Note-to-self: Normalization of deviance in security: how broken practices become standard [must read]

If you would search the internet you’ll quickly find the original quote… “Normalization of deviance in software: how broken practices become standard”

All credits go to the original post:

And to honor the truth completely, the hint was posted by Joe Richards at
Joe has highlighted some important remarks in his blog post. But there is more…

What reasons do people or companies have NOT to implement best practices or ‘forget’ to implement them.
What easily becomes accepted as normal, why not speak up if you think something is wrong…

Just replace the ‘software’ in the article and title by ‘security’ …

Simply must read!
[Or actually, simply must implement, every day.]


Note-to-self: Windows 10 Device Guard white paper just shipped

The Device Guard white paper just shipped to Technet. Enjoy!


Note-to-self: Insider Threat report from Infosecbuddy


(No, you don’t need to leave your precious dummy contact details…)

From the report:

“Highly publicized insider data theft, such as the recent Morgan Stanley breach or Edward Snowden incident,
highlight the increasing need for better security practices and solutions to reduce the risks posed by insider threats.

This report is the result of comprehensive crowd-based research in cooperation with the
260,000+ member Information Security Community on LinkedIn and Crowd Research Partners to gain more insight into the state
of insider threats and solutions to prevent them.”

Note-to-self: A quick tip to convert Hyper-V .vhdx to .vhd file formats (prep for Windows Azure)

A very useful, quick hint to convert your Hyper-V disk to Azure ready disks…


See also:

Note-to-self: Download free DLA Piper legal start-up pack with legal rules of thumb and templates.


“This Start-up Pack has been designed and prepared by the (DLA PIPER) Technology Sector initiative, which includes lawyers with experience in intellectual property, corporate, employment and tax matters.

The purpose of this Start-up Pack is to provide assistance and support to early stage start-ups who are looking to establish their business on a more formal basis. Creating the right legal framework and ensuring that the business is protected at the outset is vital for a start-up to achieve its full potential.”

Note-to-self: TEDTalk – Before public speaking…

Must see:

“If you’ve got a presentation to give at work or school — or are perhaps getting ready to speak at a TEDx event? — we recommend these talks to help get you pumped up. “

Playlist (8 talks)

Note-to-self: Sharepoint maintenance for FIMsters (#FIM2010 running out of disk space?)

When you’re taking care of your FIM Server, more specific the FIM Portal server running Sharepoint, you might encounter some events in the event viewer, where Sharepoint is complaining about the lack of disk space.

But it’s very likely that you have plenty of disk space …

If you don’t have plenty of disk space, (*) then stop reading and fix it, bookmark this page and come back.


So, you have plenty of diskspace…
Then it’s very likely you have enough memory in your system to run your FIM Server smoothly… (if not go back 2 lines, and execute *)

Now, plenty of memory and plenty of disk is the problem.

By default Sharepoint runs the health analyser and has gotten 2 rules that compare the amount of memory against the amount of free space.

See here for more explanation: Drives are running out of free space (SharePoint Foundation 2010)
“This rule checks disk space as a proportion of the RAM on the computer. When disk space is less than twice the RAM on the computer, the health rule triggers an error. When disk space is less than five times the RAM on the computer, the health rule triggers a warning. Accordingly, server computers with lots of RAM are more likely to experience a failure of this rule.”

So if you have a huge amount of memory, this rule can easily fill up your application event error log in your event viewer.

What can you do about it?

First of all, there are more and other rules, tools and checks that will warn you if you REALLY have a disk issue:

  • the operating system will warn you if your hard drive is going below the usual free space thresholds
  • Better make sure you’ve got a system monitoring active (like System Center Operations Manager)
  • There are additional health rules in SharePoint that monitor the disk for % of free space

Secondly, you can disable the redundant error messages by the SharePoint Health Analyser.
Check out this post:
“SBS2011: The SharePoint Health Analyzer detected an error. Drives are running out of free space. Available drive space is less than twice the value of physical memory. [Solved]

Although the post is focusing on SBS2011, it does also apply to SharePoint Server 2010 (Foundation).

The post provides a step by step guide to disable the 2 disk analysis jobs:

  • Disks are at risk of running out of free space. (free disk space < 5x your server’s RAM)
  • Disk are running out of free space (free space < 2x your server RAM)


For WSS and SharePoint 2007, it’s slightly different, check this out:

And also: SharePoint Timer job reference (Office SharePoint Server) at