|Subject||Posted By||Forum||Category||Last Activity||Activity|
||Robert-Hostetler||Microsoft||Windows||2 days ago||
||Robert-Hostetler||Microsoft||Microsoft||2 years ago||
||Robert-Hostetler||Microsoft||Hardware||2 years ago||
||Robert-Hostetler||General Discussion||Hardware||2 years ago||
I’m looking for feedback from people that have actually used Secured-Core PCs. So far, what I have found is Microsoft’s marketing and documentation about it and news articles saying it exists. What I haven’t found yet is feedback from ethical hacker types confirming this stuff is worth it. In particular, are there features that only exist in a Secured-Core PC?
Has anyone actually used one of these computers in a secured business/enterprise environment? If so, is it your preferred way to provide a secured Windows 10 computer? Why do you feel it is or isn’t?
Are the two Microsoft Surface devices that are Secured-Core compliant (Surface Pro X and Surface Laptop 4 AMD chip) the best implementations of this since Microsoft also open-sources their BIOS/UEFI firmware?
If someone’s needs are cross platform, so they can work on Macs, Linux, Chrome OS, etc... - are any of those better?
My off the cuff guesses on ways to go here would be:
* Microsoft manufactured Secured-Core PC
* Other Secured-Core PCs
* Get an enterprise grade computer, like a Lenovo ThinkPad that has similar hardware as a Secured-Core PC, but fiddle with the firmware and Windows 10 settings to lock it down
* Get a Mac (is there evidence that the M1 processors are more securely designed than what Intel’s been doing the past few years and is the security posture of the current version of macOS better than Linux or Windows)
* Use Linux (assuming either on a ThinkPad or something designed specifically for Linux, like System76), Rarely used it, I’m not sure which distro would be appropriate for secure collaboration in a typical office/professional environment
* Maybe Chrome OS? Never used it, not sure if Alphabet/Google basically being an advertising company has caused them to misbehave on the engineering and architecture stuff required here
But, if you haven’t heard about it and want to learn more – here is Microsoft’s blog post describing what Secured-Core PCs are supposed to do:
FYI - I couldn't post on the article's web page, https://www.thurrott.com/cloud/microsoft-365/199710/microsoft-teams-is-down-and-users-arent-happy#, kept on getting error messages in Edge and Chrome, so I'm posting it here, because I believe this feedback can inform the reporting on the site and help someone that currently isn't very familiar with Office 365.
I agree that there is a valid argument for a more transparent publically available status page that shows both possible outages on any tenants and known ones on all of them.
Unfortunately, the Microsoft web page you have in the article, https://status.office365.com/, isn't supposed to do that by design, per https://docs.microsoft.com/en-us/office365/enterprise/view-service-health.
"You can view the health of Office 365, Yammer, Microsoft Dynamics CRM, and Microsoft Intune cloud services on the Office 365 Service health page in the admin center. If you are experiencing problems with a cloud service, you can check the service health to determine whether this is a known issue with a resolution in progress before you call support or spend time troubleshooting.
If you are unable to sign in to the service portal, you can use the service status page to check for known issues preventing you from logging into your tenant."
Since the Thurrott.com people know Microsoft people, feel free to recommend they change how they communicate, but know that the product documentation is saying it is technically "Working as designed".
I recommend to folks that they either (best option 1st):
- bookmark at their own Tenant's service health status via: https://admin.microsoft.com/Adminportal/Home#/servicehealth or go to https://status.office365.com/ and click the link "View your Microsoft 365 Service health." to sign into your tenant.
- Use the mobile O365 admin app (great for monitoring while on the go)
- Use the twitter page, https://twitter.com/MSFT365Status for monitoring overall service status (I'm not sure if that covers issues happening on specific tenants or not).
So for example, first thing this morning Teams did not work for me. I immediately checked the service health status page in the admin portal and found it was a known issue. I then notified the other Office 365 folks that I work with about it, then monitored the status of the portal until it was resolved.
I’m looking for a new laptop for my wife to use.
She only uses Windows for the OS side and uses mostly Microsoft Office (Word, Excel, PowerPoint), Google Chrome (with lots of tabs open all the time), and iTunes on top of the OS (Excel and Chrome being her top two). She is really good at Excel and historically has used the number pad on the right side a lot (her new laptop at work is a 12-inch ThinkPad and she seems to like it). She has lots of USB-A style devices (mostly plugs in drives when transferring files or charging smartwatch/phone/headphones) and I have no desire to inflict dongle life on her. She mostly uses it at home on her lap, not a desk. She should probably have near or actual mil-spec gear (cracked 3 iPhone screens in roughly the last year alone)
Most of my career has been on the Apple macOS side, but have switched over to Windows 10 (due to Apple exiting the desktop pro market in 2013 and the laptop pro market in 2016) and my IT career is focused on software, not hardware, so I do not have first hand knowledge (such as deploying thousands of laptops in an enterprise) of who really makes legit laptops now. The last time I consistently bought Windows based PCs was the late 90’s / early 00’s when Windows 2000 was the most sane way to do productivity in Windows, but overall WinTel was a train wreck that was unreliable and required way too much maintenance (hence the switch to Mac at the time).
I got her a year ago a small business Dell Laptop (Latitude 3560) since I hoped the business lines of Windows PCs would be better vs. random consumer lines. It was fine at first but around the time of the Intel meltdown/spectre bugs being found and patched it started blue screening. I’m planning on reinstalling Windows, but am assuming the drivers/patches for the CPU bugs will likely permanently mess up the PC and I don’t want to run unpatched software on it.
So, who makes a laptop that can handle the above and can run Windows in a stable way and avoid all the drama Windows laptops tend to have? Such as blue screens, lousy keyboards and trackpads, bad quality displays, case falling apart or being really creaky, etc… For example, I’ve met countless people who love Lenovo keyboards, the only laptop I ever had was an old T series from 4-5 years ago that unfortunately had a worthless trackpad.
It would probably be OK to go with modest specs, like an i3 – i5 CPU and 8 GB RAM, any price premium should go toward the thing working smoothly.
I’m thinking maybe recommending a lower end or refurbished ThinkPad. If she was willing to give up on having a number pad, I was thinking possibly the Surface Laptop over a small ThinkPad since it has an USB-A port, the 3:2 PixelSense display + nice keyboard + nice trackpad combo, and Paul seems to think it is argueably the best ultrabook right now.
I have a Brother HL-L2340D series laser printer. I've seen on Amazon and the like toner replacements for much cheaper than the official ones from Brother or refurbished ones from office supply stores near my house. What is the current wisdom on this from the power user crowd?