Tag Archives: Week

Microsoft launches identity bounty program, offers up to $100,000

Microsoft this week expanded its bug bounty program to include security vulnerabilities in its identity services.

The software giant launched the Microsoft Identity Bounty Program, which offers payouts between $500 and $100,000 for vulnerabilities reported in Microsoft’s identity services. The scope of the identity bounty includes both consumer and enterprise services — Microsoft Accounts and Azure Active Directory, respectively — as well as login tools such as login.live.com, account.windowsazure.com, portal.office.com and the Microsoft Authenticator for iOS and Android applications.

In addition, Microsoft said the identity bounty will be available for bugs reported in the company’s implementations of specific OpenID standards.

“If you are a security researcher and have discovered a security vulnerability in the Identity services, we appreciate your help in disclosing it to us privately and giving us an opportunity to fix it before publishing technical details,” wrote Phillip Misner, principal security group manager for the Microsoft Security Response Center, in a blog post. “Further in our commitment to the industry identity standards work that we have worked hard with the community to define, we are extending our bounty to cover those certified implementations of select OpenID standards.”

The expanded bug bounty program will pay up to $100,000 for the most serious vulnerabilities, including design vulnerabilities in identity standards and bypasses for multifactor authentication. Standards-based implementation flaws will pay a maximum of $75,000, while “significant” authentication bypasses will pay a maximum of $40,000.

The identity bounty program is the latest expansion of Microsoft’s bug bounty efforts. In 2015, the company announced a major expansion of its bug bounty program that included Microsoft’s Azure platform as well as specific vulnerabilities for its Hyper-V virtualization software.

Matt Wood talks AWS’ AI platform, ethical use

NEW YORK — AWS spotlighted its evolving AI offerings at AWS Summit this week, with a variety of features and upgrades.

The company incorporated one emerging technology, Amazon Rekognition, into the event’s registration process as it scanned consenting attendees’ faces and compared them against photos submitted previously during registration.

But despite outlines for customers’ use, the AWS AI platform is not immune to growing concerns over potentially unethical usage of these advanced systems. Civil rights advocacy groups worry that technology providers’ breakneck pace to provide AI capabilities, such as Rekognition, could lead to abuses of power in the public sector and law enforcement, among others.

Matt Wood, AWS general manager of deep learning and AI, discussed advancements to the AWS AI platform, adoption trends, customer demands and ethical concerns in this interview.

AWS has added a batch transform feature to its SageMaker machine learning platform to process data sets for non-real-time inferencing. How does that capability apply to customers trying to process larger data files?

Matt Wood: We support the two major ways you’d want to run predictions. You want to run predictions against fresh data as it arrives in real time; you can do that with SageMaker-hosted endpoints. But there are tons of cases in which you want to be able to apply predictions to large amounts of data, either that just arrives or gets exported from a data warehouse, or that is just too large in terms of the raw data size to process one by one. These two things are highly complementary.

We see a lot of customers that want to run billing reports or forecasting. They want to look at product sales at the end of a quarter or the end of a month [and] predict the demand going forward. Another really good example is [to] build a machine learning model and test it out on a data set you understand really well, which is really common in oil and gas, medicine and medical imaging.

In the keynote, you cited 100 new machine learning features or services [AWS has developed] since re:Invent last year. What feedback do you get from customers for your current slate [of AI services]?

Wood: What we heard very clearly was a couple things. No. 1, customers really value strong encryption and strong network isolation. A lot of that has to do with making sure customers have good encryption integrated with Key Management Service inside SageMaker. We also recently added PrivateLink support, which means you can connect up your notebooks and training environment directly to DynamoDB, Redshift or S3 without that data ever flowing out over the private internet. And you can put your endpoints over PrivateLink as well. [Another] big trend is around customers using multiple frameworks together. You’ll see a lot of focus on improving TensorFlow, improving Apache MXNet, adding Chainer support, adding PyTorch support and making sure ONNX [Open Neural Network Exchange] works really well across those engines so that customers can take models trained in one and run them in a different engine.

Matt Wood, AWS GM of Deep Learning and AIMatt Wood speaks during the AWS Summit keynote address (Source: AWS).

What do you hear from enterprises that are reluctant or slow to adopt AI technologies? And what do you feel that you have to prove to those customers?

Wood: It’s still early for a lot of enterprises, and particularly for regulated workloads, there’s a lot of due diligence to do — around HIPAA [Health Insurance Portability and Accountability Act], for example, getting HIPAA compliance in place. The question is: ‘How can I move more quickly?’ That’s what we hear all the time.

There’s two main pathways that we see [enterprises take] today. The first is: They try and look at the academic literature, [which] is very fast-moving, but also very abstract. It’s hard to apply it to real business problems. The other is: You look around on the web, find some tutorials and try to learn it that way. That often gives you something which is up and running that works, but again, it glosses over the fundamentals of how do you collect training data, how do you label that data, how do you build and define a neural network, how do you train that neural network.

To help developers learn, you want a very fast feedback loop. You want to be able to try something out, learn from it, what worked and what didn’t work, then make a change. It’s kick-starting that flywheel, which is very challenging with machine learning.

What are some usage patterns or trends you’ve seen from SageMaker adopters that are particularly interesting?

Wood: A really big one is sports analytics. Major League Baseball selected SageMaker and the AWS AI platform to power their production stats that they use in their broadcasts and on [their] app. They’ve got some amazing ideas about how to build more predictive and more engaging visuals and analytics for their users. [It’s the] same thing with Formula 1 [F1]. They’re taking 65 years’ worth of performance data from the cars — they have terabytes of the stuff — to model different performance of different cars but also to look at race prediction and build an entirely new category of visuals for F1 fans. The NFL [is] doing everything from computer vision to using player telemetry, using their position on the field to do route prediction and things like that. Sports analytics drives such an improvement in the experience for fans, and it’s a big area of investment for us.

Another is healthcare and medical imaging. We see a lot of medical use cases — things like disease prediction, such as how likely are you to have congestive heart failure in the next 12 months, do outpatient prediction, readmittance prediction, those sorts of things. We can actually look inside an X-ray and identify very early-stage lung cancer before the patient even knows that they’re sick. [And] you can run that test so cheaply. You can basically run it against any chest X-ray.

You partnered with Microsoft on Gluon, the deep learning library. What’s the status of that project? What other areas might you collaborate with Microsoft or another major vendor on an AI project?

Wood: Gluon is off to a great start. Celgene, a biotech that’s doing drug toxicity prediction, is trying to speed up clinical trials to get drugs to market more quickly. All of that runs in SageMaker, and they use Gluon to build models. That’s one example; we have more.

Other areas of collaboration we see is around other engines. For example, we were a launch partner for PyTorch 1.0 [a Python-based machine learning library, at Facebook’s F8 conference]. PyTorch has a ton of interest from research scientists, particularly in academia, [and we] bring that up to SageMaker and work with Facebook on the development.

Microsoft President Bradford Smith recently called on Congress to consider federal regulation for facial recognition services. What is Amazon’s stance on AI regulation? How much should customers determine ethical use of AI, facial recognition or other cloud services, and what is AWS’ responsibility?

Wood: Our approach is that Rekognition, like all of our services, falls under our Acceptable Use Policy, [which] is very clear with what it allows and what it does not allow. One of the things that it does not allow is anything unconstitutional; mass surveillance, for example, is ruled out. We’re very clear that customers need to take that responsibility, and if they fall outside our Acceptable Use [Policy}, just like anyone else on AWS, they will lose access to those services, because we won’t support them. They need to be responsible with how they test, validate and communicate their use of these technologies because they can be hugely impactful.

AWS Summit Rekognition kiosksAmazon Rekognition kiosks scan the faces of attendees and print identification badges (Source: David Carty).

The American Civil Liberties Union, among others, has asked AWS to stop selling Rekognition to law enforcement agencies. Will you comply with that request? If not, under what circumstances might that decision change?

Wood: Again, that’s covered under our Acceptable Use Policy. If any customer in any domain is using any of our services in a way which falls outside of acceptable use, then they will lose access to that service.

Certainly, the Acceptable Use Policy covers lawful use, but do you think that also covers ethical use? That’s a thornier question.

Wood: It is a thornier question. I think it’s part of a broader dialogue that we need to have, just as we’ve had with motor cars and any large-scale technology which provides a lot of opportunity, but which also needs a public and open discussion.

What You Need to Know Before You Go to Microsoft Inspire – Microsoft Partner Network

Connect with Julie@juliegolding

Julie Golding

Microsoft Inspire is less than a week away. I hope you are as excited as we all are. It promises to be an incredible week of learning, networking, and celebrating partnership.

In the remaining days before you leave for Las Vegas, Nevada we suggest you double check your travel arrangements. It’s also a good time to review your personal conference agenda in MyInspire and confirm that you’ve added the sessions you want to attend by using the session scheduler. We also recommend using the MyInspire meeting scheduler to send meeting requests to other partners or Microsoft employees with whom you most want to connect. There will be over 16,000 attendees at Microsoft Inspire, all with busy schedules, so advance planning is the best way to ensure you don’t miss anyone.

Here are some additional tips and reminders to help you have a productive and enjoyable Microsoft Inspire experience.

Download the MyInspire mobile app

MyInspire is available in a convenient full-featured mobile app. Download the app for either Android or Apple IoS and manage your personal agenda while on the go at the conference. You will also receive updates from the Microsoft Inspire planning team and be able to access helpful maps and floor plans of conference venues. Be sure to add your LinkedIn account information to your profile in the mobile app so you can see which attendees you’re connected with on LinkedIn. To do so, go to the Attendee Directory in the app and select Connections.

Review the Know Before You Go guide

We strongly recommend that you download and save a copy of our “Know Before You Go” guide, the single most comprehensive source of information about everything related to Microsoft Inspire. It covers a wide range of topics, including arrival and check-in, conference badges, transportation, session and event schedules, venue logistics, Wi-Fi connectivity, safety and security, and much more. The guide also includes descriptions of the different session types and information on the that will be a big part this year’s conference, made possible by the first-ever co-location of Microsoft Inspire and Microsoft Ready, the annual Microsoft sales, technical, and marketing fiscal year kick-off. These experiences include the Wednesday Corenote at T-Mobile Arena, where Microsoft CEO Satya Nadella will address a joint audience of partners and Microsoft employees, and our eagerly anticipated One Celebration at the Las Vegas Motor Speedway, where attendees from both events will come together for an evening of food, fun, and entertainment by an internationally renowned eleven-time Grammy Award winner.

Ready, Set, Be Inspired

After months of planning, preparation, and anticipation, we can’t wait to see you in Las Vegas, Nevada, for Microsoft Inspire, where the world will meet to transform business. We’re very excited about the huge range of sessions built around this year’s key themes of Innovation, Partnership, and Leadership, and our amazing line-up of industry-leading speakers. Microsoft Inspire is also the best place to make connections and establish profitable relationships with fellow partners, Microsoft employees, and conference vendors and sponsors. The co-location of Microsoft inspire with Microsoft Ready will create more opportunities than ever before to make meaningful connections with the global Microsoft community to accelerate the digital transformation and success of our shared customers.

See you soon at Microsoft Inspire!

 

For Sale – MSI GL72M 7RDX 844UK gaming laptop

I’ve bought this laptop for my son last week. Unfortunately according to him, is not good enough. So there we have it for sale MSI gaming laptop in perfect condition. Model number is GL72M 7RDX 844UK. Boxed, comes with the msi mouse and a charger.
Spec:
17.3″ FHD, i7 7700HQ, 8GB DDR4, 256GB M.2 SATA SSD+1TB HDD, 2GB GTX 1050, USB 3.0 Type-C, Win10
I’d prefer cash on collection or meet up with someone half way. Will reduce the price accordingly.

Price and currency: 560
Delivery: Delivery cost is included within my country
Payment method: BT, PPG
Location: Manchester
Advertised elsewhere?: Not advertised elsewhere
Prefer goods collected?: I prefer the goods to be collected

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

For Sale – MSI GL72M 7RDX 844UK gaming laptop

I’ve bought this laptop for my son last week. Unfortunately according to him, is not good enough. So there we have it for sale MSI gaming laptop in perfect condition. Model number is GL72M 7RDX 844UK. Boxed, comes with the msi mouse and a charger.
Spec:
17.3″ FHD, i7 7700HQ, 8GB DDR4, 256GB M.2 SATA SSD+1TB HDD, 2GB GTX 1050, USB 3.0 Type-C, Win10
I’d prefer cash on collection or meet up with someone half way. Will reduce the price accordingly.

Price and currency: 560
Delivery: Delivery cost is included within my country
Payment method: BT, PPG
Location: Manchester
Advertised elsewhere?: Not advertised elsewhere
Prefer goods collected?: I prefer the goods to be collected

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

For Sale – MSI GL72M 7RDX 844UK gaming laptop

I’ve bought this laptop for my son last week. Unfortunately according to him, is not good enough. So there we have it for sale MSI gaming laptop in perfect condition. Model number is GL72M 7RDX 844UK. Boxed, comes with the msi mouse and a charger.
Spec:
17.3″ FHD, i7 7700HQ, 8GB DDR4, 256GB M.2 SATA SSD+1TB HDD, 2GB GTX 1050, USB 3.0 Type-C, Win10
I’d prefer cash on collection or meet up with someone half way. Will reduce the price accordingly.

Price and currency: 560
Delivery: Delivery cost is included within my country
Payment method: BT, PPG
Location: Manchester
Advertised elsewhere?: Not advertised elsewhere
Prefer goods collected?: I prefer the goods to be collected

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

GlobalSign, Comodo launch competing IoT security platforms

Rival certificate authorities GlobalSign and Comodo CA this week launched competing IoT security platforms designed to improve identity management and authentication of connected devices.

GlobalSign Tuesday unveiled its IoT Identity Platform, which includes several products and services aimed at using public key infrastructure (PKI) to assign identities to IoT devices and authenticate them. The cloud-based platform includes IoT Edge Enroll, an enrollment client that provisions and manages PKI-based identities for an assortment of connected devices. IoT Edge Enroll can authenticate and revoke devices and also includes a device Registration Authority (RA) as well as certificate lifecycle management.

In addition, GlobalSign’s platform features IoT CA Direct, which is an identity issuance engine for device certificates, and IoT CA Connect, which offers third-party application integration for identity and access management products. GlobalSign said the platform uses RESTful APIs for secure connections and claims its PKI service can issue 3,000 certificates per second.

On Thursday, Comodo CA launched IoT PKI Manager, which also applies certificates to connected devices. Comodo’s IoT security platform, which uses a combination of X.509 identity certificates and customized TLS/SSL certificates, offers enterprises Certificate Authority (CA) signing and hosting services as well as a batch issuance system for enrolling and authenticating large batches of certificates.

Comodo’s IoT security platform also offers automatic certificate provisioning as well as certificate lifecycle management services. The company had previously introduced certificate products and services for IoT devices, but Damon Kachur, head of IoT solutions at Comodo CA, said the IoT PKI Manager ties those offerings together into one platform with a single user interface for all certificates accounts as well as new enrollment and management features. The aim, Kachur said, was to make the certificate process for IoT devices as easy as possible.

“The [IoT] industry is a little scared of PKI because companies think it’s a heavy lift,” he said. “It’s not, if you have the right platform. We take all of the auditing and all of the lifecycle management and make it simple.”

Both Comodo and GlobalSign, as well as other certificate authorities, have discussed the growing opportunities around securing and authenticating connected devices and have already made inroads in the IoT security market. PKI certificates can protect connections and data flows between devices and servers as well as enable organizations to revoke the access of compromised devices to their private networks.

“The certificates make sure that authenticated devices are connecting to the right private network and aren’t being used by threat actors,” Kachur said. “They can prevent things like the Mirai botnet [distributed denial-of-service] attacks.”

GlobalSign’s IoT Identity Platform and Comodo’s IoT PKI Manager are both currently available.

Digital civility highlighted at child online protection event – Microsoft on the Issues

Last week, I organized a workshop on digital civility at the Marie Collins Foundation annual conference, “From Discovery to Recovery – Online Sexual Abuse of Children.” Microsoft is a sponsor of the foundation, a U.K.-based charity that directly supports children who have been sexually abused online, as well as their families.

Our session included representatives from UNICEF, The Diana Award (also representing NoBully.org), and the academic sector, in addition to Microsoft. The interactive session examined definitions and nomenclature surrounding digital civility, as well as examples from audience members of advice and guidance they’ve given to their own children and students about exercising decorum and engaging constructively online.

During the workshop, we asked participants a series of questions about the level of safety and respect on the internet; the most common and serious online risks; the chief differences between risk and harm; and as global practitioners and preventers of online harm to children (and indeed all individuals), where we should be putting our collective efforts. The responses were wide-ranging. For some, digital civility is about courtesy, respect and digital intelligence; compassion and empathy; and being mindful and aware of other people’s feelings, views and frames of reference. Others see a need to interact with a degree of politeness and to instill a “please-and-thank-you” culture into the digital realm. Still others saw civility as springing from deep-seated human values and morality and emphasized that teaching children enduring values in the real-world will see them carried through to online spaces.

Meanwhile, participants pointed to a redefining of what it means to have and to be a “friend” as a rather unwelcome by-product of life online. “Internet addiction,” a deterioration of communications skills, and an absence of parental responsibility for teaching young people good digital habits and practices were other concerns.

One leading online safety advocate said digital civility implied a rather “low bar” for positive digital interactions. Pointing to the all-too-familiar parental intervention of addressing squabbling siblings in the back seat of a car, he said the admonishment of telling them to “at least be civil to each other” was clearly a low hurdle.

Microsoft’s efforts to foster digital civility

At Microsoft, we view digital civility as leading with empathy, inclusion and kindness in all online interactions, and we aim to foster safer and healthier online behavior using our Digital Civility Challenge as a starting point. In our view, digital civility is in no way about limiting or stifling online discussion and debate. Rather, it’s about ensuring that robust exchanges and disagreement take place minus any name-calling, harassment or abuse.

We continue to champion digital civility and are in the process of fielding yet another round of research, this time in 22 countries. We’ve conducted similar studies released earlier this year and last year, both in conjunction with international Safer Internet Day in February. Our studies survey teens and adults in multiple geographies and ask about their exposure to some 20 online risks.

For the past two years, we also calculated our Digital Civility Index – a measure of the perceived level of civility in each country based on attitudes and perceptions of respondents from those countries. The current Digital Civility Index stands at 65 percent, unchanged from Year 1, despite the addition of nine countries and three risks to the Year 2 report. Accordingly, in Year 3, our research will drill down into the most common risks and concerns for respondents, namely unwanted contact – overwhelmingly the most common risk in the first two studies, as well as hoaxes, fraud and scams, which was the runner-up most common risk in Year 2, the first time it was included.

We will begin releasing Year 3 results in the autumn and make the full set of findings available on international Safer Internet Day 2019 in February.

Working together to grow a culture of digital civility      

Since its inception in 2016, we’ve regarded our focus on digital civility as a broad platform and concept for others to evangelize and embrace. Indeed, we’ve encouraged partners and collaborators among civil society organizations, academics, others in industry and governments to adopt the notion and to develop their own related initiatives, projects and programs. In its short existence, we’ve already seen follow-on research projects for other age groups and demographics, the creation of related indices and other efforts.

Our most significant development to date has been the formation and growth of our inaugural Council for Digital Good, a group of 15 teens from across the U.S., brought together to champion digital civility and safer and healthier online interactions.

For the past year, the teens have been learning about online safety issues, sharing their views and perspectives with Microsoft and our partners, and serving as youth ambassadors eager to grow a safer and more respectful online world. Everywhere I go – including last week’s conference – I highlight the informed views, unique perspectives and deep insights these teens continually impart. Next month, we will hold a more public event in Washington, D.C., featuring council members and some of the work they’ve been driving over the past several weeks. Summaries of the council’s earlier work can be found here and here.

Last week’s conference also featured government officials, law enforcement personnel, educators and other members of civil society, noting their efforts in working to prevent online child sexual exploitation and abuse and their commitment to child online protection generally.

For more about the Marie Collins Foundation, see the organization’s website. To learn about online safety and digital civility, visit our website and resources page, as well as our pages dedicated to digital civility. For more regular news and information, connect with us on Facebook and Twitter. And, consider taking our Digital Civility Challenge and tell us on social media that you’ve done so, using the hashtags #Challenge4Civility and #Im4Civility.

Tags:

Slack outages raise reliability concerns

Slack’s more than three-hour outage this week was the latest in a string of crashes that have left some analysts wondering whether the site’s uptime problems could scare away enterprise customers.

Analysts warned if the Slack outages continue, rivals Microsoft, Cisco and Atlassian could use them as a reason for companies to avoid the fast-growing startup.

“I think the recent outages certainly open up an avenue of attack by Slack’s competitors and will raise red flags for customers and prospects as to whether they can rely on the app for business-critical communications,” said Irwin Lazar, an analyst at Nemertes Research, based in Mokena, Ill.

Whether Slack is suffering only growing pains, as opposed to a severe flaw in its technology, is difficult to determine without insight into the exact cause of each incident. Slack said this week’s outage was due to “a bug included in an offline batch process of data.”

Last month, Slack said it had suffered only four significant disruptions since May 2017. But when contacted again on Thursday, a Slack spokesperson said the company had done another review and identified eight major Slack outages in that time frame.

That list of outages includes more than two hours last Oct. 31, almost an hour on Jan. 9, about 2.5 hours on May 21 and roughly 20 minutes on May 23. Despite the troubles, Slack has yet to announce the leader of a safety engineering team it formed in March to improve its uptime.

In an interview last month, a Slack representative acknowledged the company’s rapid growth has been challenging to keep up with at times. Since January 2015, the company has grown from 1.1 million daily users to 8 million regular users today.

“To be frank, we’re still learning as we go,” said Julia Grace, senior director of infrastructure engineering at Slack, based in San Francisco. “This is such a complex piece of software. We’re operating at a global scale. We’re learning and evolving and growing and making the service better along the way.”

Some analysts pointed out that Slack’s performance was much worse when it was starting out.

“Once upon a time, in the very, very, very early days of Slack, they were built on a model that couldn’t scale,” said Michael Facemire, an analyst at Forrester Research. “You remember those outages; you remember the old days when [Slack] would be down, and it would be down for very perceivable amounts of time.”

Nevertheless, with tech powerhouses Cisco and Microsoft as competitors, Slack can no longer afford to look weak. Companies are unlikely to standardize on a collaboration vendor with an uptime record significantly less than rivals.

“I’m sure Slack is well-aware of the criticality of any downtime,” said Larry Cannell, an analyst at Gartner. “Nevertheless, if you are trying to use Slack, then this is a big deal to you. These types of collaboration tools have become primary communication channels.”

Slack recently updated its status page to make it simpler and less confusing, a company spokesperson said. Now, the only outages listed there reflect instances when no one was able to connect to the service. That appears to have led the company to redefine some connectivity troubles as “incidents” or “notices.”

Under the previous classification scheme, the number of Slack-reported outages had jumped from nine in 2016 to 38 in 2017. This year, the vendor had been on pace to reach 24. However, the recent reporting changes have made it difficult to compare this year’s numbers with those in the past.

“Delivering a reliable service is our primary commitment to our customers, and we take these types of incidents very seriously,” the Slack spokesperson said. “We continue to learn from outages through rigorous postmortem processes so we can improve the availability, reliability, and stability of our service moving forward.”

Slack publishes the percentage of time its app was online every month. An uptime of 99.75% in October 2017 was the worst of the last 12 months. In June, the percentage so far is 99.82%, the fourth time since 2013 that the app’s monthly uptime fell below 99.9%.

Microsoft Office 365’s worst worldwide uptime percentage since early 2016 was 99.97% during the second quarter of 2017.

“As we get more reliant on the cloud, even 99.8% uptime just isn’t enough for us,” said Wayne Kurtzman, an analyst at IDC. “Slack’s base is very active on social media and Reddit, which makes any Slack outage stand out.”

Box Skills integrations give users access to AI

Box Skills integrations took more shape this week, as Box announced the expansion of its Box Skills private beta program with AI integrations with Google, IBM and Microsoft, though some details of the deals still are unclear.

Box first signaled the Box Skills integrations at its conference last year and the expansions of the beta program builds on the content management platform vendor’s long-standing plans to add AI capabilities for document, image and audio management.

“This is the next step of what Box previously announced,” said Alan Lepofsky, principal analyst at Constellation Research. “It’s appealing, but it comes with complications.”

It’s not known if Box customers will have to license the AI capabilities through the integrations or if those costs will be covered within their Box licenses. Another concern is security, Lepofsky said.

“If Box is your approved data provider, do you also have to check to see if it’s OK to pass those images to Google’s API,” Lepofsky said. “Box needs to be open and transparent about licensing and security.”

The vendor’s chief product officer, Jeetu Patel, said Box will announce pricing in the fall, with general availability of the private beta program sometime in the second half of 2018.

Among Box’s roster of beta users are Virgin Trains, Ancestry.com, The University of Chicago and the city of San Jose, the company said.

Box is leaning toward letting customers use some Box Skills features for free, and charging for others, especially for larger custom Box Skills projects, Patel said.

“There will be a specific charge to use Box Skills,” he said. “There will be a set of core foundational skills that we will make sure we will be helping with the contracting of, and then there’s going to be others that you can also buy directly.

In the long term, Box is hoping that a kind of marketplace for Box Skills integrations develops, Patel said.

Box Skills integrates with AI
Building off its announcement at BoxWorks last year, Box Skills now integrates with Google, IBM and Microsoft to provide AI capabilities for its users.

‘Mainly about AI’

The use cases for the Box Skills integrations are abundant and range from simple automation to navigating giant data sets for sentiment analysis or image recognition. And by keeping the AI options open to various market leaders, the new capabilities give Box customers flexibility to integrate into whichever API is best for them.

What it does is provide an incredible amount of additional functionality for Box customers.
Alan Lepofskyprincipal analyst, Constellation Research

While this could be useful for Box customers, Box is unlikely to take any customers from competitors like Google Drive or Microsoft OneDrive to migrate due to these open APIs.

“If you’re using Google or Microsoft or IBM AI platforms, why wouldn’t you just use their content management tools too,” Lepofsky said. “You’re not going to get a Google Drive customer interested in Box because it can now use Google APIs.”

But for Box customers, the Box Skills integrations can create value around AI tools, which can increase efficiency and reduce human error.

“Things like image recognition and metadata tagging — that alone can save huge amounts of time and resources,” Lepofsky said. “What it does is provide an incredible amount of additional functionality for Box customers.”

As for its similarly named competitor, Dropbox, which recently went public, the Box Skills integrations do differentiate Box from Dropbox — something that Box was surely thinking about with this release.

“There’s nothing about Dropbox that says it can’t plug into the same platforms,” Lepofsky said, “but they haven’t made it as developer-friendly.”

When it was first announced in October 2017, Box Skills focused on image, audio and video intelligence.

The integrations with Google, IBM and Microsoft can help with those areas — yet it depends on which vendor the customer is most comfortable with. If a Box user’s organization runs primarily through Microsoft, it will most likely use that Box Skills integration.

“Each of them have some differentiation, but this announcement is mainly about AI,” Lepofsky said. “This talks about these APIs being around images and image tagging, object detection — and most people I speak to say Google image recognition is still the most advanced.”

Patel asserted that the key difference between Box and major competitors such as Google Drive and Microsoft OneDrive is that Box is vendor neutral, partnering with all four of the major machine learning and AI vendors — Google, AWS, Microsoft and IBM.

“As this market, which is in the pretty early stages, starts to develop … customers can rest assured that when the data is in Box, they can take advantage of any of those skills or any of those machine learning models, and apply it to Box content,” Patel said.

Box this month also unveiled a new service partnership with IBM to build custom Box Skills that apply IBM Watson AI tools to the Box Skills framework.

Box also announced support for the latest Azure cognitive services from Microsoft.

News director Shaun Sutner contributed to this article.