Tag Archives: Microsoft

For Sale – Microsoft Surface Pro 3, Intel corei5, 256gb SSD, 8Gb mem

Hi,
I have for sale a Microsoft Surface Pro 3 laptop with Intel core i5 processor, 256gb SSD and 8gb of memory, Surface Pen and charger.

The laptop is in excellent condition and fully working with the exception of the docking port at the bottom of the tablet which is is not working however there are no cosmetic issues.

As a result I use a Bluetooth keyboard (which looks like a surface keyboard and is shown in the photos, US layout) instead of a Surface keyboard as that used the docking port for power.

All Bluetooth and usb keyboards and mice, peripherals etc will work as normal, it only affects the official surface keyboard and dock.

The laptop also comes with a UAG protector which in itself is worth around £40 and gives a bit more protection against drops.

EDIT: Wanted to add it also has the original box it came in.

Go to Original Article
Author:

Microsoft plugs 2 zero-days on August Patch Tuesday

Microsoft shut down two zero-days, including one that had been publicly disclosed, as part of its security update releases for August Patch Tuesday.

In total, Microsoft addressed 120 unique vulnerabilities, with 17 of those rated critical. Technologies and products with security updates this month include both the HTML- and Chromium-based Microsoft Edge browsers, Microsoft’s ChakraCore JavaScript engine, Internet Explorer, Microsoft Scripting Engine, SQL Server, Microsoft JET Database Engine, .NET Framework, ASP.NET Core, Microsoft Office and Microsoft Office Services and Web Apps, Microsoft Windows Codecs Library and Microsoft Dynamics. This month marks the sixth in a row Microsoft addressed more than 100 unique vulnerabilities in its monthly security updates package.

Microsoft terminates two zero-days

One zero-day (CVE-2020-1464) fixed by the August Patch Tuesday releases is a Windows spoofing vulnerability rated important that would allow an attacker to sidestep the OS security features and load an improperly signed file. This bug affects all supported versions of Windows — as well as Windows 7 and Windows 2008/2008 R2 for customers who paid for Extended Security Update (ESU) licenses for continued support of these systems that reached end of life in January. A bug that allows a malicious actor to bypass this security feature could open the door to put malicious files on a Windows system.  

“Typically, files get signed by a trusted vendor, and that signature validation is critically important to a lot of security mechanisms,” said Chris Goettl, director of product management and security at Ivanti, a security and IT management vendor based in South Jordan, Utah. “The fact that an attacker can bypass that means that they can introduce improperly validated malicious files to the operating system, and technologies that should be able to validate based on signature might be able to be tricked because of this.”

Chris Goettl, director of product management and security, IvantiChris Goettl

Microsoft’s notes on this CVE lacked the usual details about potential attack scenarios, which seems to indicate an attacker would have some additional hurdles to take advantage of the flaw. This might be why a Windows zero-day also got a relatively low CVSS base score of 5.3.

“The attacker would need to execute an asset that is improperly signed, so it’s not something they can just send to somebody. Microsoft doesn’t really get into details about how some attacker might be able to take advantage of that,” Goettl said.

The second zero-day (CVE-2020-1380) is remote code execution vulnerability in the Microsoft Scripting Engine used in Internet Explorer 11 rated critical in Windows desktop systems and moderate on Windows Server 2008 R2, Windows Server 2012 and 2012 R2. Because the Microsoft Scripting Engine is also used in Microsoft Office, which widens the attack vector for this vulnerability.

“The vulnerability could be exploited a couple of different ways: by setting up a specially crafted website via advertisements that may be compromised, or it could be loaded up using an application or an Office document that uses the IE rendering,” Goettl said.

Windows Server hit by domain controller bug

Microsoft provided a lengthy description for handling CVE-2020-1472, a critical Netlogon elevation-of-privilege flaw affecting supported Windows Server OSes, including Windows Server 2008 and 2008 R2 for ESU customers. On an unpatched domain controller — the Active Directory component tasked with managing security authentication requests — an attacker could acquire domain administrator access without needing system credentials. 

Microsoft said it is using a “phased two-part rollout” to patch the bug with the first part of the deployment executed in the August Patch Tuesday security update.

“The updates will enable the [domain controllers] to protect Windows devices by default, log events for non-compliant device discovery, and have the option to enable protection for all domain-joined devices with explicit exceptions,” according to the CVE instructions.

Microsoft plans the second phase on February Patch Tuesday in 2021, which it calls “the transition into the enforcement phase.

“The [domain controllers] will be placed in enforcement mode, which requires all Windows and non-Windows devices to use secure Remote Procedure Call (RPC) with Netlogon secure channel or to explicitly allow the account by adding an exception for any non-compliant device,” the company wrote.

Goettl said administrators should begin testing the patch in a lab and testing it before the hard enforcement occurs, which requires all domain controllers — even those in read-only mode — to be updated. Microsoft provided further guidance in the support documentation at this link

Other notable corrections from August Patch Tuesday

  • Microsoft Outlook has two CVEs this month. CVE-2020-1483 is a memory-corruption vulnerability rated critical that could let an attacker run arbitrary code in the context of the current user using several different attack vectors, including the preview pane. CVE-2020-1493 is an information-disclosure vulnerability rated important that could let an attacker view a restricted file from the preview pane by sending it as a file attachment.
  • CVE-2020-1455 is a Microsoft SQL Server Management Studio denial-of-service vulnerability rated important that, if exploited, could let an attacker disrupt the use of the application.
  • The .NET Framework has two CVEs. CVE-2020-1046 is a critical remote code execution vulnerability that an attacker could use to control the unpatched system using a specially crafted file. CVE-2020-1476 is an important elevation-of-privilege vulnerability in ASP.NET or .NET web applications running on IIS that could let an attacker access restricted files.
  • Microsoft resolved an elevation-of-privilege vulnerability (CVE-2020-1337) rated important for supported Windows systems on both the client and server side. The patch resolved a lingering printer spooler issue that had been patched multiple times — most recently in May — but security researchers found a way to bypass the patch and gave a recent Black Hat USA presentation on the flaw, which has its origins in the Stuxnet worm from 2010. Despite public knowledge of the bug, Microsft’s CVE did not report this as publicly disclosed.

Go to Original Article
Author:

Microsoft plugs 2 zero-days on August Patch Tuesday

Microsoft shut down two zero-days, including one that had been publicly disclosed, as part of its security update releases for August Patch Tuesday.

In total, Microsoft addressed 120 unique vulnerabilities, with 17 of those rated critical. Technologies and products with security updates this month include both the HTML- and Chromium-based Microsoft Edge browsers, Microsoft’s ChakraCore JavaScript engine, Internet Explorer, Microsoft Scripting Engine, SQL Server, Microsoft JET Database Engine, .NET Framework, ASP.NET Core, Microsoft Office and Microsoft Office Services and Web Apps, Microsoft Windows Codecs Library and Microsoft Dynamics. This month marks the sixth in a row Microsoft addressed more than 100 unique vulnerabilities in its monthly security updates package.

Microsoft terminates two zero-days

One zero-day (CVE-2020-1464) fixed by the August Patch Tuesday releases is a Windows spoofing vulnerability rated important that would allow an attacker to sidestep the OS security features and load an improperly signed file. This bug affects all supported versions of Windows — as well as Windows 7 and Windows 2008/2008 R2 for customers who paid for Extended Security Update (ESU) licenses for continued support of these systems that reached end of life in January. A bug that allows a malicious actor to bypass this security feature could open the door to put malicious files on a Windows system.  

“Typically, files get signed by a trusted vendor, and that signature validation is critically important to a lot of security mechanisms,” said Chris Goettl, director of product management and security at Ivanti, a security and IT management vendor based in South Jordan, Utah. “The fact that an attacker can bypass that means that they can introduce improperly validated malicious files to the operating system, and technologies that should be able to validate based on signature might be able to be tricked because of this.”

Chris Goettl, director of product management and security, IvantiChris Goettl

Microsoft’s notes on this CVE lacked the usual details about potential attack scenarios, which seems to indicate an attacker would have some additional hurdles to take advantage of the flaw. This might be why a Windows zero-day also got a relatively low CVSS base score of 5.3.

“The attacker would need to execute an asset that is improperly signed, so it’s not something they can just send to somebody. Microsoft doesn’t really get into details about how some attacker might be able to take advantage of that,” Goettl said.

The second zero-day (CVE-2020-1380) is remote code execution vulnerability in the Microsoft Scripting Engine used in Internet Explorer 11 rated critical in Windows desktop systems and moderate on Windows Server 2008 R2, Windows Server 2012 and 2012 R2. Because the Microsoft Scripting Engine is also used in Microsoft Office, which widens the attack vector for this vulnerability.

“The vulnerability could be exploited a couple of different ways: by setting up a specially crafted website via advertisements that may be compromised, or it could be loaded up using an application or an Office document that uses the IE rendering,” Goettl said.

Windows Server hit by domain controller bug

Microsoft provided a lengthy description for handling CVE-2020-1472, a critical Netlogon elevation-of-privilege flaw affecting supported Windows Server OSes, including Windows Server 2008 and 2008 R2 for ESU customers. On an unpatched domain controller — the Active Directory component tasked with managing security authentication requests — an attacker could acquire domain administrator access without needing system credentials. 

Microsoft said it is using a “phased two-part rollout” to patch the bug with the first part of the deployment executed in the August Patch Tuesday security update.

“The updates will enable the [domain controllers] to protect Windows devices by default, log events for non-compliant device discovery, and have the option to enable protection for all domain-joined devices with explicit exceptions,” according to the CVE instructions.

Microsoft plans the second phase on February Patch Tuesday in 2021, which it calls “the transition into the enforcement phase.

“The [domain controllers] will be placed in enforcement mode, which requires all Windows and non-Windows devices to use secure Remote Procedure Call (RPC) with Netlogon secure channel or to explicitly allow the account by adding an exception for any non-compliant device,” the company wrote.

Goettl said administrators should begin testing the patch in a lab and testing it before the hard enforcement occurs, which requires all domain controllers — even those in read-only mode — to be updated. Microsoft provided further guidance in the support documentation at this link

Other notable corrections from August Patch Tuesday

  • Microsoft Outlook has two CVEs this month. CVE-2020-1483 is a memory-corruption vulnerability rated critical that could let an attacker run arbitrary code in the context of the current user using several different attack vectors, including the preview pane. CVE-2020-1493 is an information-disclosure vulnerability rated important that could let an attacker view a restricted file from the preview pane by sending it as a file attachment.
  • CVE-2020-1455 is a Microsoft SQL Server Management Studio denial-of-service vulnerability rated important that, if exploited, could let an attacker disrupt the use of the application.
  • The .NET Framework has two CVEs. CVE-2020-1046 is a critical remote code execution vulnerability that an attacker could use to control the unpatched system using a specially crafted file. CVE-2020-1476 is an important elevation-of-privilege vulnerability in ASP.NET or .NET web applications running on IIS that could let an attacker access restricted files.
  • Microsoft resolved an elevation-of-privilege vulnerability (CVE-2020-1337) rated important for supported Windows systems on both the client and server side. The patch resolved a lingering printer spooler issue that had been patched multiple times — most recently in May — but security researchers found a way to bypass the patch and gave a recent Black Hat USA presentation on the flaw, which has its origins in the Stuxnet worm from 2010. Despite public knowledge of the bug, Microsft’s CVE did not report this as publicly disclosed.

Go to Original Article
Author:

For Sale – Microsoft Surface Pro 3, Intel corei5, 256gb SSD, 8Gb mem

Hi,
I have for sale a Microsoft Surface Pro 3 laptop with Intel core i5 processor, 256gb SSD and 8gb of memory, Surface Pen and charger.

The laptop is in excellent condition and fully working with the exception of the docking port at the bottom of the tablet which is is not working however there are no cosmetic issues.

As a result I use a Bluetooth keyboard (which looks like a surface keyboard and is shown in the photos, US layout) instead of a Surface keyboard as that used the docking port for power.

All Bluetooth and usb keyboards and mice, peripherals etc will work as normal, it only affects the official surface keyboard and dock.

The laptop also comes with a UAG protector which in itself is worth around £40 and gives a bit more protection against drops.

EDIT: Wanted to add it also has the original box it came in.

Go to Original Article
Author:

Office 365 Advanced eDiscovery goes beyond search basics

Advanced eDiscovery in Microsoft 365 — or Office 365, depending on your subscription — is a powerful tool that can index data sets and make it easily searchable.

This tool also supports the import and analysis of external data. This is a useful feature for legal and human resources positions or any other job in which you need to search through data for keywords and use the AI features of the platform to weed out undesirable information. Before we look at Office 365 Advanced eDiscovery, let’s start with some basics.

The standard eDiscovery feature is available to any Business or Enterprise licensed customer of the Microsoft 365 or Office 365 suite. It provides several functions, including:

Once you configure the data set, the data will be indexed for review. More searches, known as queries, can be run and the results exported for use outside of eDiscovery.

What is Office 365 Advanced eDiscovery?

Office 365 Advanced eDiscovery is more of an end-to-end product for eDiscovery requirements. Advanced eDiscovery follows the Electronic Discovery Reference Model framework, which provides more granularity to the settings you can control over a case.

Advanced eDiscovery requires licensing above the common Microsoft/Office 365 E3 license such as the E5 compliance add-on, the eDiscovery and Audit add-on or just a switch to the Microsoft/Office 365 E5 tier.

Some of the Advanced eDiscovery highlights include:

  • search and analytics functionality thread emails, rather than dealing with each email separately;
  • optical character recognition to convert images to text-searchable documents;
  • built-in ability to analyze, query, review, tag and export content as a group, rather than individual files;
  • better visibility of long-running tasks to check progress;
  • predictive coding allows you to train the system to determine which data is relevant; and
  • detecting files that are the same or almost the same to avoid a review of the same content.

Organizations can benefit from the import feature

Another key feature for Advanced eDiscovery is the ability to import non-Microsoft 365 content.

To start, create a review set which is only available in Advanced eDiscovery. A review set is a defined group of data sets, which can be used with the group functionality listed above.

You can add external data to a review set with the Manage review set option. Clicking the View uploads link in the Non-Office 365 data section takes you to a page with an Upload files button, which starts a wizard after it is clicked.

The wizard asks you to prepare the files you want to upload. You’ll need to create a top-level folder with a subfolder for each custodian you have data for in User Principal Name UPN format for the account, such as [email protected] Upload the data in those user-named folders.

Click on this link to see the file types you can import into Advanced eDiscovery. Microsoft supports several archive and container formats such as PST mailbox files that you can upload in a batch and run searches against.

To upload the files, you will need to install the AzCopy utility. When you have all the files ready, input the path in the wizard to the user folders, which will generate a command to paste into a command prompt that will trigger the upload using AzCopy. The utility will show statistics, such as the progress, time elapsed and the upload speed during the transfer process.

Once finished, you can go back to the webpage and click the Next: Process files button. Do not click this button until the upload completes or you’ll start a one-time processing of the incomplete data that you can’t cancel or run again.

The time it takes to process depends on the amount of data uploaded. When the transfer completes, the Manage review sets page will show a summary report of the data, allow you to train the system for relevant information, and manage tags to help identify and discover data based on your search criteria.

You need to apply the license to the account(s) you are searching; administrators and staff reviewing the data do not need this extra license, so for occasional ad-hoc Advanced eDiscovery requirements, your organization might only need a few licenses that you can move as required — assuming you don’t want the other benefits that come with each license.

Advanced eDiscovery takes some time to understand from both the administrator’s point of view and from the perspective of the user with access to a case. But it’s a powerful — and relatively inexpensive — tool for an organization that might have access as part of the E5 license. It’s still very cost-effective if you only need a few add-on licenses compared to any other eDiscovery product on the market.

Go to Original Article
Author:

What are Microsoft Teams backup and recovery best practices?

Over the last several months, Microsoft Teams has seen a dramatic increase in usage. Even last year, Teams was gaining momentum, but with so many people now working remotely as a result of the pandemic, Teams has become an even more important business application.

While it’s easy to think of Teams as simply a video and voice conferencing application, it can actually be a data-rich environment. Teams data can include everything from chat messages to images, files, recordings, voicemail messages and contacts. Like any other data-rich application, it is important to back up Teams on a regular basis. Backups obviously help to protect against data loss, but many organizations also have compliance mandates pertaining to Teams backup.

Teams backup considerations

The most important element to understand about protecting your Teams data is that doing so requires a considerable amount of planning, and it also requires an understanding of where Microsoft actually stores Teams data.

There are a couple of reasons why Teams backup tends to be a somewhat complex process. First, Teams is a part of Microsoft 365 (formerly, Office 365). While there are countless Office 365 backup products available on the market, most only include native support for Exchange, SharePoint and OneDrive. There are numerous Microsoft 365 applications that are not directly supported by most backup products, including Planner, Yammer and Teams.

Teams backup is also tricky because its data is scattered widely across the Microsoft 365 cloud. Teams stores chat data, conversation history and calendar data in Exchange. It stores chat files in OneDrive and it stores channel files and wikis in SharePoint. This means that the only way to back up all of your Teams data is to back up Exchange, SharePoint and OneDrive.

Chart comparing Teams vs. Zoom

Any backup application that supports Exchange, SharePoint and OneDrive in the Microsoft 365 cloud should, theoretically, be able to protect your Teams data.

Teams recovery considerations

Unfortunately, restoring Teams data tends to be far more problematic than backing it up.

Backups obviously help to protect against data loss, but many organizations also have compliance mandates pertaining to Teams backup.

Even though backup applications may make it possible to restore a Teams-related data element such as a file or a wiki, simply restoring the data does not usually cause it to be made available within Teams as it was before the data was deleted. There are usually supplementary steps that you must perform in order to get the restored data back into Teams. For instance, you may need to create a new wiki and then paste the recovered data into it.

Given the constraints on recovering Teams data, there are two key best practices. First, use Microsoft’s built-in retention policies whenever you can. These retention policies make it possible to recover data without restoring a backup. In some cases, recovering a deleted item in this way may involve less work than restoring the deleted item from backup.

Second, make sure to keep your backup application up to date. Microsoft recently released a Teams backup API. This API is new enough that most of the backup vendors have not yet incorporated it into their products. Even so, it will only be a matter of time before backup applications begin to provide better support for Teams.

Go to Original Article
Author:

IT’s move to Azure drives Microsoft revenues skyward

Massive tech companies like Microsoft and AWS have benefited from the COVID-19 lockdown significantly more than their smaller competitors as IT shops large and small move workloads from on-premises environments to the cloud, analysts said.

That observation was evident in Microsoft’s earnings call this week. The company powered through the coronavirus pandemic, reporting fourth quarter revenues of $38.03 billion, up 13% compared to last year’s fourth quarter, largely on the strength of its Intelligent Cloud Business.

The company’s intelligent cloud business, which includes Azure, Windows Server, SQL Server and GitHub, generated $13.37 billion in revenue, up 17%, compared to last year’s fiscal fourth quarter. Azure’s revenue growth, however, slowed to 47%, down from 59% in the previous quarter.

While Microsoft does not break out Azure’s revenues, the company said its cloud business passed the $50 billion mark for the fiscal year.

“The last five months have made it very clear that digital tech intensity is key to business resilience,” said Satya Nadella, Microsoft CEO on this week’s earnings call. “Organizations that build their own digital capability will recover faster and emerge from this crisis stronger.”

Microsoft business users are accelerating digital transformation projects in light of the coronavirus, Nadella said, which is why Microsoft, too, is accelerating its own efforts to build a full technology stack fueled by cloud and AI technologies.

Moving large workloads to a pubic cloud allows companies to displace Capex, said Jeff Valentine, CTO at CloudCheckr.

“When users move to the cloud, they are avoiding having to buy more servers and so are conserving cash during these harsh economic times,” he said.

Remote work investments surge

Microsoft also benefited from companies that scaled up remote work during the pandemic. Microsoft’s Productivity and Business Processes unit, which contains Office, Dynamics and LinkedIn, reported $11.75 billion in revenue. The company noted that LinkedIn’s 10% gain in revenues for the quarter was slowest growth for the product since Microsoft acquired it in 2016.

The company reported Office 365 and Microsoft 365 sales grew 15% year over year. “This reflects the strong adoption of free trial offers that enabled customers to quickly adapt to needed remote work scenarios,” said Amy Hood, Microsoft’s CFO.

The operating margin for the unit for the quarter was 33.8%, which is the lowest since fiscal 2017. The company attributed the dip to the weaker job market, less spending on advertising, and the marketing expenses associated with promoting its Teams communications application.

According to Nadella, the aggressive marketing and technology investments made in Teams is paying off as the product is gaining rapid acceptance among large and small IT organizations.

When users move to the cloud, they are avoiding having to buy more servers and so are conserving cash during these harsh economic times.
Jeff ValentineCTO, CloudCheckr

“Teams is rapidly becoming the communications backbone as customers accelerate moving voice to the cloud,” Nadella said. “We are expanding Teams beyond the workplace and will make it easier to add personal Teams accounts on mobile, so users can stay connected to friends and family.”

Teams users generated over 5 billion meeting minutes in a single day this past quarter, according to Nadella, with 69 organizations each having more than 100,000 users deploying Teams.

Microsoft’s More Personal Computing division, which includes Windows, search and its Surface devices, posted $12.91 billion in revenue. Sales of Windows devices dropped 4%, however, experiencing the slowest growth since 2016, Hood said. Licenses for consumer devices, however, grew 34% after dropping 10% in the previous quarter.

For the fiscal year ended June 30, Microsoft had revenues of $143 billion, 14% over fiscal 2019, with a net income of $44.3 billion, a 13% increase over the previous year.

Go to Original Article
Author:

Addressing racial injustice – The Official Microsoft Blog

An email from CEO Satya Nadella to Microsoft employees: 

As I shared in our Employee Town Hall last month, and in my email earlier this month, we are committed to take action to help address racial injustice and inequity, and unequivocally believe that Black lives matter. Below you will see many of the steps we are taking.

Over the past several weeks, the senior leadership team, board of directors, and I have spent time reflecting, listening, learning, and discussing what role the company – and all of us collectively – must play in helping to drive change, both within Microsoft and in our communities. With significant input from employees and leaders who are members of the Black and African American community, we have developed a set of actions that we believe are both meaningful to improving the lived experience at Microsoft, as well as driving change in the communities in which we live and work.

Today, we are making commitments to address racial injustice and inequity for the Black and African American community in the United States. We will additionally take important steps to address the needs of other communities, including the Hispanic and Latinx community, across the company in the next five years. We are focused on three multiyear, sustained efforts:

  • Increasing our representation and culture of inclusion. We will build on our diversity and inclusion (D&I) momentum from the past five years by adding an additional $150M of D&I investment, and will double the number of Black and African American people managers, senior individual contributors, and senior leaders in the United States by 2025.
  • Engaging our ecosystem. We will use our balance sheet and engagement with suppliers and partners to extend the vision for societal change throughout our ecosystem, creating new opportunities for them and the communities they serve.
  • Strengthening our communities. We will use the power of data, technology, and partnership to help improve the lives of Black and African American citizens across our country, including to address the safety and well-being of our own employees in the communities in which they live.

Below are key details on how we will accomplish this.

Our Culture

We need to ensure that our culture of inclusion is a top priority for everyone. It starts with our values of respect, integrity, and accountability. Each of us must be able to thrive in diverse teams. Every manager must be able to attract, retain, and grow employees of all backgrounds. This is certainly true at Microsoft, and also more broadly. It is the new baseline for manager excellence across industries across the globe.

We will meet this new goal in three key ways:

  1. We will accelerate our cultural transformation through further investment in inclusion. Managers who have a deep understanding and commitment to building inclusive culture are key to our company’s success. Starting in FY21, our training on allyship, covering, and privilege in the workplace will be required for all employees, with additional new content on understanding the experience of the Black and African American community. Because leadership sets the tone, we will have required live sessions for CVPs and EVPs to ensure they better understand the lived experience of these specific communities.
  1. We will strengthen our intentional career planning and talent development efforts. This will apply across our workforce, beginning with Black and African American employees. These programs will expand to include other employee groups as we learn and grow. We will expand on our leadership development programs for select Black and African American midlevel employees and their managers, to help prepare for promotion to Director/Principal. For Director/Principal level, we will create a new development opportunity to expose them to the leadership expectations of the Partner/GM level and match them with senior-level sponsors and mentors. For Partner/GMs, we are continuing to invest in the dedicated leadership development programs.
  1. We will further strengthen company accountability for progress on representation. We will deepen our practice of evaluating each CVP/GM’s progress on diversity and inclusion when determining their impact and rewards, as well as promotion considerations. We will provide CVPs with dedicated D&I coaches to confront and resolve systemic obstacles within their organizations. We will expand our global, quarterly promotion process to ensure we build diverse leadership teams at all levels. This will include direct engagement with business leaders on review of all candidates for people management, Director/Principal level, and Partner/GM level.

Our Ecosystem

A vast business ecosystem surrounds Microsoft from our supply chain to our partner community. We recognize that a stronger and more productive ecosystem requires better representation of the diversity in our communities. We will evolve our engagement with our supply chain, banking partners, and the broad Microsoft partner ecosystem in this effort.

  1. We will double the number of Black- and African American-owned approved suppliers over the next three years and spend an incremental $500M with those existing and new suppliers. We’ll do this by ensuring our existing guidance to include diverse minority-owned suppliers in all RFPs is well understood, evaluate supplier portfolio composition, and enhance the weighting of diversity characteristics (both in ownership and in broad workforce) during the supplier evaluation and selection process. We will also encourage Black and African American representation progress in our top 100 suppliers, which account for over 50 percent of our indirect spend, by requesting annual disclosure of their diversity profile information (e.g., workforce diversity, goals) that we will incorporate into our RFP evaluations.
  1. We will use our own banking needs to grow our portfolio investment activity with Black- and African American-owned financial institutions. Over the next three years, we will double the percentage of our transaction volumes through these Black- and African-American owned banks and external managers where we have existing strong banking relationships and look to grow that base, which provides an increased opportunity for these firms to attract more capital. We will create a $100M program that will make its initial investment in collaboration with the FDIC to target Minority Owned Depository
    Institutions (MDIs), which directly enables an increase of funds into local communities (businesses, restaurants, housing, etc.). And, we will establish a $50M investment fund focused on supporting Black- and African American-owned small businesses. The fund will initially focus on investing to improve access to capital, increase skill development, and reduce the technology gaps that exist today.
  1. We know how important partners are to the growth of our business. We look forward to investing to increase the number of Black- and African American-owned partners in our US partner community by 20 percent over the next three years. A new $50M partner fund will help with access to capital providing loans to support these partners through their startup phase with the loans recovered over time as their business grows. We will provide $20M of financing to existing and new partners to support their cashflow needs. And, we will invest an additional $3M in training programs covering financial management, tech solutions, and go-to-market readiness.

Our Communities

No company can change the world by itself. But we believe that Microsoft can put the power of data, technology, and partnership to work to help improve the lives of Black and African American citizens across our country. That’s what we’re committed to doing, through a four-part effort.

  1. We will strengthen and expand our existing justice reform initiative with a five-year, $50 million sustained effort. Since starting this work in 2017, we’ve come to appreciate the importance of this issue not only to the nation, but to the personal lives of our employees and their families. No one should have to live with the fear of being stopped by the police, harassed while shopping, or bullied in school because of the color of their skin. This conviction has led us to do increasing work advocating both in the Puget Sound and nationally, including in the communities where our employees live.We will build on this foundation by using data and digital technology toward increased transparency and accountability in our justice system. All this work will be backed by public policy advocacy that will increase access to data to identify racial disparities and improve policing. We’ll also use our technology and expertise to support evidenced-based and unbiased diversion programs that direct people into treatment alternatives instead of incarceration. We’ll also use data to promote racial equity in the decisions made by prosecutors, including decisions about who to charge with a crime, the nature of the charge, plea offers, and sentencing recommendations.
  1. We will expand our skills work to help Black and African American students and adults develop the skills needed to succeed in the digital economy. Over the next five years, we will expand in 13 states and the District of Columbia the Microsoft TEALS industry volunteer program to bring computer science education to an additional 620 high schools primarily serving Black and African American students. We will also strengthen Microsoft’s support for Historically Black Colleges and Universities, including in computer and data science programs, campus initiatives and partnerships, and curriculum development. Finally, we’ll offer digital skills training to Black and African American adults seeking new jobs. As part of a global skilling initiative, we will provide $5 million in cash grants to community-based nonprofit organizations led by and serving communities of color, enabling them to better support digital skills programs.
  1. We will help expand access to broadband and devices for communities of color and the key institutions that support them in major urban centers, by working with carriers, OEMs, our own hardware team, refurbishers, and nonprofits to enrich low-cost broadband access by providing affordable PCs and Microsoft software. We’ll work to ensure these services can be put to effective use to improve people’s lives, with a focus on telehealth services and educational offerings. Backed by public advocacy, we’ll start by focusing on six cities that currently confront the largest urban broadband gaps.
  1. Finally, we will increase technology support for nonprofits that support and are led by people of color. We will help support the digital transformation that we know from experience can make nonprofits more effective. We’ll provide access to Azure and Dynamics credits and financial grants that will enable these organizations to add the IT staff needed to better deploy and maximize technology. We look forward to tapping into the knowledge and expertise of our own employees as we identify effective groups we can support more strongly.

Change begins by looking inward. We expect this change in ourselves. Employees expect this change from their leaders. Our customers and partners expect this change from Microsoft. And the world demands this change.

This is not a one-time event. It will require real work and focus. We will listen and learn. We will take feedback and we will adjust. But it starts with each of us making a commitment to do the work, to help drive change, and to act with intention.

Satya

Learn more about on our ongoing commitment to Diversity & Inclusion in our 2019 D&I Report

Additional thoughts on this topic

Go to Original Article
Author: Microsoft News Center

Microsoft Teams users seek better channel management tools

Users of Microsoft Teams are increasingly frustrated that the software vendor has kept two highly demanded channel management features on the backlog for years.

Thousands of customers have asked Microsoft to introduce the ability to archive channels and move them between teams. But Microsoft has kept both feature requests on the back burner.

The features’ absence causes headaches for IT admins as they try to keep their organization’s Teams account organized.

Sometimes users create channels under the wrong team. But the only way to fix the mistake is to delete the channel and all the user work inside.

Other times, a project moves from one team to another. In those cases, users want to move the channel associated with the project to the new group.

After only six months of using Teams, a data management consulting firm in London had heavily active channels that it needed to move but couldn’t.

“It is frankly ridiculous,” said a senior manager. The admin requested anonymity because he wasn’t authorized to talk for the firm.

The lack of such an essential feature as moving channels demonstrates how Teams is still relatively immature as a collaboration app, said Eric Prosser, who oversees IT and facilities for the Santa Clara County Housing Authority.

“It just doesn’t have a lot of the bells and whistles that other tools have,” Prosser said.

Channel archiving would be another important feature for keeping Teams organized. Users can already hide channels from view. But they also want to archive them so that they no longer count towards the 200-channel limit within a team.

With more than 21,000 votes, the ability to move a channel between teams is the third most popular request on Microsoft’s user feedback site for Teams. Channel archiving, at more than 14,500 votes, is the seventh most popular.

The features are two examples of necessary enhancements to Teams that users have been waiting on for years. For instance, users are also seeking improvements to the calendar and the ability to use multiple Teams accounts simultaneously on the desktop version of the app. 

Instead of fixing these problems, Microsoft has made it a priority to improve its video conferencing capabilities to catch up to Zoom. The vendor recently expanded its group video display and planned to launch a new virtual reality-style video mode.

“It’s Microsoft,” Prosser said. “Microsoft thinks that they know everything for you.”

Go to Original Article
Author: