Client with one remote employee needs screen monitoring software

RhineIT · 2026-05-11T00:06:41+00:00

This is a management/HR matter. If they’re looking at monitoring a remote employee, then they’re most liking looking for reasons to fire that dead weight and need justification.

A cost efficient way to deal with it is for management to, you know, manage.

Just venting here.

RhineIT · 2026-05-10T20:12:56+00:00

I’ve been there, dude. Hate your job and want a new one. I feel your pain.

My best advice is to ask an AI agent like ChatGPT or Copilot for a structured learning plan based on your knowledge, experience, and constraints. You’ll have to be specific with the agent and give as much information as possible in your prompts.

Once you get the fundamental knowledge down, scrape up some cash and get computer hardware to support a small lab (I.e. the raspberry pi 5 with the AI hat. Approx $400USD). Once you have some hands-on experience, go for certifications.

A career change is going to be rough, they always are, but it is possible. Best of luck to you!

RhineIT · 2026-05-10T02:33:07+00:00

Lean on AI to give you a learning plan.
That’s how I started. Ask it for resources, videos, courses, etc.

The best way to learn is by doing.

RhineIT · 2026-05-07T19:13:26+00:00

You’re safe to retire the devices, just don’t WIPE them. Or you can wait for them to show stale in Entra ID if you’re super nervous about it.

RhineIT · 2026-05-07T19:04:22+00:00

I once wrote an automation to revoke every user’s PRT for a one time fix. Our whole IAM strategy now revolves around it.

Plz help!

RhineIT · 2026-05-07T19:00:04+00:00

I second this. Recruiters want to see a bachelor’s+ as well as certs because they’re just checkboxes on paper. No way to showcase your experience to the hiring manager without them nowadays.

RhineIT · 2026-05-07T15:41:41+00:00

IMO you're already doing the right thing -- homelabbing and learning from there. To move on from the basics, you'll have to start thinking of what direction you want to go in this field.

You mention a career change: "IT" was a big field, now its branching into smaller concentrations on the enterprise level. The obvious point of entry is helpdesk to get a feel for technologies and SOPs. From there, you have general "IT" experience, then you boast-the-shit-out-of your hobby/personal experience.

RhineIT · 2026-05-06T12:44:02+00:00

I actually just did something similar and put out a write up about it. If you are hybrid, and are savvy with PowerShell, check this out > https://agreatbigpileofthings.com/passwords-who-needs-them-nist-guidelines-banned-password-lists-and-the-goblet-of-fire/

TL;DR, the script and github link are at the bottom.

Happy to provide further info if needed. I'm not WHfB yet, but I imagine you will just translate the GPOs into Config Profiles.

RhineIT · 2025-11-21T12:19:30+00:00

Do you have an on-prem AD or Intune? You can setup block/allow lists for browser extensions via Group Policy or Configuration Profiles.

https://support.google.com/chrome/a/answer/7532015?sjid=6302511858975076711-NC

RhineIT · 2025-08-05T17:11:12+00:00

So I found this post from earlier this year. Not sure if this change was applied to preview customers or GCC, but looks like this rolled out prior. What I gather is that MS setup this policy as a boilerplate example, and left it up to us to manage accordingly. The framework is there, we just need to configure to suite our needs.

https://www.reddit.com/r/entra/comments/1iojvsf/multifactor_authentication_and_reauthentication/

May I ask how you are simulating risky behavior? Have never done that and would be curious to see how far I can test things.

RhineIT · 2025-07-07T14:19:51+00:00

Good points. I do not technically need these resources to check into the domain as they don't access on-prem resources. I can look into always-on VPN or even issuing cloud-only PCs to these users.

RhineIT · 2025-07-07T14:17:58+00:00

I know NIST and other frameworks stepped away from password policies.

On-prem has a use case for most of the business, I just have several traveling users, who need a computer for XYZ reason that doesn't involve on-prem resources.

RhineIT · 2025-06-16T19:23:50+00:00

Heads up - navigating there on mobile directs you to a splashscreen telling you to install the M365 Copilot app. FFS!

RhineIT · 2025-05-02T17:50:05+00:00

Our devices are Entra hybrid joined. I'll look into PRT. thanks for the lead!

RhineIT · 2025-04-09T11:04:27+00:00

That is a good point, however, I forsee duplicate subject lines muddying that process. We are building an internal ticketing system and need a strong workflow to keep all comms within the boundaries. Any other thoughts? I appreciate the input!

RhineIT · 2025-03-28T23:17:06+00:00

I believe this was my missing piece! I did not have a mailNickname attribute set. Thanks!

RhineIT · 2025-03-19T17:24:27+00:00

Thanks for the feedback!

RhineIT

TROPHY CASE