Tag Archives: there

How to Enable Advanced Threat Protection in Microsoft 365

As more of the workforce connects from their homes, there has been a spike in usage for remote productivity services. Many organizations are giving Microsoft Office 365 subscriptions to all of their staff, using more collaboration tools from Outlook, OneDrive, SharePoint, and Teams.

Unfortunately, this is creating new security vulnerabilities with more untrained workers being attacked by malware or ransomware through attachments, links, or phishing attacks.

This article will provide you with an overview of how Microsoft Office 365 Advanced Threat Protection (ATP) can help protect your organization, along with links to help you enable each service.

ATP is included in the Microsoft Office 365 Business Premium, Enterprise E5, and Education A5 subscriptions, but it can be added to almost any subscription. For additional information about ATP and Microsoft Office 365 security, check out Altaro’s upcoming webinar Critical Security Features in Microsoft Office 365 Admins Simply Can’t Ignore.

What is Advanced Threat Protection?

Microsoft Office 365 now comes with the Advanced Threat Protection service which secures emails, attachments, and files by scanning them for threats. This cloud service uses the latest in machine learning from the millions of mailboxes it protects to proactively detect and resolve common attacks. This technology has also been extended beyond just email to protect many other components of the Microsoft Office suite. In addition to ATP leveraging Microsoft’s global knowledge base, your organization can use ATP to create your own policies, investigate unusual activity, simulate threats, automate responses, and view reports.

Microsoft Advanced Threat Protection

Advanced Threat Protection (Source: Microsoft techcommunity)

Safe Links

Microsoft Office 365 ATP helps your users determine if a link is safe when using Outlook, Teams, OneNote, Word, Excel, PowerPoint and Visio. Malicious or misleading links are a common method for hackers to direct unsuspecting users to a site that can steal their information. These emails are often disguised to look like they are coming from a manager or the IT staff within the company. ATP will automatically scan links in emails and cross-reference them to a public or customized list of dangerous URLs. If a user tries to click on the malicious link, it will give them a warning so that they understand the risk if they continue to visit the website.

How to enable ATP Safe Links

Safe Attachments

One of the most common ways which your users will get attacked is by opening an attachment that is infected with malware. When the file is opened, it could execute a script that could steal passwords or lock up the computer unless a bounty is paid, in what is commonly known as a ransomware attack. ATP will automatically scan all attachments to determine if any known virus is detected. You and your users will be notified about anything suspicious to help you avoid any type of infection.

How to enable ATP Safe Attachments

Anti-Phishing Policies

When ATP anti-phishing is enabled, all incoming messages will be analyzed for possible phishing attacks. Microsoft Office 365 uses cloud-based AI to look for unusual or suspicious message elements, such as mismatched descriptions, links, or domains. Whenever an alert is triggered, the user is immediately warned, and the alert is logged so that it can be reviewed by an admin.

How to enable ATP Anti-Phishing

Real-time Detection & Reports

Approved users will have access to the ATP dashboard along with reports about recent threats. These reports contain detailed information about malware, phishing attacks, and submissions. A Malware Status Report will allow you to see malware detected by type, method, and the status of each message with a threat. The URL Protection Status Report will display the number of threats discovered for each hyperlink or application and the resulting action taken a user. The ATP Message Disposition report shows the different types of malicious file attachments actions in messages. The Email Security Reports include details about the top senders, recipients, spoofed mail, and spam detection.

How to view all the various ATP reports. Note: there are some more advanced reports which must be triggered through a PowerShell cmdlet.

Threat Explorer

Another important component of ATP is the Threat Explorer which allows admins or authorized users to get real-time information about active threats in the environment through a GUI console. It allows you to preview an email header and download an email body, and for privacy reasons, this is only permitted if permission is granted through role-based access control (RBAC). You can then trace any copies of this email throughout your environment to see whether it has been routed, delivered, blocked, replaced, failed, dropped, or junked. You can even view a timeline of the email to see how it has been accessed over time by recipients in your organization. Some users can even report suspicious emails and you can use this dashboard to view these messages.

How to enable ATP Threat Explorer

Threat Trackers

Microsoft Office 365 leverages its broad network of endpoints to identify and report on global attacks. Administrators can add any Threat Tracker widgets which they want to follow to their dashboard through the ATP interface. This allows you to track major threats attacking your region, industry, or service type.

How to enable ATP Threat Trackers

Automated Incident Response

Another great security feature from Microsoft Office 365 ATP is the ability to automatically investigate well-known threats. Once a threat is detected, the Automated Incident Response (AIR) feature will try to categorize it and start remediating the issue based on the industry-standard best practices. This could include providing recommendations, quarantining, or deleting the infected file or message.

How to use Automate Incident Response (AIR)

Attack Simulator

One challenge that many organizations experience when developing a protection policy is their inability to test how their users would actually respond to an attempted attack. The ATP Attack Simulator is a utility that authorized administrators can use to create artificial phishing and password attacks. These fake email campaigns try to identify and then educate vulnerable users by convincing them to perform an action that could expose them to a hacker. This utility can run a Spear Phishing Campaign, Brute Force Attack, and a Password Spray Attack.

How to enable the ATP Attack Simulator

This diverse suite of tools, widgets, and simulators can help admins protect their remote workforce from the latest attacks. Microsoft has taken its artificial intelligence capabilities to learn how millions of mailboxes are sharing information, and use this to harden the security of their entire platform.

If you want to learn more about Microsoft Office 365 ATP and Microsoft Office 365 in general, attend the upcoming Altaro webinar on May 27. I will be presenting that along with Microsoft MVP Andy Syrewicze so it’s your chance to ask me any questions you might have about ATP or other Microsoft Office 365 security features live! It’s a must-attend for all admins – save your seat now

Microsoft Office 365 ATP Altaro Webinar

Is Your Office 365 Data Secure?

Did you know Microsoft does not back up Office 365 data? Most people assume their emails, contacts and calendar events are saved somewhere but they’re not. Secure your Office 365 data today using Altaro Office 365 Backup – the reliable and cost-effective mailbox backup, recovery and backup storage solution for companies and MSPs. 

Start your Free Trial now


Go to Original Article
Author: Symon Perriman

For Sale – MacBook Air 2019 Rose Gold 1.5Hz i5 8GB 128GB

Bought it for myself beginning of the year to give Mac a go. But turns out there are quite a lot of little things that I can’t get used to it, so going back to windows. Bought it as a refurb from Apple directly, so they put a new body and battery. Only used it lightly and still in very good condition. This is a rose gold base model and will come with the power cable in original box.

Insured postage with Royal Mail is included.

Go to Original Article
Author:

On-premises server monitoring tools meet business needs, budget

Although the market has shifted and more vendors are providing cloud-based monitoring, there are still a wide range of feature-rich server monitoring tools for organizations that must keep their workloads on site for security and compliance reasons.  

Here we examine open source and commercial on-premises server monitoring tools from eight vendors. Although these products broadly achieve the same IT goals, they differ in their approach, complexity of setup — including the ongoing aspects of maintenance and licensing — and cost. 

Cacti

Cacti is an open source network monitoring and graphing front-end application for RRDtool, an industry-standard open source data logging tool. RRDtool is the data collection portion of the product, while Cacti handles network graphing for the data that’s collected. Since both Cacti and RRDtool are open source, they may be practical options for organizations that are on a budget. Cacti support is community-driven.

Cacti can be ideal for organizations that already have RRDtool in place and want to expand on what it can display graphically. For organizations that don’t have RRDtool installed, or aren’t familiar with Linux commands or tools, both Cacti and RRDtool could be a bit of a challenge to install, as they don’t include a simple wizard or agents. This should be familiar territory for Linux administrators, but may require additional effort for Windows admins. Note that Cacti is a graphing product and isn’t really an alerting or remediation product. 

ManageEngine Applications Manager

The ManageEngine system is part of an extensive line of server monitoring tools that include application-specific tools as well as cloud and mobile device management. The application monitoring framework enables organizations to purchase agents from various vendors, such as Oracle and SAP, as well as customer application-specific tools. These server monitoring tools enable admins to perform cradle-to-grave monitoring, which can help them troubleshoot and resolve application server issues before they impact end-user performance. ManageEngine platform strengths include its licensing model and the large number of agents available. Although the monitoring license per device is all-inclusive for interfaces or sensors needed per device, the agents are sold individually.

Thirty-day trials are available for many of the more than 100 agents. Licensing costs range from less than $1,000 for 25 monitors and one user to more than $7,000 for 250 monitors with one user and an additional $245 per user. Support costs are often rolled into the cost of the monitors. This can be ideal for organizations that want to make a smaller initial investment and grow over time.

Microsoft System Center Operations Manager

The product monitors servers, enterprise infrastructure and applications, such as Exchange and SQL, and works with both Windows and Linux clients. Microsoft System Center features include configuration management, orchestration, VM management and data protection. System Center isn’t as expansive on third-party applications as it is with native Microsoft applications. System Center is based on core licensing to match Server 2016 and later licensing models.

The base price for Microsoft System Center Operations Manager starts at $3,600, assuming two CPUs and 16 cores total and can be expanded with core pack licenses. With Microsoft licensing, the larger the environment in terms of CPU cores, the more a customer site can expect to pay. While Microsoft offers a 180-day trial of System Center, this version is designed for the larger Hyper-V environments. Support is dependent on the contract the organization selects.  

Nagios Core

Nagios Core is free open source software that provides metrics to monitor server and network performance. Nagios can help organizations provide increased server, services, process and application availability. While Nagios Core comes with a graphical front end, the scope of what it can monitor is somewhat limited. But admins can deploy additional community-provided front ends that offer more views and additional functionality. Nagios Core natively installs and operates on Linux systems and Unix variants.

For additional features and functionality, the commercial Nagios XI product offers true dashboards, reporting, GUI configuration and enhanced notifications. Pricing for this commercial version ranges from less than $7,000 for 500 nodes and an additional $1,500 per enterprise for reporting and capacity planning tools. In addition to agents for OSes, users can also add network monitoring for a single point of service. Free 60-day trials and community support are available for the products that work with the free Nagios Core download.

Opsview

Opsview system monitoring software includes on-premises agents as well as agents from all the major cloud vendors. While the free version provides 25 hosts to monitor, the product’s main benefit is that it can support both SMBs and the enterprise. Pricing for a comprehensive offering that includes 300 hosts, reporting, multiple collectors and network analyzer is less than $20,000 a year, depending on the agents selected.  

Enterprise packages are available via custom quote. The vendor offers both on-premises and cloud variations. The list of agents Opsview can monitor is one of the most expansive of any of the products, bridging cloud, application, web and infrastructure. Opsview also offers a dedicated mobile application. Support for most packages is 24/7 and includes customer portals and a knowledgebase.

Paessler PRTG Network Manager

PRTG can monitor from the infrastructure to the application stack. The licensing model for PRTG Network Monitor follows a sensor model format over a node, core or host model. This means a traditional host might have more than 20 sensors monitoring anything from CPU to bandwidth. Services range from networking and bandwidth monitoring to other more application-specific services such as low Microsoft OneDrive or Dropbox drive space. A fully functional 30-day demo is available and pricing ranges from less than $6,000 for 2,500 sensors to less than $15,000 for an unlimited number of sensors. Support is email-based.

SolarWinds Server and Application Monitor

SolarWinds offers more than 1,000 monitoring templates for various applications and systems, such as Active Directory, as well as several virtualization platforms and cloud-based applications. It also provides dedicated virtualization, networking, databases and security monitoring products. In addition to standard performance metrics, SolarWinds provides application response templates to help admins with troubleshooting. A free 30-day trial is available. Pricing for 500 nodes is $73,995 and includes a year of maintenance.  

Zabbix

This free, open source, enterprise-scale monitoring product includes an impressive number of agents that an admin can download. Although most features aren’t point and click, the dashboards are similar to other open source platforms and are more than adequate. Given the free cost of entry and the sheer number of agents, this could be an ideal product for organizations that have the time and Linux experience to bring it online. Support is community-based and additional support can be purchased from a reseller.

The bottom line on server monitoring tools

The products examined here differ slightly in size, scope and licensing model. Outside of the open source products, many commercial server monitoring tools are licensed by node or agent type. It’s important that IT buyers understand all the possible options when getting quotes, as they can be difficult to understand.

Pricing varies widely, as do the features of the dashboards of the various server monitoring tools. Ensure the staff is comfortable with the dashboard and alerting functionality of each system as well as mobile ability and notifications. If an organization chooses an open source platform, keep in mind that the installation could require more effort if the staff isn’t Linux savvy.  

The dashboards for the open source monitors typically aren’t as graphical as the paid products, but that’s part of the tradeoff with open source. Many of the commercial products are cloud-ready or have that ability, so even if an organization doesn’t plan to monitor its servers in the cloud today, they can take advantage of this technology in the future. 

Go to Original Article
Author:

HR vendors to watch in 2020

There are hundreds of HR vendors and most never get attention. They provide reliable payroll, benefits and core HR services. Their pricing is competitive, their support responsive, and their users are generally happy. But analysts do have firms they think are especially interesting or doing something new.

Here, analysts give their take on what HR software vendors to watch in 2020. The list is by no means inclusive but does provide some insight as to where HR vendors are headed.

Josh Bersin, an independent HR analyst, cited Pymetrics Inc., a New York-based assessment tools firm. Their assessment is based on neurological research and the “true attributes of your mind,” which includes strengths and weaknesses rather than skills, he said. The tool evaluates attributes such as risk-taking and pattern matching.

A strength of the Pymetrics system is that it’s unbiased, Bersin said. It doesn’t matter, in its evaluations, whether a job candidate went to college or has a doctorate from an Ivy League school. 

“Some companies are really starting to use it a lot for recruiting in roles where the college degree is a sort of a false signal,” Bersin said. Clients include Workday, Accenture, LinkedIn and the Boston Consulting Group.

College degree not needed

College degrees may be becoming less important, especially in a tight labor market. Glassdoor Inc., recently assembled a list of companies that don’t require a degree for top jobs, which included Google and Apple.

Our research shows that employees want coaching and mentoring relationships more than straight learning content, but employers often struggle with how to implement this.
Ben EubanksPrincipal analyst, Lighthouse Research & Advisory

Another firm that has Bersin’s attention is Waggl Inc., an employee feedback platform based in Sausalito, Calif. He said the firm offers a “really innovative” employee tool that enables employers to quickly assemble a way to get employee opinions on topics. One of the things it does is allow for the crowdsourcing of reaction, so employees can vote on the response.

Ben Eubanks, principal analyst at Lighthouse Research & Advisory, cited Pilot Inc., an employee coaching platform based in Knoxville, Tenn.

“Pilot would be my clear pick here,” Eubanks said. “Our research shows that employees want coaching and mentoring relationships more than straight learning content, but employers often struggle with how to implement this.”

Eubanks said Pilot offers development coaching for employees to help them manage and improve their own performance.

Growing client list

Nucleus Research cited AllyO, an AI-powered virtual recruiting assistant startup in Palo Alto, Calif. Trevor White, an analyst at Nucleus, said some of its customers have “put some quantifiable numbers” around its deployments.

The firm was founded in 2015 and has assembled some “marquee customers,” including FedEx, The Cheesecake Factory and Randstad. Its quickly developing client list “is why we think they will be taking off in 2020,” White said. 

John Sumser, a principal analyst at HRExaminer, said his firm has assembled a list of a dozen companies in their 2020 watchlist. Among the “cream of the crop” is SwoopTalent in Oakland, Calif., a data-as-a-service product, which stores HR data in a private cloud that integrates with existing systems.

Another is Rotterdam, Netherlands-based KeenCorp B.V., which uses language analysis that can analyze employee emails and chats to measure engagement and “tension” in a workplace. It generates an index to tell how critical groups are doing.

Go to Original Article
Author:

AI vendors to watch in 2020 and beyond

There are thousands of AI startups around the world. Many aim to do similar things — create chatbots, develop hardware to better power AI models or sell platforms to automatically transcribe business meetings and phone calls.

These AI vendors, or AI-powered product vendors, have raised billions over the last decade, and will likely raise even more in the coming years. Among the thousands of startups, a few shine a little brighter than others.

To help enterprises keep an eye on some of the most promising AI startups, here is a list of those founded within the past five years. The startups listed are all independent companies, or not a subsidiary of a larger technology vendor. The chosen startups also cater to enterprises rather than consumers, and focus on explainable AI, hardware, transcription and text extraction, or virtual agents.

Explainable AI vendors and AI ethics

As the need for more explainable AI models has skyrocketed over the last couple of years and the debate over ethical AI has reached government levels, the number of vendors developing and selling products to help developers and business users understand AI models has increased dramatically. Two to keep an eye on are DarwinAI and Diveplane.

DarwinAI uses traditional machine learning to probe and understand deep learning neural networks to optimize them to run faster.

Founded in 2017 and based in Waterloo, Ontario, the startup creates mathematical models of the networks, and then uses AI to create a model that infers faster, while claiming to maintain the same general levels of accuracy. While the goal is to optimize the deep learning models, a 2018 update introduced an “explainability toolkit” that offers optimization recommendations for specific tasks. The platform then provides detailed breakdowns on how each task works, and how exactly the optimization will improve them.

Founded in 2017, Diveplane claims to create explainable AI models based on historical data observations. The startup, headquartered in Raleigh, N.C., puts its outputs through a conviction metric that ranks how likely new or changed data fits into the model. A low ranking indicates a potential anomaly. A ranking that’s too low indicates that the system is highly surprised, and that the data likely doesn’t belong in a model’s data set.

AI startups, AI vendors
There are thousands of AI startups in the world today, and it looks like there will be many more over the coming years.

In addition to the explainability product, Diveplane also sells a product that creates an anonymized digital twin of a data set. It doesn’t necessarily help with explainability, but it does help with issues around data privacy.

According to Diveplane CEO Mike Capps, Diveplane Geminai takes in data, understands it and then generates new data from it without carrying over personal data. In healthcare, for example, the product can input patient data and scrub personal information like names and locations, while keeping the patterns in the data. The outputs can then be fed into machine learning algorithms.

“It keeps the data anonymous,” Capps said.

AI hardware

To help power increasingly complex AI models, more advanced hardware — or at least hardware designed specifically for AI workloads — is needed. Major companies, including Intel and Nvidia, have quickly stepped up to the challenge, but so, too, have numerous startups. Many are doing great work, but one stands out.

Cerebras Systems, a 2016 startup based in Los Altos, Calif., made headlines around the world in 2019 when it created what it dubbed the world’s largest computer chip designed for AI workloads. The chip, about the size of a dinner plate, has some 400,000 cores and 1.2 trillion transistors. By comparison, the largest GPU has around 21.1 billion transistors.

The company has shipped a limited number of chips so far, but with a valuation expected to be well over $1 billion, Cerebras looks to be going places.

Automatic transcription companies

It’s predicted that more businesses will use natural language processing (NLP) technology in 2020 and that more BI and AI vendors will integrate natural language search functions into their platforms in the coming years.

Numerous startups sell transcription and text capturing platforms, as well as many established companies. It’s hard to judge them, as their platforms and services are generally comparable; however, two companies stand out.

Fireflies.ai sells a transcription platform that syncs with users’ calendars to automatically join and transcribe phone meetings. According to CEO and co-founder Krish Ramineni, the platform can transcribe calls with over 90% accuracy levels after weeks of training.

The startup, founded in 2016, presents transcripts within a searchable and editable platform. The transcription is automatically broken into paragraphs and includes punctuation. Fireflies.ai also automatically extracts and bullets information it deems essential. This feature does “a fairly good job,” one client said earlier this year.

The startup plans to expand that function to automatically label more types of information, including tasks and questions.

Meanwhile, Trint, founded in late 2014 by former broadcast journalist Jeff Kofman, is an automatic transcription platform designed specifically for newsrooms, although it has clients across several verticals.

The platform can connect directly with live video feeds, such as the streaming of important events or live press releases, and automatically transcribe them in real time. Transcriptions are collaborative, as well as searchable and editable, and included embedded time codes to easily go back to the video.

“It’s a software with an emotional response, because people who transcribe generally hate it,” Kofman said.

Bots and virtual agents

As companies look to cut costs and process client requests faster, the use of chatbots and virtual agents has greatly increased across numerous verticals over the last few years. While there are many startups in this field, a couple stand out.

Boost.ai, a Scandinavian startup founded in 2016, sells an advanced conversational agent that it claims is powered by a neural network. Automatic semantic understanding technology sits on top of the network, enabling the agent to read textual input word by word, and then as a whole sentence, to understand user intent.

Agents are pre-trained on one of several verticals before they are trained on the data of a new client, and the Boost.ai platform is quick to set up and has a low count of false positives, according to co-founder Henry Vaage Iversen. It can generally understand the intent of most questions within a few weeks of training, and will find a close alternative if it can’t understand it completely, he said.

The platform supports 25 languages, and pre-trained modules for a number of verticals, including banking, insurance and transportation industries.

Formed in 2018, EyeLevel.ai doesn’t create virtual agents or bots; instead, it has a platform for conversational AI marketing agents. The San Francisco-based startup has more than 1,500 chatbot publishers on its platform, including independent developers and major companies.

Eyelevel.ai is essentially a marketing platform — it advertises for numerous clients through the bots on in its marketplace. Earlier this year, Eyelevel.ai co-founder Ryan Begley offered an example.

An independent developer on its platform created a bot that quizzes users on their Game of Thrones knowledge. The bot operates on social media platforms, and, besides providing a fun game for users, it also collects marketing data on them and advertises products to them. The data it collects is fed back into the Eyelevel platform, which then uses it to promote through its other bots.

By opening the platform to independent developers, it gives individuals a chance to get their bot to a broader audience while making some extra cash. Eyelevel.ai offers tools to help new bot developers get started, too.

“Really, the key goal of the business is help them make money,” Begley said of the developers.

Startup launches continuing to surge

This list of AI-related startups represents only a small percentage of the startups out there. Many offer unique products and services to their clients, and investors have widely picked up on that.

According to the comprehensive AI Index 2019 report, a nearly 300-page report on AI trends complied by the Human-Centered Artificial Intelligence initiative at Stanford University, global private AI investment in startups reached $37 billion in 2019 as of November.

The report notes that since 2010, which saw $1.3 billion raised, investments in AI startups have increased at an average annual growth rate of over 48%.

The report, which considered only AI startups with more than $400,000 in funding, also found that more than 3,000 AI startups received funding in 2018. That number is on the rise, the report notes.

Go to Original Article
Author:

Amazon tech VP lays out ambitious AWS storage vision

LAS VEGAS –There appears to be no end in sight to the ambitious vision of AWS storage, especially when it comes to file systems.

During an interview with TechTarget, Amazon VP of technology Bill Vass said AWS aims to “enable every customer to be able to move to the cloud.” For example, Amazon could offer any of the approximately 35 file systems that its enterprise customers use, under the FSx product name, based on customer demand, Vass said. FSx stands for File System x, where the “x” can be any file system. AWS launched the first two FSx options, for Lustre and Windows file systems, at its November 2018 Re:Invent conference.

(Editor’s note: Vass said during the original interview that AWS will offer all 35 file systems over time. After the article published, Vass contacted us via email to clarify his statement. He wrote: “FSx is built to offer any type of file system from any vendor. I don’t want it to seem that we have committed to all 35, just that we can if customers want it.”)

AWS cannot support nearly three dozen file systems overnight, but Vass highlighted a new storage feature coming in 2020: a central storage management console similar to the AWS Backup option that unifies backups.

Vass has decision-making oversight over all AWS storage products (except Elastic Block Storage), as well as quantum computing, IoT, robotics, CloudFormation, CloudWatch monitoring, system management, and software-defined infrastructure. Vass has held CEO, COO, CIO, CISO and CTO positions for startups and Fortune 100 companies, as well as the federal government. Before joining Amazon more than five years ago, Vass was president and CEO of Liquid Robotics, which designs and builds autonomous robots for the energy, shipping, defense, communications, scientific, intelligence and environmental industries.

How has the vision for AWS storage changed since the object-based Simple Storage Service (S3) launched in 2006?

Amazon storage
Amazon VP of technology Bill Vass with AWS Snowball appliance.

Bill Vass: Originally, it was very much focused on startups, developers and what we call webscale or web-facing storage. That’s what S3 was all about. Then as we grew in the governments and enterprises, we added things like [write once read many] WORM, [recovery point objective] RPO for cross-region replication, lifecycle management, intelligent tiering, deep archive. We were the first to have high-performance, multi-[availability zone] AZ file systems. Block storage has continued to be a mainstay for databases and things like that. We launched the first high-performance file system that will rival anything on prem with FSx for [high-performance computing] HPC. So, we ran Lustre in there. And Lustre gives you microsecond latency, 100 gigabits per thread, connected directly to your CPU.

The other thing we did at Re:Invent [2018] was the FSx for SMB NTFS Windows. At Re:Invent this year, we launched the ability to replicate that to one, two or three AZs. They added a bunch of extra features to it. But, you can expect us with FSx to offer other file systems as well. There’s about 35 different file systems that enterprises use. We can support many – really anything with FSx. But we will roll them out in order of priority by customer demand.

What about Amazon Elastic File System?

Vass: Elastic File System, which is our NFS 4 file system, has got single-digit millisecond response. That is actually replicating across three separate buildings with three different segments, striping it multiple times. EFS is an elastic multi-tenant file system. FSx is a single-tenant file system. To get microsecond latency, you have to be right there next to the CPU. You can’t have microsecond latency if you’re striping across three different buildings and then acknowledging that.

Do you plan to unify file storage? Or, do you plan to offer a myriad of choices?

Vass: Certainly, they’re all unified and can interoperate with each other. FSx, S3, intelligent tiering, all that kind of stuff, and EFS all work together. That’s already there. However, we don’t think file systems are one size fits all. There’s 35 different file systems, and the point of FSx is to let people have many choices, just like we have with databases or with CPUs or anything like this. You can’t move a load that’s running on GPFS into AWS without making changes for it. So you’d want to offer that as a file system. You can’t move an HPC load without something like FSx Lustre. You can’t move your Windows Home directories into AWS without FSx for Windows. And I would just expect more and more features around EFS, more and more features on S3, more and more features around FSx with more and more options for file systems.

So, you don’t envision unifying file storage.

Vass: There will be a central storage management system coming out where you’ll see it just like we have a central backup system now. So, they’ll be unified at that level. There’ll be a time when you’ll be able to access things with SMB, NFS and object in the same management console and on the same storage in the future. But that’s not really unified, right? Because you still want to have the single-tenant operating environment for your Windows. Microsoft does proprietary extensions on top of SMB, so you’ll need to run Windows underneath that. You can run something like [NetApp] OnTap, which also runs on AWS, by the way. And it does a great job of emulating NFS 4, 3, and SMB. But it’s never going to be 100% Windows compatible. So for that, you’re still going to want to run the Windows-native environment underneath.

I’d love to have one solution that did it all, but when you do that, what you usually end up with is something that does everything, but none of it well. So, you’re still going to want to have your high-performance object storage, block storage, elastic file systems and your single-tenant file systems for the foreseeable future. They’ll all interoperate with each other. They all get 11 nines durability by snapshotting or direct storing. You’re still going to have your archive storage. You don’t really want an archive system that operates the same as the file system or an object system.

How will the management console work to manage all the systems?

Vass: Since we unified backups with AWS Backup, you can take a look at that one place where we’re backing everything up in AWS. Now, we haven’t turned every service on. There’s actually 29 stateful stores in AWS. So, what we’re doing with backup is adding them one after another until they’re all there. You go to one place to back everything up.

We’ll add a storage management console. Today, you would go to an S3 console, an FSx console, an EFS console and a relational database console, then an Aurora console, then an EBS console. There’ll be one system management console that will let you see everything in one place and one place where you’ll be able to manage all of it as well. That’s scheduled for some time next year.

I’ve been hearing from enterprise customers that it can get confusing and overwhelming to keep track of the breadth of AWS storage offerings.

Vass: Let me counter that. We listen to our customers, and I guarantee you at Re:Invent this year, each customer I met with, one of those services that we added was really important to them, because remember, we’re moving everything from on prem to the cloud. … There are customers that want NFS 3 still. There’s customers that want NFS 4. There’s customers that want SMB and NTFS. There’s customers that want object storage. There’s customers that want block storage. There’s customers that want backups. If we did just one, and we told everyone rewrite your apps, it would take forever for people to move.

The best things people can do is get our roadmaps. We disclose our roadmaps under NDA to any customer that asks, and we’ll show them what’s coming and when it’s going to come so that they can have some idea if they’re planning and when we’re going to solve all of their problems. We’ve got 2.2 million customers, and all of them need something. And they have quite a variability of needs that we work to meet. So, it’s necessary to have that kind of innovation. And of course, we see things our customers do all the time.

So, AWS storage is basically going for the ocean and aiming to get every customer away from a traditional storage vendor.

Vass: I wouldn’t say it that way. I’d say we want to enable every customer to be able to use the cloud and Outpost and Snowball and Storage Gateway and all of our products so they can save money, be elastically scaling, have higher durability and better security than they usually do on prem.

Go to Original Article
Author:

This group of businesses is the most often attacked on earth—here’s how we helped

There are 79 million businesses worldwide who meet the “small or medium business” (SMB) definition of having 300 or fewer employees, and those businesses represent 95 percent of all the companies on earth—which amounts to a staggering 63 percent of the world’s workforce. As gigantic as those figures might be, they’re belied by other numbers that cast a shadow across worldwide employment: Last year, 55 percent of SMBs weathered cyberattacks, 52 percent of these breaches were caused by human error, and, in a quarter of these cases, sensitive customer data was breached. The average cyberattack will cost an SMB U.S. $190,000 and, after a ransomware attack, only one-third of SMBs can remain profitable.

This year, these numbers will only increase because 90 percent of SMBs do not currently have any data protection.

In an era where nearly every company is, in some regard, a technology company, the upcoming end of support for Windows 7 on January 14, 2020 only adds to the pressure on these businesses.

We considered our responsibility to this community

During my keynote at Microsoft Ignite, I spoke at length about the challenges associated with app compatibility, and I shared how Microsoft has taken on a responsibility for compatibility. The reasoning behind this is simple: Among other reasons, when more organizations are operating modern infrastructures, it’s much simpler to keep attacks from spreading throughout the world. Similarly, as my team looked at the needs of the SMB community, we considered our responsibility to their security posture. After some analysis, we discovered a way to help them that didn’t exist within the enterprise offering of Microsoft 365 (a product we had fine-tuned to the needs of large companies).

The answer was Microsoft 365 Business, and I believe it offers SMBs the best possible opportunity to be secure and productive at the lowest possible cost. Microsoft 365 Business offers the same security tools used by many banks, governments, and multi-national corporations, as well as the very same productivity tools in Office 365.

Recently, we’ve undertaken an effort to think and talk about this topic differently.

While many SMBs don’t have the resources to hire a Chief Security Officer (CSO) of their own, I think this community can use Microsoft 365 Business like a CSO. I encourage you to spend a few minutes at YourNewCSO to learn how to use these resources right away. No matter where you are on your security journey, the site and these eight quick (and funny?) videos will show you steps to better secure your business.

Our data clearly demonstrates that combining security with a huge boost in productivity is the type of innovation that will set an SMB apart in a competitive environment. A recent study of two customers by Qualtrics found that employees using modern tools were 50 percent more likely to say they could better serve their customers, and they were 121 percent more likely to feel valued by their company—a sentiment that is directly tied to improved productivity, loyalty, and a positive organizational culture.

Fully use what you already have

Rather than simply try to sell something throughout this post, I’d like to point out some ways SMBs who already own Office 365 can improve their security without spending any additional money. Included below are seven steps to improve your security at no extra cost—you can also read how to do it or watch this quick overview.

  1. Check your Microsoft Secure Score.
  2. Set up Multi-Factor Authentication (MFA). Setting up MFA will prevent 99 percent of identity attacks.
  3. Use the built-in mobile application management tools in Office 365.
  4. Set up a separate account for performing administrative tasks.
  5. Use an antivirus solution that leverages the cloud to protect from the latest threats. Microsoft Defender provides some great out-of-the-box capabilities in Windows 10 that more than 50 percent of enterprises are using.
  6. Store files in OneDrive for Business, and the cloud becomes your backup. No more manual PC backups, which saves you time and money. Even better, if you are hacked and are regularly saving your documents to OneDrive, you can simply revert your files back to before the hack occurred.
  7. Stop email auto-forwarding.

As we found from talking with hundreds of SMBs, creating a culture of security is one of the biggest first steps you can take. Right now is the time to educate your employees about how to identify security threats (e.g., don’t click that suspicious link, and if you do, please let someone know), and with Windows 7 very quickly reaching end of support, use this as an opportunity to move to our best available, most secure platform. Microsoft 365 Business can help.

Office 365 security tips

Seven security features in Office 365 you can use to secure your organization.

Watch the video

Why move from Office 365 to Microsoft 365 Business

Office 365 provides the suite of productivity tools you know and love, including capabilities like Exchange Online, SharePoint Online, and OneDrive for Business. But when you move to Microsoft 365 Business, you get that power of Office 365 as well as a comprehensive, cloud-based security solution that lets you defend your business against advanced threats. Microsoft 365 helps you to protect against cyberthreats with sophisticated phishing and ransomware protection; lets you control access to sensitive information, using encryption to keep data from being accidentally shared with someone not authorized to see it; and enables you to secure the devices that connect to your data, helping keep iOS, Android, Windows, and Mac devices secure and up-to-date. Microsoft 365 Business is fully integrated with Office 365, so you have one place for administration, billing, and 24×7 support.

Next steps

In addition to visiting YourNewCSO, consider the value of insuring yourself against a cyberattack. I’m excited to announce that, starting today, we’re piloting a new program in the U.S. in collaboration with AXA XL (a global insurer) and Slice Labs (on-demand insurance platform) to offer a free cybersecurity health check and support AXA XL’s provision of cyber insurance for qualified customers that use Microsoft 365 Business, Office 365 Business, and Office 365 Business Premium.

With your permission, AXA XL will assess your organization’s security and offer their services to qualifying customers, potentially with a discount. You can find more information about the collaboration in the AXA XL and Slice Labs press release, and you can read more about their offering and purchase insurance.

Go to Original Article
Author: Microsoft News Center

Wanted – Windows laptop under ~£300

The condition is what I’d call well used but reasonable. There are scratches here and there, and there’s discolouration around the mouse pad. But apart from that, condition is pretty decent.

The charger is also temperamental. It works fine, but certain plug sockets or extension leads cause it to drop out. This could just be the electrics in my house though… But it’s something I’d make perfectly clear to any potential buyer beforehand.

Pictures attached. Would you still be interested given the above notes?

Go to Original Article
Author:

For Sale – 2009 13″ Macbook Pro – Core 2 Duo

Due to age, there is no Warranty left. The laptop is in very good condition, only a few scuffs and very small dents are visible. Nothing major.
The battery is the original unit and has only done around 100 cycles of its total life (1000), which is excellent for its age.
The original Hard Disk has been replaced for a 1Tb unit (Will be wiped to Factory Settings)
Has 4gb RAM.
Currently running MacOS El Capitan, which I believe is the newest it can run.

VERY IMPORTANT: The screen has an area that looks different than the rest. It’s only noticeable with a black background or in the dark, see the pictures attached. It’s noticeable, but nothing too bad, I promise. The first pic is very exaggerated as the phone was compensating.

Optical drive, webcam, wifi, bluetooth, work excellently. includes original charger.

I have had it priced at around £130, so I would like £120+pp, which would be £6.45 for 1st Class, signed and with protection.
Feel free to make me an offer.

Go to Original Article
Author: