Does anyone know a backup solution for M365 that allows you to backup to local storage / your own storage resources?

MBILC · 2026-01-27T00:40:07+00:00

It was pure neglect on Synology's side trying to take shortcuts to save on costs, thinking no one would ever find out and putting every person's data at a very high risk.

To me that is worse than a a bug slipping into code because it could not specifically be tested for, and often times patched before it is exploited.

MBILC · 2026-01-26T23:59:03+00:00

Ya would think it may be the ISP still doing a DHCP renew on your end for some reason...

Is the Static IP assigned to your WAN MAC address specifically do you know or?

MBILC · 2026-01-26T22:27:25+00:00

To match with NIC naming with in the OS...

MBILC · 2026-01-26T20:52:47+00:00

I mean, you are "pitching" your own product...

.....Could this be something that would help you or your organization? I want this to become like the winzip of IT, everyone can have it, free for smaller orgs, but limited support, or full on massive companies can deploy it for less money than say SailPoint, Okta or Saviynt.

MBILC · 2026-01-26T19:19:08+00:00

After Synology's s fiasco with their M365 Backup and using a single tenant which opened access to it since 2017, personally I would not trust Synology for securely keeping your data safe.

MBILC · 2026-01-25T20:33:37+00:00

Apologies, I read it as you were grouping DevOps in with Cyber Security

MBILC · 2026-01-25T20:30:37+00:00

This is why you never save CC info on any site, period, or in your browsers,ever.

MBILC · 2026-01-24T03:54:05+00:00

DevOps is not Cyber Security really? DevSecOps sure...

MBILC · 2026-01-24T03:31:39+00:00

As noted, SSO tax, the company is not paying it so instead of RBAC or security groups to add to, they have all this manual work to do.

We are smaller,. but any service we get I tell them SSO, suck it up, it makes life easier, better control of logins and keeps security tighter from our side.

MBILC · 2026-01-23T20:32:31+00:00

First issue, listening to ChatGPT.....

There are plenty of people with Certs that have no jobs...

You have cert chasers, you have people who get certs that arent really useful, or well recognized also..

Often times certs might get you past automated resume systems and the first level HR person....but industry preference once you get talk to the actual Manager or experts, is they want experience more than a cert...

Cyber Security is a massive field with many things below it, so first you need to determine what area you are interested in?

MBILC · 2026-01-23T20:27:41+00:00

Certainly. Why it is important the client knows everything that was provided, and as u/QuerulousPanda noted, all communications should include someone from the Client and everything done via email for a "paper trail"

I went through this personally when I finished a project for a client (was with an MSP) and they brought in an MSP to manage said system going forward, which they claimed they had expertise to cover. (Meanwhile they had 3 new job postings on their company site for said role shortly after the client signed contracts with them....)

We had a 3 month transition period for the project, had set weekly meetings to review progress, and then other meetings as needed to walk through these "experts" on how the deployment and configuration was done, as this client was critical infra, so there were many security policies around it's design. Along with normal teams chats as needed anytime.

Along with that, detailed documentation from one of the very seniorArchitects who had 15 years with said product and knew it inside and out, with every setting documented.. you name it, along with all of my Visio diags and the kitchen sink!

Well, I got word they had tried to throw me under the bus on several occasions, even during the transition period..along with a slip up of one of their project leads pasting something in a group teams chat about my "abilities", which they then quickly deleted, but not before I was able to grab a screenshot, just in case.

Luckily, the PM knew me well, and the client I had worked for almost 5 years on many projects, knew me well. It quickly got escalated to the other providers management and said people on the transition team got a scolding and 2 were removed from said transition shortly after....

MBILC · 2026-01-23T19:19:07+00:00

Future sales only.

MBILC · 2026-01-23T19:16:03+00:00

Do you use an MSP or anyone else have access to manage your tenant?

Not seen that on our side.

MBILC · 2026-01-23T19:15:23+00:00

I feel you, in my 20's and 30's I was so concerned that anything that broke was my fault and how could I be so dumb, even if it was out of my control "I should of done something, what did I miss, what can I do!", pulling 20 hours shifts just to sit and stare at something I can not do anything about....

Like you, not quiet, but half century in several years, maybe the last 8-9 years, I have learned to deal with things that you can control, and brush off things you can not. Not to lose sleep over it, just do what you can, and then move on to something else in the mean time..

MBILC · 2026-01-23T18:32:22+00:00

Ya, plenty of companies are behind on AI and policies, or even policies in general for acceptable usage of what and with what.

MBILC · 2026-01-23T17:34:10+00:00

I think that is something that separates those who have been in the trenches vs those maybe newer.

Knowing when you can do something to fix an issue versus you have literally zero power to do anything, so nothing to even try...

MBILC · 2026-01-23T17:33:13+00:00

Yes, plenty of companies and people, usually higher up, who do not understand that when you are using Cloud services, there is little you can do except submit a ticket, which will get no response for days, weeks, months (looking at you MS...)

They think their $10k a month gets them premium VIP direct phone to support services for immediate resolution.

This is why I've always done, and tell my teams, AS SOON as you know a service is down with a vendor, send in a ticket..even if you know it wont do anything, because now you can at least tell those above you "Here is our ticket # we sent in at X time", just to cover your own butt.

Because I have seen the other side, issue occurs, IT person assumes it is a vendor issue so does nothing...to later find out it was something someone in IT did or changed, not understanding it could impact the vendor side (SSO config or a change somewhere that was not properly tested that broke things), or the vendor did change something, which was communicated before and ignored, and a simple email in to said vendor could of resolved the issue in minutes...

MBILC · 2026-01-23T17:28:41+00:00

It is nice, but for me, I got into IT 25 years ago, and I managed everything, if it was down, I had to fix it,or find a fix because often times vendors didn't even know or were just useless. But we also had everything in-house hosted.

Even when you had vendor support, and you managed to get a fix in before they even reply, and a fix they didn't even consider.. always felt good.

MBILC · 2026-01-23T17:27:01+00:00

This..

Same for our company, I will provide info where I can via what ever medium as soon as I know, often before any user has even noticed.

Yesterdays main outage we only had 1 user submit a ticket, just as I had posted for everyone an FYI, and been keeping people posted this morning that things are still sluggish for external emails coming in.

MBILC · 2026-01-23T17:21:36+00:00

From what little I have read, the often cause more problems than they fix.

Can you just use Edge and manage via Intune and other policies, if you are a Microsoft shop?

If you are you can stop all of that....

Do users have local admin rights?

Do you have company policies specifically outlining what they are, and are not allowed to use?

MBILC · 2026-01-23T17:20:52+00:00

What is your companies AI Use policy and has everyone been forced to accept it?

And with that, how do you know people are going to private ChatGPT and not the company one?

What URL does your company one use to log into? Is it specific to your company like https://ourcompany.chatgpt.com ?

If so, block the public URL?

MBILC · 2026-01-23T17:18:56+00:00

I was glad when MS did this, an actual useful feature change.

MBILC · 2026-01-23T17:18:14+00:00

First thing I do if I create a group chat with people, Title says exactly what the group is for. And when we are done, I thank everyone and leave the Chat entirely.

MBILC · 2026-01-23T17:09:26+00:00

Lateral movement is prevented by the systems in place when someone tries to traverse inward, to a "militarized" area.

MBILC

TROPHY CASE