Tag Archives: measures

Microsoft releases new security tools for political campaigns to combat hacking attempts

Microsoft is offering new security tools to political campaigns — some measures with a level of technology usually reserved for government and big corporate customers — as it expands its efforts to stifle hacking attempts from foreign entities.

The Redmond company announced late Monday a new set of tools, called AccountGuard,  that will closely watch hacking attacks and attempts made against campaigns, and notify their staff when threats occur. Microsoft will also offer training for staffers on how to make accounts more secure, and let them test new security tools “on a par” with the features Microsoft sells to government and corporate clients.

The AccountGuard services will be included for free to campaigns, candidates, think tanks and other political groups that are Office 365 customers. The service is the newest part of Microsoft’s Defending Democracy program announced this spring, which aims to make elections secure.

Microsoft pointed to the need to expand security efforts, saying it seized six website domains last week, with the help of a court order, that belonged to hacking group Fancy Bear. The group is believed to have ties to the Russian government and was behind the 2016 hack against the Democratic Party.

Most Read Business Stories

Unlimited Digital Access. $1 for 4 weeks.

That group and others like it use domains such as senate.group and office365-onedrive.com to give the appearance of a trusted organization when they send out phishing emails. The emails could be used to obtain passwords and infiltrate political organizations.

So far, Microsoft has shut down 84 of these fake domains set up by Fancy Bear in the past two years. The company also revealed last month that it thwarted two attempts last fall by hackers trying to get inside two Senate candidate campaigns, including Missouri Democrat Sen. Claire McCaskill’s.

The number of hacking attempts has ticked up as midterm election campaigns get underway, Microsoft President Brad Smith wrote in a blog post Monday. It’s widely believed the threats aren’t as numerous as they were during the 2016 elections, but cybersecurity executives say they are still serious.

“We can only keep our democratic societies secure if candidates can run campaigns and voters can go to the polls untainted by foreign cyberattacks,” Smith wrote.

Prevent Exchange Server virtualization deployment woes

are other measures administrators should take to keep the email flowing.

In my work as a consultant, I find many customers get a lot of incorrect information about virtualizing Exchange. These organizations often deploy Exchange on virtual hardware in ways that Microsoft does not support or recommend, which results in major performance issues. This tip will explain the proper way to deploy Exchange Server on virtual hardware and why it’s better to avoid cutting-edge hypervisor features.

When is Exchange Server virtualization the right choice?

The decision to virtualize a new Exchange deployment would be easy if the only concerns were technical. This choice gets difficult when politics enter the equation.

Email is one of the more visible services provided by an IT department. Apart from accounting systems, companies rely on email services more than other information technology. Problems with email availability can affect budgets, jobs — even careers.  

Some organizations spend a sizable portion of the IT department budget on the storage systems that run under the virtual platform. It may be a political necessity to use those expensive resources for high-visibility services such as messaging even when it is less expensive and overall a better technical answer to deploy Exchange on dedicated hardware. While I believe that the best Exchange deployment is almost always done on physical hardware — in accordance with the Preferred Architecture guidelines published by the Exchange engineering team — a customer’s requirements might steer the deployment to virtualized infrastructure.

How do I size my virtual Exchange servers?

Microsoft recommends sizing virtual Exchange servers the same way as physical Exchange servers. My recommendations for this procedure are:

  • Use the Exchange Server Role Requirements Calculator as if the intent was to build physical servers.
  • Take the results, and create virtual servers that are as close as possible to the results from the calculator.
  • Turn off any advanced virtualization features in the hypervisor.

Why should I adjust the hypervisor settings?

Some hypervisor vendors say that the X or Y feature in their product will help the performance or stability of virtualized Exchange. But keep in mind these companies want to sell a product. Some of those add-on offerings are beneficial, some are not. I have seen some of these vaunted features cause terrible problems in Exchange. In my experience, most stable Exchange Server deployments do not require any fancy virtualization features.

What virtualization features does Microsoft support?

Microsoft’s support statement for virtualization of Exchange 2016 is lengthy, but the essence is to make the Exchange VMs as close to physical servers as possible.

Microsoft does not support features that move a VM from one host to another unless the failover event results in cold boot of the Exchange Server. The company does not support features that allow resource sharing among multiple VMs of virtualized Exchange.

Where are the difficulties with Exchange Server virtualization?

The biggest problem with deploying Exchange on virtual servers is it’s often impossible to follow the proper deployment procedures, specifically with the validation of storage IOPS of a new Exchange Server with Jetstress. This tool checks that the storage hardware delivers enough IOPS to Exchange for a smooth experience.

Generally, a virtual host will use shared storage for the VMs it hosts. Running Jetstress on a new Exchange VM on that storage setup will cause an outage for other servers and applications. Due to this shared arrangement, it is difficult to gauge whether the storage equipment for a virtualized Exchange Server will provide sufficient performance.  

While it’s an acceptable practice to run Exchange Server on virtual hardware, I find it often costs more money and performs worse than a physical deployment. That said, there are often circumstances outside of the control of an Exchange administrator that require the use of virtualization.

To avoid trouble, try not to veer too far from Microsoft’s guidelines. The farther you stray from the company’s recommendations, the more likely you are to have problems.