Welcome to episode 337 of the Microsoft Cloud IT Pro Podcast recorded live on June 2nd, 2023. This is a show about Microsoft 365 and Azure from the perspective of it pros and end users where we discuss a topic where recent news and how it relates to you. In this week's episode, we spend some time on security and what not to do when it comes to storing passwords, as well as things you should think about when it comes to securing Office 365.
We also wrap up discussing a listener question around logging in seams across various services. You go on cruises, right? Uh. Have you. Been on a cruise in a while? I am not a big cruiser. I am a okay boater. I highly recommend just getting like, you know, a, you've got several kids wife, like you should totally just get a mono hall or probably a catamaran in your case, get like a 45, 48, 50 foot catamaran, get a. Big old. Boat and go do that. Have my own cruise.
I'm into that kind of cruising and island hopping. The big cruise boats don't do it for me.
Okay, so we are going on a big cruise boat and when you get off a big cruise boat, they take all of your luggage and they lined it up on these shelves and like this, it, it's not a warehouse, but think of it like a massive warehouse with like rows and rows and rows of luggage and all the suitcases from however many thousands of people were on the cruise, all on tables and shelves in this big room and you kind of just have to wander around and find your luggage .
So today I was scrolling through my RSS feeds and saw that I could get air tags from Verizon for 20 bucks off. So a four pack for 80 bucks. So I got a pack, I can go pick 'em up at Verizon and I was like, I'm gonna try throwing one of those in all of our suitcases and see if it helps me find your suitcases when we get off the cruise ship. Gotcha. So I do do air tags in my luggage. So usually like back in the days when we used to kind of be able to
travel around. Yep. Yeah, I usually do air tags in my checked baggage. Not like a carry on if I'm doing that, but like if I'm just saying carry on with me, it kind of moves from piece to piece. I also keep an air tag in my backpack all the time and in my switch case, so I have a Nintendo switch and I, I like to fly and travel with that or even if like we do a, like a driving trip or anything.
So I keep that on me so that way like if I take my switch out of my backpack and I leave the hotel room, like I'll get a notification like hey, you left your switch behind kind of thing. So they do work very, very well for that. I will say internationally I think we talked about this a couple weeks ago, like Apple is not as big overseas as they are here in the US Yep.
So you tend to get like really good coverage in like say like an airport in the United States like cuz you know there's a good chance that like the, some people handling your bags and moving things from plane to plane and around the airport, like they all have iPhones on 'em so it does that Bluetooth to Bluetooth kind of thing, but it is what it is. Yeah. I'm curious to see who it'll work for finding luggage in the cruise terminal
afterwards. , we'll see, but I've always wanted to play with 'em too when like you said, maybe throw one in my backpack and maybe throw one in my wife's purse because maybe it'll help her find it but we shall see. So I do have another announcement to Scott. There is a conference coming up in Florida that, do you know Sharon Weaver? Have you met Sharon? Sharon and Jeff? I have not met Sharon Weaver in person. No. Okay.
So Sharon Weaver is, she's kind of the primary force behind this conference, but they are, I got in touch with them through M V P stuff. I've known Sharon and her husband for a while now and they asked me if I wanted to help be on kind of the planning committee for this conference. Ooh yeah. I don't know. I said yes and then I'm like man this is a lot of extra work to do but it is down in central Florida, so it's at University of Central Florida, Rosen College of Hospitality Management on
September 15. And it's kind of an interesting one. So because of the circles we're in, it's a bunch, it'll probably end up being a lot of Microsoft heavy speakers. But the goal of the conference is to be more about collaboration as a whole and maybe do like some compare contrast around different collaboration tools.
So I'm gonna try to do a session like work management tools, kind of how we talked about Jira, we've talked about Jira before and Asana and Planner and Microsoft Liz kind of do a session on like comparing and contrasting those, hopefully assuming Sharon lets me talk and maybe doing one just on like AI in general around collaboration and using different AI type
tools and how that relates to collaboration. But if people wanna check it out, it is collab con for all.com and we'll put links in the show notes and there's links and discord if you're interested in speaking, if you're interested in sponsoring, if you're interested in attending, it'll be, it's ki it's a different conference with kind of that whole hopefully technology agnostic approach to collaboration. But should be fun.
I don't know, I haven't done a conference in a long time, , since you're on the planning committee, maybe I'll need to cheat and talk to you and see what's going on or just go down as an attendee kind of thing. I do miss very much the hallway track from conferences. Yes, I would like to get back into that and get connected with community again. I would agree a hundred percent on the hallway track stuff.
That is the biggest thing I miss and the biggest downside in my opinion to all the hybrid stuff and remote is that you just, you don't get that hallway track and frankly that's what I tend to go to conferences for at this point in time as. You do. All right, so we got conference stuff, what else is going on? What.
Else is going on? So I got, I will say I got pulled in partially to a recent security breach that caused me to have some thoughts and I'm curious to get your thoughts and we have some articles and we also have a listener question that goes along with this. So through a series of events I did not get to participate in helping remediate this breach as much as maybe I would've liked to.
But it sounds like from the little bit I was involved that I was gonna potentially get pulled into it is that this particular security breach occurred because somebody brute forced an Office 365 account, an Azure 80 account. And in this particular case it appeared and I never did get confirmation for sure, but it appeared that it was a SharePoint admin that was bruteforce through some logs or a whole bunch of failed logins and then finally a good one.
And that SharePoint admin then either had access to or was able to give itself access to all the different sites. So one thing about SharePoint admins is, and I've had this come up before, SharePoint admins don't inherently have access to every SharePoint site. However, a SharePoint admin does have the ability to make themselves a site collection owner and get themselves access to every SharePoint site.
And throughout the course of this attack, this SharePoint admin account was able to gain access to a SharePoint site that had a bunch of passwords in an Excel spreadsheet. . Like. As you do. Uh, not in uncommon things though, right? I I think that's a right, a pretty common thing like Excel makes the world go round. I'm sure everyone, you know if you did the Tales from the Trenches thing has seen exactly that situation.
Like I've even seen that in past roles where I've walked in and I sit down and I go, okay, let's get me spun up and you think there's gonna be like a password management system or something like that and then yeah, somebody just sends you an Excel file and you go really like this, this is how we roll. Cool. Got it. , right. So once they got that they were able to move laterally and do all kinds of nefarious stuff. As you do. Yeah.
But like I hear this and my initial thoughts are one yours. Exactly why, why in this world of password managers are your passwords in Excel? And please don't just tell me your Excel spreadsheet is password protected because everything I have read and seen is that is a very, very weak form of protection of that password file. There's all kinds of office password crackers, hackers. Those can be brute forced. Yeah, pretty easily. Like. Yeah like a matter of minutes if not seconds.
And then the other one that I thought of too was I think the SharePoint admin, like the brute forcing of that failed like on the magnitude of hundreds of times, no admin account one should not have some type of MFA on it. Go buy conditional access, go to Azure DP one turn on MFA for every admin account, every admin account in your organization should have M FFA on it. There's no reason not to do that.
And some type of alerting or blocking like lockout, uh, I don't know like everything about this in terms of being able to bruteforce a SharePoint admin account, especially because that SharePoint admin has access to so much data that tends to be stored in SharePoint. I think it's back to that basics kind of thing. You know, certainly you have the logical defaults, like there's security defaults that you can have in every tenant.
Like you really shouldn't be mess. Like if you don't know what you're doing, you shouldn't be messing with those for the most part, like you said, MFA is there for all users. Ms Authenticator not having O T P, like all those kinds of things. Like they're all doable and if you're already an M 365 0 365 subscriber, then you're all good and ready to go. Yeah, 100%.
It was funny the same day that I saw this, I actually had an article pop up in my RSS feed and this is not a Microsoft 365 article, it was Tips to Protect Office 365 Systems from data breaches and they have six tips. So I'm kind of curious, Scott is what are your thoughts on this? It says Office 365 does offer built-in security features necessary to understand those. They have six tips for Office 365 security enable multifactor authentication.
That one's kind of a given. We already talked about that one. Turn it on please. Oh and the other one I was gonna say this to you, don't stir your passwords in Notepad. That's the other one I've seen. How many times have you seen passwords toward Notepad Scott? Uh, too many . Too Ma . Yes. I can't tell you the number of times that I have seen this. I'm jumping back to the whole passwords in Excel.
We're talking about passwords and notepad where not only have I been on a meeting where someone needs to log in and they pop open notepad and copy and paste their password out of Notepad but they drag it onto the screen that they're sharing when they log in. And this goes for Notepad, this goes for Excel. All it would take is for me to do a quick screenshot and let me tell you I can get quick screenshots, little keyboard shortcut, do a quick screen grab if the meeting's being recorded.
I feel like people are way too lax with not only where they share passwords but how often those said passwords end up on their screen that they're sharing during a meeting. It's tough. I will say that the article you sent me, I'm gonna put it up there as a little bit of FUD and a little bit of kind of just, I was curious copy pasta and regurgitation of what's already in the prescriptive guidance from Microsoft in this area.
There's a whole bunch of things that go on in Office 365 and Azure land to prevent breaches in the first place, prevent password sprays, DDoS attacks,
like all those kinds of things. So I, I would encourage everyone, like I'll put the article in the show notes just so it's there for posterity but take it with a grain of salt like I generally would say like go to the actual provider and like the person who at the end of the day is, is responsible for providing you the service because as the service provider they're also gonna provide you the controls and then be best positioned to tell you what controls you should implement along the way.
So there's a couple of things there. So we had Sean in the chat mentioned things like making sure you get break glass accounts up. There's a great article on docs for how to manage emergency access accounts, how to think about why you should have them, what their purpose is, how you can rationalize things like licensing for them cuz you might have some additional licensing in place like how to think about even storing those
credentials safely. Right? You mentioned you know, putting your password in notepad like I think that flies against all known guidance that's out there as a, as a, as a best practice for that. Uh, you can absolutely do things like spin up security keys, you can do Fido security keys I imagine we'll see things like passkey support in the future that should all kind of come to bear and and come to play for you.
The other thing is if you go to the docs and you look up the article on managing break glass accounts, it also has some really good guidance in there around configuring some of that auditing and usage logs that you mentioned so that you can go back and root cause something if it did happen. Like one of the interesting things about M 365 is as a service is logs are immutable so you can't go in and delete logs. So being able to go back and do those types of investigations for lateral
movement through your environment, where did they go? What did they touch? Like all eminently doable and easy enough to do if you've done the homework and the prerequisites to configure all that stuff and get it laid into where it needs to be. I think between things like the role security planning article and the creating emergency accounts article, you get to a pretty good place and you even like to a certain degree like get guidance that gives you milestones with a work back plan.
So like hey here's the things that we recommend you do within the first two days, like 48 hours of spinning up a new tenant A, B and C. Here's the things we recommend for the first month for the first three months and then ongoing activities that you should do along along the way. So I think that's a great way to kind of approach it and think about things. It's kinda like the backup stuff we've talked about in the past.
Like there's a ton of vendors out there who do M 365 backup but the reality is like they're limited by the API surface and what they can do. Yeah and it's the same kind of thing for these kind of security products you might run into or anything else. Like your best bet is always for a SaaS service like starting with the vendor and seeing what they provide, making sure you configure and have rationalized all the things the vendor provides and then if there's more you wanna do,
like go out and certainly like look for those extra things to do. I. Agree and one thing you mentioned in there was the whole Fido keys and I'm gonna side topic parenthesis that whole conditional access for conditional access authentication strength actually GAed now, which is that ability in your conditional access to actually go enforce some of those stronger authentication methods like Fido Keys or the Authenticator app versus something like sms.
And I completely agree about going to the vendor.
The one thing I was looking at the security article mitigate, one thing that I do think people tend to forget about sometimes with these two and I don't see it in that article particularly, and it was in the other article, the six, the tips to protect systems from data breaches is enforcing D L P. This is one that I think more companies should also pay attention to when it comes to this, especially with some of the D L P sensitive or the sensitive information
types that you have now as a part of D L P and just built right into Office 365. It's probably not gonna be able to detect when people are storing passwords per se and like an Excel spreadsheet. But they do have sensitive information types now around things like SaaS tokens for Azure storage accounts or SQL connection strengths. The number of times people are throwing those in teams messages are storing those in plain text and some of those.
And once if someone gets into your environment and starts pulling out some of those secrets, those connection strings, those SAS tokens to storage accounts or just sensitive information bleaks that you would normally think about too, HIPAA P ii financial information, getting D L P policies in place and thinking about security from not just passwords and user management and what access they have in M ffa but also securing that data that you have in your environment I think is
often overlooked by people. Yeah, it's one of those things that you get for free in other places and it just doesn't, you know, you kind of have to pay to play in the that Office 365 ecosystem.
You know, I think most of us, if you ever work with like scripts on GitHub or things like that, like you've probably gotten an email from something like depend bot or something else along the way to say like, hey there's a security vulnerability in this framework you're using, or hey you do have passwords and credentials that were logged into uh,
that were persisted in this configuration file. Yeah, like you said, you've, you've gotta go that extra step and do it on the, on the office side I think you should do those things for sure but upfront like you know, at the end of the day I don't think it's not critical path that people are storing passwords in the environment. Like you've gotta go drive user behavior and fix that. Like critical path is preventing the bad login in the first place, right?
That's what all that other guidance is kind of getting you to. So yeah, over time like you absolutely want to get that as dialed in, as dialed in as you can figure out licensing all the other things that are gonna have to happen along the way to meet your organization's security policies. You might be in like a regulated industry, there could be all sorts of things for you to consider there. Do you feel overwhelmed by trying to manage your Office 365 environment?
Are you facing unexpected issues that disrupt your company's productivity? Intelligent is here to help much like you take your car to the mechanic that has specialized knowledge on how to best keep your car running Intelligent helps you with your Microsoft Cloud environment because that's their expertise. Intelligent keeps up with the latest updates in the Microsoft cloud to help keep your business running smoothly and ahead of the curve.
Whether you are a small organization with just a few users up to an organization of several thousand employees they want to partner with you to implement and administer your Microsoft Cloud technology, visit them at intelligent.com/podcast, that's I N T E L L I G I N k.com/podcast for more information or to schedule a 30 minute call to get started with them today. Remember intelligent focuses on the Microsoft cloud so you can focus on your business. So I have another question for you.
Well I don't, Sally has a question for you Scott, along this whole security vein, we're gonna stick with security and let's say you're thinking through how you're gonna secure your environment and we focused primarily in Office 365 but lots of companies have other tools as well and sadly had a question in this security vein that I think we got via email from her and it says usually IT shops have different vendor solutions and there are pros and cons for this approach.
With more and more AI and ML aided tool sets available from different vendor solutions, heterogeneous environments will not benefit from it. For example, Cisco security product lines, firewalls, ASE Duo Amp umbrella, et cetera, will not integrate into the Microsoft CM xdr. So offering what is your thoughts and comments and suggestions ? I think it's tough as we get to a more and more sassy kind of world vendor lock-in is real. So vendors want you to stay.
They they, they don't want you to go and, and I think that's fair enough, right? Like you've paid for their product, you're in their ecosystem. Like you've gotta figure that out. And us as consumers we're also kind of making that deliberate choice to potentially spread our risk and live in multiple ecosystems. So we've gotta kind of find the way to get it all back together and kind of
mune it into a workable state. So I, I guess on the comment that with some of these tool sets like an ML tool set, like we've been talking a bunch about like co-pilots and chat GPTs and and things like that lately. Yep. Those tool sets benefiting or being available in multiple vendor solutions. So they very well might not be.
I think your challenge is if you're gonna be a multi-cloud multi-vendor company, which let's be honest, like the majority of us I think are, that means you need to find alternative products aka spend more money to aggregate it all together and get it to where it needs to be. So like to the example that was in that email like hey let's take a Cisco security product line firewalls, amp umbrella, things like that and integrating that into Microsoft Seam solutions.
You absolutely can integrate those things into something like Azure Sentinel. The downside of that integration is you're basically paying for it twice, right?
Like if I am a Cisco firewall customer and I'm gonna analyze my firewall logs on the Cisco side, if I really wanna bring those logs in line with say like, you know, back to like our login example earlier, like I want to analyze my login logs from my firewall and from Office 365 at the same time, that probably means you're bringing your logs into something like Sentinel along the way and now guess what? You're paying for your data twice , um, actually in the Microsoft ecosystem by yourself.
Like you're paying for your data twice, right? You wanna bring your Office 365 5 audit log into Sentinel. That means that not only do you have your O 365 audit log that you've turned on and enabled heavier storage for all that stuff and you're paying for your peruse of licensing, blah blah blah, you're still gonna pay for the data storage on the sentinel side to bring it all over.
I think the challenge becomes finding that kind of in the middle glue wear solution that's gonna tie you together and give you a kind of whatever your requirement is for a minimum amount of visibility and recognizing that it's not going to do everything as well as those individual vendor solutions do along the way. There might be like a rich logging capability in your firewall that it turns out like maybe using like a taxi connector in Sentinel.
Like it doesn't give you the same granularity in all the things, but that's a compromise that you have to make along the way. And I'm kinda using Sentinel as an example. Like there's a ton of other third party things that are in outside the Microsoft ecosystem that do a similar thing for aggregating logs across these disparate vendor ecosystems and then allowing you to do queries, visualization alerting, all those kinds of things.
I think the rub everybody has is they want it to be free and it's just not free. It's not free in the sense that the glue services that aggregate data and offer things like query and visualization engines, they cost money. It also costs money to have expertise in somebody that says knows how to query the logs on your Cisco firewalls and understands gusto for sentinel.
Like that might not be a skillset that you have in house and that you need to kind of like grow into and make a deliberate decision as to how, how to about that and do it. And then you've gotta have expertise to maintain both those solutions over time too. And that's not free either, right? So it's like time people money and you're getting hit on all three legs of that stool. Yeah, I kinda had the same thought like it was the Cisco example.
If you go into Sentinel and look, I would say maybe you can't necessarily pull everything in or is it's absolutely gonna be different. But they do have connectors for things like umbrella. There's a duo connector out there, there's a handful of those Cisco connectors. And to your point, I think from my perspective it's important to find that
CM XDR source solution that you want to use. Yeah, like you said, it could be Sentinel, it could be Splunk, it could be any number of those third party solutions and really try to pull all those logs in. I've had some conversations with even clients recently who are like, well we already have Splunk doing this. Do we stand up Sentinel to do our Azure ad in Office 365 stuff? And I'm like no. Because now you lose that ability to do those queries that brings, bring all your logs together.
If you're trying to go down hunt through attack and find an attack path and figure out the lateral movement and find how somebody jumped from here to here to here, having these logs in 10 different places is gonna be more detrimental I think, in my opinion.
Then bringing all of your logs into a central spot and maybe you do lose a little bit of the AI or the ML when you're hunting across all those logs, but I think that's why again you evaluate that seam, you find the one that has the most of what you want. Maybe it's whether what logs it can bring in, maybe it's the functionality there, the AI functionality that's in that particular seam.
But I am really of that mindset of all of your logs from that perspective should be in one central store so you can do your incident response, your hunting, all of that without having to go three, four or five different places and manually correlate everything.
I think Splunk's a good example there of kind of some of that lock-in scenario I work, uh, being in storage like Azure storage, we get a lot of customers who come to us and want to do things like forward their Splunk logs maybe into like blob storage and just have it stored on our
side for, you know, archival purposes or anything like that. You know, Splunk doesn't make a native connector, which means you gotta kind of like go and roll your own thing to the comment about spending money, like who wants to build a piece of middleware from scratch to take your stuff that's being going to maybe hitting like Splunk, uf uh, universal forwarder and then writing it out in a format over to blob storage or
sending it to an event hub so you can forward it downstream to another place. Like nobody wants to do that, right? It's a ton of friction. So you're back to just making a decision around like vendor login and and or vendor lock in and, and you know, you gotta be okay with that uh, upfront. I think it's like one of the big downsides to like the cloudy world we live in and yeah, it's not easy for everyone to kind of rationalize or
ju justify the costs and I can't blame 'em in some cases, right? Like I'm I, but you've gotta be able to trade off that, that money for risk or whatever it is, you know,
whatever your requirement is along the way. It's not an easy take, especially as you potentially get into a place where like you had one vendor and then you pick up another vendor and then you pick up another vendor and then you've got uh, yet another and then all of a sudden you've got like 10 of these things running in the background that were never designed to work together in the first place. And then somebody comes to you and says like, oh figure it out.
It should be easy, right? It's just like an HGP request from here to here. It's like no it's, it's not that. It's something completely different. Yes. And then you go acquire a company that has like 10 of those different solutions and they want it all integrated together or 20 or 30 of 'em. I would agree it's a challenge.
And to your point about vendor lockin in the cloud, I think it's even, I don't know what I venture to say that the cloud has created more vendor lockin because people don't want, or cloud vendors, Microsoft, Amazon, gcp, whoever it is, they don't necessarily want you just jumping to another cloud vendor. I mean this is recurring revenue for them I feel like more so than the on-premises days is vendor lock in and the advantages of using one vendor for everything has gotten very real .
For sure. Yeah. Yeah. I don't know, I don't have enough experience with aws. I'm curious, what's your take on like if you're an AW w S shop and you want to integrate with something like Azure or on-premises in terms of the ease of that? I feel like Microsoft has done a decent job at it with things like Azure ARC and some of the ability that they have created to do some of that cross, cross cloud stuff.
I don't know what some of the others AWS may have something I doubt GCP has much would be my take, but I'm not, I'm not sure. Everybody has something to a certain degree. So you know, like aws I think you have security hub, you have things like cloud trail for all of your logs along the way, like tho those are all kind of like known quantities and they exist. I think like off the cuff cuz you kind of put me on the spot, I would say that. I did put you on the spot.
Where I see customers having the most success is recognizing that lock in is real and because that lock in is real, you are often best served by focusing your efforts for a workload like on a single place or a single cloud. So by that I mean let's say you're gonna develop a web application and you know it's uh, like we'll do the typical like kentoso toys thing, right? You wanna be in multiple regions around the world, you wanna have resiliency,
availability, blah blah blah, all those things. So you could do something like, let's say it's like a a lamp stack kind of thing. So you could stand up databases in Azure and AWS and you could run app services in Azure and you could run websites in AWS and put all that stuff together. Like you could absolutely glue it together. It's gonna be really tough. It's gonna cost you a lot of money. It's gonna take, take a lot of time.
Like you're probably better off just sitting there and saying like, Hey for this website and this stack of things that I need to deploy for this workload, where's the best place for me to deploy it? And if the best place to deploy it is AWS stand everything up in AWS services including your monitoring, your logging, everything else. Use native AWS services to do all that and then boom, you're done. Next workload comes along, all right, where am I gonna stand it up?
What's it gonna look like? Where's it gonna be? And you choose Azure and then the next one comes along and you choose Google or the next one comes along and you choose Oracle or whatever the flavor of the day thing is, right? And and and stand it up and do that way like the dream of multi-cloud.
I think especially for like spread workloads, like take an individual workload and spread it across multiple clouds, like I really do like the more time I spend in it, I think that is a dream and you're better off by coming to reality and saying like, Hey, I'm probably better off running this in one place and that way I'm only dealing with one ecosystem. I'm dealing with a set of known limitations within that ecosystem.
Rather than trying to like blend two or three eco two or three ecosystems together, figure out all the rough edges in each one and then figure out how to tie it all back together. Like it's not worth the time, like when you sit down and do the math. Yeah. I would tend to agree, like whenever I hear the cross cloud stuff maybe is Yeah, I agree. I'm just gonna leave it at that. Sean said, just doubt G C P and you won't be steered wrong 95% of the time. . No comment. .
I'll make a comment. I tend to agree I do not run into many people using gcp. I know they're out there, but it does tend to be AWS or Amazon from everything I have experienced. It. Depends on what you're doing. There's definitely enterprises that do it. There's tons of startups that do it. Like I know you're a Spotify subscriber. Spotify uses GCP heavily . Okay, so we found the one, you're. A GCP user every day. Whether you nute or. Not, I am a GCP user with Spotify.
Oh well such as life. Anything else around that? Scott, I know we have a few other listener questions we may try to get to. We have not done many listener questions lately. I would say if you do have questions, let us know because we definitely always enjoyed debating these. I have been collecting a few, so there is, there was a request Scott to do an updated Microsoft defender one our last, I did not realize this, our last episode where we really dove into Microsoft Defender was back in 2001,
like a hundred episodes ago. . Yeah, we can go back to defender. The defender ecosystem has grown, grown quite a bit. So I think we can figure all that out. If folks wanted to send a question in Ben, where would they do that? Where would they go? I would say Twitter, but you don't pay attention there anymore. If you go to the website, Ms cloud it pro.com and you can click on contact us and just throw in first name, email address,
your question or comment, you can do it there. You can also reach out Twitter, master dun, what other socials do we have? Facebook, LinkedIn. We are on all of those. I would say the contact us form is probably your best bet. Easy. Enough to see us. Or if you are a member and you haven't joined our membership and are on Discord, you can always leave as a question in Discord as well. And if it is a good enough question, pressure's on, you have to do a good question.
We'll save it for the podcast versus answering it right in Discord, in real time. All right. Dialing it up by see Otis. I do what I can. All right, well that's Scott, enjoy your weekend. All right. And you enjoy your cruise and we'll chat again soon. I. Will do that. We will talk to you in like another 10 days or so. All. Right, sounds good. Thanks Ben. Thanks. Scott. If you enjoyed the podcast, go leave us a five star rating in iTunes.
It helps to get the word out so more IT pros can learn about Office 365 and Azure. If you have any questions you want us to address on the show or feedback about the show, feel free to reach out via our website, Twitter, or Facebook. Thanks again for listening and have a great day.