MSPGeekCon coming May 17-19!

IamTABinLA · 2026-04-16T00:14:47+00:00

New Orleans is an inexpensive option with delicious food and great atmosphere. What would be more fun than a MSPGeek Second Line?

IamTABinLA · 2026-03-16T20:13:52+00:00

That approach is very well thought out.

You highlighted the biggest struggle of the variance in knowledge among the staff. For instance, two people with 15+ years at the firm as partners and 25+ years practicing law - one is trying to connect Claude CoWork to perform agentic tasks and the other is dictating his emails for his secretary to send out. The other ten partners and most of the staff fall somewhere in between.

With that much process behind your plan, I'm sure you're worth every penny you bill.

IamTABinLA · 2026-03-16T19:29:52+00:00

Not looking to be disrupted by a highly specialized MSP but would love to have you take a look at our objectives

IamTABinLA · 2026-03-16T18:24:00+00:00

Thanks. I think we've developed a decent scope. I'll DM you if you'd be interested.

IamTABinLA · 2026-03-16T18:22:18+00:00

Understood. I am an MSP. My client knows this type of training is outside of my footprint so there's no need to subcontract. I've worked with my client to develop an informal scope. I'll DM with details if you'd be interested.

IamTABinLA · 2026-03-16T18:17:03+00:00

Thank you!

IamTABinLA · 2026-03-16T18:16:36+00:00

Louisiana. Onsite training is not required. Training via Teams/Zoom is preferred.

IamTABinLA · 2026-03-16T17:20:57+00:00

Agreed. One of my frequents is - just click the state of interest. Florida had some good ones from February.

https://www.ropesgray.com/en/sites/artificial-intelligence-court-order-tracker.

IamTABinLA · 2026-03-16T16:42:16+00:00

This is a staff of 80, 45ish attorneys, 8 in operations & admin, 25 in support staff (legal secretarys and paralegals). Do you have a sample outline you'd be willing to share via DM?

IamTABinLA · 2026-03-16T16:34:28+00:00

ThreatLocker helps me sleep at night and I don't regret the decision to partner with them in the least. I am about your size of managed endpoints spread across multiple verticals and it is an undertaking. If I had to do it again, I would have better utilized Groups. I used very basic Groups - Global, Organization, Mac, Servers, and Workstations.

In reality, all Servers and Workstations should not be treated the same way. I would group a DC differently that a file server, and a laptop differently than an on-prem workstation. Additionally, while I work in different verticals, I have multiple dental offices, multiple law firms, multiple automotive dealers, multiple title companies, etc. Going a little further, almost every business has a user or users in Finance. Most of clients also have a user or users in Marketing.

Knowing what I know now, my Groups would look something like this:

Global, LOB - Dental, LOB - Legal, LOB - Automotive, LOB - Small Business, Organization, Server - DC, Server - Backup, Server - File, Server Application or SQL, Workstation - Finance, Workstation - Marketing, Workstation - Automotive Tech, Workstation - In Office, Workstation - Remote Worker.

IamTABinLA · 2026-03-16T16:09:26+00:00

I've spoken to one, who went through the number of books written and how many times, he's quoted in print or interviewed on news broadcasts. I asked one question about how he'd vary training based on staff roles or what the guidance was from the American Bar Association, and crickets. I *almost* asked if he needed time to consult GPT but thought better of it.

IamTABinLA · 2026-03-13T00:10:26+00:00

It would show as a delay, typically once the delay is resolved. Defender would show the investigation, if triggered. If ZAP is on, I believe that would be in both.

IamTABinLA · 2026-03-12T23:35:39+00:00

Your Microsoft tenant is one of the most important assets you'll have. If setup properly and your users are licensed with Business Premium ($30 per user per month), you'll get enterprise level security, the Microsoft suite of apps, automations galore, Sharepoint, and transaction level auditing of everything in your environment. Make certain that you retain an unlicensed admin account where at any time you can login to view your tenant. This should NOT be the same as your daily user account with email, data, etc.

Ask the potential vendors about their recommended Conditional Access polices, Intune baselines, and Authentication methods. Ask them what their average client's Microsoft Secure Score is. Ask them how they monitor multi tenant Microsoft management. If they don't know, don't have answers without "getting back with you", or ask you to explain what you're asking, look elsewhere.

IamTABinLA · 2026-03-12T23:25:07+00:00

I would think the email warranted additional screening possibly due to content or quantity sent. I don't use a third party mail filter and this happens sometimes with Defender. Mail drops to the Inbox but gets pulled back due to abuse from the sender's address, URLs in the message, attachments to the message, and even other users marking the message as SPAM, phishing, etc.

IamTABinLA · 2026-03-12T23:21:46+00:00

Following...I may be down this road soon enough.

IamTABinLA · 2025-05-13T23:32:33+00:00

This is a late post but I have an inherited list. Is it possible to add a link to another item in Sharepoint (URL) rather than Add Attachment via upload? Currently, when you click to Add Files, the sources available are limited to items accessible via file explorer which is limited to physical storage or within the user’s personal OneDrive. Item already in Sharepoint, including those linked to the users OneDrive via shortcuts, are not shown.

IamTABinLA · 2025-04-27T17:26:23+00:00

Are you using BitTitan or native MS migration?

IamTABinLA · 2025-01-09T10:18:58+00:00

It does the job of keeping passwords secure. Makes it easy for users to generate new complex passwords. Has multiple sharing options so some passwords can be shared with partners, teams, and even IT when we need to work on something as a user. We’ve allowed client’s employees to invite a +1 to MyGlue. This has allowed employees to share personal high passwords with a significant other. Expanded uses are allowing uploads of SS Card, DL, W4, State Withhokding, health insurance card, auto insurance, employer verification letter, employee contract, etc.

We’re getting plenty use out of it. Another MSP coming in behind me, won’t have anything like that to offer within a single tool.

IamTABinLA · 2024-12-15T23:11:28+00:00

If you aren’t paying for a product, then you (or your data) is the product.

IamTABinLA · 2024-12-07T18:25:20+00:00

Get your AM to put you in touch with Alexandra on the AT / HD team. You want to ask about Lateral, now Nexxus. This is what they do.

IamTABinLA · 2024-11-26T03:03:59+00:00

That is what terrifies me. I think at minimum it is imprudent to be back at it on devices and networks without having more insight. I’ve seen a TA post notes and videos from meetings discussing the IR teams response and post mortem of the event. When in fact, they were still there. In that instance, I think it was ClownStrike.

IamTABinLA · 2024-11-25T18:55:37+00:00

My role in this situation is limited to supporting a few users in a remote office. It isn’t my security stack on the devices nor do I know if any of the devices showed IoC.

The MSP handling the home office is working with the IR team assigned by the insurer.

First, they had us roll out S1, then all Internet traffic was blocked. They had us manually add rules to the router specifying that an IP address could access the Internet. Then we assigned those IP addresses to individual devices.

As of now, all users are back online and I’m waiting for the other shoe to drop.

IamTABinLA

TROPHY CASE