RunAs Radio!

How is generative AI evolving, and what can we do about it?

While at NDC in Oslo, Richard chatted with Alison Cossette about her work as a data scientist before the ChatGPT explosion in November 2022 and what life has been like since the LLM came to town.

Alison talks about the rigor of building AI models using generative AI before ChatGPT and how many of those efforts have diminished when confronted with a friendly, confident language model. Eventually, this rigor will be needed - as the dangers of not managing language models cause problems, and the need for rigor will re-appear.

Alison describes steps you can take today to understand how the LLMs you are using are trained and how they are tested. Generative AI is evolving, and you can be part of making it better!

Listen at https://runasradio.com/Shows/Show/948

How has Generative AI changed for you? Let us know in the comments below or on the RunAs website. If we read your comment on the show, we'll send you a mug!

Leadership wants to get on the AI bandwagon - what are the security risks?

While at the Kansas City Developers Conference, Richard sat down with Steve Poole to talk about his experiences helping companies manage the risk of bringing AI into the company.

Steve talks about the impact of introducing a new development stack, especially open-source stacks where you aren't sure of the providence of the code - sometimes there's malware in there! The conversation also moves to the various sources of language models and the potential risks.

There's an urgency to move quickly on this technology, but don't allow that urgency to shortcut the safety your company will need - you can do this properly!

Listen at https://runasradio.com/Shows/Show/947

What are you doing to bring AI technology to your company? Let us know in the comments below or on the RunAs website. If we read your comment on the show, we'll send you a mug!

What are the threats your cloud application and infrastructure are facing?

While at NDC Oslo, Richard chatted with Daniela Cruzes and Romina Druta about their work building threat models for cloud-based applications.

Daniela discusses how modeling helps to understand security concerns before applications are deployed and attacked - often, security retrofits are time-consuming and expensive, so thinking them through beforehand has enormous benefits.

Romina dives into the supply chain side of threats - open-source libraries with backdoors, even down to development tools with malware. There are a lot of threats - but when you look, there are often great solutions as well. You'll need to collaborate with development to secure things, but security isn't optional and is worth fighting for.

Listen at https://runasradio.com/Shows/Show/946

How do you address security threats to your applications? Let us know in the comments below or on the RunAs website. If we read your comment on the show, we'll send you a mug!

Are you ready for passkeys?

Richard talks to Tarek Dawoud from Microsoft about the evolution of passwordless access with passkey.

Tarek talks about the FIDO alliance and the ongoing effort to create authentication strategies that are mathematically impossible to phish - no password stuffing under the covers that might get exploited by a man-in-the-middle attack.

The conversation also dives into the passkeys name and how it's a rebranding of passwordless authentication to make it easier for everyone to understand that you'd rather have a passkey than a password.

The products involved are still evolving, but there's plenty you can take advantage of today and make your organization more phishing-resistant than ever!

Listen at https://runasradio.com/Shows/Show/945

Are you using passkeys? Let us know in the comments below or on the RunAs website. If we read your comment on the show, we'll send you a mug!

What does it cost to recover from a disaster?

While at NDC Oslo, Richard chatted with Natalie Serebryakova about her work helping companies understand their disaster recovery costs and what that process can teach you about your infrastructure.

Natalie talks about different types of disasters, from the deletion of a production server to a major outage caused by a fire at a data center - and the power of working through the scenario to determine what needs to be backed up and what it takes to recover.

The conversation also dives into the scrutiny of implementation - often, decisions are made that are no longer understood, or systems have changed enough that they could be improved. The result can be lowering DR costs, improving performance, and reducing operating overhead!

Listen at https://runasradio.com/Shows/Show/944

How up to date are your disaster recovery plans? Let us know in the comments below or on the RunAs website. If we read your comment on the show, we'll send you a mug!

Ready to move your device certificate authority to the cloud?

Richard chats with Richard Hicks about Microsoft Cloud PKI - certificate management for devices and people as part of the Intune Suite.

Richard talks about it being early days for Cloud PKI, so not everything you want is there yet.

The only way to get a certificate onto a device is through Intune, so some devices, like servers, don't have a way to play yet. However, there is a bridge between Active Directory certificates and Cloud PKI, so you can bring your new devices in through Intune and ultimately unload a lot of your on-premises certificate infrastructure. And that will make everyone's lives easier and more secure!

Listen at https://runasradio.com/Shows/Show/943

How are you handling certificates? Let us know in the comments below or on the RunAs website. If we read your comment on the show, we'll send you a mug!

How are you protecting your organization's data?

Richard chats with Joanne Klein about her work with Microsoft Purview to help with data protection, management, and governance.

Joanne talks about a spike in data protection concerns from Microsoft Copilot - if you have been securing data through obscurity, you're in for a nasty surprise! Copilot has a knack for finding every nook and cranny of data.

Proper data protection also means effective archiving - getting rid of out-of-date or irrelevant data. And then there are the security concerns around data retention - how do you need to keep, and for how long? Microsoft Purview can help with all these problems, but you must work with leadership to get things right!

Listen at https://runasradio.com/Shows/Show/942

What's your data protection strategy? Let us know in the comments below or on the RunAs website. If we read your comment on the show, we'll send you a mug!

How has the cloud transformed the way we work with data?

While at Build in Seattle, Richard sat down with Arun Ulag, Microsoft CVP of Azure Data, to discuss how the cloud has transformed how we work with data.

The pre-cloud practice of extract-transform-and-load into OLAP cubes has given way to the data lake - you don't need to pre-process data if you have all the compute you need on demand.

Arun goes further into empowering analysts using tools like PowerBI - but the key is access to data. With Microsoft Fabric, data lives in OneLake - or anywhere through links! Today, the data analytics landscape spans different product stacks and clouds - but all are available to learn more about your business!

Listen at https://runasradio.com/Shows/Show/941

Have you gotten started with Fabric? Let us know in the comments below or on the RunAs website. If we read your comment on the show, we'll send you a mug!

What hardware runs Azure today and into the future?

While at Build in Seattle, Richard sat down with Rani Borkar to discuss the hardware that makes up Azure Compute, including examples of the new Cobalt and Maia processors!

Rani talks about Cobalt first, Microsoft's ARM processor designed for workloads in the cloud.

Then, a look at the Maia processor, which focuses on neural net workloads like large language models. As Rani explains, the scale of the work coming to the cloud today allows for specialized hardware - you would likely not want to buy a machine this specialized for yourself, but you can rent it by the minute in Azure!

Listen at https://runasradio.com/Shows/Show/940

What workloads would you like to test on the ARM servers? Let us know in the comments below or on the RunAs website. If we read your comment on the show, we'll send you a mug!

More application platform pieces make your life better!

While at Build in Seattle, Richard sat down with Buu Lam of F5 to discuss F5's latest offering, NGINX as a Service in Azure.

Buu discussed how F5's products have evolved to run in the cloud, not just on their hardware. While you could run them as virtual machines or containers, providing them as services in Azure is better. You purchase the service in the marketplace and as part of your Azure billing.

The conversation digs into the advantages of the services model in terms of updating and instrumentation, as well as reducing the complexity of your infrastructure as code.

Listen at https://runasradio.com/Shows/Show/939

What Azure Platform Services do you use? Let us know in the comments below or on the RunAs website. If we read your comment on the show, we'll send you a mug!

What are the hard parts of machine learning?

Richard chats with Lynn Langit about her work helping the Mayo Clinic improve patient outcomes using machine learning to understand patient data better.

Lynn talks about the challenges of multi-modal data analytics - taking all the different data collected from a patient, like an X-ray or video, along with treatment notes, to create an overall picture of treatment and outcome.

Then multiply that by thousands of patients, making a complicated data problem with huge challenges in testing and validation. How do you know that the machine learning model is correct?

The key to practical machine learning is in the fundamentals - working on each step before you jump to the more complex goals!

Listen at https://runasradio.com/Shows/Show/938

How are you using machine learning? Let us know in the comments below or on the RunAs website. If we read your comment on the show, we'll send you a mug!

Have you rolled out Microsoft Defender for Cloud?

Richard chats with Yuri Diogenes about the bundle of tools under the Defender for Cloud moniker.

Yuri describes Defender for Cloud as a Cloud-Native Application Protection Platform (CNAPP). This Gartner term covers the various elements that go into a cloud-native application, including APIs, servers, containers, storage, resource manager, and more!

Defender for Cloud integrates with Microsoft Purview to understand data sensitivity, and Microsoft Sentinel helps detect breaches or data misuse. It also offers attack path analysis and remediation so you can get ahead of the attackers to close off potential breach risks before they happen!

Check the links in the show notes for great resources, including an ebook on CNAPP strategy!

Listen at https://runasradio.com/Shows/Show/937

What's your CNAPP strategy? Let us know in the comments below or on the RunAs website. If we read your comment on the show, we'll send you a mug!

How can Microsoft Copilot make your intranet better?

Richard chats with Susan Hanley about her experiences adding Copilot into the intranet via the Copilot Studio and Viva Engage.

Susan talks about the challenges of getting your intranet data in order - most notably, archiving old information so that it doesn't clutter up a Copilot with out-of-date and inaccurate data. The conversation explores making smaller Copilots focused on specific domains, like company policy.

It's still the early days for copilots, so there are some challenges to getting things done right, but the potential is there!

Listen at https://runasradio.com/Shows/Show/936

How do your users search their intranet? Let us know in the comments below or on the RunAs website. If we read your comment on the show, we'll send you a mug!

How are your company's Apple devices connected to the enterprise?

Richard talks to Michael Epping about the recent additions in Entra that support the authentication of Apple MacOS and iPadOS devices.

Michael discusses Apple's Secure Enclave as the equivalent of Trusted Platform Management in Windows. With Entra Platform SSO, you can now use that authentication to access Azure resources and, ultimately, on-premises Kerberos-secured resources!

These features are still in public preview but fully supported, and more is coming!

Listen at https://runasradio.com/Shows/Show/935

How common are Apple devices in your organization? Let us know in the comments below or on the RunAs website. If we read your comment on the show, we'll send you a mug!

How can you use PowerApps to extend the functionality of other apps?

Richard talks to Christina Wheeler about her efforts to teach folks to use PowerApps to add the functionality they need to Dynamics 365 and elsewhere!

Christina talks about her move to Microsoft, shifting from SharePoint to PowerApps, but still essentially doing the same thing - finding customer solutions.

The conversation ranges over the power of the Dataverse to provide access to all sorts of data and the emerging role of the Microsoft Copilot Studio to build custom copilots for your organization.

Listen at https://runasradio.com/Shows/Show/934

What have you done with Power Apps? Let us know in the comments below or on the RunAs website. If we read your comment on the show, we'll send you a mug!

Two old guys talk about Windows AGAIN?

Richard brings back Paul Thurrott for the tenth time to discuss Windows more.

This time, the discussion focuses on the end of life for Windows 10 - currently October 2025. Paul discusses how it used to be April 2025, but that's not enough time. Is it enough time now?

The conversation spans other Windows-related topics, including alternative versions like Windows 365 and Azure Virtual Desktop. And what about Windows 12? There is a bit of speculation at the end of a longer show - weigh in with your thoughts on what's next for Windows!

Listen at https://runasradio.com/Shows/Show/933

When do you think Windows 10 will come out of support? Let us know in the comments below or on the RunAs website. If we read your comment on the show, we'll send you a mug!

Machine learning models need updating - what's the reliable way to do it?

While in Romania, Richard sat down with Annie Talvasto to talk about her work helping to build DevOps practices around machine learning: Building repeatable processes for data ingestions, cleaning, organization, model building, and deployment.

The challenges are the array of skilled people needed to operate and evaluate the pipeline—it takes domain experts to know if the machine learning results are accurate and valuable. Tooling can help, but it is only in the early days.

If your organization is keen to incorporate machine learning into its operations, you need to do some careful planning!

Listen at https://runasradio.com/Shows/Show/932

What are your plans for machine learning in your organization? Let us know in the comments below or on the RunAs website. If we read your comment on the show, we'll send you a mug!

How's your identity governance?

Richard talks to Jef Kazimer from Microsoft about Entra's capabilities to help you have robust governance around identity.

Jef talks about the lifecycle of identity - when someone joins the organization and a new identity gets created, privileges changing as roles evolve, to the eventual offboarding when that person departs.

The same sort of cycle exists for devices, too - the question is only how much work you must do to get through those cycles. Entra offers tooling to get identity changes out of your support tickets - make your life easier with effective identity governance!

Listen at https://runasradio.com/Shows/Show/931

How's your identity governance? Let us know in the comments below or on the RunAs website. If we read your comment on the show, we'll send you a mug!

How does artificial intelligence fit in with SQL Server?

At the Microsoft Fabric Conference in Las Vegas, Richard sat down with Mauzma Fahid and Bob Ward to discuss the AI developments in SQL Server.

Mauzma talks about SQL Server as a crucial source of data for building machine learning models and the new features being added to make SQL Server a key store for vector data and other elements of machine learning.

There's also Copilot for Azure SQL Data to help with diagnostics in your databases and to write queries using natural language—it's SQL Server Natural Language Query all over again, but certainly better than ever.

Listen at https://runasradio.com/Shows/Show/930

What would you do with Copilot for SQL? Let us know in the comments below or on the RunAs website. If we read your comment on the show, we'll send you a mug!

Have you downloaded the latest version of PowerShell?

While at the MVP Summit in Redmond, Washington, Richard sat down with Sydney Smith to discuss some of the features in PowerShell 7.4.

Sydney talks about the successful delivery of PSResourceGet and PSReadline, two long-in-development features that have reached their so-called "1.0" state.

The conversation also digs into the ongoing challenge of some sysadmins sticking with PowerShell 5.1, the last of the Windows-only versions.

Today, PowerShell 7 has feature parity with 5.1 and many new features that improve the quality, security, and capabilities of PowerShell. Try the latest!

Listen at https://runasradio.com/Shows/Show/929

What version of PowerShell are you using? Let us know in the comments below or on the RunAs website. If we read your comment on the show, we'll send you a mug!

How can GitHub Copilot help you?

Richard chats with Damian Brady at NDC Sydney about the power of GitHub Copilot to help you understand and write the bits of code you need - whether you're using PowerShell, understanding a RegEx expression, or trying to get a Bash prompt right.

GitHub Copilot and help to explain the code you've got, even across workspaces - so you can find all the scripts that changes might impact. And if you think it's time to rewrite some old scripts into more modern languages, GitHub Copilot can help with that, too!

Listen at https://runasradio.com/Shows/Show/928

How do you use GitHub Copilot? Let us know in the comments below or on the RunAs website. If we read your comment on the show, we'll send you a mug!

As Artificial Intelligence enters our organizations, how do we secure them?

While at NDC in Sydney, Richard sat down with Sarah Young to discuss the challenges of securing these new technologies.

Sarah talks a bit about the fundamentals - in the end, AI technology is just more software and needs all the same authentication and authorization that other apps need. However, there are some unique aspects and potential exploits that you can address through tooling and education.

We're all learning these new AI technologies and how to apply them in our organizations - training is essential!

Listen at https://runasradio.com/Shows/Show/927

What is your AI security strategy? Let us know in the comments below or on the RunAs website. If we read your comment on the show, we'll send you a mug!

How can Microsoft Copilot for Security help you?

While at NDC in Sydney, Richard chatted with George Coldham about Microsoft Copilot for Security - combining GPT-4 with information about Microsoft security products and your organization's resources in Azure to provide guidance and insight into making your company more secure.

George talks about how it's early days for this copilot - and it's only in preview so far. Bringing together the vast array of security products that Microsoft makes, Microsoft Copilot for Security brings the ability of Large Language Models to summarize data to help you understand where the organization's security vulnerabilities exist and how to address them.

You want to get in on this preview!

Listen at https://runasradio.com/Shows/Show/926

What would you ask Copilot for Security? Let us know in the comments below or on the RunAs website. If we read your comment on the show, we'll send you a mug!

What can GitHub do for you?

While at NDC London, Richard chatted with April Edwards about how GitHub can help sysadmins - and everyone in your organization!

In the end, GitHub is an engine for managing work, with GitHub Actions kicking off workflows that can send messages, run all sorts of code, activate scripts, and more.

Ultimately, you get a good report of what happened - or didn't happen. And over time, those scripts can mature to be more reliable and detailed - and keep a record of every change.

Listen at https://runasradio.com/Shows/Show/925

How are you using GitHub in your organization? Let us know in the comments below or on the RunAs website. If we read your comment on the show, we'll send you a mug!

Aren't we all platform engineers? Steve Buchanan says yes!

But there's more to it. Steve talks about the mindset of looking beyond individual products that we might have skills with and owning the entire problem of providing platforms for your organization to get work done.

The conversation dives into the many products that can help our applications function better and the challenge of making them secure and fast. Are containers the solution? Possibly!

It's your platform; focus on the fundamentals and go further!

Listen at https://runasradio.com/Shows/Show/924

What do you think about platform engineering? Let us know in the comments below or on the RunAs website. If we read your comment on the show, we'll send you a mug!

What do you know about large language models?

While at NDC in London, Richard sat down with Dr. Jodie Burchell to discuss how machine learning has reached this new technological milestone.

Jodie talks about different types of machine learning and how large language models fit into the landscape. The conversation explores where LLMs come from, what they are good at, and what they should not be used for.

They are not intelligent and certainly not a panacea for work - but they can be valuable when used correctly!

Listen at https://runasradio.com/Shows/Show/923

How are you using LLMs? Let us know in the comments below or on the RunAs website. If we read your comment on the show, we'll send you a mug!

Have you upgraded to TLS 1.3?

While at NDC in London, Richard chatted with Scott Helme about his work moving companies onto the latest version of TLS. But do you need to?

Scott talks about how SSL 2 and 3 were used until they were broken by the black hats, leading to a panic to update quickly. While there is no evidence that TLS 1 and 1.1 were breached, they are already deprecated and slower than the later versions.

Want a performance boost? Move to TLS 1.3!

Listen at https://runasradio.com/Shows/Show/922

What version of TLS are your sites using? Let us know in the comments below or on the RunAs website. If we read your comment on the show, we'll send you a mug!

How are we going to manage the use of M365 Copilot?

Richard chats with Martina Grom about her experiences helping organizations prepare for M365 Copilot.

Martina talks about getting your data estate in shape - and the challenge that represents in terms of identifying what data should be available within an organization.

The conversation also digs into the larger picture of the Microsoft Graph - all the information about how people interact on M365, the resources they create and use, and the potential the Graph offers to help with productivity. It's still early days, but it's never too early to work hard on ensuring we have the right governance in place to allow Copilot to help the company succeed!

Listen at https://runasradio.com/Shows/Show/921

What are your plans for M365 Copilot? Let us know in the comments below or on the RunAs website. If we read your comment on the show, we'll send you a mug!

What's coming next for Windows Server?

Richard chats with Jeff Woolsey about the latest information around Windows Server vNext!

Jeff discusses how customer feedback influences Windows Server and the challenges of moving folks to the latest versions. Server vNext is designed to live in a cloud hybrid world and includes improvements for interacting with Azure, but it also has plenty of on-premises features.

The conversation turns to Active Directory and its ongoing modernization to make it more secure, robust, and scalable. The same goes for the rest of the Windows Server - coming soon!

Listen at https://runasradio.com/Shows/Show/920

What are you looking forward to in Server vNext? Let us know in the comments below or on the RunAs website. If we read your comment on the show, we'll send you a mug!

How does your company organize information?

Richard chats with Emily Mancini about the metadata in SharePoint.

Emily points out that if you're using Teams, you're using SharePoint - it's all under the hood. And that means any files are being tagged with metadata whether you do it intentionally or not.

Taking control of your metadata can mean more effective searches and managing surprises with tools like M365 Copilot. Metadata can help you protect sensitive data and make existing data visible to the people needing it. Spending a few hours with it can make a huge difference!

Listen at https://runasradio.com/Shows/Show/919

What's your approach to company metadata? Let us know in the comments below or on the RunAs website. If we read your comment on the show, we'll send you a mug!