Community

From MS Technet Gallery to Github

As Microsoft TechNet is about to be deprecated (june 2020), I’ve completed the move of my documents and scripts gallery to Github.

Major advantage is that Github can be managed from a desktop client….

You’ll find some (35+) interesting links and downloads of

  • various powershell scripts to manage
    • AD
    • Microsoft Identity manager (FIM & MIM)
    • HTML
    • Technet Wiki
  • sql scripts
  • Word templates
  • XLS templates and tools

Bookmark this link for easy memory: http://ffwd2.me/mygallery

 

€750.000 per year for some onepager PDF, you can do that too.

scam-3933004_1920

(Image Credits: mohamed Hassan via Pixabay)

Dear Annie BG Mathews,

Dear CIO Applications Europe,

(quote, feb 2020) “I am Annie from CIO Applications Europe magazine and it is my pleasure to inform you that we have pre-screened the top players who have carved a niche in the Information Security arena and have shortlisted them to be featured as one of the “Top 10 Information Security Consulting/Service Companies 2020”, <…> being one of them.”

(quote, apr 2020) “I am Annie from CIO Applications Europe magazine, and it is my pleasure to inform you that we have pre-screened the top players who have carved a niche in the GDPR arena and have shortlisted them to feature as one of the “Top 10 GDPR Consulting/Service Companies 2020”, <…> being one of them.”

Did you also get the same mail  from “CIO Applications Europe”, with their fabulous “Top 10” marketing, asking a small fee of €2500,- to be featured as top-player in the <see below> field, for which you get a fabulous … eh.. 1 single pager PDF. And using their top 10 logo in your marketing.

Top, you make me feel so special!

Just.. ehm… radio couloir says lots of my sector contacts and LinkedIn network contacts got the exact same mail.. So, top 10, my @§§.

Marvelous quick win

Just a bit of 12y-old math says: that is a smart turnover of 25.000 EUR per top 10 published. Knowing that they have published roughly 30 of their “top 10” articles for 2019, this means a quick win of €750.000 on one-pagers only.

The categories they have listed last year:

(Look it up yourself: https://www.google.be/search?q=inurl:cioapplicationseurope.com+%22Top+10%22+%22-+2019%22)

  • Agile Technology, Asset management, Automotive, Blockchain, Blockchain Solutions, Business Intelligence, CEM solution, Contact center, Cognitive consulting, ERP, FinTech Solution, GDPR Solutions, GDPR consulting, IBM Solution, Information Security, IoT solution, IT services management, Legal technology, Mar tech, Microsoft solution, Microsoft Consulting, Procurement, Proptech, Salesforce, Smart City Tech,…

Forgive me if  I forgot another €25.000,- in the 30x Top 10 of 2019 they listed.

But some important categories missing, so you can do that too, some ideas below.

If the “Top 10” on GDPR is completed, you create new categories like “GDPR consulting”, “GDPR legal advice”, “GDPR breach specialist”, “GDPR expert”, “GDPR Services”, that’s another 125K of revenue, easy deal to fill the 1 million bucket.

So, you can buy yourself a list in the Top 10.

So here’s the deal, for 2499 EUR, you can get listed in the 2020 Top 10 spam and scam companies, you get a full A6 print page (special 7pt Wingdings font) with a 3 minute made-up interview with your CSSO. (Chief Spam’n Scam Officer.)

Legit business??

For €2499,- you get an interview, a one pager and a logo for display.

I quote: “We want to work with you towards a single page article after an interview with the senior management projecting the unique story of your company. For a nominal amount of 2,500 Euros, you will own complete print and digital rights to use the pdf of profile in your process of acquiring new clients along with many other prominent benefits like rights to use the Top 10 logo in your communications, single page complimentary advertisement placement and many more which I would love to explain when we connect.

It’s not forbidden to make you a ridiculous offer, but do you really want to sponsor this scam and spam practice and keep it alive?

Fact is, this is not ‘just a spam’ campaign.. It’s setup as legitimate business, at first sight.

You can still ask yourself why CIO Applications “EUROPE” would have a phone number in the US.

#GDPR!

It’s not only about the scam, they are using personal data without notification.

And you can argue they can use “legitimate interest”. Yes, for sure. But still they need to apply article 13 and 14, when collecting personal data. Their privacy notice (https://www.cioapplicationseurope.com/privacy-policy/) is not mentioned in the mail communication, it does not mention how they collect my data and how the process it. Neither do they refer to the required legal GDRP mentions (like DPA contact and so on…).

There is no reference how to file a subject-data access request… you can always spam their marketing department as mentioned in their privacy notice.

So, this could even be a valid reason for contacting your DPA and file a complaint.

I don’t want to unsubscribe to spam mail, because I don’t want to give you just more information if you don’t respect me from the beginning.

What’s the real problem then?

What do you think of a “Top-10” ranking, that is only based on the fee you pay? The first 10 that pay, are in the top 10. Number 11, bad luck. Oh wait, we’ll setup another top 10.

This feels like bribery. And mental pressure.

They send out the requests to new companies, struggling to conquer the market. They make your feel important, but it’s only about the money.

This type of practice puts other legitimate rankings in such a bad daylight… the smell of money on a “Top 10 …something”. This destroys the reputation of other communities, value papers and IT or security sectors. It’s not isolated to this one bad apple.

Be smart

Think. If it doesn’t feel right, it is not right. For a bare €2499,- you can achieve a lot more than a single page PDF and a top 10 logo.

For the same money and the support of a real marketing specialist, and some smart channel management, you can create real impact.

But most important of all, do what you do best. Create impact. Create great stuff, create buzz, let customers tell your story…

Stay out of the pile of bad apples.

#justthinking

Cybersecurity voor vrijeberoepen en KMO (Webinar bij VLAIO)

Afgelopen vrijdag 21 februari, organiseerde Agentschap Innoveren & Ondernemen een praktisch webinar over Cybersecurity.

We toonden een vernieuwende aanpak die de zelfredzaamheid en veerkracht bij KMO’s inzake cybersecurity helpt vergroten.

Cybersecurity wordt beschouwd als één van de grootste bekommernissen in het huidige ondernemerschap. De veiligheid van (klanten)gegevens is een topprioriteit en een beleid hieromtrent uitwerken is noodzakelijk. Als adviseur zult u wel vaker de vraag krijgen van uw klanten over hoe ze hiermee aan de slag moeten gaan.

Hartelijk dank Melissa Gasthuys als gastvrouw en Eveline Borgermans voor de perfecte begeleiding en opname bij Agentschap Innoveren & Ondernemen

Hier de link naar de slides

De link naar de opname:

En je kan altijd nog even gaan kijken op cybervoorkmo.be voor meer tips en hints.

Privatum – Privacy After Work (2020-02-06 collaterals)

OP 6 feb jongstleden, presenteerde ik een sessie bij Privatum, voor hun avondsessies van  “Privacy After Work”.

Dat is een lichte, interessante aanpak om mensen bij elkaar te brengen ivm privacy en gegevensbescherming, dus  ideaal voor netwerking en interessante dingen te leren.

Meer info hier: https://www.privatum.be/privacy-after-work-2/

Hieronder vind je een overzicht van de links en URLs waar ik naar verwees tijdens de sessie.

De handouts van de sessie vind je op SlideShare:

Slide 10; de ISO27701 bouwstenen:

 

Slide 11: (*) Gratis downloads

Slide 21

Uitgebreide ISO27701 mapping met GDPR in XLS formaat (wat handiger)

https://github.com/PeterGeelen/ISO27701Collaterals

Direct links

Extended mapping

https://github.com/PeterGeelen/ISO27701Collaterals/blob/master/20200129%20PECB%20ISO27701%20vs%20GDPR%20-%20extended%20mapping.xlsx?raw=true

Handy mapping

https://github.com/PeterGeelen/ISO27701Collaterals/blob/master/20200129%20PECB%20ISO27701%20vs%20GDPR%20-%20handy%20mapping.xlsx?raw=true

Slide 52

Meer info: https://identityunderground.wordpress.com/2017/11/06/note-to-self-iso27001-iso27002-downloads-tools/

http://www.iso27001security.com/html/toolkit.html

GDPR-ISO27k mapping:  http://www.iso27001security.com/ISO27k_GDPR_mapping_release_1.docx

Meer info over de ISO27701, incl webinars & LinkedIn articles met Q&A

https://www.linkedin.com/in/pgeelen/detail/recent-activity/posts/

Interessante update:

Microsoft heeft een open-source mapping gepubliceerd tussen de controles in ISO / IEC 27701 (de nieuwe uitbreiding van de gegevensbescherming van ISO 27001 en 27002) en verschillende wettelijke regels, waaronder de GDPR (Europese Unie).
Het project bevat een Excel-bestand met de onbewerkte gegevens: zie https://github.com/microsoft/data-protection-mapping-project/raw/master/src/assets/database.xlsx

De directe link naar het volledige open source-project zelf is: https://github.com/microsoft/data-protection-mapping-project

Microsoft MVP for another year: Thank you!

Just a few hours ago, I got the confirmation that I was awarded the 2019-2020 Microsoft Most Valuable Professional (MVP) award.

It’s a yearly award granted by Microsoft to community leaders and influencers who passionately share their knowledge and drive the MS community.

For some it’s the ultimate goal to get in the MVP program, but as the reward is granted year after year again, based on your impact of last year, it’s never sure you’re in for the next round.
It’s not about the award, but about the drive and mindset to build community. You can’t simply keep up if you don’t have the drive.

But more important, you simply can’t keep up without support.

So I’m proud to receive this award.

And I’m utterly grateful that lots of people around support me in this, very close and very far.

Thank you, my dearest wife and kids to keep me alive.

Thank you, dearest Microsoft TechNet Wiki Geeks (TOO MANY to list here), you keep me going.

Thank you, Ed Price, the greatest Wiki Wizz Kid,

Thank you Tina for supporting the MVP BeNelux and Nordic Community manager.

And many many others, … without you I could not do this!
I dedicate this award to you.

Thank you.

Speaking at PECB “Global Leading Voices” webinar – 29 nov 2017

I’m delighted to announce that I got an invitation to speak at the PECB Global Leading Voices” Webinar series.

046.GRC Flyer

Join PECB EVERY WEDNESDAY in their new webinar campaign

Global Leading Voices

Governance, Risk and Compliance

November 29 | 3:00 PM CET

“26 May 2018, from GDPR to sustainable GDP”

I will cover:

  • How to move from GDPR to GDP way of thinking?
  • How can we use the GDPR to build data protection into the company DNA?
  • What is required, for all parties in the story, to make it work?
  • How can we build sustainable data protection practices?

 

Peter Geelen

Register for webinar

Of course, there’s more interesting material to find in the PECB webinar series.
Have a check : https://pecb.com/en/webinars

 

 

I’m speaking at the #HIPConf Hybrid Identity Protection Conference in New York

Next week, I have the honor of participating as speaker at the Hybrid Identity Protection Conference in New York, NY.

Let me quote Sander Berkouwer:For those who attended The Experts Conference (TEC) and NetPro’s Directory Experts Conference (DEC) events previously, the Hybrid Identity Protection Conference promises to be at least as much fun as these events, where you’ve seen the likes of Gil Kirkpatrick, Sean Deuby, Darren Mar-Elia, Brian Desmond, Joe Kaplan, “, of course Sander Berkhouwer,   and not to forget Tomasz Onysko.

For quite a while, the TEC/DEC conference has been the landmark for the MS Identity & Security community, and I would be happy to let the HIPConf take that place.

HIPConf

About the Hybrid Identity Protection Conference

The Hybrid Identity Protection Conference is Semperis Inc.’s event in the spirit of The Expert Conference (TEC) to bring together the leading experts in the field of Identity and Access Management. The event offers a unique opportunity to spend two days on-site in New York with peers, whose day-to-day job is to architect, manage, and protect identity management in the hybrid enterprise.

Attendees are able to meet face-to-face with the leading experts of their field, acquire in-depth technical knowledge, and be exposed to the latest innovation.

(And that’s where the TEC/DEC and HIPConf make the difference with other conferences, which not always allow to meet with the presenters/experts.)

The 2017 Hybrid Identity Protection Conference takes place on November 6th and November 7th at the famous 7 World Trade Center in New York City’s Tribeca neighborhood. Just minutes’ walk from famous landmarks, attractions, museums, and famous restaurants in Manhattan, and with astounding views of the New York skyline.

About my session

As you might notice, my session is taking a bit of a different view on Hybrid Identity, but as important as the technical view.

Tuesday 7/nov: “04:00-05:00 pm – Forget about compliance! Only the GDP mindset will keep you alive”

“With the 2018 GDPR deadline in focus, many businesses with EU customers are feeling like a rabbit frozen in the GDPR headlights… But it’s not the ‘R (regulation) that matters, the GDP does. In this fast moving era of cloud and data centers, information is flowing like water, and perimeter security is so Y2000. Join this presentation to learn how you can leverage best practices to build an end-to-end, layered security, and avoid information spills. “

Join the HIPConf!

There is still time to register.

And as Sander mentioned,  with the Global MVP Summit moved from the November timeframe to March, this is the opportunity to hang out with a group of people and MVPs that have built the Microsoft community for Identity & Security for years…

And I’m looking forward to see them again, after all these years!

Thanks Semperis Inc. to offer this opportunity!

Note-to-self: #MIM2016 & #FIM2010 Config documenter released on GitHub

Source: Announcement on MIM 2016 Group on LinkedIn by  Jef Kazimer

Source Code: https://github.com/Microsoft/MIMConfigDocumenter

Jef announced that the Identity Community Projects team has published the MIM Config Documenter tool to the Microsoft GitHub Organization as an open source community project.

The MIM configuration documenter is a very nice and easy tool to generate documentation of a MIM / FIM synchronization or service installation.

It allows to: 

  • Document deployment configuration details for the MIM / FIM solution, including MIMWAL Workflow definitions
  • Track any configuration changes you have made since a specific baseline
  • Build confidence in getting things right when making changes to the deployed solution

You can find the project code, releases, and documentation at https://github.com/Microsoft/MIMConfigDocumenter

 

June 2017: @TroyHunt is back in Belgium for his workshop ‘Hack Yourself First’. Wanna join?

ZIONSECURITY will be welcoming Troy Hunt again. The 1st and 2nd of June, he will be leading a ‘Hack Yourself First’ workshop where he will teach professionals how to break into their own applications. Find out the program and register here!

#update: download the flyer with program and details here: Flyer Troy Hunt June.

I have been there the last time, it was great fun, lots of interaction. And I certainly would recommend you to join.

What if you really wanna join, but your boss is not willing to sponsor? (While he SHOULD!).
Or any other silly reason you can’t attend?

Well, you know, if you can provide me a very good, strong, original and unique argument why you MUST be at this workshop, you might be lucky.

You know the channels to reach out to me and test your luck.

Some suggestion, send me a direct message:
1. Comment on this post,

2. mail me, tweet me (direct message!), F@ceBook me, LinkedIn …

Convince me and it could be you sitting at the first row.

Thank you!

This weekend I’ve received some pretty exciting news that I was awarded the 2016 MVP award (Microsoft Most Valuable Professional) for Enterprise Mobility (Identity & Access).

mvp_logo

I’m extremely proud to receive the award, but I never could have achieved this award without your support. So, in the first place I want to thank YOU for supporting me and making it possible. With your help I certainly will continue to support and build the Microsoft and security community with great pride.

A great thanks to Ed Price, Ronen Ariely, Gokan Ozcifci and Jorge de Almeida Pinto for the support and recommendations. (I sincerely hope I haven’t forgotten anyone…) I owe you Belgian beer.

I had the honor to be part of the program earlier, and never have stopped to build and maintain the community with passion for Identity and Access management, but as combining Microsoft FTE with MVP is not possible… I had a break for the years at MS… still it was different.

I’m also extremely thankful that my wife Katrien and my 2 kids can cope with my crazy passion for TechNet Wiki and MS community obsession. This addiction is just so much fun…but I’ll never admit that. (oh ships, just did…)