Tag Archives: suite

C/4HANA suite gets qualified thumbs up at SAP Sapphire Now

ORLANDO, Fla. — For the most part, SAP’s new CRM suite, C/4HANA, drew positive reviews at SAP Sapphire Now. But the vendor may have work to do with the intelligence-enhanced CRM application to challenge Salesforce’s dominance in the market.

On the opening day of SAP Sapphire Now 2018, the vendor took direct aim at Salesforce, with the announcement of C/4HANA — a CRM platform that consolidates the cloud-based elements of SAP’s existing CRM portfolio, including SAP Hybris; SAP Customer Data Cloud, which is largely from the Gigya acquisition; and SAP Sales Cloud, which is largely from the CallidusCloud acquisition.

The idea behind C/4HANA is to present a new paradigm for CRM that connects the CRM front end with the digital core ERP back end of S/4HANA, delivered on the SAP Cloud Platform. This offers an environment where companies can present a more holistic view of their customers, but one that relies on trusted master data from core ERP that can be processed by S/4HANA at speeds businesses need to keep ahead of the competition. This ability to present a holistic customer view at speed, and with trusted data, was “held back by legacy CRM,” according to SAP CEO Bill McDermott in his opening keynote address.

“We have a new idea, a better idea, and the better idea always wins,” McDermott said in a subsequent press conference.

Does SAP have the right idea and technology to challenge Salesforce for the CRM market? Some analysts gave the announcement a qualified thumbs-up, while some customers believe it’s too early to tell if they are on board with C/4HANA.

Sapphire Now 2018 SAP executive Q&A
SAP executives, including CEO Bill McDermott (second from left), participated in a press conference and analyst Q&A on the first full day of the Sapphire Now 2018 conference.

Taking a wait-and-see approach

SAP customer King’s Hawaiian, a bakery and food products company, is implementing S/4HANA to replace a legacy ERP system, but it won’t consider C/4HANA for a while, according to Luis Cupajita, CIO for the company, based in Torrance, Calif.

“I’m interested, but as a CIO, I’m always skeptical. I’ve seen tons of slideware in my life, and it’s probably too early for us to take advantage of it. We have to mature not only internally as a company to see how that will work for us, but the technology needs to mature, and our platform needs to mature,” Cupajita said. “I’m very much a proponent of crawl, walk, run. And any time we fail to follow that philosophy, we trip. We’ll put it on the radar as, ‘Here’s an aspirational goal. Let’s see where we and our partners land toward that goal to prepare ourselves to take advantage of that goal, but let’s not jump the gun.'”

IMAX runs several SAP applications, including SAP ECC and SAP BI tools, across several North American facilities, but it’s also not in a rush to implement C/4HANA, according to Shawn Rivers, senior director of business applications at the entertainment technology company, based in Mississauga, Ont.

“We have C4C [SAP Cloud for Customer], and it was interesting to see about C/4HANA [in the keynote]. But I’m going to have to digest that and go back to my execs and see where this will fall into our roadmap and what does it mean,” Rivers said.

SAP faces Salesforce pressure

The pressure from Salesforce must have been intense for SAP to believe it needed to do something like this in the CRM market, according to Holger Mueller, vice president and principal analyst at Constellation Research. But having a distinct CRM application contradicts SAP’s previous strategy of moving more to suites, he said.

It’s good for the customers, because it gives them choice. But, basically, SAP just buried the S/4HANA suite proposition.
Holger Muellervice president and senior analyst, Constellation Research

“It’s good for the customers, because it gives them choice. But, basically, SAP just buried the S/4HANA suite proposition,” Mueller said. “They’ve changed their vision of what the suite is dramatically and fundamentally.”

SAP went to the suite strategy in the past because customers told them it was too difficult to upgrade R/3 in pieces, Mueller continued. But now, they may have to plan for much more complexity.

However, C/4HANA appears to be exactly what SAP needs to build out the intelligent enterprise, according to Kelsey Mason, senior analyst at Technology Business Research in Hampton, N.H.

“In the way they showed it visually, S/4HANA wasn’t at the center of things with the other applications around it — they put HR, ERP and CRM in a line together — which is exactly what needed to happen, as the applications shouldn’t be more important than one another,” Mason said. “They’re still calling S/4 the core, which is fine, but their model represented a business much more. And … they’re tying it all together with intelligence and Leonardo in the center. And they have a real story around SAP Cloud Platform and how that ties in. I thought it was exactly what needed to happen since they launched Leonardo last year and really since S/4HANA came on the scene.”

Salesforce is far ahead of where SAP is at this point, Mason said, but Salesforce may have to look at C/4HANA as a challenge to step up its game. Salesforce may have some sleepless nights, because SAP has a compelling story to tell with the back-office integration, which Salesforce needs now, in particular, because it got into B2B e-commerce with the acquisition of CloudCraze.

“They need fulfillment, they need inventory management and so on. So, will Salesforce start creeping back into the back office?” Mason said. “I don’t know, but it’s not a story that they can tell to their customers. And in a way, it’s easier for SAP to go from back office to front than for Salesforce to go from front office to back.”

SAP Sapphire Now 2018 conference show floor
The show floor of the 2018 SAP Sapphire Now conference in Orlando, Fla.

C/4HANA nothing new, but may redefine market

One of the more noteworthy things about the main announcement was, despite the hype, how unremarkable it was, according to Jon Reed, co-founder of Diginomica. He said C/4HANA offered nothing new, because it’s primarily a rebranding of Hybris together with acquisitions like CallidusCloud and Gigya.

“What’s interesting about C/4HANA for SAP is they recognized they can’t abandon the market to Salesforce and the CRM category is only growing, but it’s more than that,” Reed said. “There’s definitely a shift in all industries now, and you have to pay attention to customer relations in a different way and have to put that in the system.”

SAP is trying to redefine the category, rather than chasing Salesforce from behind. This redefinition may mean the idea of differentiating between back office and front office is obsolete, according to Reed.

“It’s a little silly to bash Salesforce as legacy CRM, but SAP does have a point to say that there is no back office anymore — everything is one office and faces some type of customer, including employees, suppliers,” Reed said. “Many SaaS companies have tried to relegate what SAP does to the back office to try to portray SAP as a legacy, so SAP is trying to turn that around. And with S/4HANA, that has a real-time view of all this ‘back-office’ data — there really is no back office, because you’re always serving some sort of customer with that data.”

It appears like SAP is putting serious weight behind the effort to challenge Salesforce, Reed said. But it won’t be easy.

“C/4HANA is their stake in the ground, and I think they have a long way to go to earn credibility and trust even amongst their own customers on this point,” he said. “But they’re taking the Hybris assets and the other things they’ve developed in the past, like C4C, and repacked it and put on a platform they can build on and raise the bar. And by calling it C/4HANA, they’ve challenged themselves internally to be a market leader in CRM.”

SAP C/4HANA hopes to tie together front and back office

ORLANDO, Fla. — SAP is setting its sights on Salesforce with a new suite of customer experience products called SAP C/4HANA.

Unveiled at the opening keynote here at SAP Sapphire Now, SAP C/4HANA brings together SAP’s marketing, commerce, sales and service cloud products, sitting them all atop its Customer Data Cloud and embedding machine learning with SAP Leonardo.

“SAP was the last to accept the status quo, and SAP will be the first to change it,” said Bill McDermott, CEO for SAP. “We’re moving from a 360-degree view of sales automation to a 360-degree view of the customer. The entire supply chain is connected to customer experience.”

SAP is hoping that by connecting back-office capabilities with SAP ERP products to the front office, the company can provide an end-to-end experience for its users — something that few vendors can offer. SAP executives called the release of SAP C/4HANA a reflection point for SAP and the CRM industry.

“The roadmap for Hana and S/4Hana gave us what we needed to connect the back office to the front office,” McDermott said.

In addition to connecting back-office functionality, SAP’s new CX suite was also spurred by the separate acquisitions of Hybris, Gigya and CallidusCloud, which added the capabilities necessary to bring together these products.

“The goal is a single view of the customer,” said Alex Atzberger, president of customer experience for SAP. “With the acquisition of Gigya, we manage 1.3 billion profiles, and this is what’s happening in CRM. It’s about effectiveness and efficiency and how can you effectively target and engage a particular customer.”

Atzberger added that this customer engagement needs to keep the customer in mind first and foremost, meaning it can’t be creepy when it comes to courting a customer, but rather provide users with the tools to move a customer along the entire marketing, sales and service pipeline.

We’re moving from a 360-degree view of sales automation to a 360-degree view of the customer.
Bill McDermottCEO, SAP

It has been a long-standing goal of SAP’s to combine its industry-leading ERP tools with its CRM tools — being the first major vendor to combine front- and back-office capabilities — and while time will tell whether SAP can achieve this with C/4HANA, it appears the company is on the right track.

“They’ve been saying this for years, so what changed? I really think they’re finally executing on what they want to do and the architecture caught up and the acquisitions helped tie it together,” said Sheryl Kingstone, research vice president at 451 Research. “This ties to their cloud platform, and it was critical for that vision they have to connect the dots. These are things that Salesforce is trying to figure out in regards to the 360-degree customer view.”

While SAP admitted it was slow to adapt to this modern view of the customer, it’s hoping that by stringing together this suite of applications, it can provide the customer experience businesses are vying for.

“It’s not only about connecting that end-to-end chain, but also to give the best user experience in the industry,” McDermott said. “SAP is capable of doing this, and now we’re ready.”

The importance of SAP’s various acquisitions over the past couple of years can’t be understated when it comes to creating SAP C/4HANA. The 2017 purchase of Gigya for $350 million became the data management platform for SAP, helping customers maintain and protect customer data. The SAP acquisition of CallidusCloud earlier this year for $2.4 billion gave the company a modern, cloud-based sales, quote-to-cash and customer experience product that helps round out those front-office offerings that can complement SAP’s existing ERP products.

“The Gigya acquisition is really essential for that vision of [customer identification]. And managing that identity in a secure environment — especially with GDPR — is critical,” Kingstone said. “That plus bringing in their data management capabilities and machine learning with SAP Leonardo — if they can pull this off, that’s the next generation in a modern architecture.”

Pricing information regarding SAP C/4HANA wasn’t released at the unveiling.

Research claims ‘widespread’ Google Groups misconfiguration troubles

A new report claims a significant number of G Suite users misconfigured Google Groups settings and exposed sensitive data, but the research leave unanswered questions about the extent of the issue.

According to Kenna Security research, there is a “widespread” Google Groups misconfiguration problem wherein Groups are set to public and are exposing potentially sensitive email data that could lead to “spearphishing, account takeover, and a wide variety of case-specific fraud and abuse.” Last year, Redlock Cloud Security Intelligence also found Google Groups misconfiguration responsible for exposure of data from hundreds of accounts.

Kenna said it sampled 2.5 million top-level domains and found 9,637 public Google Groups. Of those public Groups, the researchers sampled 171 and determined 31% of those organizations “are currently leaking some form of sensitive email” with a confidence level of 90%.

“Extrapolating from the original sample, it’s reasonable to assume that in total, over 10,000 organizations are currently inadvertently exposing sensitive information,” Kenna wrote in its blog post. “The affected organizations including Fortune 500 organizations; Hospitals; Universities and Colleges; Newspapers and Television stations; Financial Organizations; and even U.S. government agencies.”

For context, there are currently more than 3 million paid G Suite accounts and an unknown number of free G Suite accounts, and Kenna acknowledged via email that they “do not believe [they] tested the vast majority of G Suite enabled domains.” Additionally, Google confirmed that Groups are set to private by default and an administrator would need to actively choose to make a Group public or allow other users to create public Groups.

It is unclear how many G Suite accounts are set to public, but a source close to the situation said the vast majority of Google Groups are set to private, and Google has sent out messages to users who may be affected with instructions on how to fix the Google Groups misconfiguration.

Specifics versus extrapolation         

Kenna Security’s research likened the Google Groups misconfiguration issue to the recent spate of Amazon Web Server (AWS) exposures where S3 buckets were accidentally left public.

“Ultimately, each organization is responsible for the configuration of their systems. However, there are steps that can be taken to ensure organizations can easily understand the public/private state for something as critical as internal email,” a Kenna spokesperson wrote via email. “For example, when the AWS buckets leak occurred, AWS changed its UX, exposing a ‘Public’ badge on buckets and communicated proactively to owners of public buckets. In practice, public Google Group configurations require less effort to find than public S3 buckets, and often have more sensitive information exposed, due to the nature of email.”

However, a major difference between the research from Kenna and that done by UpGuard in uncovering multiple public AWS buckets is in the details. Kenna is extrapolating from a sample to claim approximately 10,000 of 3 million Google Groups (0.3%) are misconfigured, and the examples of exposed emails reveal the potential for spearphishing attacks or fraud.

On the other hand, UpGuard specifically attributed the exposed data it found, including Republican National Committee voter rolls for 200 million individuals, info on 14 million Verizon customers, data scraped from LinkedIn and Facebook, and NSA files detailing military projects.  

Alex Calic, chief strategy and revenue officer of The Media Trust, said Google “made the right call by making private the default setting.”

“At the end of the day, companies are responsible for collaborating with their digital partners/vendors on improving and maintaining their security posture,” Calic wrote via email. “This requires developing and sharing their policies on what information can be shared on workplace communication tools like Google Groups and who can access that information, keeping in mind that — given how sophisticated hackers are becoming and the ever-present insider threat, whether an attack or negligence — there is always some risk that the information will see the light of day.”

Baramundi Management Suite

The Baramundi Management Suite (which begins at $25.90 per device) is a relative newcomer to our mobile device management (MDM) review roundup. It’s also notable for the fact that the software comes in the form of a virtual machine (VM) intended for either local installation on a server in your data center or for use in the cloud as a server instance in either Amazon Web Services (AWS) or Microsoft Azure. While it might be a solid enough MDM competitor for many small to midsize businesses (SMBs), the Baramundi Management Suite suffers from some unneeded complexity as well as a dependence on Microsoft back-office platforms for full functionality. It’s these issues that keep it behind our Editors’ Choice winner VMware AirWatch for now.

Similar Products

On the plus side, the MDM function is just one part of the bigger picture in the Baramundi Management Suite. Similar to Microsoft Intune, the Baramundi Management Suite also handles some desktop management chores for Microsoft Windows and Apple OS X-based desktops, up to the installation of a new operating system (OS). The downside here is that full functionality requires integration with an external Microsoft Active Directory (AD) domain and a Microsoft Exchange Server for sending email notifications. The first is something we encounter often, but the second has become something of a limitation now that many SMBs are going with hosted email services such as Google G Suite instead of an in-house email server. Our trial system didn’t have access to either of these platforms so we were unable to test all of the features, including the sending of email messages for device enrollment. Additionally, on the MDM side, Windows-based devices also required AD support, which means that shops without AD and Microsoft Exchange will only be able to manage Android and Apple devices with the Baramundi Management Suite.

Installation and Device Enrollment

Installing the Baramundi Management Suite consists of provisioning a VM, which was accomplished by the company for our test instance in the Microsoft Azure public cloud. The same could be accomplished in AWS should you choose to go that route. Connecting to the system uses a remote desktop session to connect you into a Windows Server environment. The one advantage to a VM approach is the consistency of deployment for the management infrastructure across multiple cloud services and on-premises, which means you’ve got easy access to redundancy and scalability should you need it.

To enroll either an Android or iOS device, you simply download the Baramundi Mobile Agent application from the appropriate store and follow the in-app instructions. Baramundi provides a Quick Response Code (QR code) that contains the server and account information so you don’t have to type this in. The agent includes a QR scanning capability, which removes the need for any additional apps. On iOS, the app installs the appropriate certificates to get you securely connected to the server.

We were able to register an iOS phone, a Samsung Galaxy S8+ smartphone, and a Samsung Galaxy Tab S3 device. The Baramundi Management Suite does support the Samsung Knox platform and the ability to block (black list) or allow (white list) specific apps. Only those apps which have been white-listed will be allowed should a user choose to install them. We did find some limitations to this capability depending on the version of Knox you’re using but it shouldn’t be an issue with updated phones.

Management Interface

Opening the Baramundi Management Suite console presents a dashboard that shows the status of Windows devices. The dashboard for mobile devices shows compliance status and rules violations. The Compliance Overview block includes clickable links to take you to another section of the management interface with more detailed information. The graphics displayed are static, meaning you can’t click an image and drill down for further details like you can in other products like VMware AirWatch and SOTI MobiControl. You also can’t modify the dashboard screens.

Like most of the other products in this roundup, the Baramundi Management Suite uses the concept of device profiles to configure specific settings. One difference from products such as and SOTI MobiControl is that the Baramundi Management Suite uses the concept of a universal profile to apply the same basic settings to all platforms. Creating a profile consists of settings collected into groupings they call “building blocks.” For example, one building block addresses restrictions on hardware such as the camera. Other building blocks include settings for Wi-Fi access points and virtual private network (VPN) credentials.

Once a profile has been created, it must be deployed by using a job. Jobs perform a number of different actions, including installing or uninstalling an app or profile; locking, unlocking, or wiping a device; and compiling a hardware or software inventory. Performing an action such as a device lock or wipe requires several steps, including creating a job to accomplish the task and then deploying it to a specific device. This seems more cumbersome for mobile devices than simply right-clicking and choosing “Lock Device” as in other systems such as SOTI MobiControl.

Viewing individual devices lets you see pertinent information about the device and perform specific tasks such as assign a job or edit the owner details. A Device Actions menu item on the page only let you deactivate the device. To do anything else requires creating a job. Creating a new job happens under the Jobs section. The Baramundi Management Suite includes a number of standard jobs to do things such as take a hardware and software inventory or distribute an app. Initiating a device wipe requires a number of steps to first create the job and then assign it to a specific device. This amount of effort would become quite tedious for most administrators after the first few device wipe requests.

Reporting was one strong area for the Baramundi Management Suite. A long list of pre-defined reports gives you access to most of the pertinent information. Creating new reports requires a full version of Crystal Reports which is an additional cost but does offer a robust report building tool. On the downside, the Baramundi Management Suite interface was not as intuitive as other products, like and SOTI MobiControl. It’s also missing features such as geofencing, geolocation, or mobile expense management (MEM). The geolocation feature is a significant one when an employee loses his or her device.


The base price for a single Baramundi Management Suite device is $25.90 plus a yearly maintenance cost between $3.50 and $5.50 depending on contract length. While that sounds like a lot, it actually puts the Baramundi Management Suite among the cheapest of all the products we tested, along with AppTec360 Enterprise Mobility Management.

Overall, we liked the Baramundi Management Suite, though we did find that it offers only the basic functionality that we’d expect out of an MDM product. However, it does manage that at a very low cost. Still, it doesn’t fully compare with the capabilities found in the other products in this roundup, notably our Editors’ Choice winner VMware AirWatch. Simple administrative functions, such as wiping a device, require far too many steps when compared to all of the other products in our roundup. Plus, its reliance on Microsoft for full functionality makes life hard on companies that have opted for different cloud-based back-office platforms.

New Microsoft Pix features let you take bigger, wider pictures and turns your videos into comics – Microsoft Research

Microsoft has released two new features with today’s update to Microsoft Pix for iOS, an app powered by a suite of intelligent algorithms developed by Microsoft researchers to take the guesswork out of getting beautiful photos and videos.

The first of these features, Photosynth, helps create photos that take in more of the perspective or scene you are standing in front of, whether it is wide, tall, or both. It does this by allowing you to freely pan and capture from side to side, up and down, back and forth, and even go back to the start to include any parts of the scene you may have missed.

“The idea came after some frustrations I had when trying to take a picture of Snoqualmie Falls. I didn’t want to have to choose which part of the scene to capture, and I wanted it all with detail. Photosynth means you no longer have to choose. I can now capture the whole scene in a way that feels natural. As with all Pix features, we have also worked to give the best image quality by introducing more intelligent ways to compute exposure and stitching,” said Josh Weisberg, principal program manager within Microsoft’s AI & Research organization in Redmond, Washington.

Photosynth, originally a popular platform for turning digital pictures into 3D panoramas, was launched by Microsoft in 2008 and decommissioned in 2017. Photosynth in Pix shares similarities with the original, leveraging some of the underlying technology, with more features inspired by the original to come. Photosynth in Pix allows for faster and smoother capture, while also making use of Pix’s auto-enhancement capabilities which improve white balance, tone correction and sharpness.

The second feature, Pix Comix, was developed during Microsoft’s OneWeek hackathon and makes use of the core Pix feature Moment Capture in an innovative new way: identifying the most interesting frames in a video to generate a comic strip. Pix uses its deep learning model to score and select three high-quality frames, searching specifically for non-blurry photos, faces with eyes open and interesting scenes.

Pix Comix performs this AI processing on device, selecting the best frames and formatting them into a comic strip. From there, you can add and edit speech bubbles that can be moved, rotated and resized to tell your own story.

Listening and responding to customer feedback on Pix remains a top priority as the app continues to improve and its AI capabilities are further developed. Today’s release marks another step forward in Pix’s commitment to turning that user feedback into new ways to make your pictures even better.


Announcing the Reddit Solution Template | Microsoft Power BI Blog | Microsoft Power BI

Today, we are excited to announce a new suite of Power BI solution templates for brand management and targeting on Reddit through a thrid-party API relationship with SocialGist. These templates complement existing brand-oriented solution templates available for Twitter, Facebook, and Bing News.

The Reddit solution template suite combines AI with interactive visual analytics to reveal how different brands are performing across the Reddit platform, from companies and CEOs down to individual products. Behind the scenes, it uses Azure services and technologies from Microsoft AI and Research to support rich exploration by sentiment levels, key words, and author communities. All you need to get started are the list of brands you want to track and an Azure subscription – the solution template will automate and take care of everything else.


Actionable Insights

With Reddit solution templates, you can easily track mentions of your brand, identify communities that talk about your products, and discover key influencers within those communities. You can also do the same for your competitors and their products!

The templates provide direct answers to the questions about who is talking about which brands, what are they saying in terms of text, sentiment, and keywords, and where on Reddit are they saying it. The templates also reveal new opportunities to drive customer engagement, whether through the identification of new community segments, top posts worthy of promotion, or trends in post volume or sentiment that require a timely response.

“With more than 330 million monthly users posting, commenting and voting across 138,000 active communities each day, Reddit is home to the most diverse and authentic conversations on the internet; and as such, an increasingly valuable source of brand and consumer insights,” says Alex Riccomini, director of business development and media partnerships at Reddit. “We’re excited to partner with Microsoft to bring Reddit’s vast data to Power BI, making it easier and more flexible than ever to customize, collect, and consume business-impacting insights from the Reddit community.

Together, the Power BI solution templates for Reddit offer unique brand insight and customer targeting opportunities powered by the highly-engaged and rapidly-growing Reddit community.

Multiple Workbook Experiences

1. Overview – This workbook shows the big picture for selected brands and the key influencers and communities talking about them.


Analyzing sentiment over time

2. Targeting and Activation – This workbook reveals how communities relate to brands across the Reddit platform and highlights key influencers.


Lookalike community analysis

3. Advanced Analytics – This workbook enables deep analytic exploration of Reddit posts, comments, and user activity relating to selected brands.


Deep dive analysis with free-text search

Try it out & let us know

Go ahead and check out the Reddit solution template. You can try out an interactive sample report, watch a demo video or just go ahead and set things up! The team is always interested in any thoughts or feedback – you can reach us through our alias (pbisolntemplates@microsoft.com) or by leaving a comment on the Power BI Solution Template Community page.

CyberSight RansomStopper

Your antivirus or security suite really ought to protect you against ransomware, along with all other kinds of malware. There might be an occasional slipup with a never-before-seen attack, but those unknowns rapidly become known. Unfortunately, ex post facto removal of ransomware still leaves your files encrypted. That’s why you may want to add a ransomware protection utility to your arsenal. The free CyberSight RansomStopper stopped real-world ransomware in testing, but can have a problem with ransomware that only runs at boot time.

Similar Products

RansomStopper is quite similar to Cybereason RansomFree, Trend Micro RansomBuster, and Malwarebytes Anti-Ransomware Beta. All four are free, and all detect ransomware based on its behavior. Since they rely on behavior, it doesn’t matter whether the ransomware is an old, known quantity or a just-created zero-day attack. Like RansomFree, RansomStopper uses bait files as part of its detection methodology. However, RansomStopper hides its bait files from the user.

Getting Started

Installation went quickly in my testing. After the download, I completed the process by entering my first and last name and email address. Once I responded to the confirmation email, the product was up and running.

The product’s simple main window reports that “You are protected from ransomware.” Buttons across the bottom let you view security alerts, processes RansomStop has blocked, and processes you’ve chosen to allow. Another button lets you check for updates, if you didn’t select automatic updates during installation. Simple!

CyberSight also offers a business edition. Added features include email alerts, centralized administration, and detailed reports. The business edition costs $29.99 for a single license, though the price drops to as low as $10 per seat with volume licensing.

Ransomware Protection

When RansomStopper detects a ransomware attack, it terminates the offending process and pops up a warning in the notification area. Clicking the warning lets you see what file caused the problem. There’s an option to remove programs from the blocked processes list—along with a warning that doing so is a bad idea.

Waiting to detect ransomware behavior can sometimes mean that the ransomware encrypts a few files before termination. When I tested Malwarebytes, it did lose a few files this way. Check Point ZoneAlarm Anti-Ransomware actively recovers any encrypted files. In my testing, it did so for every ransomware sample. ZoneAlarm’s only error was one instance of reporting failure when it had actually succeeded.

For a quick sanity check, I launched a simple fake ransomware program that I wrote myself. All it does is look for text files in and below the Documents folder and encrypt them. It uses a simple, reversible cipher, so a second run restores the files. RansomStopper caught it and prevented its chicanery. So far so good.

Caution, Live Ransomware

The only sure way to test behavior-based ransomware protection is by using live ransomware. I do this very cautiously, isolating my virtual machine test system from any shared folders and from the internet.

This test can be harrowing if the anti-ransomware product fails its detection, but my RansomStopper test went smoothly. Like ZoneAlarm and Malwarebytes, RansomStopper caught all the samples, and I didn’t find any files encrypted before behavioral detection kicked in. Cybereason RansomFree did pretty well, but it missed one.

I also test using KnowBe4’s RanSim, a utility that simulates 10 types of ransomware attack. Success in this test is useful information, but failure can simply mean that the behavior-based detection correctly determined that the simulations are not real ransomware. Like RansomFree, RansomStopper ignored the simulations.

Boot-Time Danger

Keeping under the radar is a big deal for ransomware. When possible, it does its dirty deeds silently, only coming forward with its ransom demand after encrypting your files. Having administrator privileges makes ransomware’s job easier, but getting to that point typically requires permission from the user. There are workarounds to get those privileges silently. These include arranging to piggyback on the Winlogon process at boot time, or set a scheduled task for boot time. Typically, the ransomware just arranges to launch at boot and then forces a reboot, without performing any encryption tasks.

I mention this because I discovered that ransomware can encrypt files at boot time before RansomStopper kicks in. My own fake encryption program managed that feat. It encrypted all text files in and below the Documents folder, including RansomStopper’s bait text file. (Yes, that file is in a folder that RansomStopper actively hides, but I have my methods…)

I reverted the virtual machine and tried again, this time setting a real-world ransomware sample to launch at startup. It encrypted my files and displayed its ransom note before RansomStopper loaded. From my CyberSight contact I learned that they’re “testing several solutions” for this problem, and that an update in the next few weeks should take care of it. I’ll update this review when a solution becomes available.

RansomFree runs as a service, so it’s active before any regular process. When I performed the same test, setting a real-world ransomware sample to launch at startup, RansomFree caught it. Malwarebytes also passed this test. RansomBuster detected the boot-time attack and recovered the affected files.

To further explore this problem, I obtained a sample of the Petya ransomware that caused trouble earlier this year. This particular strain crashes the system and then simulates boot-time repair by CHKDSK. What it’s actually doing is encrypting your hard drive. Malwarebytes, RansomFree, and RansomBuster all failed to prevent this attack. RansomStopper caught it before it could cause the system crash—impressive! To be fair to the others, this one is not a typical file encryptor ransomware. Rather, it locks the entire system by encrypting the hard drive.

Querying my contacts, I did learn that boot-time ransomware attacks, including Petya, are becoming less common. Even so, I’m adding this test to my repertoire.

Other Techniques

Behavior-based detection, when implemented properly, is an excellent way to fight ransomware. However, it’s not the only way. Trend Micro RansomBuster and Bitdefender Antivirus Plus are among those that foil ransomware by controlling file access. They prevent untrusted programs from making any change to files in protected folders. If an untrusted program tries to modify your files, you get a notification. Typically, you get the option to add the unknown program to the trusted list. That can be handy if the blocked program was your new text or photo editor. Panda Internet Security goes even farther, preventing untrusted programs from even reading data from protected files.

Ransomware crooks need to take care that they’ll be able to decrypt files when the victim pays up. Encrypting files more than once could interfere with recovery, so most include a marker of some kind to prevent a second attack. Bitdefender Anti-Ransomware leverages that technique to fool specific ransomware families into thinking they’ve already attacked you. Note, though, that this technique can’t do a thing about brand-new ransomware types.

When Webroot SecureAnywhere AntiVirus encounters an unknown process, it starts journaling all activity by that process, and sending data to the cloud for analysis. If the process proves to be malware, Webroot rolls back everything it did, even rolling back ransomware activity. ZoneAlarm and RansomBuster have their own methods for recovering files. When the anti-ransomware component of Acronis True Image kills off a ransomware attack, it can restore encrypted files from its own secure backup if necessary.

Give It a Try

CyberSight RansomStopper detected and blocked all my real-world ransomware samples without losing any files. It also detected my simple hand-coded ransomware simulator. And it blocked an attack by Petya, where several competing products failed.

RansomStopper did exhibit a vulnerability to ransomware that only runs at boot time, but my sources say this type of attack is becoming less common, and CyberSight is working on a solution. Other free products had their own problems. RansomFree missed one real-world sample, and Malwarebytes let another sample encrypt a few files before its detection kicked in. RansomBuster fared worse, missing half the samples completely (though its Folder Shield component protected most files).

Check Point ZoneAlarm Anti-Ransomware remains our Editors’ Choice for dedicate ransomware protection. It’s not free, but at $2.99 per month it’s also not terribly expensive. If that still seems too steep, give the three free utilities a try, and see which one you like best.

Determine if an Exchange Online migration makes sense

it just concerns moving email to the cloud. But there is a whole product suite to consider as part of this process.

The decision to shift from an on-premises email platform is not easy. Before the organization commits to this move, look at the transition from both a strategic and a technical perspective. There are a series of questions that should be answered before making the decision to switch to Exchange Online.

Is Exchange Online right for this organization?

Remember that Exchange Online is part of the Office 365 suite and is more than just email. The platform’s services address many business needs, such as file shares, document sharing, collaboration tools and simple word processing. And with certain licenses, if you buy Exchange Online, you own many of these other tools as well.

With that in mind, review the business issues below to see if an Exchange Online migration makes sense for the company:

  • The employees work in silos and require a tool to tear down these walls.
  • While emails don’t include client information, the system should automatically check that sensitive information is not sent.
  • Security is a priority. A lot of effort is made to keep that technology up to date.
  • Some employees get 250 email messages a day and must work collaboratively with other teams.
  • Company data sits in many different places, including email. Data management must be simplified.

While email is definitely part of the challenge, it’s not the only tool that runs teams and organizations. These hurdles should not hold up an Exchange Online migration. If email is a priority, consider making this phase one of the project, and then, deploy the additional tools your organization needs in different phases of the project at a later date.

Work out a path to a solid migration

Once the business works out the strategic approach, dive into the technical considerations for a smooth Exchange Online migration. First, find answers to the following questions because they will influence the user experience (UX), design and amount of time to deploy.

Should the UX be seamless, or will users log in with different credentials for Office 365 email?

Answer: I find larger organizations do not want users to log in separately, whereas smaller ones are more flexible in this area. That said, most businesses want a seamless UX. A business that wants to give users more streamlined access to resources should discuss how to implement Azure Active Directory Connect to set up password sync and single sign-on. Federation is not required, but organizations that already have it implemented find it is a good option for them. If federation is not in your environment, then look at other options.

Does the business need a failback plan?

Answer: Organizations often see a migration to the cloud as one way, but a failback plan should be included in the planning process. Ask yourself this: Would your organization migrate its on-premises Exchange deployment to a new server without a failback plan? For most companies, the answer is typically no. The only exception tends to be the very small business that just wants to be in the cloud and not maintain costly on-site infrastructure. With a failback option, the migration will be done in hybrid mode with the Hybrid Configuration Wizard. The ability to fail back mailboxes or migrated components if an unexpected issue arises provides a measure of stability for the business.

Does the business need to back up email data in Exchange Online?

Answer: This question seems straightforward, but the answer is complicated. If the business is OK without the ability to restore a mailbox, then this might work. The Deleted Item Recovery feature keeps messages for 30 days, and the retention hold options can be used to retain messages beyond 30 days. Does the organization need a way to restore a mailbox when it’s gone or recover individual items beyond 30 days? With answers to those questions, the company can then work to produce the correct technical implementation that best supports its email requirements.

Consider what the business uses in its on-premises deployment and whether that should apply in the cloud. Each organization is different from a technical perspective, so there is more to think about. These questions will help prepare the groundwork when the time comes to make a decision about an Exchange Online migration.

Ceridian Dayforce HCM updates, more unveiled at Insights 2017

The Ceridian Dayforce HCM suite will become the hub of an HR tech ecosystem built around integrating outside applications with Dayforce.

Ceridian said its new Dayforce Software Partner Program, which the company expects to be ready by the end of the year, will enable customers to more easily use specialized HR applications, even if the customer is already using the Ceridian Dayforce HCM platform.

“Essentially, we’re building an ecosystem for partners, whether they be software partners or systems integrators, to be able to extend or enhance the Dayforce product,” Jim Jensen, senior vice president of global partners and alliances, told SearchHRSoftware in an interview.

Comparison to Salesforce ecosystem

Jim Jensen, CeridianJim Jensen

Jensen compared the Ceridian plan, unveiled at the company’s Insights 2017 user conference, to a nascent version of what Salesforce has developed into an expansive customer relationship management ecosystem, with hundreds of co-developers, partners and customers using the giant CRM vendor’s underlying technology.

Essentially, Ceridian will make its APIs available to partners and customers that want to extend Ceridian Dayforce HCM data across other HR tech applications. Ceridian also sees the concept as a service-oriented architecture built with the same code, Jensen said.

In addition to the partner program, Ceridian said it will have a native United Kingdom payroll system by the end of 2017; the vendor now has U.S. and Canadian payroll versions. The HCM vendor also unveiled a new learning module, Dayforce Learning, which uses content from learning management system vendor Docebo.

Specialized applications

As for the partner program, Jensen said in addition to its potential to widen Ceridian’s market reach, it will give Ceridian Dayforce HCM users the opportunity to add the applications they prefer, while remaining with Ceridian’s recruitment, onboarding, benefits and talent management tools.

He cited Cornerstone OnDemand as an example, saying customers could perhaps choose a hybrid approach by using Cornerstone’s established learning management system alongside Ceridian’s learning module. Or, users could opt for Cornerstone or another vendor’s HR subsystem.

Essentially, we’re building an ecosystem for partners, whether they be software partners or systems integrators, to be able to extend or enhance the Dayforce product.
Jim Jensensenior vice president of global partners and alliances at Ceridian

Also, Ceridian envisions the partner system partly as relieving it of the burden of building customized third-party integrations.

“We kind of have to do it new each time, and the customers [have] to pay for that,” Jensen said. “And so we thought what if we flip the model, build this platform and this ecosystem and the plumbing, and give partners the power and the tools to build, manage and administer the integration to us?”

Ceridian is planning to charge partners annual subscription rates ranging from $10,000 to $20,000, depending on the level of integration.

Jensen said Ceridian has about 25 customers signed up for the program and expects to quickly add another few dozen. “It’s moving quick,” he said.

Analyst sees Ceridian progression

Ceridian’s moves show the vendor is serious about growing strategically, said Brent Skinner, principal analyst for HCM at Boston-based Nucleus Research, who was briefed on the partner program and other new Ceridian Dayforce HCM capabilities.

“The software partner program is the next logical step for Ceridian with Dayforce,” Skinner said. “Ceridian is executing faithfully on an extremely aggressive product roadmap.”

Skinner noted that other full HCM suite vendors that are among Ceridian’s competitors already have similar programs.

“So, this is a big milestone for Ceridian,” he said.

Skinner said Ceridian’s alliance with Docebo makes Ceridian a kind of HR tech “omnivore,” able to provide its own learning technology, while also playing well with others, such as Cornerstone and Skillsoft.

As for the native U.K. payroll application, Skinner said few vendors other than ADP “are truly viable options when it comes to global payroll.”

Ceridian — which said it would soon release native payroll capabilities for Australia and other countries in Asia, the Middle East and Europe — showed it is moving in that global direction, Skinner said.