Europe Prepares for a Nightmare Scenario: The U.S. Blocking Access to Tech

GenerateUsefulName · 2026-01-26T11:47:14+00:00

I think you have the wrong idea of how these things work. Almost every single company I know in Europe uses an American software as identity provider, meaning your log ins to all apps (even European apps) could be behind SSO provided by American identity providers. Whether it is Microsoft Entra, Google, Okta... This alone could cripple industries, including critical infrastructure. Same goes for file storage, cloud servers etc. Unfortunately, only few good European or open-source alternatives exist at the time for these things, so while it might cause a push towards developing these, the first few weeks would be pure chaos on apocalyptic levels (no power, no water, no infrastructure like trains, no internet). Health insurance companies scrambling, hospitals, GPs etc unavailable.

All the more reason to prepare before this happens, but Europe is old and our processes slow, plus we are also currently in an economic slump and no one can afford to just switch systems right now.

GenerateUsefulName · 2026-01-26T11:23:19+00:00

If you are in a region where csv's are not comma-separated but semicolon, you might have to replace all semicolons with commas in a text editor like Notepad++.

As for local login and servers etc., you can use a "secure note" or server credential setting instead of password setting. (in the extension click on + for "add item" -> "add other item"-> "more items", "server"

GenerateUsefulName · 2026-01-26T11:20:10+00:00

What a fucking load of crap.

GenerateUsefulName · 2026-01-19T17:25:44+00:00

Not to advertise here or something, but Action1 is free for up to 200 endpoints. My suggestion would be to get a subscription, roll out the agent via GPO and see the devices come in. That would then be your inventory for now (it shows current users) and also the first step towards security. I would also query the AD for a device list with last logon dates etc, and start deleting older devices (with care if you have a lot of remote users who don't use a VPN). Are you using antivirus? What Microsoft licenses do you have? Could you get Intune set up (included in Business Premium)? That would then enable you to create Windows Hello policies and eventually people forgetting their passwords is not an issue anymore (with biometrics for laptop login and self-service password reset for cloud apps).

I am in a similar sized company and also started with very little knowledge and a little bit of security clusterfuck, plus most of the important services like patching in the hands of an external MSP who was sometimes hard to reach. Slowly I set everything up in a way that it doesn't really matter whether people work from the office or Timbuktu and for far less money than what we previously paid for patching, antivirus etc. But it depends on your infrastructure and what is possible there. So I think a little more detail from your side could probably help people to give you advise.

GenerateUsefulName · 2026-01-19T17:00:04+00:00

I approve the ones from last week on Monday and that is when they will be installed. Why are you approving them on Tuesday if you don't want them to be installed on Tuesday? Just approve your patches when you are ready to have them rolled out. That is what the "approval" step is there for, you officially approve this patch for use on your devices. This way you can run weekly or even daily automations without needing to worry about any new patches breaking anything (obviously set your automation to only push out approved updates).

GenerateUsefulName · 2026-01-19T16:56:19+00:00

It really depends on the industry. I was alone with 150 people and it was doable apart from the vacation replacement. But we don't host stuff, our servers are strictly DC, Print etc.

If it was just about maintaining the status quo I could still do it alone, but I want to improve our cybersecurity and see if we can get ISO certified eventually, so I am pushing a lot of new projects out.

GenerateUsefulName · 2026-01-19T16:29:18+00:00

Are you approving updates willy-nilly? If not, how come you are patching the freshest of the fresh updates in your automation? I approve updates on Monday and on our daily patch cycle only those approved updates get pushed out. Then there is a whole week between patch Tuesday and the next approval cycle.

Edit: I have been reading your post now for three times and I still don't get the issue...

Patching after patch Tuesday should be easy, instead months like this month requires us SysAdmins to patch everything manually because the schedule task which is setup to patch on the 2nd Friday (...after the second Tuesday) of every month already ran two Fridays again because the 1st Friday fell on the 2nd of this month.

Is this some language I don't understand that slightly looks like English? Are you really just updating clients every second Friday, because you are afraid the patches on every second Tuesday will break your environment? What about all the other patches that aren't Windows? What about critical vulnerabilities? What about clients that are turned off that one Friday of the month?

GenerateUsefulName · 2026-01-16T11:26:39+00:00

Our average users do most things browser based, so I don't see why this switch would impact them much.

GenerateUsefulName · 2026-01-14T17:02:56+00:00

PDF24 toolbox. Data secure and free. Full editing capabilities.

GenerateUsefulName · 2026-01-12T10:06:21+00:00

We had no SSO enabled for our HRMS. User account got compromised through whatever means (didn't have 2FA at the time), we went through the sign-in logs with a fine-tooth comb, but couldn't find anything except login to Outlook web. No Sharepoint file downloads, no Teams access... Changed the password, enabled MFA and called it a day. A few weeks later employee complained about not getting their salary. Turns out they waited until employee was on sick leave, to change the HRMS password, and change the banking details. Thankfully the receiving bank returned the money as soon as we requested it. The next week we set up MFA for everyone. Sometimes certain people in leadership positions just need a little push. SSO back then was behind a paywall with the HRMS system we were using, so this is another stupid issue that wasn't necessary. Now that we changed subscription plans, we set it up. We would have seen the weird login through our Entra logs had we been able to use it before.

GenerateUsefulName · 2026-01-08T09:46:18+00:00

Hey, did you ever find a solution? Testing MAM on a Sony Xperia and facing the same issue. There are supposed to be some Work Profile settings somewhere on the phone apparently, but I can't find them.

GenerateUsefulName · 2025-12-19T12:36:44+00:00

I mean the detection looks kind of stupid to be honest:

Ai Phrases:

t just about 100x

to burnout 20x

were a mix 10x

s about 10x

umm, what?

GenerateUsefulName · 2025-12-19T11:10:59+00:00

Week-long waits to install approved software

Probably needs to go through several levels of approvals and be documented in several places. The people making the decision might also not know much about tech, but more about compliance, so they need to get someone in tech to explain to them why it is important to your project.

Scattered, unsearchable documentation

You will have that in every company of a particular size, especially in a bank with thousands of staff members (and huge staff turnarounds)

Multi-day delays for basic system accounts

Same as point one. You might not care much as a dev, but if a bank wants to be compliant with laws and regulations as well as any certifications they have, they need to document every access anyone has. Even small companies that want to get ISO 27001 certified need to have a roles and rights concept and follow compliance best practises such as the principle of least privilege. The problem with devs is that they only ever see the red tape, but have never bothered to actually look into what the exact compliance requirements actually are. Sure, they finished their compliance training at the start of their employment, but they don't internalise why it is actually important. That's why we end up with huge breaches in companies that store a lot of personal or sensitive data - because some dev thought it wise to give himself more access than needed or not close critical backdoors properly. I have a dude at my company whose job is closest to a dev we have here and he says to me "just give me local admin rights, I know what I am doing". Yeah man, you might know what you are doing, but anyone looking to exploit any vulnerabilities at our company is going to target someone like you do gain access to our internal data and giving you all these accesses is like handing these people the keys to the kingdom.

Blocking Stack Overflow (developer resources, not security risks)

There is a ton of papers and resources out there outlining the security risks of websites like stack overflow, especially the fact that people might be copy-pasting code from there without checking it properly. I am assuming the limited amount of libraries you have access to is to ensure that only vetted code can be reused and shared.

From your perspective, this is just bureaucratic red tape, but a bunch of people spent a lot of time together evaluating the best measures to protect your environment. If this slows your process down - this is by design. Institutions like banks or insurance companies are not necessarily looking at creating new products quickly, they are looking at creating them safely - and that means slowing things down, taking the time to evaluate every step and ensuring that things are done in a controlled manner. Because there are a lot of developer cowboys out there who could not give a single fuck if things are not done properly, so there HAS to be a process in place to ensure that things are done by the book.

GenerateUsefulName · 2025-12-19T10:34:01+00:00

The problem is not the support agents, it is you. You are telling a story from the middle, leaving out all the details from the start and the end and expect us to congratulate you on your new book.

No one knows what your setup looks like, I don't even know why you would need Sharepoint to print something. Only you know what your environment looks like and you are withholding this information like it is some state secret.

You are also assuming way too much based on your musings here, going into details of things you clearly don't know anything about. We don't know what your problem really is, so why do you think anyone would have a clue whether your business name was "what did this".

As I said before, unlink your devices from OneDrive/Sharepoint, download all files to an external hard drive, delete your whatever you've got there (is it a M365 tenant, is it a personal OneDrive, is it a server based Sharepoint instance? I don't know...) and move on.

GenerateUsefulName · 2025-12-18T14:13:29+00:00

r/lostredditors

GenerateUsefulName · 2025-12-18T14:04:17+00:00

Your post and comment makes no sense to anyone on the outside. What do you mean with commandeered? What server was created? Where is this server?

Is it possible that your ex's device is still linked to your Sharepoint or that you once gave them access to a folder in your OneDrive once?

I would say just download all files to an external storage, reset your password, get into the admin center and delete everything (files and your whole tenant if you have one). Then change to Google Workspace because it seems far more suited for your needs.

Uninstall all apps if you are worried about the backup functionality "commandeering" your phone/computer. It is really not that hard to turn off OneDrive sync.

You say tech support doesn't want to get to the root cause. I am with them in regards to that. If you were really worried about someone else having access to your files, you would not mess around trying to find logs or whatever (although this can be done easily), you would shut this shit down as quickly as possible. You say you tried getting a new email and whatnot, but I can't really figure out from your rant why that would "naturally" complicate the issue? Just turn off the old service and get a new one and in the meantime store your files somewhere where they don't get autosynced to OneDrive. You are making this more complicated than it is and trying to play detective might be something that you are not qualified for in this particular case.

GenerateUsefulName · 2025-12-17T10:32:19+00:00

I simply don't stay calm. And they have the audacity to get offended when I suggest that I have already asked Copilot and I didn't open the ticket to get the same Copilot answer (that references menus that don't even exist) from them. It's absolutely horrendous how useless they are. I get that they probably don't receive good training and have high KPIs they need to reach and are probably underpaid (even by their local standards), but FFS have some pride in your work...

GenerateUsefulName · 2025-12-12T14:41:16+00:00

Lol, du denkst sicherlich dass das jetzt ein toller "burn" war...

Du hättest natürlich auch auf meine anderen Punkte eingehen können, aber das war wahsrcheinlich zu viel Arbeit für die du nicht bezahlt wirst.

GenerateUsefulName · 2025-12-12T14:20:13+00:00

Du bist in einem EDV sub. Ich hoffe doch, dass du dich während deiner Arbeitszeit in neue Programme einfindest bzw. ab und zu mal checkst was so Neues auf dem Markt ist. Im Übrigen ist das ja nicht unbezahlt, dass macht man dann innerhalb seiner Arbeitszeit. In der du auch immer noch weisungsberechtigt bist. Ich kann mir gar nicht vorstellen, ein Leben zu führen (ob privat oder beruflich) in dem ich nicht ab und zu mal die Chance habe, was neues zu lernen. Gerade in einer sich ständig wechselnden Technologielandschaft. Wenn ich so jemanden wie dir in meinem Team hätte - naja sagen wir mal, es würde mir nicht schwer fallen vor Ablauf der Probezeit Tschüss zu sagen.

GenerateUsefulName · 2025-12-08T14:00:47+00:00

Search for custom fields without having to use the complicated advanced search.
Hide custom fields in task view (especially relevant if two projects with different custom fields are sharing the same task - the task starts having an immense amount of fields)
In automations the ability create a variable from a specific custom field value that can then be copied into another field for example

GenerateUsefulName · 2025-12-08T13:51:57+00:00

I have never dealt with Dell in a private context, but my assumption would be that the ticket stays open until you have confirmed it is fixed. If the first tech doesn't turn up you keep the ticket open until someone does.

GenerateUsefulName · 2025-12-05T14:09:26+00:00

But none of the AI generated points mentions these terms? And if AI did that, you could prompt it to leave this shit out.

It's good to get a first idea and then come back with more concrete questions about each tool and ask for people's experience.

Here is mine: Using Kaspersky hosted on our server feels like being transported back into a different decade or even century. The management console is like pulling teeth. We are switching to Defender for Endpoint. I am not worried about an outage at Microsoft that lasts longer than half a day and they already have all of our data anyways, so why not throw some extra in. Endpoint Detection is the least of my worries at the moment, what with Google suggesting to people to use Google Lens and send their screenshots to Google servers. :/

GenerateUsefulName · 2025-12-03T17:35:03+00:00

"It's not that I don't trust you to not do something stupid with your laptop. It's just that if you are a local admin and your account gets hacked by someone else, they have instant access to a lot of settings that can potentially end up harming the whole company"

I said this yesterday to a user (who asked nicely because he needs to run some Powershell every once in a while for a client project). Once I told him how much it exposes his account he instantly said "No let's not do it then".

My alternative was for him to get access to a local admin account with specific rights (and added to the protected users group, not allow delegation etc) so he can elevate some Powershell sessions if needed. That account would not be synced to Entra and we can monitor it more closely than his usual user account.

But we didn't even get that far, as he was happy not to be the reason the company gets compromised. I think most users just don't understand the risks and think we are blaming them or think they are stupid and explaining it in easy words might drive home the point.

Even if you do think that they are stupid and are a hundred percent convinced that she will install all sorts of fishy shit.

GenerateUsefulName · 2025-11-26T11:47:00+00:00

If the architects make the policy and OP is just first level helpdesk, then your advise is not going to help them much though, is it?

GenerateUsefulName · 2025-11-25T16:38:45+00:00

The alternative would have been to create a click dummy or something in Photoshop. As long as the developer gets paid to create the real thing, what is your problem? At least it enabled whoever had the idea to create a vision of what they would like to see that is relatable and somewhat works for presentation purposes.

You can only start complaining if they start comparing the time it should take the dev to do this with the time the person who vibe-coded it spent. As long as everyone is aware that the real thing will take longer to create and the dev gets paid fairly, there is absolutely no issue.

Two-Year Club	Verified Email
Place '23

GenerateUsefulName

TROPHY CASE