Go to Original Article
Go to Original Article
Go to Original Article
Many IT Pros will attest that there is a constant push/pull between security and ease-of-use and I have personally seen many instances of IT Pros struggling with this push/pull over the years within their own organizations. Often times its resistance from the organization itself in implementing changes that would positively affect their own security posture, not the inability or desire on the part of the system admin or IT department. Even focusing on something as simple as multi-factor authentication (MFA), it is common to see push-back from management or certain departments.
In this article, we are going to talk about common reasons for this push-back, and ways that Microsoft’s Conditional Access feature can allow you to tread the line between security and ease-of-use.
Conditional Access, when paired with Azure Active Directory, is a tool used to provide next-generation identity services in the cloud age. No longer do administrators have to simply worry about the four walls of their building. Employee workforces today are dynamic and are working on several devices from several different locations. The needs of authentication and trust now must exist outside of those four walls of the business, and Azure AD and Conditional Access play an important role in this process.
Conditional Access uses a three-step process in determining if a user or device’s access should be allowed.
Figure 1 – Conditional Access
A conditional access signal acts as a trigger for a Conditional Access policy. A signal could be something like:
As part of the Conditional Access process, once a signal is triggered, a decision has to be made by the service based on the configuration of the conditional access policy. This usually boils down to the user/device simply being provided access (or not) but can also include varying levels or access as well. For example, you’ll be given access to the resources you’re trying to reach, but because you are using an administrative account, the service will force you to provide additional login information (such as MFA). Or, because you’re signing in using a legacy authentication mechanism, access will be denied, and you’ll be directed towards using the current (accepted) authentication mechanism being used within the organization.
These are just a few simple examples, but there are many other granular options along this vein that are provided by Conditional Access.
This is what I like to call the “Make-It-So” phase. Basically, Conditional Access will take the Signal from step one, look at the configured policy for that situation, and then enforce it. Combined, these three steps within Conditional Access serve to provide tightly control access mechanisms when access company resources in a cloud/mobile world.
So, how does this help you sell the idea of MFA within your organization? Let’s dig into that question.
NOTE: This was something of a crash course on the concept of Conditional Access. Much more information on this feature can be found in the official documentation, and we’ll be looking to feature more example use-cases in the future here on the Altaro Dojo.
Many organizations have tried multi-factor authentication with varying degrees of success. The more mature ones found a way to persevere through those challenges and their security posture was all the better for it. Others likely failed and rolled things back. Whether you’re using MFA today or haven’t yet looked at it, conditional access to help with the process. Let’s get into some concrete examples.
A business owner or manager complains that his/her department is constantly getting prompted for MFA. After all, they just want to do their work….
This is likely the most common complaint I see around MFA within organizations. Users get “annoyed” with the extra sign-on step, especially if it’s excessive or difficult. Conditional Access can improve this situation. As mentioned above Conditional Access can be configured to action on IP location. In this case, you can essentially white-list the IP for your primary office location(s) and tell conditional access that if a login attempt is coming from that location, that it’s trusted and does not require MFA. This step alone greatly reduces the amount of MFA “Chatter”, and will only prompt users for MFA when physically outside of the office.
An Administrator is concerned with knowing when to force password resets for users and what to do with accounts that are potentially suspicious.
Password hygiene is something that has been in flux these past few years where best practices are concerned. Did you know that new NIST recommendations state that there is no need to change a password unless there is evidence of breach?
Verifiers SHOULD NOT impose other composition rules (e.g., requiring mixtures of different character types or prohibiting consecutively repeated characters) for memorized secrets. Verifiers SHOULD NOT require memorized secrets to be changed arbitrarily (e.g., periodically).
Knowing this, one question many admins will ask themselves, is “On top of MFA, when will I have the time to monitor for compromised passwords?” The answer is you don’t have too! Conditional Access can do that. When paired with Azure AD Identity Protection, Conditional Access can check to see if the user’s username/password combination has appeared on any known credential sharing sites. If so, conditional access will force a password reset prior to allowing access.
Additionally, you can configure conditional access to force an MFA prompt (even within an otherwise known safe IP range) if certainly other “risky conditions” have been identified.
Paired with MFA, the policy of forcing password changes in conditional access serves to supplement user authentication hygiene and requires very little administrator work in doing so.
A CIO may be concerned that security requirements for administrator accounts are too lax.
This is a pretty common concern, Conditional Access can be used to force an MFA requirement on any account that has administrative access. I highly recommend this; due to the sensitive nature of the access, these types of accounts have. The added bonus here is that conditional access takes all the work out of enforcing it amongst your admins.
What we’ve covered here is only a small taste of what Conditional Access can do for your organization. There are many more potential use cases than these three, but they are certainly some of the more common ones I’ve run across. We have recent eBooks that cover both Azure IaaS and Microsoft 365 with some security topics sprinkled throughout.
I’m interested in hearing about any of your other security and access concerns. Do you see a positive use for these Conditional Access policies? Is there a specific issue you’ve been trying to solve? Let us know in the comments below and we’ll be sure to get you an answer!
Thanks for reading!
Is Your Office 365 Data Secure?
Did you know Microsoft does not back up Office 365 data? Most people assume their emails, contacts and calendar events are saved somewhere but they’re not. Secure your Office 365 data today using Altaro Office 365 Backup – the reliable and cost-effective mailbox backup, recovery and backup storage solution for companies and MSPs.
Go to Original Article
Author: Andy Syrewicze
While we’ve had many pandemics in the past, none have been so life-changing as the struggle against the latest novel coronavirus, COVID-19. The impacts of the pandemic have significant economic and public health consequences — including widespread effects on education, e-commerce and global supply chains.
With the world’s attention on this virus, artificial intelligence researchers, companies and solution providers of all sorts are looking to apply AI and machine learning to the vast range of challenges that the world faces. Many companies are applying AI capabilities to medical and health needs, while others are applying AI to the ongoing challenges faced in the economy. AI-based COVID-19 solutions are bolstering industries to provide healthcare, enterprise communication and ensure social distancing.
At this moment, there is no vaccine to combat the COVID-19 virus; the primary way to get control over the spread of the virus is through mitigation and suppression. The most effective treatment so far has been to practice self-isolation and to avoid crowded areas through social distancing. In the case of being tested positive, patients are told to quarantine themselves if they are showing manageable symptoms.
U.S.-based Athena Security is repurposing its security-based imaging solution to the healthcare field by analyzing thermal imagery to detect and track potentially sick patients. The company uses thermal imaging combined with algorithms that analyze the body temperatures of people to flag potentially sick individuals traveling in high traffic areas such as airports, stadiums, train stations and other locations.
Other regions have taken much more intrusive — some might say draconian — measures in monitoring and policing communities. Among the solutions employed by China were a surveillance system that used facial recognition and temperature detection for the identification of people who may have a fever. This technology was combined with mobile device tracking data and other information to not only spot those who were potentially sick, but match to facial records databases and indicate everyone who they might have potentially infected. In the Sichuan province, officials used AI-powered smart helmets that could identify people with a fever.
Using data analytics and big data, the Chinese government instigated a program whereby they monitored the risk each individual had of contracting the disease. This identification could be made based on the individual’s travel history, time spent in virus hot spots and exposure to people who had already contracted the disease. Based on this, the government assigned codes like red, yellow or green to indicate whether individuals are put in quarantine or advised self-isolation. Across China, drones are also used with thermal imaging to track infected patients, as well as to patrol public spaces for curfew compliance. This social tracking approach will probably become more commonplace as countries look to be more forceful and proactive in keeping infected people home and preventing the spread of disease.
When a pandemic hits, no aspect of the global economy is untouched. Health insurance providers and healthcare officials are backlogged by numerous cases of claims that they must process immediately. Likewise, the growing unemployment caused by work closures is resulting in an exponential increase in jobless claim filings. A lot of resources are needed to verify these claims, process them and provide benefits. Furthermore, with government staff themselves working from home and away from internal governmental systems, many of those needed benefits are stuck behind process bottlenecks that require human intervention.
RPA and more cognitive process automation tools that utilize the power of natural language processing for document handling, and more nimble solutions that can dynamically adjust to process changes are being applied to help move claims forward, while minimizing human workload. While RPA adoption has been moving at a fast pace over the past few years, it is expected that the global pandemic and work-from-home requirements will give cognitive automation even more of a push this year.
Likewise, the shift to work-from-home and home education has skyrocketed the demand for online conferencing and education platforms. This has in turn skyrocketed the consumption of the internet and is taxing global broadband providers. While internet providers work to adjust to the new normal of stay-at-home workers, the growth in online platforms is presenting additional opportunities enabled by AI.
As an increasing number of employees work from home, the load on their organization’s IT service desks are likewise increasing. Getting employees functional at home is vital to the running of the organization, but this is challenged by the fact that many IT service and operations staff are also working from home. As a result, companies are employing AI-based self-service solutions that can address common and critical IT service needs and resolve them autonomously without human interaction. These intelligent systems can provide step-by-step instructions from IT knowledge bases and the AI-backed digital assistants can help solve these queries freeing up IT for more complex cases.
Routine healthcare has been disrupted by the closure of many traditional doctors’ offices, while hospitals must deal with more urgent needs for COVID-19 patients. As such, there’s been an increased demand in telemedicine and health-based chatbots that can address a wide range of health concerns. Using these chatbots and intelligent assistants, less face-to-face interaction is needed between patients and medical staff, thereby reducing risks to these individuals. These tools are helping to reduce the overwhelming number of patients that hospitals and medical personnel may face. By employing bots and conversational AI tools it can help assess people with symptoms and address health needs without necessarily requiring an in-person doctor visit. Now, patients that can be managed at home will be advised to stay at home and free up vital resources for more severe cases.
One example of where we are seeing this in action is the Healthcare Bot service by Microsoft that uses AI-enabled chatbots to provide healthcare advice and some telemedicine capabilities. The system uses a natural conversation experience to impart personal health-related information and the government’s protocols on dealing with the pandemic.
The demand for online commerce has increased tremendously as people shelter in place. The normal supply routes and logistical supplies suffer as a result of unprecedented lockdowns, closure of nonessential services and even curfews in extreme conditions. One way to address these restrictions is to use technology and robotics driven by AI for the safe provision of supplies, medical drugs and food supplies to those in lockdown.
Terra Drone is providing these services especially in the transportation of high-risk quarantined material and medical samples to and from these sites to Xinchang County’s disease control center. This considerably reduces the risk of medical personnel getting harmed by infected people or quarantined stuff. Other companies are utilizing AI to help speed up their logistics and warehouse functions and deliver goods reliably and safely with little disruption to the status quo.
The White House Office of Science and Technology Policy has urged researchers to employ AI to find solutions to issues relating to COVID-19. The U.S. Centers for Disease Control and Prevention (CDC) and World Health Organization (WHO) have likewise asked AI researchers to assist in vaccine research to combat the virus. There are almost 29,000 research documents that need to be analyzed and scrutinized to find information about the novel coronavirus. Computers can extract the required information much faster than humans. To meet this challenge, a Kaggle competition called “CORD-19” was developed to generate potential solutions from interdisciplinary fields to provide input to the available data set as part of this challenge.
One of the most potent capabilities of machine learning is its ability to find patterns in big data. As such, researchers are applying AI in the discovery of potential vaccines and effective treatments. Google subsidiary DeepMind, known for its AlphaZero and research into artificial general intelligence, recently put efforts to find a vaccine through the sequencing of six protein structures linked to COVID-19. Usually, research into vaccines can take a significant amount of time, but using significant GPU-based horsepower and powerful algorithms that can make sense of tremendous amounts of big data, new vaccines could be developed faster using this AI approach.
Companies of all sizes, including startups, are jumping in to help. In February 2020, British startup BenevolentAI published two articles that identified approved drugs that could potentially be used to target and block the viral replication of COVID-19. The AI system mined a large quantity of medical records and identified the patterns and signals which could imply potential solutions. Their system identified a total of six compounds that could block the cellular pathways that allow the virus to replicate. The company is reaching out to potential manufacturers of the identified drugs to pursue clinical trials that can test their efficacy.
Likewise, Insilico Medicine is also applying AI techniques to find a vaccine for COVID-19 and similar viruses. In February 2020, the company generated an extensive list of molecules that could bind a specific protein of the COVID-19 virus. Using their AI-based drug discovery platform utilizing deep learning, the company filtered the potential list of molecules down to just a hundred. They then seek to test seven molecules, which could be put on trial by medical labs for viability as a suitable vaccine for COVID-19.
Other startups such as Gero Pte. Ltd., based in Singapore, are using AI to spot potential anti-COVID-19 compounds that have previously been tested in humans. Using machine learning and AI-based pattern matching, the company identified medicines such as the generic agents niclosamide, used for parasite infections, and nitazoxanide, an antiparasitic and antiviral medicine, that could slow the new virus’s replication.
A study published in the journal Radiology wrote that artificial intelligence-based deep learning models can accurately detect COVID-19 and differentiate it from forms of community-acquired pneumonia. The model, which is called the COVID-19 detection neural network (COVNet), extracts visual features from 4,356 computed tomography (CT) exams from 3,322 patients for the detection of COVID-19. To make the model more robust, community-acquired pneumonia (CAP) and non-pneumonia CT exams were included.
With COVID-19 first spreading like wildfire through China, Chinese companies hurried to provide innovative solutions to tackle the problem. Infervision introduced an AI-based solution that uses a machine learning model to increase the speed of medical image analysis and assist with the diagnosis of COVID-19 in patients. The use of AI-enhanced medical imaging reduces time needed to get positive results and can handle the large number of cases that need diagnosis at great speed and efficiency. As a result, hospitals and labs with scarce resources can quickly screen suspected COVID-19 patients and expedite treatment.
In addition to analyzing radiology imagery, AI systems can handle a range of other health-related data and diagnostics. A recent study presented by researchers at the University of Massachusetts Amherst aims to predict illness based on cough patterns. Other AI systems are listening to coughs and can potentially indicate patients who have the coronavirus from other patients who might have coughs originating from other illnesses. The combination of inputs from thermal images and audio input by microphones can assist clinics and other locations in identifying and segregating sick patients.
As can be seen above, the impacts of a global pandemic are widespread, impacting almost every corner of our society and economy. AI is being applied in a widespread manner as well, handling everything from the treatment and prevention of the virus to dealing with the impacts of the pandemic across the ecosystem. No doubt this is AI’s moment to shine and show how it can add transformational value across the globe.
Go to Original Article
We are living in a new world, a world racing online as social distancing forces many of us to work, communicate and connect in new ways. In the United States alone, state and local directives have urged 316 million Americans to stay in and, when possible, work from home. As communities around the world adapt to a world with COVID-19, broadband connectivity and access are more critical to our lives and livelihoods than ever before.
Broadband already powers much of our modern lives, but COVID-19 has acted as an accelerant, a fuel of sorts that has driven many essential activities online. All learning, services, commerce, most workplaces and daily interactions online require a high-speed connection to the internet. Those without access to this online world – more than 18 million Americans with 14 million living in rural areas, according to the Federal Communications Commission – risk falling farther behind. While 18 million is a big number – more than the entire populations of Indiana, Iowa and Tennessee combined – a new study has found that the actual number of people lacking access to broadband in the US is closer to 42 million.
We will eventually come out the other end of the COVID-19 crisis, but the future that emerges will look different from the world we left when this crisis began. The future of commerce, work, medicine, education and services will have changed – and, in some instances, permanently.
A problem intensified by COVID-19
Lack of broadband for rural populations, both in the United States and in the developing world, just can’t be ignored. That’s why, in the last three months, we’ve doubled down on our Microsoft Airband Initiative to expand the number of people reached. As of March 31, we’ve helped provide 1.2 million people with access to broadband in rural, previously unserved areas of the United States. This is almost double our total from December 31, 2019, and up from 24,000 people in the whole of 2018. We’re doing the most recent work by donating hotspots and wireless connectivity equipment, and expanding our digital skills offerings by developing COVID-19-specific digital skills offerings for rural communities.
We’re undertaking this work in tandem with ISPs, state and local governments, non-profits such as the National 4-H Council, and other mission-aligned public- and private-sector entities. Eight out of 12 of our commercial ISP partners have taken the FCC’s Keep Americans Connected Pledge, committing to maintaining connectivity to customers who are economically impacted by the crisis. Even those partners that have not formally signed on to the FCC’s pledge have committed to serving their communities by maintaining connectivity for existing customers and connecting new subscribers. The Airband Team has published a customer-ready Airband US COVID-19 Response Summary outlining our programmatic and policy responses to COVID-19 in the US.
We’re not the only ones trying to make a difference. Companies across the country are stepping up to the plate, including tech companies such as Google and T-Mobile. But it isn’t just tech that’s helping – companies such as Land O’Lakes are also working to close the broadband gap. We need the government to step up and meet us halfway.
Policy principles and new federal funding to accelerate much-needed changes
The most significant way to move the dial for Americans without broadband is by changing policy at the federal, state and local level, not only for more funding but to remove roadblocks so that broadband can reach rural and underserved Americans faster. In short, there’s a critical need for Congress to do three things.
First, Congressional action is needed to address the immediate broadband connectivity needs that are having a heightened impact on individuals and communities during the COVID-19 crisis. Funding is needed in the next stimulus bill so that students and teachers have access to remote learning, people have access to their doctors and other telehealth options, and to help people work from home, file and maintain their unemployment benefits, and apply for jobs online.
Second, there’s an urgent need to provide funding to the FCC so it can implement recently enacted broadband-mapping legislation. As we’ve said before, we can’t solve a problem we don’t understand.
Third, additional action is needed to permanently close the broadband gap. With accurate data on broadband availability, we recommend Congress provides funds based on seven important principles. Namely, these funds should be:
With this approach, the country can finally provide the funding needed for ISPs to close the broadband gap. In addition, we support efforts by the FCC, USDA and other federal and state agencies to release funds under new and existing programs to address the needs of vulnerable healthcare workers and patients, educators and learners, and remote workers. This is especially important because, in times of economic downturn, states are more cash-strapped than usual and don’t have resources necessary to make these critical investments.
The COVID-19 virus has created a national crisis. But it has also created an important opportunity. It’s time to galvanize the nation and recognize the obvious. Broadband has become the electricity of the 21st century. Well before the end of the 20th century, we recognized that no American should live without electricity. As we embark on the third decade of the 21st century, every American deserves the opportunity to access broadband.
Go to Original Article
Author: Microsoft News Center
With governments worldwide issuing stay-at-home orders, many organizations have looked to cloud collaboration platforms, such as Office 365 to keep employees working. With new technology comes new risks that threaten those companies that have no control over devices being used to connect remotely.
Due to the COVID-19 pandemic, the number of remote workers increased sharply, leading to a consequent rise in phishing attempts. Companies that just require one factor — a password — to verify its users can leave themselves vulnerable to an outside attack. To address this security gap, administrators are implementing multifactor authentication (MFA) to strengthen the protections around Office 365 to verify users that sign in to use these cloud services.
Office 365 MFA provides an additional security layer to ensure the person using a login is legitimate, not a hacker using stolen credentials. This feature is available in Office 365 Business Premium and Enterprise plans to verify login attempts to Exchange Online and other Office 365 services.
To start, the administrator must enable modern authentication for their tenant. This can lead to issues for organizations still using legacy versions of Microsoft Outlook, such as Outlook 2010. To avoid difficulties, clients would need to upgrade to the 2013 version or newer.
To configure Office 365 MFA, the administrator must be a member of at least one of these roles: global administrator, SharePoint administrator, Exchange administrator, conditional access administrator, security administrator, help desk administrator, password administrator, billing administrator, user administrator or authentication administrator.
Next, the administrator must go to the Office 365 admin portal (admin.microsoft.com), then navigate to Settings > Settings and select the Services tab and choose Modern authentication. Once selected, a pop-up window appears as shown in Figure 1 and the Enable Modern authentication checkbox can be selected.
Administrators can also run the following PowerShell command to enable modern authentication after connecting to Exchange Online PowerShell:
Set-OrganizationConfig -OAuth2ClientProfileEnabled $true
Next, the administrator can start Office 365 MFA for their end users in their tenant by browsing to the following URL and signing in with their credentials. (This URL is shown in the User panel in the General tab when making editors to a user account in the portal.)
To apply Office 365 MFA to a user, the administrator selects the user and chooses the enable MFA option. The administrator can notify the end user and share a link that assists them with choosing their preferred MFA option, which includes:
Administrators can also enable Office 365 MFA for multiple users at once. The MFA portal provides an option to download a sample CSV file the administrator can use as a template to populate with the list of users that require MFA, and, once completed, it can be uploaded and processed.
PowerShell can also be used to enable MFA for one or multiple users.
For individual users, use the following PowerShell script:
$st = New-Object -TypeName Microsoft.Online.Administration.StrongAuthenticationRequirement
$st.RelyingParty = "*"
$st.State = "Enabled"
$sta = @($st)
Set-MsolUser -UserPrincipalName [email protected] -StrongAuthenticationRequirements $sta
For multiple users:
$users = "[email protected]","[email protected]","[email protected]"
foreach ($user in $users)
$st = New-Object -TypeName Microsoft.Online.Administration.StrongAuthenticationRequirement
$st.RelyingParty = "*"
$st.State = "Enabled"
$sta = @($st)
Set-MsolUser -UserPrincipalName $user -StrongAuthenticationRequirements $sta
Administrators also have the option to use a vendor’s MFA technology from companies such as Okta, RSA and Symantec to integrate with Office 365. Why consider a third-party MFA product? Microsoft’s cloud platform is not impervious to outages; downtime in Azure, which supplies the Office 365 MFA functionality, can block administrators and users alike when they try to access the collaboration platform.
Another way to increase security while using Office 365 is to use hardware-based tokens for MFA needs. Deepnet Security and Token2 sell programmable tokens that display a six-digit authentication code. These options are fully compatible with Office 365 and offer an alternative to using a smartphone or an app for MFA.
While an improvement over one-factor authentication, MFA will not guarantee protection from credential leaks. Administrators should consider implementing other security features on the Office 365 platform, such as security reports, access controls and reviewing logs that detail administrative access to the system.
Go to Original Article
As so many organizations have shifted to remote work during COVID-19, we are hearing inspiring stories from customers discovering new ways to connect, collaborate, and keep business moving. From Sydney, Australia, to Seattle, Washington, schools, hospitals, small businesses, and large companies alike have found inventive ways to enable remote work across their organizations. We want to share what they are learning. Each week we will be spotlighting customers in one impacted region around the globe. First up: the Greater China Region. My colleague Lily Zheng in Shanghai is sharing stories for customers who, faced with extraordinary and difficult circumstances, have found innovative new ways to work.
Since we last heard from Lily and team, the region has begun to move into recovery mode. “Many businesses reopened, and more and more people have started going back to work,” Lily reports. “In the past two months, Teams has certainly played an important role in helping our customers pass through the most difficult time.” Looking ahead, she says: “Teams can play an even bigger role in helping our customers boost their productivity and increase their business resilience.” Here are some examples of how organizations in the Greater China Region kept things moving over the past few months.
With travel bans and health concerns keeping students, faculty, and staff at home over the past months, schools and universities have experienced a crash course in moving to remote learning. In February, the Peking University Guanghua School of Management used Teams to hold a digital school-opening ceremony with thousands of students. Meanwhile, Tamkang University, a private university headquartered in New Taipei City, Taiwan, quickly enabled distance learning for students in China, Macau, and Hong Kong by leveraging Microsoft Teams and cloud resources on their iClass Mobile Learning Platform. A total of 637 students and 1,041 teachers were set up to use the platform in 2,366 classes. Hong Kong Polytechnic University is conducting 120 to 160 concurrent teaching sessions daily through Microsoft Teams, with 10,000 to 11,000 students connecting simultaneously during peak times. And Wellington College International Tianjin, quickly established a solid e-learning program where students have been able to continue their learning journey with lessons conducted over Microsoft Teams.
The healthcare industry has faced extraordinary pressure during COVID-19. We’ve all seen news stories about medical supply challenges, but these organizations have experienced challenges in the IT space, too, including a lack of video conferencing solutions and heavy dependency on manual patient data inputting. Staff at the largest hospital in WenZhou, China, 2nd Affiliated Hospital of WMU, for instance, were unable to communicate with personnel inside the quarantined area. They had never used Teams before, but quickly deployed it and were able to communicate with quarantined-area colleagues. The team at Zhongshan Hospital in Shanghai hadn’t used Teams before the outbreak either, but they put it to use to hold their first remote leadership meeting. “It only took a few days to get reports,” said Mr. Li, Chief of Information Management Center at Zhongshan Hospital, “and we were able to successfully hold our first leader’s meeting, which was well-received by the whole leadership team.”
SF-Express is one of the best-known logistics companies in China. CIO Sheng Wang said, “Fortunately, we deployed Teams after we revamped our network branches [in] December of 2019. “It solves our needs for remote working, meeting, and training, and allows our staff to collaborate with high productivity.” DHL Supply Chain China also deployed Teams to handle its increasing remote collaboration needs.
The manufacturing industry has been hit hard by the impact of the outbreak, but also used it to discover new ways to digitally transform. Headquartered in Ningbo, China, Joyson Electronic has more than 100 bases in 30 countries and over 50,000 employees globally. “Microsoft Teams really helps Joyson improve our cross-regional and boundary collaboration productivity during the COVID-19 outbreak,” reported CIO Zong Jia. “We hold daily internal meetings, co-edit documents, and interview candidates on Teams.”
Over 50 percent of China International Marine Containers (CIMC) Group Ltd.’s business comes from export, which brings an urgent need for project-based management and real-time communications. CIMC has been using Teams to easily enable multiple collaborative team channels and remove restrictions imposed by different work locations. They’re finding it facilitates employee collaboration and has helped them complete their first successful step towards a modern workplace transformation.
We hope you’ve found it helpful to read about some of the innovative ways our customers have transformed their organizations during this difficult time. We have seen how schools have moved quickly to remote learning in virtual classrooms, and are continuing to hold important meetings, with Teams. We’ve seen how healthcare workers, faced with communication barriers brought on by COVID-19, have used Teams to connect. And we’ve seen how commercial enterprises are bringing distributed teams together and are bringing formerly in-person-only meetings—including job interviews—online. As the Greater China Region enters a new phase of its COVID-19 experience, we look forward to learning about how they apply what they’ve discovered in the days to come. We’ll be sharing more inspiring customer stories here soon, so check back often.
Go to Original Article
Author: Microsoft News Center
Cisco believes CISOs are overwhelmed by too many security products and vendors, and the company introduced a new platform, ominously code-named Thanos, to help enterprises.
But despite being named after the Marvel Comics megavillain, Cisco’s SecureX platform isn’t necessarily designed to wipe out half of all existing security products within enterprise environments. Instead, Cisco is taking a different approach by opening up the platform, which was unveiled last month, and integrating with third parties.
Gee Rittenhouse, senior vice president and general manager of Cisco’s Security Business Group (SBG), said the aim of SecureX is to tie not only Cisco products together, but other vendor offerings as well. “We’ve been working really hard on taking the security problem and reducing it to its simplest form,” he told SearchSecurity at RSA Conference 2020 last month.
That isn’t to say that all security products are effective; many “are supposed to have a bigger impact than they actually do,” Rittenhouse said. Nevertheless, the SBG strategy for SecureX is to establish partnerships with third parties and invite them to integrate with the platform, he said, rather than Cisco trying to be everything to everyone. In this interview, Rittenhouse discusses the evolution of SecureX, how Cisco’s security strategy has shifted over the last decade and the company’s plan to change the infosec industry.
Editor’s note: This interview was edited for clarity and length.
How did the idea for SecureX come about?
Gee Rittenhouse: We thought initially if we had a solution for every one of the major threats vectors — email, endpoint, firewalls, cloud, etc. — for one vendor, Cisco, then that would be enough. You buy Cisco networking and you buy Cisco security and that transactional model will simplify the industry. And we realized very quickly that didn’t do anything except put a name on a box. Then the second thing we thought was this: What happens if we take all these different things and integrate the back end together so that when I see a threat on email, I can block on my endpoint? We stitch all this together [via the SecureX framework] on behalf of the customer, and not only does the blocking happen automatically but you also get better protection and higher efficacy. We’d tell people we had an integrated architecture. And the customers would look at us and say ‘Really? I don’t feel that. You’ve got a portal over here, and a portal over there’ and so on. And we’d say, ‘Look, we’ve worked for three years integrating this together and we have the highest efficacy.’ And they’d say, ‘Well, everybody has their numbers …’
About a couple of years ago, we said we’ve simplified the buying model and simplified the back end. Let’s try to simplify the user experience. But you have to be very careful with that. The classic approach is to build a platform, and everyone jumps on the platform and if you only have Cisco stuff, life is great. But, of course, there are other platforms and other products. We wanted to be precise about how we do this, so we picked a particular use case around investigations. It’s an important use case. We built this very simple investigation tool [Cisco Threat Response] that you can think about as the Google search of security. Within five seconds, you can find out that you don’t have [a specific threat] in your environment, or yes, you do and here’s how to block it and respond. The tool had the fastest rate of adoption of any of our products in Cisco’s history. It’s massively successful. More than 8,000 customers use it every day as their investigation tool.
Were you expecting that kind of adoption for Cisco Threat Response?
Rittenhouse: No. We were not. There were two things we weren’t expecting. We weren’t expecting the response in terms in usage. We thought there’d be a few customers using it. The other thing that we didn’t expect was a whole use community came together to, for example, integrate vendor X into the tool and publish the connectors on GitHub. A whole user community has evolved around that platform and extended the capability of it. In both cases, we were quite surprised.
When we saw how that worked, saw the business model, and we understood how people consumed it, we attached it to everything and then said ‘Let’s take the next step’ with analytics and security postures. We asked what a day in the life for security professional was. They’re flooded with noise and threats and alerts. They have to be able to decipher all of that — can the platform do that automatically on their behalf? That’s what we’re doing with SecureX, and the feedback has been super positive
What kind of feedback did you get from customers prior to Cisco Threat Response and SecureX? Did they have an idea of what they wanted?
Gee RittenhouseSVP and GM, Cisco
Rittenhouse: There was a lot of feedback from customers who asked us to make the front end of our portfolio simpler. But what does that actually mean? It was very generic feedback. And in fact, we struggled with the ‘single pane of glass’ approach. What typically happens with that approach is you try to do everything through it, and all of the sudden that portal becomes the slowest part of the portfolio. This actually took a lot of time and a lot of conversations with customers on how they actually work. We engaged a lot of them with design thinking, and Cisco Threat Response was the first thing to come out of those discussions, and then SecureX.
And I want to make the distinction between a platform and a single pane of glass or a portal. And we very much think of SecureX as a platform. And when you think about a platform, it’s usually something that other people can build stuff on top of, so the value to the community is other people’s contributions to it, and you get a multiplier effect. There is only a handful of true, successful platform businesses in the world; it’s very hard to attract that community and achieve that scale.
Like other recent studies, Cisco’s  CISO Benchmark Report showed that many CISOs feel they have too many security products and are actively trying to reduce the number of vendors they have. Other vendors have talked about this trend and are trying to capitalize on it by becoming a one-stop security shop and pushing out other products. But with SecureX, it sounds like you’re taking a different approach by welcoming third-party vendors to the platform and being more open.
Rittenhouse: We would encourage the industry as a whole to be more open. In fact, the industry is not very open at all. One of the benefits to being open is the ability to integrate. In today’s industry, for example, let’s say you’re a security vendor and your technology says a piece of malware is a threat level 5, and I say it’s a level 2. And you’re integrated into our platform, and you’re freaking out because it’s a level 5. I ask you, ‘Rob, why do you think this? What’s the context around this? Share more.’ And until you have that open interface and integration, I just sit there and say, ‘For some reason, this vendor over here claims it’s big, but we don’t see it'”
So yes, we’re open. And I would anticipate the user experience with Cisco security products integrated together will be very different than what you would get with third parties integrated until they start to share more. And this is one of the issues you see in the SIEM and SOAR markets; they become data repositories for investigations after you get attacked. What actually happened? Let’s go back into the records and figure it out. Because of the data fidelity and the real-time nature [of SecureX] this is something you interact with immediately. It can automatically trace threats and set up workflows and bring in other team members to collaborate because you have that integrated back end.
Cisco has said it’s the biggest security vendor in the world by revenue, but most businesses probably still associate the company with networking. Now that SecureX has been introduced, what’s the strategy moving forward?
Rittenhouse: We’ve spent a lot of time on the messaging. I think more and more people recognize we’re the biggest enterprise security company. In many ways, our mission is to democratize security like [Duo Security’s] Wendy Nather said, so we want to make it invisible. We don’t want to be sending the message that you have to get this other stuff to be secure. We want it to be built into everything we do.
There’s been a lot of mergers and acquisitions, especially by companies looking to increase their infosec presence. But Wendy talked during her keynote about simplifying security instead adding product upon product. But it doesn’t sound like you’re feeling the pressure to do that.
Rittenhouse: No. We are not a private equity firm. We buy things for a purpose. And when we buy something, we’ll be happy to tell you why.
Go to Original Article
Like many companies, Southland Industries is working to accelerate its virtualization plans in the face of the coronavirus pandemic.
The mechanical engineering firm, which is based in Garden Grove, Calif., and has seven main offices across the U.S., has been using the Workspot Workstation Cloud virtual desktop service. Combined with Microsoft Azure Cloud, Workspot’s service enables engineers to build design-intensive work at home and enables Southland to keep pace as technology advances. When COVID-19 emerged, the company was transitioning users in the mid-Atlantic states to virtual desktops.
Israel Sumano, senior director of infrastructure at Southland Industries, recently spoke about making the move to virtual desktops and the challenges posed by the current public health crisis.
How did your relationship with Workspot first begin?
Israel Sumano: We were replicating about 50 terabytes across 17 different locations in the U.S. real-time, with real-time file launches. It became unsustainable. So over the last five years, I’ve tested VDI solutions — Citrix, [VMware] Horizon, other hosted solutions, different types of hardware. We never felt the performance was there for our users.
When Workspot came to us, I liked it because we were able to deploy within a week. We tested it on on-prem hardware, we tested it on different cloud providers, but it wasn’t until we had Workspot on [Microsoft] Azure that we were comfortable with the solution.
For us to build our own GPU-enabled VDI systems [needed for computing-intensive design work], we probably would have spent about $4 million, and they would have been obsolete in about six years. By doing it with Microsoft, we were able to deploy the machines and ensure they will be there and upgradeable. If a new GPU comes out, we can upgrade to the new GPU and it won’t be much cost to us to migrate.
How has your experience in deploying Workspot been so far? What challenges have you met?
Sumano: It was a battle trying to rip the PCs from engineers’ hands. They had a lot of workstations [and] they really did not want to give them up. We did the first 125 between October 2017 and February 2018. … That pushed back the rest of the company by about a year and a half. We didn’t get started again until about October of 2019. By that time, everyone had settled in, and they all agreed it was the best thing we’ve ever done and we should push forward. That’s coming from the bottom up, so management is very comfortable now doing the rest of the company.
How did you convince workers that the virtualization service was worthwhile?
Sumano: They were convinced when they went home and were able to work, or when they were in a hotel room and they were able to work. When they were at a soccer match for their kids, and something came up that needed attention right away, they pulled out their iPads and were able … to manipulate [designs] or check something out. That’s when it kicked in.
In the past, when they went to a job site, [working] was a really bad experience. We invested a lot of money into job sites to do replication [there].
[With Workspot,] they were able to pick up their laptops, go to the job site and work just like they were at the office.
The novel coronavirus has forced companies to adopt work-at-home policies. What is Southland’s situation?
Sumano: We have offices in Union City [California], which is Marin County, and they were ordered to stay in place, so everyone was sent home there. We just got notice that Orange County will be sent home. Our Las Vegas offices have also been sent home.
Our job sites are still running, but having this solution has really changed the ability for these engineers to go home and work. Obviously, there’s nothing we can do about the shops — we need to have people on-hand at the shop, [as] we’re not fully automated at that level.
On the construction site, we need guys to install [what Southland has designed]. Those are considered critical by the county. They’re allowed to continue work at the job sites, but everybody from the offices has been set home, and they’re working from home.
We hadn’t done the transition for the mid-Atlantic division to Workspot. We were planning on finishing that in the next 10 weeks. We are now in a rush and plan on finishing it by next Friday. We’re planning on moving 100 engineers to Workspot, so they’re able to go home.
How has it been, trying to bring many workers online quickly?
Sumano: I’ve been doing this a long time. I’ve implemented large virtual-desktop and large Citrix environments in the past. It’s always been a year to a year-and-a-half endeavor.
We are rushing it for the mid-Atlantic. We’d like to take about 10 weeks to do it — to consolidate servers and reduce footprint. We’re skipping all those processes right now and just enacting [virtualization] on Azure, bringing up all the systems as-is and then putting everyone onto those desktops.
Has the new remote-work situation been a strain on your company’s infrastructure?
Sumano: The amount of people using it is exactly the same. We haven’t heard any issues about internet congestion — that’s always a possibility with more and more people working from home. It’s such a small footprint, the back-and-forth chatter between Workspot and your desktop, that it shouldn’t be affected much.
What’s your level of confidence going forward, given that this may be a protracted situation?
Sumano: We’re very confident. We planned on being 100% Azure-based by December 2020. We’re well on track for doing that, except for, with what’s happening right now, there was a bit of a scramble to get people who didn’t have laptops [some] laptops. There’s a lot of boots on the ground to get people able to work from home.
Most of our data is already on Azure, so it’s a very sustainable model going forward, unless there’s a hiccup on the internet.
Editor’s note: This interview has been edited for clarity and length.
Go to Original Article
In Milan, Ivan Fioravanti, CTO at CoreView, is working from home, like so many others because of the coronavirus. In Italy, the outbreak has caused a rapid shift to remote work. His firm makes a SaaS management platform for cloud-based SaaS systems, including Office 365, something that may gain HR’s interest, especially as remote work increases.
Features include workflow management and administration, but a SaaS management platform like the one from CoreView, which has dual headquarters in Alpharetta, Ga., and Italy, can also help HR departments and business managers get a better understanding for the productivity of employees.
SaaS applications connect through APIs into the cloud-based management platform to provide application usage data. This can include anything from companywide usage to employee-specific data on applications such as Outlook, Skype or Teams, whether the employee is in the office or remote.
This monitoring capability may appeal to firms new to remote working, said David Lewis, president and CEO of OperationsInc, an HR consulting firm in Norwalk, Conn.
Firms are now adopting remote work that “were not interested in it before,” Lewis said. “And that breeds a certain lack of sophistication about remote work.”
Indeed, he said, the coronavirus will have a major impact on how work gets done. “The number of companies that will have people working remotely will outnumber the number of companies that don’t,” he said.
Employees may see this type of monitoring as big brotherish, Lewis said. But it may “calm the concerns and paranoia that tends to creep in to most managers” about remote workers, he said. Managers may be concerned that employees working from home are distracted and not giving the job the time it needs, he said.
This shift to remote work is happening quickly in Milan, Fioravanti said. The coronavirus problem is “really becoming worse day after day,” he said. Italy this week closed schools until March 15. Universities are closing as well, and the government is urging seniors to remain at home.
“Very few people are going to the office,” Fioravanti said. “If you go outside in the city, you see very few people around.”
Firms that are shifting to remote work and have invested in a SaaS management platform can decide on the level of monitoring they want, whether it’s a department, team or individual usage, Fioravanti said. Individual level monitoring can tell whether an employee is responding to such things as emails and chats and is engaged with co-workers and thirds parties, he said.
Along with providing insights into how an application is used, usage data can tell whether a firm needs all the seat licenses it is paying for. Workflow features can be used to speed up onboarding, and SaaS management platforms often provide embedded learning tools, such as short videos for ongoing training, on specific applications. The platforms also include licensing management and IT security functions, such as role-based access controls.
If there is fear of an employee backlash, or legal restrictions in some countries about employee monitoring, the system can be configured to anonymize users, Fioravanti said.
Manjunath BhatAnalyst, Garnter
Gartner analyst Manjunath Bhat said SaaS management platforms “are increasingly becoming important to manage, govern and secure SaaS applications.”
“It’s less about measuring individual productivity, and more about ensuring that employees are making use of the productivity tools at their disposal — and doing so in secure and compliant ways,” he said.
Bhat advised against using SaaS management platforms to monitor individual employees.
“Organizations will see employee backlash if the tools are used to target and penalize individuals for not using productivity apps,” Bhat said. What’s important to measure is the application’s “contribution toward business outcomes and not individual output,” he said.
“It’s the team’s productivity that matters more than individual metrics,” Bhat said.
Go to Original Article