Tag Archives: can’t

A closer look at new and updated Microsoft security features

Data breaches occur on a daily basis. They can’t be avoided in our interconnected world, but you can take a proactive approach to reduce your risk.

While the internet has been a boon for organizations that rely on remote users and hybrid services, it’s now easier than ever for an intrepid hacker to poke at weak points at the perimeter to try and find a way inside. Windows Server is a key IT infrastructure component for most enterprises that handles numerous tasks — such as authentication — and runs critical workloads, namely Exchange Server, SQL Server and Hyper-V. Due to its ubiquitous nature, Windows Server is a natural target for hackers seeking a foothold inside your company. There are many Microsoft security products and native features in the newer Windows Server designed to keep sensitive information from spreading beyond your organization’s borders.

Microsoft security in Windows Server improved with the Server 2019 release by updating existing protections and adding new functionality geared to prevent the exposure of sensitive information. The company also offers several cloud-based products that integrate with the Windows operating system to warn administrators of trending threats that could affect their systems.

What are some features in Microsoft Defender ATP?

Microsoft Defender Advanced Threat Protection — formerly, Windows Defender ATP — supplements existing security measures while also providing a cloud-based platform with a range of capabilities, including response to active attacks, automated investigation of suspicious incidents and a scoring system that determines the level of vulnerability for each endpoint.

Microsoft Defender ATP, which underwent a name change in 2019 when the product was extended to protect Mac systems, features multiple proactive and reactive methods to protect organizations from many forms of cyberattacks. For example, to keep an endpoint from being susceptible to a common intrusion method via a Microsoft Office application, Microsoft Defender ATP can prevent the application from launching a child process.

Microsoft Defender ATP gathers information from a vast array of resources — such as different events on on-premises Windows systems and the Office 365 cloud collaboration platform — that Microsoft analyzes to detect patterns, such as certain command-line actions, that could indicate malicious behavior. Microsoft Defender ATP integrates with several Azure security products for additional protection. For example, by connecting to Azure Security Center, administrators get a dashboard that highlights suspicious activity in the organization with recommended actions to execute to prevent further damage.

Microsoft security features in this offering were tailored for Windows Server 2019 customers to prevent attacks that start either in the kernel or memory — sometimes called file-less attacks — of the operating system. Microsoft Defender ATP eases the onboarding process for this server OS through System Center Configuration Manager with a script.

What new SDN security features are in Windows Server 2019?

Abstracting the operations work associated with networking offers administrators a way to add some agility in an area not typically known for its nimbleness. Software-defined networking (SDN) gives IT newfound abilities via a centralized management platform for network devices to make it easier to perform certain tasks, such as ensuring specific workloads get enough bandwidth to meet performance expectations. But SDN is not immune to traditional threats if a malicious actor gains network access and proceeds to sniff traffic to scoop up credentials and other valuable information.

Microsoft enhanced the security aspect of its Windows Server 2019 SDN functionality by introducing several features to avoid data leakage, even if the data center defenses failed to stop unauthorized system access.

By implementing the “encrypted networks” feature, organizations add another layer of security around data that moves between VMs inside a particular subnet by encoding the information. Other noteworthy SDN security additions for the Server 2019 OS include more granular control over access control lists to avoid security gaps and firewall auditing on Hyper-V hosts for further investigation of suspicious incidents.

Where can I use BitLocker encryption in my environment?

Microsoft released its BitLocker encryption feature for on-premises Windows systems, starting with the Vista operating system in 2007. Since that time, the company has continued to develop ways to use this technology in more places, both in the data center and beyond.

BitLocker started out as an encryption method to protect all the contents in a hard drive. That way, even if a laptop was stolen, prying eyes would not be able to do anything with the confidential data stored on the device due to the length of time it would take to do a brute-force hack of even a less-secure 128-bit key.

Using BitLocker, while effective to thwart hackers, can frustrate users when they need to authenticate every time they need to use a device or when a BitLocker-encrypted server requires an additional login process after a reboot. Microsoft developed a feature dubbed BitLocker Network Unlock, debuting with Windows 8 and Windows Server 2012, that uses the physical network to deliver the encrypted network key so protected systems can unlock if they are connected to the corporate network.

Microsoft extended BitLocker technology to the cloud to give administrators a way to put additional safeguards around sensitive Azure VMs with the platform’s Azure Disk Encryption feature for full volume protection of disks. For this type of deployment, the Azure Key Vault is used for key management.

What are some recent security features added to Hyper-V?

Data leakage can tarnish a company’s reputation, but it can be an expensive lesson for lax security practices if regulators determine a privacy law, such as the GDPR, was broken.

Organizations that use the Hyper-V platform get the typical benefits acquired by consolidating multiple workloads on a single host in a virtualized arrangement.

But Microsoft continues to help administrators who operate in sensitive environments by adding virtualization-based security features with each successive Windows Server release to reduce the probability of a data breach, even if an intruder makes their way past the firewall and other defensive schemes.

Microsoft added shielded VMs in Windows Server 2016, which encrypts these virtualized workloads to prevent access to their data if, for example, the VM is copied from the sanctioned environment. In Windows Server 2019, Microsoft extended this protection feature to Linux workloads that run on Hyper-V when the VMs are at rest or as they shift to another Hyper-V host.

Go to Original Article
Author:

How IoT, 5G, RPA and AI are opening doors to cybersecurity threats

“You can’t say civilization don’t advance… in every war they kill you in a new way.” – Will Rogers

Software is eating the world. Cloud, RPA and AI are becoming increasingly common and a necessary part of every business that wishes to thrive or survive in the age of digital transformation, whether for lowering operational costs or to remain in the competition. But as we increasingly digitalize our work, we’re opening new doors for cybersecurity threats. Here, we dive into the technological advancements in the past year to learn how we can use those progresses without getting burnt.

IoT

From office devices to home appliances, our “anytime, anywhere” needs require every peripheral to connect to the internet and our smartphones. But simultaneously, the new IT landscape has created a massive attack vector. SonicWall’s Annual Threat Report discovered a 217% increase in IoT attacks, while their Q3 Threat Data Report discovered 25 million attacks in the third quarter alone, a 33% increase that shows the continued relevance of IoT attacks in 2020.

IoT devices collect our private data for seemingly legitimate purposes, but when a hacker gains access to those devices, they offer the perfect means for spying and tracking. The FBI recently warned against one such example of the cybersecurity threat concerning smart TVs, which are equipped with internet streaming and facial recognition capabilities.

As governments increasingly use cyberattacks as part of their aggressive policies, the problem only gets worse. IoT devices were usually exploited for creating botnet armies to launch distributed denial-of-service attacks, but in April 2019, Microsoft announced that Russian state-sponsored hackers used IoT devices to breach corporate networks. The attackers initially broke into a voice over IP phone, an office printer and a video decoder and then used that foothold to scan for other vulnerabilities within their target’s internal networks.

Some of the hacks mentioned above were facilitated because the devices were deployed with default manufacturer passwords, or because the latest security update was not installed. But with the IoT rush, new cybersecurity threats and attack vectors emerge. “When new IoT devices are created, risk reduction is frequently an afterthought. It is not always a top priority for device makers to create security measures since no initial incentive is seen due to a lack of profit,” warned Hagay Katz, vice president of cybersecurity at Allot, a global provider of innovative network intelligence and security solutions. “Most devices suffer from built-in vulnerabilities and are not designed to run any third-party endpoint security software. For many consumers, cybersecurity has been synonymous with antivirus. But those days are long gone,” he said.

To fight against the new cybersecurity threats, Katz recommended turning to a communications service providers (CSP). “Through machine learning techniques and visibility provided by the CSP, all the devices are identified. A default security policy is then applied for each device and the network is segregated to block lateral malware propagation. By simply adding a software agent on the subscriber’s existing consumer premise equipment, CSPs can easily roll out a network or router-based solution that protects all the consumer’s IoT devices.”

We also need to consider whether we really need an IoT version of everything. In the words of Ryan Trost, co-founder and CTO of ThreatQuotient who has over 15 years of security experience focusing on intrusion detection and cyber intelligence: “I can appreciate the benefits of every single student having a tablet (or equivalent) for schooling. However, I struggle to find the legitimacy of why my refrigerator needs an Internet connection, or for that matter, a video conferencing feature.”

5G

While the next generation network takes AI, VR and IoT to new levels, it’s also creating new problems. “5G utilizes millimeter waves, which have a much shorter range than the conventional lower-frequency radio waves. This is where the source of the greatest [cybersecurity] threat in 5G infrastructure originates from,” warned Abdul Rehman, a cybersecurity editor at VPNRanks. “An attacker can steal your data by setting up a fake cell tower near your home and learn a great deal about the device you are using including location, phone model, operating system, etc. These can even be used to listen in on your phone calls.” To mitigate the risk, Rehman suggests relying on strong encryption.

AI

We’ve previously talked about how AI is vulnerable to data poisoning attacks. As the technology advances, new forms of cybersecurity threats emerge. Voice deepfakes are one of such threats, where hackers impersonate C-level executives, politicians or other high-profile individuals. “Employees are tricked into sending money to scammers or revealing sensitive information after getting voice messages and calls that sound like they are from the CFO or other executives,” said Curtis Simpson, CISO at IoT security company Armis. “We’ve already seen one fraudulent bank transfer convert to $243,000 for criminals. Given how hard it is to identify these deepfakes compared to standard phishing attacks, I expect these operations will become the norm in the new year.”

It only takes one wrong click for a hacker to implant malware or open a backdoor. Unfortunately, that could be the undoing of all other security measures put in place to protect the network. “No one is off limits when it comes to cybersecurity threats,” warned PJ Kirner, CTO and founder of Illumio, which develops adaptive micro-segmentation technologies to prevent the spread of breaches. Children could end up installing malware on their parents’ phones. According to Kirner, “our sons and daughters will quickly become a new threat vector to enterprise security.”

Robotic process automation

A Gartner report showed the annual growth of RPA software and projected that revenue will grow to $1.3 billion by 2019. “In 2020, [RPA] will continue its disruptive rise and become even more ingrained in our everyday lives,” predicted Darrell Long, vice president of product management at One Identity, an identity and access management provider. “However, with the rapid adoption of RPA, security has become an afterthought, leaving major vulnerabilities.” RPA technologies hold privileged data and that makes them lucrative targets for cybercriminals. CIOs must pay close attention to the security of the RPA tools they use and the data they expose to ensure their business is not infiltrated by malicious actors.

Storage attacks

Cybercrimes are not only rising — they are also evolving. Attackers have realized that data in storage systems are key to an organization’s operations. “Hackers are now targeting network attached storage (NAS) devices, according to the data revealed in a new Kaspersky report. This new type of attack presents a significant problem to businesses using only NAS devices to store their backups,” said Doug Hazelman, a software industry veteran with over 20 years of experience.

According to Kaspersky, there was little evidence of NAS attacks in 2018, but as hackers realized the benefits, they caught users off guard since NAS devices typically don’t run antivirus or anti-malware products. Hackers exploited this shortcoming to put 19,000 QNAP NAS devices at risk.

Organizations should keep their systems updated with the latest security patches and ensure only necessary devices are reachable from public networks. Per Hazelman’s recommendation, “to prevent cybercriminals from infecting backups with malicious software, CIOs should ensure company backups are being stored on two different media types, one of which being cloud storage, which has several benefits, including increased security.”

Reaching for the clouds

While new technologies promise convenience and increased returns, CIOs must make sure the security risks do not outweigh the gains.

Contrary to the other technologies on this list, ransomware has largely left the cloud untouched. However, as companies continue to transition their servers and data to the cloud for more cost-efficient solutions, criminals will shift their focus. The current attacks have largely been due to cloud misconfigurations or stolen credentials, but since the cloud has become a one-stop shop for all data, it’s becoming the new battleground.

What we need to do about cybersecurity threats

By now, we’ve seen how devastating cyberattacks can be, and that the risks are steadily increasing. Security must be a priority and not an afterthought. While new technologies promise convenience and increased returns, CIOs must make sure the security risks do not outweigh the gains.

Go to Original Article
Author:

For Sale – Huawei Matebook X Pro – i7, 512GB, MX150

I am selling my Huawei Matebook X Pro, i7, 8GB RAM, 512GB Storage, GPU MX150.
It is in excellent condition and I can’t find any scratches or dings on it anywhere.

I bought it from the Microsoft Store so I have been the only owner, and I purchased it on 21st November 2018.
It comes in the original box, with the original charger and the HDMI accessory that came with it.

The only reason for sale is that I was travelling a lot with work at the time and since that has died down, I’ve built a desktop.

This is an excellent laptop with a great display and battery life has never let me down.

Go to Original Article
Author:

For Sale – Huawei Matebook X Pro – i7, 512GB, MX150

I am selling my Huawei Matebook X Pro, i7, 8GB RAM, 512GB Storage, GPU MX150.
It is in excellent condition and I can’t find any scratches or dings on it anywhere.

I bought it from the Microsoft Store so I have been the only owner, and I purchased it on 21st November 2018.
It comes in the original box, with the original charger and the HDMI accessory that came with it.

The only reason for sale is that I was travelling a lot with work at the time and since that has died down, I’ve built a desktop.

This is an excellent laptop with a great display and battery life has never let me down.

Go to Original Article
Author:

Wanted – Budget ITX bundle (South East)

Well actually I can’t remember what model it is, but its a Lian Li Aluminium full tower case. It has been in my loft for at least 5 years, but is in near perfect condition (if not perfect) no scratches or anything. I know it has at least a 12 bay capacity – not surprising being a full tower, but just cant remember exactly how many without going up and looking. I’m pretty sure its a Lian Li PC-V2000 plus but can’t say without double checking. Anyway, other than that I think your best option is a Fractal design case. the ‘R’ series… R2, R4, R5, have 8 bays, and you may be able to pick one up cheaply as I think the R6 is the current model. I have an R4 in use as my main desktop.

Go to Original Article
Author:

For Sale – Huawei Matebook X Pro – i7, 512GB, MX150

I am selling my Huawei Matebook X Pro, i7, 8GB RAM, 512GB Storage, GPU MX150.
It is in excellent condition and I can’t find any scratches or dings on it anywhere.

I bought it from the Microsoft Store so I have been the only owner, and I purchased it on 21st November 2018.
It comes in the original box, with the original charger and the HDMI accessory that came with it.

The only reason for sale is that I was travelling a lot with work at the time and since that has died down, I’ve built a desktop.

This is an excellent laptop with a great display and battery life has never let me down.

Go to Original Article
Author:

For Sale – HP Z620 Graphics Workstation / Gaming PC. Xeon 6 Core, 32Gb Ram, GTX1660Ti 6Gb, SSD (£400)

Really interested in this to use as HTPC but I can’t reach your asking price. I have no need for the following:

HDD1 : 1.5Tb
HDD2 : 1Tb
DVD ReWriter
OS : Windows 10 Pro (Fully Licenced)
Wifi : Gigabyte WB1733D-I . (2×2 AC Wifi and Bluetooth 5)

Would you be willing to remove these items and sell at a reduced price?

I’m in Birmingham, about 65 miles away but willing to collect.

Go to Original Article
Author:

For Sale – HP Z620 Graphics Workstation / Gaming PC. Xeon 6 Core, 32Gb Ram, GTX1660Ti 6Gb, SSD

Really interested in this to use as HTPC but I can’t reach your asking price. I have no need for the following:

HDD1 : 1.5Tb
HDD2 : 1Tb
DVD ReWriter
OS : Windows 10 Pro (Fully Licenced)
Wifi : Gigabyte WB1733D-I . (2×2 AC Wifi and Bluetooth 5)

Would you be willing to remove these items and sell at a reduced price?

I’m in Birmingham, about 65 miles away but willing to collect.

Go to Original Article
Author:

Asigra appliance uses Zadara technology

The new Asigra appliance can’t be bought — only rented.

Asigra has partnered with Zadara Storage to release the Asigra Cloud OpEx Appliance. The device is Zadara’s Virtual Private Storage Appliance (VPSA) pre-installed with Asigra’s backup software. Like Zadara’s storage-as-a-service (STaaS) offerings, the Asigra appliance is sold as a subscription, essentially making it a backup appliance as-a-Service.

Asigra will ship the device to the customer’s data center or colocation. All of the storage, controllers and disks are managed. The end customer doesn’t need to bring any storage expertise to the table. All the data is encrypted such that only the end customer can see it — their managed service provider (MSP) can’t.

Asigra sells its products exclusively through channel partners, many of which are MSPs that provide backup-as-a-service (BaaS) and disaster recovery-as-a-service (DRaaS) to end customers. The revenue model of MSPs is subscription-based, but traditionally, procuring storage is based on projected consumption. This means MSPs could end up buying more storage than they need.

Eran Farajun, executive vice president of Asigra, said by buying Asigra backup on an appliance on a pay-as-you-go basis, MSPs avoid overprovisioning and will only pay for the storage they use. Many of Asigra’s MSPs were using Asigra’s backup and Zadara’s STaaS separately, and Farajun said they were the ones who first brought up the idea of packaging the two.

“We’re really just responding to what our market has been asking for,” Farajun said.

Asigra only makes backup software, and all of its converged backup appliances come from partnerships with hardware vendors. The company started in 1986, but didn’t release its first device with pre-installed backup software until 2015 through a partnership with SuperMicro. Asigra began packaging software on iXsystems appliances in 2018. 

render of Asigra Cloud OpEx appliance
The Asigra Cloud OpEx Appliance is based on Zadara’s Virtual Private Storage Appliance.

Marc Staimer, president and founder of Dragon Slayer Consulting, said MSPs operate in a world where capital expenditure (capex) is going against an operational expenditure (opex) revenue stream. Money is made when the streams cross, but MSPs would rather have their costs and revenue be in alignment.

Many of the costs of running a service provider business fall under capex. Staimer said service providers who use the public cloud to provide BaaS and DRaaS need to purchase storage in a high-cost, high-performance tier to ensure fast recovery as well as a low-cost, high-capacity tier to keep overall costs down. According to Staimer, the performance tier costs six times more than the capacity tier.

MSPs also must provision hardware for their end customers. Staimer said MSPs are typically expected to provide the hardware at no cost, as it’s a necessary component of their services.

The Asigra appliance solves both of these problems because it’s entirely pay-as-you-go, with no upfront investment.

“People want a pure opex model,” Staimer said. “It’s a very good move on Asigra’s part.”

The Asigra Cloud OpEx Appliance is generally available now and starts at 30 terabytes of capacity and can scale up to petabytes. Pricing starts at pennies per gigabyte per month.

The Cloud OpEx Appliance uses Asigra’s flagship Asigra Cloud Backup Evolved software. Farajun said he expects updates to the core backup software in early 2020, including security enhancements and better integration with VMware.

Farajun said the next update will also focus on integrating with Microsoft Office 365’s Teams and Groups applications, as well as other cloud-based SaaS applications. He noted he has been seeing more customers realizing the need to protect their SaaS data.

Go to Original Article
Author:

With new cloud technologies, Lexmark evolves printers into smart IoT machines | Transform

Printers tend not to be top of mind in the digital age, until you need that critical document or can’t ship an order without an invoice. When employees have printing issues and calls to the help desk spike, a robust print environment suddenly feels vital.

Lexmark, a global printing and imaging solutions leader, understands the importance. Based in Lexington, Kentucky, the company is transforming its printers and services with artificial intelligence, cloud technologies and an IoT (Internet of Things) platform to simplify and improve printing for customers. But first, Lexmark had to transform itself.

The organization underwent a massive digital renovation last year, with an upgrade to Windows 10 and migration to Microsoft Azure, Microsoft 365 and Dynamics 365. The move enabled Lexmark to reduce its IT expenses by 25 percent and the number of IT-related problems by 40 percent. It also affected the company’s entire 9,000-person workforce in 170 countries and all business operations, from sales to distribution to manufacturing.

“It was part of a strategy to enable our associates to be more collaborative and responsive, so we can deliver an excellent customer experience,” says Brad Clay, chief information and compliance officer at Lexmark. “We want to become a more agile organization and part of our vision statement is to develop customers for life.”

headshot of Brad Clay
Brad Clay, Lexmark chief information and compliance officer. (Photo by Mark Mahan, courtesy of Lexmark)

The new, streamlined technologies have helped Lexmark evolve its printers into smart,  IoT machines and deliver innovations like Cloud Print Infrastructure, a new subscription service for customers to pay for only what they print. So instead of buying and maintaining the physical infrastructure of printers and print servers, customers can now access a secure cloud print environment managed by Lexmark and powered by Azure. They can simplify IT complexity related to print.

“This is really moving print to that next level,” says Clay. “Our ability to leverage the Microsoft cloud allows us to deploy industry-leading offers at a price point that wasn’t possible before.”

Machine learning algorithms on Lexmark’s IoT platform can factor in a customer’s busy print times, such as the end of a quarter or start of a new year. They can predict maintenance before a printer needs repairs and calculate the right time to order more toner before a cartridge goes dry. Real-time data from connected printers will also feed into Lexmark’s Dynamics 365 connected field service solution, launching this year for intelligent, end-to-end customer service.

“It’s about making the digital thread – design, manufacturing, delivery, customer support – more complete and full-featured, and connecting the entire process for a customer,” says Clay. IoT data will also help Lexmark monitor the life cycle of its products to improve the design, manufacturing and deployment of new models.

A large part of Lexmark’s agility and productivity now stems from Microsoft Teams, a teamwork hub in Microsoft 365 that integrates chat, calls, video, meetings and file sharing. The app replaced a set of disconnected office tools that required Lexmark associates to constantly switch systems.

“We continuously ran into barriers and it became awkward,” says Sven Dellagnolo, Lexmark director of global sales enablement. “I would have to exit one environment and open another and presume the other person could do the same on their device. Then someone wasn’t on the right version, it would crash in their browser, or somebody’s login wasn’t working. Teams solved all of that.”

The app has strengthened collaboration for all groups at Lexmark but has been especially helpful for global teams like Dellagnolo’s that work across continents. Organized channels and archives help associates quickly catch up on workflows from different time zones. An embedded translation feature reduces language barriers between Lexmark teams in North America, Asia and Europe. With 50,000 meeting participants, 17,000 one-on-one calls and 4 million chat messages hosted in Teams each month, Lexmark has bolstered what Clay calls a “culture of empowerment.”

close-up of a badge swipe in front of a printer
Lexmark printer employee badge authentication.

“Tools like Teams help us become a faster learning organization and share what we learn to make us more productive,” he says.

For Lexmark, modern cloud technologies enhance the company’s long history of research and development, and deep understanding of customers, who range from small businesses to the largest global banks and retailers. The tools help deliver solutions that make life easier for Lexmark’s customers, from simplifying the IT of printers to enabling secure printouts with employee badge authentication.

“Purchasing Microsoft technology is beyond just operating efficiently for ourselves,” says Dellagnolo. “It really translates into how we solve our customers’ problems.”

Top photo: A Lexmark printer. All photos courtesy of Lexmark. 

Go to Original Article
Author: Microsoft News Center