Tag Archives: Messaging

WhatsApp vulnerabilities let hackers alter messages

Attackers are able to intercept and manipulate messages in the encrypted messaging app WhatsApp.

According to new research from Check Point, there are WhatsApp vulnerabilities that enable attackers to manipulate and modify messages in both public and private conversations. This type of manipulation could make it easy to continue the spread of misinformation.

WhatsApp, which is owned by Facebook, has over 1.5 billion users who send approximately 65 billion messages daily. The Check Point researchers warned of online scams, rumors and the spread of fake news with a user base that large, and WhatsApp has already been used for a number of these types of scams.

The new WhatsApp vulnerabilities that Check Point outlined in its blog post involve social engineering techniques that can be used to deceive users in three ways: by changing the identity of the sender of a message in a group, changing the text of someone else’s reply message, and by sending a private message to a group member to which replies are made public.

“We believe these vulnerabilities to be of the utmost importance and require attention,” the researchers wrote.

The WhatsApp vulnerabilities have to do with the communications between the mobile version of the application and the desktop version. Check Point was able to discover them by decrypting the communications between the mobile and desktop version.

“By decrypting the WhatsApp communication, we were able to see all the parameters that are actually sent between the mobile version of WhatsApp and the Web version. This allowed us to then be able to manipulate them and start looking for security issues,” the researchers wrote in their blog post detailing the WhatsApp vulnerabilities.

In the first attack outlined by Check Point’s Dikla Barda, Roman Zaikin and Oded Vanunu, hackers can change the identity of a sender in a group message, even if they are not part of the group. The researchers were also able to change the text of the message to something completely different.

In the second attack, a hacker can change someone’s reply to a message. In doing this, “it would be possible to incriminate a person, or close a fraudulent deal,” the Check Point team explained.

In the final attack disclosed, “it is possible to send a message in a group chat that only a specific person will see, though if he replies to this message, the entire group will see his reply.” This means that the person who responds could reveal information to the group that he did not intend to.

Check Point said it disclosed these vulnerabilities to WhatsApp before making them public.

In other news

  • Computers at the office of PGA America have reportedly been infected with ransomware. According to a report from Golfweek, employees of the golf organization noticed the infection earlier this week when a ransom note appeared on their screens when they tried to access the affected files. “Your network has been penetrated. All files on each host in the network have been encrypted with a strong algorythm (sic),” the note said, according to Golfweek. The files contained information for the PGA Championship at Bellerive and the Ryder Cup in France, including “extensive” promotional materials. According to the Golfweek report, no specific ransom amount was demanded, though the hacker included a bitcoin wallet number.
  • Microsoft may be adding a new security feature to Windows 10 called “InPrivate Desktop.” According to a report from Bleeping Computer, the feature acts like a “throwaway sandbox for secure, one-time execution of untrusted software” and will only be available on Windows 10 Enterprise. Bleeping Computer became aware of this previously undisclosed feature through a Windows 10 Insider Feedback Hub quest and said that it will enable “administrators to run untrusted executables in a secure sandbox without fear that it can make any changes to the operating system or system’s files.” The Feedback Hub said it is an “in-box, speedy VM that is recycled when you close” the application, according to the report. There are no details yet about when this feature may be rolled out.
  • Comcast Xfinity reportedly exposed personal data of over 26.5 million of its customers. Security researcher Ryan Stevenson discovered two previously unreported vulnerabilities in Comcast Xfinity’s customer portals and through those vulnerabilities, partial home addresses and Social Security numbers of Comcast customers were exposed. The first vulnerability could be exploited by refreshing an in-home authentication page that lets users pay their bills without signing into their accounts. Through this, hackers could have figured out the customer’s IP address and partial home address. The second vulnerability was on a sign-up page for Comcast’s Authorized Dealer and revealed the last four digits of a customer’s SSN. There is no evidence yet that the information was actually stolen, and Comcast patched the vulnerabilities after Stevenson reported them.

GoToMeeting client adds business messaging to chase rivals

LogMeIn has added an instant messaging client and meeting transcriptions to its flagship web conferencing platform, GoToMeeting, as the vendor plays catch-up with rivals Cisco Webex and Zoom.

GoToMeeting’s business messaging supports 1-to-1 and group chats, letting users launch a video meeting with one click. The conversations are persistent, meaning they don’t disappear when the app is closed, and the interface shows when users are online, offline or in a meeting.

The GoToMeeting client adds external collaborators to the messaging channel by inviting them via email. Other messaging clients, such as the team collaboration apps Slack and Microsoft Teams, let users add external participants to meeting channels by creating guest accounts.

The updates released this week bring the GoToMeeting client more in line with Zoom and Cisco Webex, which have supported messaging for some time. But most GoToMeeting users probably already have other messaging clients, such as Microsoft Skype for Business or Cisco Jabber.

“My sense of GoToMeeting is that they have fallen behind their competitors like BlueJeans, Zoom, Cisco, PGi, etc., in terms of features and functionality,” said Irwin Lazar, an analyst at Nemertes Research, based in Mokena, Ill.

LogMeIn closed a deal to acquire GoToMeeting, GoToWebinar and GoToTraining from Citrix for $1.8 billion in early 2017. The company’s portfolio also includes Join.me, a web conferencing platform for small businesses, and OpenVoice, a conference call service.

Earlier this year, LogMeIn bought unified-communications-as-a-service vendor Jive Communications, which provides hosted VoIP services to small and midsize businesses. LogMeIn has yet to release details about an expected consolidation of Jive’s offerings with GoToMeeting.

GoToMeeting client gets automated transcription, Alexa integration

GoToMeeting will now automatically transcribe meeting recordings for customers subscribed to its upper-tier “pro” and “plus” plans. The vendor will also let customers store recordings in the cloud for the first time.

Automated transcription is quickly becoming a must-have feature for cloud-based web conferencing platforms. Zoom, BlueJeans and Microsoft Teams all announced transcription capabilities of some kind earlier this year.

GoToMeeting’s transcripts will be searchable and include timestamps that hyperlink to specific locations within the video recording. They will also identify speakers by name and provide a breakdown of how many minutes each participant spent talking during the meeting.

New integrations with Amazon Alexa, meanwhile, will let GoToMeeting users schedule, reschedule, join and cancel meetings using Echo voice assistant devices. Users will also be able to check their daily meeting schedule.

Prepare for an upgrade to Exchange 2016 with these pointers

As a new version of Exchange Server draws near, an enterprise with an on-premises messaging platform must decide…

“;
}
});

/**
* remove unnecessary class from ul
*/
$(“#inlineregform”).find( “ul” ).removeClass(“default-list”);

/**
* Replace “errorMessageInput” class with “sign-up-error-msg” class
*/
function renameErrorMsgClass() {
$(“.errorMessageInput”).each(function() {
if ($(this).hasClass(“hidden”)) {
$(this).removeClass(“errorMessageInput hidden”).addClass(“sign-up-error-msg hidden”);
} else {
$(this).removeClass(“errorMessageInput”).addClass(“sign-up-error-msg”);
}
});
}

/**
* when validation function is called, replace “errorMessageInput” with “sign-up-error-msg”
* before return
*/
function validateThis(v, form) {
var validateReturn = urValidation.validate(v, form);
renameErrorMsgClass();
return validateReturn;
}

/**
* DoC pop-up window js – included in moScripts.js which is not included in responsive page
*/
$(“#inlineRegistration”).on(“click”,”a.consentWindow”, function(e) {
window.open(this.href, “Consent”, “width=500,height=600,scrollbars=1”);
e.preventDefault();
});

if it will upgrade, migrate to the cloud or wait until the next major release of Exchange.

Many organizations that choose to stay on premises generally make this determination due to business requirements or to prolong a significant investment in infrastructure. Some enterprises might hold off on an upgrade to Exchange 2016 since Exchange 2019 isn’t far off — Microsoft says to expect a final release at the end of 2018.

If a business recently moved to Exchange 2013, it may prefer to stay on premises until this new version arrives. But the tradeoff is the company must wait a bit longer to get more modern features and enhanced security capabilities that can benefit the organization now.

But the choice to upgrade also brings challenges. Administrators must prepare their environment, their teams and end users for the substantial change.

So, what are some areas IT must prepare for when they consider an upgrade to Exchange 2016 from a legacy version? And, once the upgrade is done, what can they do to ensure they can adequately support the platform?

Plan and define the Exchange 2016 requirements

Whenever administrators look to upgrade the messaging platform, they should right-size for the latest Exchange environment to ensure the new version functions appropriately, and can accommodate changes and growth. Administrators can use several online resources, but most rely on a useful calculator from Microsoft. The Excel template, named the Exchange Server Role Requirements Calculator, offers IT a way to quickly assess the numerous requirements around the following critical areas:

  • Role requirements
  • Volume requirements
  • Backup requirements
  • Replication requirements
  • Storage design
  • Distribution
  • Activation scenarios

Get ready for the new Exchange Server

After designing the environment in the design phase, IT can then build it with the latest updates and patches on all the servers. Microsoft recommends either Windows Server 2012 R2 or Windows Server 2016 as the server OS for Exchange 2016.

Make sure to update the .NET Framework; it is a crucial component of Exchange 2016 that determines the performance and reliability of Exchange functions.

If responsiveness is an issue after the upgrade to Exchange 2016, administrators will need to dig through the usual suspects. Check the storage and networking hardware configurations, power settings for the CPU or network interfaces, and review the sizing and architecture of the Exchange environment.

Keep up with monitoring and health checks

Once the business completes its upgrade to Exchange 2016, admins must keep the new environment healthy with regular maintenance. This doesn’t require expensive software — just due diligence. Many admins stick with simple tools, such as Paul Cunningham’s Health Report for an Exchange Server PowerShell script, System Monitor (Perfmon) counters and other utilities to keep an eye on Exchange logs and monitor the overall health of the system.

Use the right tools to troubleshoot other problems

Even with thorough planning and a flawless upgrade to Exchange 2016, administrators might face some issues or challenges with the system after deployment. Be prepared to troubleshoot any problems that could arise by gaining an understanding of PowerShell and Log Parser, and any Exchange-specific utilities that identify the source of errors or email issues.

Dig Deeper on Microsoft Exchange Server 2016

Office 365 compliance features keep data locked down

Stricter guidelines for compliance regarding messaging retention are forthcoming thanks to rules such as the EU…

General Data Protection Regulation. Administrators new to Office 365 must learn the nuance of this service’s features to prepare for these changes.

Office 365 compliance features differ with those of on-premises systems, such as Exchange Server. The tools to identify, retain and remove data are built in to the Office 365 Security & Compliance Center. This portal enables businesses to keep data for as long as necessary without third-party tools or extra storage, and it works across Microsoft’s cloud services.

This article looks at the Office 365 compliance features, where they lack and how admins can adjust for these shortcomings.

Master the Office 365 Security & Compliance Center

Until recently, Office 365 mirrored its on-premises counterpart — IT managers administered and managed compliance within each individual service. To keep data in Exchange Online, the admin would adjust settings in the Exchange Admin Center with terminology specific to Exchange. It works the same with SharePoint Online.

The Security & Compliance Center changes all this. It uses a unified portal to manage compliance functionality across the Office 365 suite. Admins use the portal to create policies for all data within the Office 365 tenant. Admins also use this section to perform discovery and searches across multiple services within Office 365.

Office 365 Security & Compliance Center
Figure 1: Admins use the Security & Compliance Center to handle compliance tasks for data across the Office 365 suite.

Admins use the Security & Compliance Center to manage data in several areas. Your organization might need more than one of these Office 365 compliance features.

  • Data loss prevention (DLP): This section identifies sensitive content automatically and prevents users from uploading or sharing the data externally or internally.
  • Data governance: This area sets policies across Office 365. It works to define how long to keep, and when to remove, data. Admins can also archive data or mark it for supervision review.
  • Classifications: This section lets admins define labels to tag content in OneDrive, SharePoint and Exchange services. These labels work with the data governance function to categorize data and apply preservation rules.
  • Sensitive information types: These definitions automatically match data, such as credit card or Social Security numbers. Built-in definitions cover most financial, medical, health and personal data, and admins can also add customized definitions. DLP functions and classifications use these definitions to auto detect sensitive data.

Understand the capabilities of Office 365 compliance features

An enterprise’s most common compliance requirement is to keep all data for a certain amount of time. Most organizations must retain data for five to 10 years, although the requirement is longer for some.

With an on-premises mailbox server, organizations typically use email journaling for compliance purposes. An email journal makes a copy of every email message — this includes the message envelope and BCC recipients — on a separate system. The business retains the copy for as long as necessary.

[embedded content]

How to build new labels in Office 365
then publish them with a policy.

Organizations on Office 365 do not need a product that copies and stores data from Exchange or SharePoint. If a worker alters or removes data from the mailbox, SharePoint sites or OneDrive for Business, data governance keeps the original in Office 365.

In Figure 2, an admin creates a policy that targets all Office 365 data. The preservation lock feature prevents the Office 365 administrator from removing the policy to add an extra layer of security.

Office 365 policies
Figure 2: This policy protects data in all areas of the Office 365 suite.

Use DLP to hinder leaks

Many organizations with on-premises messaging servers try to prevent disclosures of sensitive data in email with edge-based DLP tools. But edge-based DLP tools only defend the email gateway and do not account for other ways users share sensitive information. Unless it integrates with OneDrive or SharePoint, an edge-based DLP tool does not scan documents included as a link, rather than an attachment, in email.

Office 365 DLP works across both Exchange and SharePoint and prevents sensitive data from being uploaded and shared. For example, admins can configure Office 365 DLP to prevent users from sending a list of credit card numbers to a OneDrive for Business account. Alternatively, admins can set a DLP policy to stop users from sharing credit card numbers with external guests.

New DLP policy
Figure 3: This Office 365 DLP policy sends an alert if the content includes insurance information or passport numbers.

The classifications feature identifies and marks this sensitive data for retention and removal. Autolabel policies can search for data across Exchange, SharePoint and OneDrive by keyword. The admin can further adjust settings in sensitive information types to mark data and remove it.

Migrate to Exchange 2016 and beat the rush

The clock is ticking if you still run Exchange 2010. Extended support for that messaging platform expires in January…

“;
}
});

/**
* remove unnecessary class from ul
*/
$(“#inlineregform”).find( “ul” ).removeClass(“default-list”);

/**
* Replace “errorMessageInput” class with “sign-up-error-msg” class
*/
function renameErrorMsgClass() {
$(“.errorMessageInput”).each(function() {
if ($(this).hasClass(“hidden”)) {
$(this).removeClass(“errorMessageInput hidden”).addClass(“sign-up-error-msg hidden”);
} else {
$(this).removeClass(“errorMessageInput”).addClass(“sign-up-error-msg”);
}
});
}

/**
* when validation function is called, replace “errorMessageInput” with “sign-up-error-msg”
* before return
*/
function validateThis(v, form) {
var validateReturn = urValidation.validate(v, form);
renameErrorMsgClass();
return validateReturn;
}

/**
* DoC pop-up window js – included in moScripts.js which is not included in responsive page
*/
$(“#inlineRegistration”).on(“click”,”a.consentWindow”, function(e) {
window.open(this.href, “Consent”, “width=500,height=600,scrollbars=1”);
e.preventDefault();
});

2020. It makes sense to move to Exchange 2016 now, whether you plan to put your email system in the cloud in the future or not.

A company that waits until the end of support for Exchange 2010 limits its choices and invites the administrative headaches of a rushed migration. Explore your options, and discover the perks of a messaging platform designed in the cloud era. Exchange 2010 shops should plan to migrate to Exchange 2016 sooner rather than later.

Don’t panic, but get ahead now

Exchange 2010 launched in 2009, and the requirements for a messaging platform today are different. Businesses should go through an extensive planning checklist before they migrate to Exchange 2016. They must determine if they require new hardware, if virtual infrastructure replacements will work with Exchange 2016 and how to handle third-party archiving tools, such as Enterprise Vault. Suddenly, that end-of-support date isn’t as far away as it seems.

Additionally, Exchange 2016 leaves mainstream support in 2020 and enters extended support until 2025. If you migrate to Exchange 2016 now, you benefit from a fully supported product in its prime rather than jumping from one elderly edition to another.

Say an Exchange 2010 business wants to get to Office 365 eventually. It will be easier to get there if it migrates to Exchange 2016 first.

Expect a more complex migration if you wait until 2020 and want the most advanced on-premises version of Exchange. Based on Microsoft’s history, the company could launch a new version of Exchange in 2020. Do not presume Microsoft will allow users to migrate directly to that platform from Exchange 2010. If the past is any indication, companies will need to hop to Exchange 2013 or 2016 first.

Avoid combination of Office update and mailbox migration

Say an Exchange 2010 business wants to get to Office 365 eventually. It will be easier to get there if it migrates to Exchange 2016 first. The on-premises server ensures a simple, supportable migration path to Office 365. That’s because new versions of Microsoft Office likely won’t support Exchange 2010. For a direct move from Exchange 2010 to Office 365, Microsoft could require the administrator to deploy a new version of Office. Don’t get stuck with the pain of an Office version switch as you simultaneously push mailboxes to the cloud.

Acknowledge that Exchange Online isn’t for everyone

However, it doesn’t make sense for every shop to go to Exchange Online, now or in the future. Small businesses don’t always have fast and reliable internet connectivity. Midsize companies host Exchange on existing infrastructure because it’s a low-cost option. Enterprises often move a few mailboxes to Exchange Online but need to maintain an on-premises presence to meet legal or contractual requirements.

Get the latest innovations in Outlook

Outlook has come a long way on its web, desktop and mobile versions since Microsoft launched Exchange 2010. Outlook on the web comes with modern functionality, such as rich text formatting and improved cross-browser support. Exchange 2016 aligns closely with the features in Exchange Online and Outlook.com.

Some other benefits to an Outlook upgrade include easier image placement and link previews in email messages. Integration with Office Online Server enables rich document viewing and inline document editing in email replies.

[embedded content]

Exchange on premises or Exchange Online?

Outlook borrows inbox management features from Office 365, such as the sweep function to delete unwanted email. Outlook add-ins integrate with cloud services and third-party apps from both Outlook on the web and Office 2013 or higher.

Gain from a simplified deployment model

Exchange 2010 enabled admins to split server roles, which complicated the deployment process. Exchange 2016 changed that model with the Mailbox role, which bundles all the services to run client access, transport, unified messaging and the traditional mailbox role.

Microsoft also publishes its Exchange Preferred Architecture (PA), which simplifies highly available deployments. With this arrangement, there’s no need for intelligent load balancers to handle traffic for Exchange Server; a round-robin domain name system manages client access. This model benefits multisite deployments with easy failover between sites. Administrators who manage a multisite database availability group deployment with Exchange Server know that failover and failback URLs are a pain. Exchange Server 2016 removes this difficulty and enables URL sharing across data centers.

Reduce hardware and backup requirements

Exchange 2010 uses significant space for backup storage and RAID disks. An Exchange 2010 highly available deployment typically has at least two database copies — and usually three or more for a multi-data center deployment. These databases often run on RAID 10 on expensive virtual infrastructure. With this setup, Exchange 2010 requires six to eight times the amount of raw storage required for just the databases.

A PA deployment of Exchange Server 2016 does not use traditional backup software or RAID technology to protect data. This Exchange version works directly with the underlying disks, with spare disks defined within Exchange instead of the RAID array. It uses the automatic reseed feature to restore failed databases with online disks. This enables admins to use a redundant array of inexpensive servers with Exchange 2016 instead of a virtualized configuration that is not tuned or optimized to work with the platform.

Take advantage of cloud-tested compliance, DLP functionality

Organizations that use traditional journaling and archiving software usually migrate that functionality to Exchange Online when they move to the cloud.

Journaling includes in-place hold — introduced in Exchange Online and Exchange 2013 and refined over time — which keeps an immutable copy of the original email message even if the user deletes it. This is similar to litigation hold in Exchange 2010 but with several improvements, such as retention of blind carbon copy information, ability to set a time length on a hold and the enhanced discovery capability.

Exchange 2016’s data loss prevention (DLP) technology detects sensitive data, such as Social Security numbers or credit card numbers. DLP prevents that sensitive information from entering the email system and stops users from sharing it outside the organization. Many organizations already use DLP to meet requirements such as the General Data Prevention Regulation.

Plug into the cloud to use its tool set

If you adopt Office 365 but can’t move all — or any — mailboxes to the cloud, migrate to Exchange 2016 to benefit from its cloud-integrated features with a hybrid setup.

For example, the modern attachments feature shares files from OneDrive for Business, Microsoft’s cloud storage service. It appears as a normal attachment, but instead of the user’s mailbox, it is stored and shared from OneDrive.

Administrators in a hybrid setup will appreciate the simplified management, while users will benefit from Office 365 features.

Next Steps

Know your Exchange 2016 hardware requirements

Check that Exchange 2016 deployment

How Log Parser Studio helps troubleshoot Exchange

Better team messaging app security could boost enterprise adoption

Team messaging tools have been available for a few years, but use of these apps has been departmental in nature. Typically, small and agile project-based teams have picked one of many vendors and worked more efficiently than with traditional collaboration tools. Other business communication tools went through similar adoption cycles. 

Remember the early days of chat? Business users downloaded AOL Instant Messenger, Yahoo Messenger or a range of other applications. Eventually, many businesses standardized on certain tools, such as Cisco Jabber and Microsoft Office Communications Server, Lync or Skype for Business.

The transition from ad hoc adoption to an enterprise standard happens when businesses need enhanced control, security and analytics to understand the use of the app and protect the organization from unnecessary risk. 

Tighter security for enterprise-wide adoption

As the use of team messaging becomes more widespread, businesses must choose a product with enterprise-grade controls and security. Without these features, a company might find its data scattered over multiple platforms, making it difficult to secure and to meet compliance requirements. 

Also, purchasing apps in an ad hoc manner might be fine with a small amount of users. But, as the population grows, corporate standardization has a number of benefits, such as policy development, application integration and license agreements.

IT and business leaders should get a handle on team messaging now, as the number of users is still relatively manageable.

IT and business leaders should get a handle on team messaging now, as the number of users is still relatively manageable. Decision-makers should ensure their service — whichever one they choose — offers the required level of security and management to scale the product across the company.

Highlighting this need for security, Cisco recently beefed up its Spark collaboration service, hoping to get it ready for the next phase of adoption. The Cisco Spark updates, announced this week, include:

Enhanced security. Security has always been a differentiator for Spark, as it’s the only platform to encrypt data from the cloud to the device. This security feature is critical for groups that want to share sensitive information, such as financial data or patient records.

Cisco has now added an e-discovery tool to search through Spark messages by email address, date range or keywords. This feature has been standard with email for many years and is important for legal reasons.

Compliance improvements. Spark now has configurable retention policies, so data can be purged from Spark spaces as determined by company policy.  Activities, shared whiteboards, files and messages can be deleted.

Also, through APIs, Spark can integrate with third-party data loss prevention vendors and cloud access security brokers. Third-party vendors that integrate with Spark for compliance or data loss prevention include Actiance, Symantec, Skyhigh Networks, Global Relay and Cisco Cloudlock.

Administrator portal and analytics. The Cisco Spark Control Hub provides administrators with information that could improve the end-user experience. For example, administrators can use the portal to see who had poor call quality, where the person was calling from and whether it was isolated to that individual or more widespread.

Also, the portal shows usage information for Cisco Spark, WebEx and Spark Hybrid, which can be helpful for different business-related tasks. For example, if Spark was provisioned across a company, the business unit leader can find out who is not using the service and determine if training is required or the license should be revoked.

Another use case might be to compare the use of WebEx and Spark to worker productivity. The business leader may find a direct correlation and mandate the usage of the collaboration tools. Through the portal, enterprises can access a range of data that can deliver insights to business unit leaders, security officers and other responsible parties.

Cisco Spark updates
Cisco Spark updates include extensive analytics and usage reports.

BYOD enablement. The use of personal devices by business users is rampant today. Almost every professional carries some combination of a laptop, tablet and mobile phone, often owned by the individual. With personal devices, it’s often difficult to enforce such things as password-protected screens. Since IT can’t control the endpoint, Cisco moved some of the security to the app. 

Cisco Spark now includes PIN lock and Web Smart Timeouts; the latter lets the Spark web app automatically lock after a certain time when running off the company network. The updates also include Enterprise Certificate Pinning, which protects users from breached public hotspots without requiring the use of a virtual private network.

On-premises key server. All Spark data is stored in the cloud, and that seems to be fine with most customers. However, many organizations, such as regulated verticals or ones that are ultra-security-conscious, may want better control over that content. For those customers, Cisco offers an on-premises key management server where the data may still be stored in Spark Cloud, but the key management is done on premises.

Now, if the Cisco Spark service is attacked, the data will appear encrypted and unreadable. This essentially creates the security equivalent to maintaining the storage on premises.

Cisco Spark is not for everyone, as there is a wide range of controls. However, the features Cisco has built into Spark do prepare it for enterprise-wide usage.

Editor’s note: Cisco is a client of ZK Research.

Microsoft Exchange Online UM drops third-party PBX support

Microsoft will end third-party PBX support for Exchange Online Unified Messaging in July 2018, leaving affected organizations less than a year to migrate completely to Skype for Business or find another third-party service.

“I would anticipate quite a few long days for IT admins, as well as more than a few professional services contracts being signed to cope with the changes,” said Michael Brandenburg, an analyst at Frost & Sullivan in San Antonio, about Microsoft’s decision.

According to Microsoft’s announcement, the vendor is retiring its session border controllers (SBCs) and ending third-party PBX support for Exchange Online UM in favor of standard Exchange and Skype for Business protocols to provide higher quality of service for voicemail.

Organizations unaffected by change are those that connect to Exchange Online UM through Skype for Business on premises or a third-party voicemail with Microsoft’s APIs, as well as all forms of on-premises Exchange Server UM.

Brandenburg said the change could be motivated by bandwidth and quality-of-service concerns.

“SIP [Session Initiation Protocol] interoperability has been an ongoing challenge for service providers and vendors,” he said. “It’s not a big leap to suggest that supporting a high-quality unified messaging service at such scale as Office 365 has become untenable for Microsoft.”

For organizations affected by the announcement, Microsoft offered four migration options:

  • A complete migration to Office 365 Cloud PBX;
  • A complete migration to Skype for Business Server Enterprise Voice on premises;
  • For those organizations with a mixed deployment of a third-party PBX and Skype for Business, the use of Exchange Online UM through a Microsoft partner, such as TE-SYSTEMS, to connect to Skype for Business server; and
  • For companies with no Skype for Business deployment or for whom the first three options are not appropriate, Microsoft recommended deploying a third-party voicemail service.

Short deadline creates migration pressure

Microsoft said the announcement affects a small number of customers. Those customers, however, tend to be larger organizations with a number of SBCs, according to Jeff Guillet, founder of IT consulting firm EXPTA Consulting in Pacifica, Calif.

“Once customers settle on a connectivity solution, they continue to invest and expand upon it,” he said in a blog.

With less than a year to transfer services, Brandenburg said the difficulty organizations will face as they migrate will be tied to their unified communications (UC) strategy.

Organizations that are already on a migration path to Skype for Business, but still have third-party PBX and UC platforms in place, will have to accelerate their migration plans, he said.

“The biggest challenge will be for those organizations that have committed to a heterogeneous environment,” Brandenburg said. “These organizations will have to seek out third-party solutions that are compatible with Microsoft’s API.”

A migration could be rife with complications for organizations. Those that have to replace their existing PBXs more rapidly than planned will face accelerated deployment and user training schedules. Customers planning to deploy third-party services to maintain integration with Exchange Online UM could face software and user-facing issues, as IT will have an additional service to maintain and support, Brandenburg said.

“Forcing customers to plan for and deploy all new phone systems, SBC solutions or voicemail solutions in one year is asking a lot, especially for the size of customer they’re affecting,” Guillet said.

The announcement also casts doubts over whether Microsoft and other UC vendors can be trusted to support hybrid UC environments, Brandenburg said.

Opportunities for partners

Third-party unified messaging vendors, such as AVST, are offering third-party PBX support for Exchange Online UM. It’s possible other Microsoft partners, such as SBC vendors, could build specific connections to alleviate the need for organizations to bring in another vendor, he said.

The announcement also creates an opportunity for UC vendors that already maintain interoperability with the Skype for Business desktop client. Brandenburg said there’s nothing preventing these providers from “coming to the aid of their customers” by natively supporting Exchange Online UM through Microsoft APIs.

Announcing Windows 10 Insider Preview Build 10565

Hi everyone,

Today we are releasing Windows 10 Insider Preview Build 10565 to Windows Insiders in the Fast ring. This build has quite a few new features and improvements so we’re really excited to get this one out to you for you to try out. One thing I want to call out up front is that this build and associated Language Packs won’t be available until later this week for Windows Insiders in Russia and Turkey.

Here’s what’s new in this build:

Skype messaging, calling and video experience: As we’ve announced previously, Skype messaging, calling and video capabilities will come integrated into Windows 10 through the Messaging, Phone and Skype video universal Windows apps. These Windows applications enable quick and easy, free calling and messaging to other Skype users across phones, over 3G/4G and Wi-Fi tablets and to PCs Wi-Fi. With this build, you can preview the integrated capabilities on your PC while an upcoming Windows 10 Mobile Insider Preview build will have these integrated capabilities for you to preview soon on mobile devices. Try things like Quick Reply from Action Center where incoming notifications will come in with the option to reply inline without opening the application. This is an early preview and you can expect some bugs, and more features to come as we deliver monthly updates.

Tab Preview in Microsoft Edge: In Microsoft Edge, you can now hover over your open tabs and get a preview of what’s on those websites. Check it out and let us know what you think.

tab-preview

Syncing Favorites and Reading list items in Microsoft Edge: In this build, you’ll see a first look at the new syncing feature in Microsoft Edge that lets you sync your Favorites and Reading list items. We are still working on refining it, but definitely check it out and let us know what you think.

Cortana improvements: Cortana is able to intelligently understand your inked notes – setting reminders based on locations, times and numbers that she can understand from your digital annotations.

cortana-ink-reminders2

We are also rolling out new features in Cortana to help you keep track of your leisure time, including movie and event reminders. Cortana will keep track of your bookings for movies and ticketed events through your email confirmations. Two hours prior to the event start time, you’ll get helpful information to be sure you know where to go and get there on time, including an option to book and track an Uber ride directly from Cortana.

cortana-uber-movie

More vibrant title bars: Thanks to feedback from Windows Insiders, with this build you can now enjoy your title bars with a full color intensity that matches the rest of your theme. Title bars will now appear darker. You can adjust the color by going to Settings > Personalization > Colors. Colored title bars will appear only if “Show color on Start, Taskbar, Action Center, and Title bars” is enabled.

dark-titlebar

Improved context menus on Start:You will notice we have made some adjustments and improvements to the context menus on Start including new icons for tile adjustments.

start-context-menus

New icons:We know Windows Insiders love new icons – this build has another batch of new icons for devices (check out Device Manager). Registry Editor finally gets a new icon!

regedit-icon

Device activation improvements: We have received a lot of feedback from Insiders on making it easier to activate Windows 10 on devices that take advantage of the free upgrade offer to genuine Windows by using existing Windows 7, Windows 8 or Windows 8.1 product keys. If you install this build of the Windows 10 Insider Preview on a PC and it doesn’t automatically activate, you can enter the product key from Windows 7, Windows 8 or Windows 8.1 used to activate the prior Windows version on the same device to activate Windows 10 by going to Settings > Update & security > Activation and selecting Change Product Key. If you do a clean install of Windows 10 by booting off the media, you can also enter the product key from prior Windows versions on qualifying devices during setup. Refer to the Insider Hub for more information on these activation improvements including requirements.

Managing your default printer: We are introducing a new mode that makes your default printer the last printer you used. This change helps ensure the best printer is preselected in inbox print dialogs. You can manage this behavior in Settings > Devices > Printer & Scanners to change this to the previous way Windows handled default printers. The ability to set a default printer by network location has been removed.

Here are some things we have fixed:

  • You should no longer see a warning message in the Settings app > Update & Security > Windows Update regarding changed ring settings for preview builds unless you actually change your ring settings.
  • Background audio playback works again when apps like Groove are minimized.
  • We fixed the issue where clicking on the system icons in the notification area quickly results in Windows Shell blocking the launch of fly-outs like Audio, Networking, etc.
  • After Build 10525, we heard a lot of feedback that some context menus were too big for mouse. We’ve made adjustments to many of the context menus to make them smaller for using them with a mouse.
  • You can now pin contacts to the Start menu from the People app.
  • Certain apps won’t appear twice anymore when pinned to the taskbar.
  • Hiding desktop icons via context menu on the desktop now works.
  • Windows Store apps should now be updating automatically.

Known issues:

  • The search box does not work if you are in a locale where Cortana is not available. We are currently investigating workarounds.
  • The Xbox app for Windows 10 will consume gigabytes of memory on your PC if you have any Win32 games (non -Windows Store games) installed on your PC that have been identified as games or added by you in the Xbox app. Closing the Xbox app will release your PC’s memory.
  • WebM and VP9 have been temporarily removed from the flight builds. We continue to develop a VP9 implementation that we intend to ship in Windows. Expect VP9 to return soon in a future release.
  • Small form-factor devices, like the Dell Venue 8 Pro, that boot with rotation or virtual mode screen size set larger than the physical screen size will experience a bluescreen on upgrade and will roll back to the previous build.

I hope you enjoy this new build and try out all of the new changes. Please report problems and give us suggestions in the Feedback app.

Thanks,
g