⏩ TL;DR - This Week in SysAdmin Land

· 📅 Newsletter schedule shifting to mid-day Wednesdays (because mornings = ticket hell).

· 🎙️ New podcast: Top Microsoft Skills every SysAdmin should have.

· 🛡️ Security watch: Cloudflare caught up in Salesloft Drift mess + Microsoft deep dive on Storm-0501.

· 📩 Microsoft limiting email from .onmicrosoft.com domains.

· 💳 SSA database leak reminder: consider credit freezes (especially for kids).

· 🔧 Tool of the week: Pi-Hole (because ads are malware with better PR).

· 📰 Great community content: decision-making for SysAdmins, OpenStack POCs, career pauses, and retention policy scripting.

📢 Schedule Change Announcement

Heads-up! We’re moving the newsletter drop to mid-day on Wednesdays. Why? Because most of you are knee-deep in tickets, outages, and weird printer issues on Tuesday mornings. Consider this your mid-week coffee break instead of a Tuesday-morning distraction.

💡 This Week’s Insight(s) from Andy

If you think about it, most of a sysadmin’s job is building and maintaining guardrails.

Sometimes they’re technical, like Pi-Hole blocking junk traffic, retention policies keeping lawyers happy, Conditional Access stopping “Bob in Finance” from logging in from Timbuktu. Other times, they’re life-related, like freezing credit after a breach so the bad guys can’t open a mortgage in your kid’s name.

This week’s news is a reminder that attackers are constantly hunting for the gaps. Our job isn’t to stop every car on the road, it’s to make sure they don’t plow through our lane. Guardrails may not be glamorous, but without them, the crash is inevitable.

As many readers of this publication and subscribers of the podcast know, I’ve spent a good chunk of my career either as the customer of MSPs, working for an MSP, or selling to MSPs as a vendor. MSPs thrive on process and iteration, and the same can be said of most internal IT departments.

I’ve seen what happens when guardrails are missing. Take one customer I supported many years ago: they didn’t have any M365 rules in place to alert on the creation of inbox forwarding rules. A malicious insider with high-level IP access set one up that quietly forwarded sensitive data to a competitor. Without guardrails, security was an afterthought and abuse was inevitable.

Guardrails aren’t just about security though. RAID, for example, is a guardrail for your data. Without it, you’re a single drive failure away from disaster. Whether it’s data resilience or security posture, the guardrails we build and maintain are critical to the safety of both our businesses and the digital world we support.

Take that responsibility seriously. Build guardrails. Maintain them. And keep the chaos at bay.

And now…. back to our regularly scheduled programming.

🎧 Latest on the SysAdmin Weekly Podcast

Episode 020: The Top Microsoft Skills Every SysAdmin Needs
Eric and I break down the must-have Microsoft skills for today’s SysAdmins. Topics range from Entra ID know-how to keeping your PowerShell chops sharp. We talk about why old “checkbox” skills aren’t enough anymore, and which modern Microsoft tools really separate the heroes from the merely competent.

⏪ What You Missed on Last Week’s Episode

Episode 019: What Counts as a Security Breach (and What Doesn’t)
Last week we dug into the messy gray area of “breach” vs. “incident.” Not every phishing click means a headline, but downplaying real breaches is dangerous too. If you’ve ever had management panic over nothing (or shrug at everything), this episode is worth a listen.

🔮 Sneak Peek of the Next Episode

Next week, Paul Schnackenburg is back! We’re tackling Conditional Access in Entra ID. Expect practical advice, war stories, and why ignoring “break glass” accounts is like skydiving without a backup chute.

📝 From AndyOnTech and Project Runspace

Decision Making for SysAdmins and System Architects — by Eric Siron
Eric argues that the best SysAdmins aren’t the fastest typers or the fanciest scripters. They’re the ones who make the smartest calls before touching a config. This article covers mental models and structured thinking that help you avoid firefights before they start.

📚 Core Fundamentals

Microsoft AI-900: Azure AI Fundamentals
The AI buzz isn’t going away anytime soon. This entry-level cert introduces you to Azure’s AI services, responsible AI practices, and core concepts. Even if you never become an AI engineer, it gives you enough grounding to call BS in the next vendor pitch.

👥 Helpful Community Content

Azure Essentials Show: Building a Generative AI Center of Excellence
Thomas Maurer & Ben Brauer talk about scaling generative AI responsibly inside an org: governance, best practices, and how not to let “AI everywhere” turn into “AI mess everywhere.”

Tony Redmond: PowerShell for M365 Retention Policies
A deep dive into using PowerShell to wrangle retention policies across tenants. It’s practical scripting advice for anyone tired of clicking around the compliance center UI.

Tytus Kurek: How to Set Up an OpenStack POC
Thinking about private cloud or just want to kick the tires on OpenStack? This guide shows how to spin up a POC without dedicating a month of your life to it.

Reddit: Pausing Your Tech Career for Family
SysAdmins candidly discuss stepping away for family reasons and then re-entering tech. It’s raw, thoughtful, and a reminder that the career ladder doesn’t always go straight up.

🏢 Other SysAdmin Content from Vendors & Official Pubs

Microsoft: Limiting .onmicrosoft.com Email Sending
Starting soon, .onmicrosoft.com domains won’t be usable for outbound email. The intent is to cut off a common abuse vector used in phishing and spoofing. Check if you’ve got any workflows still tied to this before they silently break.

Experian: How to Request a Credit Freeze for a Minor
With reports of the entire SSA database floating around, identity theft risk just went way up. Freezing your own credit is easy; freezing your kids’ credit takes more paperwork but may be just as critical.

🔒 Security Headlines for SysAdmins

Cloudflare Impacted by Salesloft Drift Supply Chain Attack
Even big security vendors aren’t immune to supply chain risk. Cloudflare confirmed exposure via the Salesloft Drift compromise. If you integrate with SaaS platforms, treat vendor risk management as a core control, not an afterthought.

Microsoft on Storm-0501 Ransomware TTPs
Microsoft breaks down how Storm-0501 is abusing cloud services to launch ransomware campaigns. It’s a reminder that attackers are moving where the workloads are, and “the cloud” doesn’t magically protect you.

🛠 Tool of the Week

Pi-Hole
A local DNS sinkhole that blocks ads, trackers, and shady domains network-wide. It’s great for home labs and SMBs alike, and the dashboard gives you eye-opening insight into just how much garbage your devices try to connect to daily.

⚡ Quick Win of the Week

Audit your tenant for auto-forwarding inbox rules. They’re still one of the cheapest and dirtiest tricks attackers (or malicious insiders) use to exfiltrate data. In most M365 environments, you can surface these with a quick PowerShell one-liner and put a guardrail in place before it becomes a security incident.

🕹️ Fun Retro SysAdmin Fact

In the 1980s, 5-10 MB hard drives would be sold for up too $3,000. That’s roughly $300 per megabyte. Today, you can buy a 1 TB SSD for less than lunch money. Not a bad return on progress.

☕ Wrap-Up

That’s a wrap for this week! As always, you can find all the podcasts, newsletters, and resources over at SysAdminWeekly.com.

Go forth, patch responsibly, and don’t forget to hydrate. See you mid-week next Wednesday!