🖊 Alexei Doudkine’s Post

💡 Check out the recording of this #MSIgnite session: Secure and resilient Windows strategy from Client to Cloud with Bhavya Chopra, Katharine Holdsworth and Stefan Kinnestrand. Here's what they cover: Microsoft's commitment to security is steadfast: secure by design, by default, and in operations. Whether you're managing Windows PCs or leveraging #Windows365 ( #W365 ) and #AzureVirtualDesktop ( #AVD ), here’s a peek into what's shaping the future: 🔒 Windows 11 Security Enhancements Hardware security baseline: A strong foundation for device security. Secure by default: Features like BitLocker, local security authority protection, and a hardened credential framework. Windows Protective Print Mode: A safer, driverless print experience. ☁️ Windows Cloud Security Phish-resistant authentication: Passkeys, FIDO2, and Windows Hello safeguard logins. Contextual security controls: Tailored policies based on device management and user profiles. Data protection: Features like screen capture protection, watermarking, and confidential VMs for sensitive workloads. ⚡ Resiliency on the Move Built-in disaster recovery for #CloudPC: Instant restore and cross-region recovery options. New Windows 365 Link: Purpose-built for a dataless and secure connection to W365. ▶️ https://lnkd.in/eDHyRDJ4

Do not take advice from the social media/armchair experts, instead refer to this continually updated (including links to advice from the public cloud vendors directly) document by CrowdStrike themselves: https://lnkd.in/edZbta4m #HugOps #Crowdstrike

CrowdStrike workaround steps for individual Windows hosts still experiencing BSOD or unable to receive updates: - Reboot the host to give it an opportunity to download the reverted channel file. (CrowdStrike identified a content deployment related to the issue and reverted those changes) If the host crashes again, then: - Boot Windows into Safe Mode or the Windows Recovery Environment Note: Putting the host on a wired network (as opposed to WiFi) and using Safe Mode with Networking can help remediation - Navigate to the %WINDIR%\System32\drivers\CrowdStrike directory - Locate the file matching “C-00000291*.sys”, and delete it - Boot the host normally Note: Bitlocker-encrypted hosts may require a recovery key Latest updates and additional workaround steps for public cloud and other environments: https://lnkd.in/eDedzM8C

CrowdStrike- work around for those affected: Workaround Steps for individual hosts: - Reboot the host to give it an opportunity to download the reverted channel file. - If the host crashes again, then: Boot Windows into Safe Mode or the Windows Recovery Environment Navigate to the C:\Windows\System32\drivers\CrowdStrike directory -Locate the file matching “C-00000291*.sys”, and delete it. - Boot the host normally. Note: Bitlocker-encrypted hosts may require a recovery key. Workaround Steps for public cloud or similar environment: -Detach the operating system disk volume from the impacted virtual server -Create a snapshot or backup of the disk volume before proceeding further as a precaution against unintended changes -Attach/mount the volume to to a new virtual server -Navigate to the C:\Windows\System32\drivers\CrowdStrike directory -Locate the file matching “C-00000291*.sys”, and delete it. -Detach the volume from the new virtual server -Reattach the fixed volume to the impacted virtual server

https://lnkd.in/dRvM4JEw Upgrade to the cloud they said, move your mainframe applications to the cloud they said, it was the best thing to do. BTW, Z in Z16 means zero downtime and they mean it ;-)

UBX Cloud have developed an effective countermeasure for the recent CrowdStrike Falcon BSOD loop problem. Our ISO will auto-boots into WinPE safe mode, removes the infected files, and reboots automatically—no need for manual logins or file deletions. If you are an MSP/CSP this could help to save lot of your time and We have successfully tested this fix on thousands of our managed cloud servers. While individual results may vary, we are sharing this internal fix to assist the broader community. For detailed instructions and the ISO download link, visit our blog. https://lnkd.in/gTKCzQuj #SysAdmin #ITSecurity #CrowdStrike #BSOD #Windows #UBXCloud

According to IBM's X-Force Cloud Threat Landscape report, "The #1 failed security rule in 100% cloud-only environments involved improper configuration of essential security and management settings in Linux® systems." This is precisely why DeployHub manages and stores these configurations from deployments and other security metadata, like SBOMs, real-time CVEs, and OpenSSF Scorecard results. #DevSecOps https://www.deployhub.com/

Want to learn more about data loss prevention? Wondering how to get started on the cloud? You have questions and we have answers. Visit our FAQ page today! https://bit.ly/4dYE0jc #Kobargo #FAQ

Tips on deploying Windows 365 ☁️ 🖥️ Although deploying a Windows 365 Cloud PC by creating a provisioning policy is relatively straight forward , there are quite a few things needed to keep the Cloud PC secure, here’s what you can do to further enhance security: ✅ Deploy Endpoint DLP to restrict sensitive data exfiltration to other Cloud Providers. ✅ Block clipboard redirection to ensure data cannot be copied out of the host PC. ✅ Create Conditional Access policies to ensure MFA is used to connect to the Cloud PC. ✅ Use FIDO2 keys where possible! ✅ Deploy Microsoft security baselines for Windows 365 as the perfect starting point For any questions about deploying Windows 365, please let me know! #microsoft #windows #security #cloud

Drive Encryption can be a great way to secure your Windows Devices, but this could also prevent any Data Recovery / and reduce general system performance by as much as forty-five percent. Microsoft is switching, by default, to enable Bit Locker Driver Encryption on Windows 11 24H2 (Released Fall 2024). There are some serious discussions that need to happen to prevent catastrophic loss. Many organizations now secure documents using Microsoft One Drive, DropBox, or third-party backup/ Cloud data services. Ensuring these documents are safely uploaded or protected will ensure these future updates do not affect recoverability. Always test your backups/recoverability plan beforehand, ensuring everything works as expected.