a standard storage protocol. It's been in Linux and been in Unix. It's been available for a long, long time, but is now NFS 3 is generally available in Azure Blob Storage. Anybody who's doing high-performance computing, and by the way, there's a new community for high-performance computing on itopstalk-discord, join it if you're interested. But if you're doing high-performance computing, if you're doing manufacturing, if you're doing, there's a lot of industry-specific workloads that depend on NFS, and that's now generally available in Azure natively for accessing Blob Storage. So very, very cool. It might help some customers upload or migrate some of their workloads to Azure, because now they don't have to recode them to change the new protocol. They can just use NFS as it's designed. That's interesting because NFS has been around for a while, and so now to integrate it natively, or 3.0 being made available, like you said, it's now that next step to, okay, so now I do want to move this up to the cloud because it's now supported. Yeah, so people with legacy systems will be able to take advantage of it without having to recode them. Right. Very, very cool. Next up in the news, Pierre was the last time you heard the term BYOD. Bring my own drinks? No. That was last night during the Canadians. Oh, bring your own device, yes. Bring your own device, right? That's how long you're going to go. Well, we've been hearing it on and off for the last few, for the last decade. Sometimes it gets more pressed and then it dies down and then it comes back. But it's really, in our world, it's really the norm. So about it. We haven't heard it in a while. And what's interesting is this whole BYOD piece has now become more than just mobile devices because when I started my career, BYOD meant, hey, I'm bringing my own BlackBerry to the office or bring my own iPhone to the office. And I want it connected to the network and to get my information on my device. But being disallowed to do so, so IT had to find a way, security, while you're laughing. The security had to figure out a way, okay, that's how do we secure these devices to ensure that they can gain secure access to the information. And so the whole premise behind BYOD was, this is the device I want to use. And so, you know, IT find a way to secure it so that I can have access to my information. Recent update to Microsoft Defender now can manage unmanaged devices inside of an organization. So what does that mean? The data that comes in and goes from the device itself can be secured in an unmanaged state, which, you know, for the most part, pertains to IoT devices, but also can pertain to servers, switches, mobile devices, you name it, that are trying to gain access to information inside of your organization. The tools made available show the threat levels of what's actually occurring when these unmanaged devices are gaining access to your infrastructure and what they're trying to gain access to. And also can do, you know, deductions around, okay, well, the individual that's using this device that is authenticated on this device is a secure user. So we'll allow this pathway will allow for this data connection to occur and continue and maybe send the warning to say, hey, this device needs to be locked down. We needed to, you know, to be governed by our organization based on the policies that we've set forth. So this is an interesting one in terms of having that ability to manage the unmanaged devices that enter into the network. You still have the capability of blocking these devices if they're not been authenticated or secured by an organization. But it's something where it's that next level of, hey, we have some intelligence around who's actually using this device and providing that access to the data securely, even though the device is not managed by the organization. This also comes into play in terms of adding of devices to the organization. So the plethora of IOT devices that are that are deployed out inside of an organization that may have come, you know, from a third party that wasn't sanctioned, but an organization, a department inside of an organization is doing a proof of concept. Here's a great way to quickly onboard these IOT devices and still have the manage be manageability capability to ensure that the data as being captured is secured appropriately. I'm going to have to wrap my brain around that because managing an unmanaged machine, does that make that machine now managed? That is the conundrum, right? So it's interesting that the data is being managed. We're well beyond just the security of managing the devices themselves. So it's a bit short of the full, in tuned registration of the device into the system. It's ensuring that the data that the device is attempting to access is still secured. It's allowed to access on that unmanaged device. It's still secured by the organization's policies and procedures. Okay, I'm going to have to look it up and try it out because it's that part to me gets it can get a little confusing as to like at which point do you put the the barriers and which point do you put the as you can't put it on the device because it's unmanaged, but you're now managing an unmanaged. So where in the chain do you make that connection? I think poll in the chat room actually does a great job of explaining it really simply manage sandboxes. Okay, that works. Right, that works here. So you have a sandbox on an unmanaged device that the sandbox itself is managed by the organization and this allows the security to stay intact. So and when you're done, the sandbox disappears. Correct. Cool. So next up, we have a roving reporter segment. We haven't had one of these in a while. Right. So, so Sonya cuff, who's hosted on the show before her daughter, Ashley is actually ghost was gonna say ghosting, pairing with her mom to learn about what she, you know, does on a day to day activity for work. And so they actually recorded a conversation between the two of them in terms of, you know, why the interest that Ashley has in terms of what her mother does and the role of women in it. Producer Pierre, if you want to take it away. All right, that's cool. This week, I've had the pleasure of having my daughter Ashley cuff in the office with me. Well, the home office to be exact for work experience for her year 10 class here in Australia. So, welcome Ashley. Thank you for joining me. How's the commute been? I mean, upstairs and downstairs has been tiring. Work from home life. It has been good to have you here. So just, I want to ask you some questions about school and IT in general and sort of your exposure to technology concepts. So what kinds of things do they teach you in school? So I think in primary, we did a lot of kind of the basics of coding. Like we started off with like one of the main components of a computer, like a monitor and a mouse. And then we kind of moved on to like block coatings. We did scratch and those kinds of things. And then as we moved on, we moved on to like more complex coding with text based programs. Okay. So you're doing an IT subject now in high school. What kinds of things do you learn now that you're 15? So I think the things that we've covered have been pretty much a wide range of programming languages like HTML. We've done a bit of JavaScript. We've done a lot of Python recently. This term just gone. We've done Blender 3D animation. But I feel like the main part of it is just focused on coding. I'm hearing that. There's a lot of coding here. I'm hearing like we built a network or we built a virtual machine. So that doesn't really sound like it's much in the curriculum. Like more of the infrastructure and the VM topics that I actually put on a day to day basis. How many girls are in your IT class? Well currently I'm the only girl in my IT class. I've been through that for my careers or sometimes you just have to be the only girl because it's something you enjoy. Why don't you think that your friends aren't interested in this topic though? I think it's because it's displayed as a hard subject. It's programming and it's complex and it just takes up a lot of time and they don't feel like they can do that. Wow, that's a bit of a revelation isn't it? So what do you think needs to change? Like if you were in charge of the subject, is there anything that you would change or communicate to girls to get more interested in it? I feel like a different variety of topics not just focused on programming would help a lot. Cool, so you've been with me for the past week. Why do you like being in the IT class? Why do you like technology as a concept though to be the only girl in the class? Well the coding that we have covered I like the problems holding up and having that stuff that doesn't work. And just spending hours on it not working and then finally getting it to work. And look, we've talked a little bit about how my exposure into IT looking at infrastructure topics pretty much had the same kind of concepts in it. Like I wasn't dealing with code but I went into the IT department and I was dealing with help desk tickets because people had a problem. Like they were trying to do something and they were getting the error or the computer wasn't connected to the network. And it is that problem solving is the thing that I love about being in the technology industry. So different problems, different ways to solve them but it's still that satisfaction that comes from applying it and getting it to work. What have I got you doing this week? What are some of the things that we've been working on? So we started off the week with where I watch one of mom's videos on just the basics of a computer. Because we weren't really taught that much in-depth stuff. We wrote a blog post about alerts and getting a spotlight to flash with Logic Apps. I set up a learn account and I did the basics of virtual machines. So you hadn't done anything with Logic Apps before? No. Excellent. So we'll put a link up to that blog post that's about taking Azure monitor alerts and getting that spotlight to flash. But that is also available in Power Automate so you can use other services as a trigger to get some sort of visual alert that something has happened in those worlds as well. Excellent. And so finally I am going to throw a big question out to you and go... You know, the IT workforce has a problem of attracting new people and especially people from the younger generations into the kind of work we do that isn't coding. What are you looking for when you go out to the world to get your first job? Like what are the kinds of things that would make you go this is going to be a good job or this is going to be a good employer? I think just interesting work, doing stuff that I'm interested in, not focusing on the same thing just day in, day out. Yeah, but you're right. It's more than just turning up and getting paid money for doing a day's work. I think especially people that are attracted to the technology industry. There is that sort of problem-solving satisfaction but there also is like I want to be doing work that I'm really enjoying. And sometimes to be honest it takes you a few different roles or different organisations or different movements even within the industry. My advice to you, don't stress too much about making that first job perfect because there's a really good chance that it won't be. But just take every opportunity as a learning experience because your career path is as wide and varied as you want it to be and this goes the limit. So thank you so much for joining me this week. It's really good to see young girls that are still interested in technology as a career and as we can see there's a big gap and a need for them in our IT roles that aren't coding. And if there's any way that we can sort of help encourage young people to get into this side of tech and let us know what your thoughts are. Thank you so much for joining me. Really cool. It's something where and a lot of schools are doing this right now in elementary schools in terms of introduction to tech is coding. And so they're doing the block coding which is an instance of drag and drop coding. It's really cool that Ashley is already looking into the Power Platform and Power Audio as a solution. Sky's the limit. There's a lot of talk on the chat room in regards to having women in IT which is awesome for that breath of fresh air in terms of creativity and new ways of thinking. It's our responsibility to enable all people to have the opportunity to participate in what they're passionate about. So very thankful for Sonia to put that together. And I do think that in the general in general industry some people like there's a small there's a portion of the industry that needs to open up their minds to the pops ability and stop mansplaining and in talking down to whether it's women or any other group entering the business is just. We're all IT ops folks and we have to be ally to all of them and it's just our responsibilities to as the keeper of the technical depth to pass that on to the new generation. As she mentioned they're not learning potentially like infrastructure stuff and networking stuff so we have to pass on that knowledge. Okay we've got to continue on because we've got two minutes left really quickly in terms of what's going on in the community patch and switch is happening today. So it's noon Eastern Standard Time audio Steve or wireless Steve as he was called today will be there as well but I believe Rick is back from his tour from to San Francisco and back and so he'll be on the show today. Also as always the Microsoft learn module of the week this week to tie into the security announcers that we've made me on the show protect against threats with Microsoft Defender for endpoint. As you heard there's new the new ability in terms of unmanaged devices but if you want to get a good understanding of what endpoint for Defender has here's a great hands on module that allows you to play in Sandbox for that functionality to learn up skill on the Microsoft Defender app. Platform producer Pierre this is our last show for this and now we jump into in the summer. The end of our season two and we're looking to look forward for season three that will be coming up in August. That doesn't mean that we're not going to have any videos we just won't have any live stream next weekend. But they're not they may not be scheduled in every Friday. Right so next weekend is Canada Day weekend and July 4 so we will not be on next weekend but we will have something for you the following weeks after that. Producer Pierre if they want to get a hold of you what's the best way to get a hold of you. I have been and always shall be at Wired Canuck and also on the Discord. And if you want to get a hold of me for some reason you can do so on Twitter at wireless life everybody have a great weekend have a great summer and we'll see you all back in August. Cheers.