Tag Archives: Word

Tips for ransomware protection on Windows systems

Ransomware. Just the word quickens the pulse of every Windows administrator who might have lingering doubts about the effectiveness of their security approach.

Many IT folks lose sleep over the effectiveness of their ransomware protection setup, and for good reason. Your vital Windows systems keep most companies running, and thoughts of them going offline will have many IT pros staring at the clock at 3 a.m.

Unfortunately, ransomware will hit you in some capacity, despite any measures you take, but it’s not a futile effort to shore up your defenses. The key is to fortify your systems with layers of security and then to follow best practices for both Windows and your backup products to minimize the damage.

Give a closer look at your backup setup

Backups are something companies make with the hope that they are never needed. Oftentimes, backups are a secondary task that is shuttled to an ops group to be done as a daily task that is a checkbox on some form somewhere. This is how trouble starts.

You need to make backups, but another part of the job is to secure those backups. A backup server or appliance is a very tempting target for attackers who want to plant ransomware. These servers or appliances have network access to pretty much everything in your data center. It’s your company’s safety net. If this massive repository of data got encrypted, it’s likely the company would pay a significant amount to free up those files.

Anyone with IT experience who has seen organizations wiped out after a ransomware attack might change your mind if you feel old data is not worth having in an emergency.

Most backup products are public, which means ransomware creators know how they work, such as how the agents work and their paths. With all that information, an attacker can write software tailored to your vendor’s backup product.

Now, most backup offerings have some level of ransomware protection, but you have to enable it. Most people find the setting or steps to protect their data after the backups have been wiped. Don’t wait to verify your backup product is secured against ransomware; do it today.

An old security standby comes to the fore

This also brings up a secondary practice: air-gapping.

This methodology was popular in the days of tape backup but fell out of favor with the introduction of replication.

Some would argue that data that is several weeks or several months old has little value, but is the alternative — no data — any better? Anyone with IT experience who has seen organizations wiped out after a ransomware attack might change your mind if you feel old data is not worth having in an emergency.

[embedded content]
Windows Server 2019 ransomware protection settings.

A small network-attached storage product you use for a data store dump every six months and lock away suddenly doesn’t sound like such a bad idea when the alternative is zero data. It’s a relatively inexpensive addition to the data center used as an extra repository of your data.

Think of it this way: Would you rather get hit with ransomware and lose a few months’ worth of data or all 15 years? Neither is a great situation, but one is much preferred over the other. These cold backups won’t replace your backup strategy, but rather supplements it as a relatively economical airgap. When it comes to ransomware, more layers of safeguards should be the rule.

Air-gapping is a practice that is not followed as closely now with the pervasiveness of online deduplication backup products. For organizations that can afford them, these offerings often replicate to online backup appliances in remote locations to make the data accessible.

Don’t overlook built-in ransomware protection

There are more than a few ways to mitigate the ransomware threat, but using a layered approach is recommended.

These malicious applications quickly move east-west across flat networks. Internal firewalls, whether physical or virtual, can do a lot to stop these types of attacks.

An often-overlooked option is the Windows firewall. When it first came out, the Windows firewall had a few stumbles, but Microsoft continued to develop and improve it to build a solid software firewall. This is a low-cost offering that is free but does require some administration work. The Windows firewall is not going to stop all possible ransomware, but very few products can.

Looking at the big picture, the Windows firewall gives an additional layer of protection against ransomware. It’s already there and should have little performance impact.

Go to Original Article

A web-based approach to preauthorization for insurance

Preauthorizations for insurance are akin to a four-letter word for providers. A March 2018 study by the American Medical Association showed 84% of physicians found the burden of having to get insurance prior approvals either high or extremely high, and 86% said the problem is just getting worse.

Enter startup ZappRx with a portable web-based app it hopes will eliminate the tedious back and forth with insurance companies and streamline physician communication and patient consent. Armed with six years of research and product development, as well as $41 million in just-raised B-level funding, ZappRx hopes to tackle this relatively obscure — and often overlooked by mainstream health IT efforts — problem on a broad scale.

And there’s no question it is a problem. Today’s aging population requires more access than ever to specialty medications for conditions ranging from chronic obstructive pulmonary disease (COPD) to cancer, and the vast majority of those drugs require preauthorization for insurance payment due to their high cost. In most practices, prior authorizations are done by staff, by hand, and transmitted via fax machine.

“The way they tracked preauthorizations before involved sticky notes and whiteboards and Excel spreadsheets,” said Libby Webb, senior vice president of product at ZappRx. “There was nothing that existed that kept that information in a centralized location.” The process was labor intensive, but also off-putting to patients. The AMA study showed 78% of doctors believed the delays inherent in preauthorization for insurance could lead to patients abandoning the treatment altogether.

With the ZappRx platform, the provider’s team can use an iPhone or iPad or tablet to fill out forms for preauthorization for insurance, capture patient consent and send the information to the insurance company. A central dashboard allows staff to see at a glance exactly where each request stands and provides access to any needed follow-up requests. For states allowing electronic physician signatures, that feature is built in. “The app saves all the data and it’s essentially ‘one and done’ for each patient,” Webb said.

“From the moment a patient is diagnosed and drugs are selected we process that entire journey through our web-based app today,” Webb said. “Otherwise it is a paper-based process with staff literally filling out forms by hand and faxing them to the payer for prior authorization. There is no way to know what’s happening with the payer or when forms are sent to the specialty pharmacy. It’s a black hole.”

The black hole is why ZappRx was founded in 2012, Webb said. The CEO had a family member who, while waiting on preauthorization for insurance of a specialty medication, grew dramatically more ill. So the idea for ZappRx was born with the hope that medications could get into the hands of the patients more quickly than before.

But providers and payers may also benefit from the streamlined process. Insurance companies devote a lot of staff to handling incoming faxes and they also have to spend time deciphering handwritten and often blurry paperwork, Webb said. Instead payers can print the ZappRx form and move forward. Provider practices may find this also eases the administrative burden for them, Webb said, which can translate to less staff turnover. “People don’t go into medicine to do paperwork.”

To date the ZappRx solution is at work in over 30 practices and large academic medical facilities. Now the platform is focused on three pulmonology diseases, and is in beta for gastroenterology, and with plans to move into rheumatology and orphan diseases/cancer in the near future, Webb said.

And, while ZappRx does not currently integrate preauthorization for insurance with any EHRs, Webb said the company is ready to work with customers on a plug and play API-based integration layer to make that vision a reality.

Azure #CosmosDB and Microsoft’s Project Olympus honored in InfoWorld’s 2018 Technology of the Year Awards

The word is out, and the industry is taking notice. Azure Cosmos DB is the world’s first globally distributed, multi-model database service with native NoSQL support. Designed for the cloud, Azure Cosmos DB enables you to build planet-scale applications that bring data to where your users are with SLA guarantees low latency, throughput, and 99.99% availability.

The experts at IDG’s InfoWorld recently recognized Azure Cosmos DB in the InfoWorld Technology of the Year Awards, zeroing in on its “innovative approach to the complexities of building and managing distributed systems,” which includes recognition for leveraging the work of Turing Award winner Leslie Lamport to deliver multiple consistency models. Azure Cosmos DB was also recognized for delivering a globally distributed system where users anywhere in the world can see the same version of data, no matter their location.

In addition, InfoWorld complimented the flexibility and variety of use cases with Azure Cosmos DB, from JSON-based document stores to support for MongoDB APIs and a SQL query option for Azure’s Table Storage.

“Do you need a distributed NoSQL database with a choice of APIs and consistency models? That would be Microsoft’s Azure Cosmos DB.”—InfoWorld, Technology of the Year 2018: The best hardware, software, and cloud services

InfoWorld noted that 2017 was “the year when you could pick a database without making huge compromises,” exactly the advantage of the multiple consistency models available in Azure Cosmos DB. With five distinct options, you no longer have to choose between slow, but accurate, or fast, but inaccurate, data.

Learn more in our free e-book, go hands-on with real-time personalization scenarios, get $200 in credit to try Azure Cosmos DB with a free Azure account, or simply try Azure Cosmos DB right now.

Along with Azure Cosmos DB, InfoWorld also honored Microsoft’s Project Olympus in their 2018 awards, calling out the open hardware design from Microsoft for helping the Open Compute Project push forward the development of cloud-scale hardware. Complex workloads are driving datacenters to diversify hardware, and Project Olympus designs are flexible with multiple compute configurations and a new open-source standard available to any manufacturer.

Learn more about Project Olympus deployment on Azure.

Buffaloes and the Cloud: Students turn to tech to save poor farming families – Asia News Center

Say the word “disaster” and what comes to mind? An earthquake, a drought, a flood, a tsunami, a hurricane? These are big and brutish events. They grab headlines, inspire people to donate, and trigger international relief efforts.

But what about the many micro-disasters that can, at any time, befall poor families across the developing world? For those who live on a perpetual economic knife edge, even a small misfortune or an unexpected turn of events can devastate their hopes and dreams.

Let’s turn to Thimi, a tiny village in the ancient valley of Bhaktapur in Nepal –  a nation that sits in the shadow of the Himalayas and is among the world’s poorest. An overwhelming majority of its 30 million people rely on farming to subsist – often on fragmented, hilly and marginal land where weather and other conditions are subject to extremes. In this rural society, a family typically measures its wealth in the number of animals it keeps.

For years, Rajesh Ghimire and his wife, Sharadha, worked hard to build up a modest herd of 45 cows, goats, and buffaloes. The farm was generating enough income to raise their two children, support four other relatives, and even pay six workers to help out. The Ghimeres had their eyes fixed on better times ahead, and were saving to send their daughter, Ekta, to medical school.

Then, their own micro-disaster struck. A series of heatwaves triggered an outbreak of the disease, anthrax. Almost half of their animals were wiped out and, with that, most of their dreams. The money that had been put away for Ekta’s studies had to be used to save the farm. Seven years later, the family is still trying to claw back what it lost.

Undocumented Word feature could lead to system information theft

Researchers have found an undocumented Microsoft Word feature that can be abused by attackers in order to obtain the system information of a victim.

The undocumented Word feature was detailed by Alexander Liskin, heuristic detection group manager, Anton Ivanov, senior malware analyst, and Andrey Kryukov, security researcher at Kaspersky Lab. A hidden feature known only as was discovered by the Kaspersky team in malicious attachments contained in suspected phishing emails. The field contained links formatted in Unicode rather than the intended ASCII format, which are ignored by Word and are used by the attackers to send GET requests to malicious domains.

According to the researchers, targeted attacks using the undocumented Word feature can be very hard to detect because malicious documents “contained no macros, exploits or any other active content.”

“A close inspection revealed that [the malicious documents] contained several links to PHP scripts located on third-party web resources. When we attempted to open these files in Microsoft Word, we found that the application addressed one of the links. As a result, the attackers received information about the software installed on the computer,” the Kaspersky researchers wrote in their analysis. “This code effectively sent information about the software installed on the victim machine to the attackers, including info about which version of Microsoft Office was installed.”

The researchers noted that the undocumented Word feature was present in versions of Office for Windows, iOS and Android, but said other productivity suites like LibreOffice and OpenOffice did not call the malicious links. The research team also noted there is no official documentation for the field.

Avihai Ben-Yosef, CTO of Cymulate, said the system information theft could likely be just the first stage of an attack.

“[Knowing the] version of Office will allow hackers to identify whether or not the client that opened the Word document is vulnerable to known exploits that could be used to hack them. Imagine that hackers are building a database by simply sending thousands of emails to users and collecting information about those that opened the document,” Ben-Yosef told SearchSecurity. “Hackers will know if their Office version is vulnerable to a specific exploit and will be able to trigger an attack when they feel like it.”

Intelligence is king in cyberattacks as well as cyberdefense.
Marina Kidronhead of the Skybox Security Research Lab

Marina Kidron, head of the Skybox Security Research Lab, said spear phishing campaigns, like the ones abusing this undocumented Word feature, may not always present an imminent threat to an organization, this type of system information theft “could make or break a targeted attack.

“Intelligence is king in cyberattacks as well as cyberdefense. Targeted attacks are traditionally more complex than distributed attacks, such as ransomware, because they have — and need — more context on the environment they’re working in. With more context, attacks can be crafted to have better chances of evading detection,” Kidron told SearchSecurity. “This can render signature-based intrusion detection systems ineffective and raises the importance of good cyberhygiene stalwarts like network segmentation and vulnerability management. If an attack slips through the intrusion detection system, you need to be sure vulnerabilities with active or available exploits have been mitigated, access is limited and controls are in place to prevent the spread of the attack.”

Oligopoly forms amid SaaS market consolidation

Oligopoly is not a word most people use every day, but it has gained currency at Forrester Research.

The technology market research company used the term, which refers to a market segment dominated by just a few vendors, to characterize dwindling competition in the cloud computing market. 

Organizations that use prepackaged cloud applications, or software as a service (SaaS), face a trio of risks, warned an August report that covered SaaS market consolidation. Vendors can raise their prices and cut back on innovative improvements to the software, and since there are few alternatives — especially for CRM applications — keep customers captive.

But CIOs who want cloud benefits like cost savings and the ability to quickly experiment with new technologies shouldn’t change their deployment plans, said the report’s lead author, Andrew Bartels, who covers the CIO role and tech market trends at Forrester.

“Those risks don’t mean you should not be using the cloud,” Bartels said in an interview. “The risks do mean you should be taking basic precautions against being captured, against being locked in.”

And then there were three

The report defined oligopoly as control by just two or three vendors of 70% of a given market. In the world of cloud CRM applications, Salesforce, Microsoft, with its Dynamics application, and Oracle, which bought NetSuite in 2016, claim nearly 70% of revenues for sales force automation and customer service software.

Andrew Bartels, analyst, Forrester ResearchAndrew Bartels

For marketing automation software, Salesforce is close to forming another oligopoly along with Adobe and Oracle, depriving smaller vendors like Constant Contact and Bazaarvoice of revenue share, the report read.

SaaS market consolidation raises the chances organizations will be locked in — forced to paying one vendor for its services forever, the report continued. Whereas customers of traditional licensed software can turn down upgrades or cut maintenance fees by going with third-party providers, “clients of SaaS vendors don’t have these options; if they stop paying the vendor, they lose access to the apps.”

Don’t get so deep into one vendor that you can’t get yourself out.
Andrew Bartelsanalyst, Forrester Research

That lock-in becomes more ominous when prices of cloud application subscriptions rise. That could happen, the report read, when these SaaS giants become so big that they can’t grow faster than the larger technology market. Investors then will demand that they turn profits, and vendors will stop using low prices to compete. Research and development cuts come next, and the big vendors will stop rolling out the kind of innovation that results in better software.

Prepare for the worst

Organizations can gird for such a reality, Bartels said. They can keep contracts for cloud applications to three years or less and start preparing for renegotiation 18 months into those contracts, giving them greater leverage with their current vendors.

“Don’t get so deep into one vendor that you can’t get yourself out,” Bartels said. Organizations need to make sure they have access to their data — so they’ll need to keep a copy of it. Then, “it means being willing to look at and switch to other vendors.”

CIOs should also put in place more people to negotiate contracts with vendors and keep watch over them to make sure what is paid for is delivered and that the vendor isn’t overcharging. And they should assume that vendors will raise their prices sometime in the future and build that into their technology budgets.

“You will need to set expectations with your executives and business partners that these costs will rise,” according to the report.

Oligopoly rules

Are oligopolies of cloud application vendors here to stay? Probably, but there are possible dissolution scenarios, Bartels said. One is the vendors get greedy, charge a lot more and companies stop buying cloud applications. But that’s not likely. What companies might do is turn to smaller, lower-cost vendors as alternatives. Small and midsize companies would probably be the first to take the chance on those providers, but large corporations could eventually follow, Bartels said.

“Traditionally, one of the ways that innovation happens is through vendors starting with low-price products aimed below the target market of the big vendors — then tunneling their way up into the upper enterprise market using a lower price,” he said.

Titans like Salesforce and Oracle are well aware of this dynamic — and therein lies the reward for cloud application customers. SaaS apps have easy implementations and wide geographic reach, so it’s not hard for new vendors to set up shop and start competing, even amid SaaS market consolidation.

“A consolidated market is not necessarily a market without competition,” the report read. “Incumbent vendors can’t rest on their laurels, or increase their prices too much, because a new SaaS vendor with a better value proposition could come along and take customers away.”

Challenge for Change winners inspire, apps keep your devices in sync and Kinect powers a symphony — Weekend Reading, May 29 edition

Young people who just might change the world, apps to help you achieve more and a first-of-its-kind musical performance were just a few of this week’s highlights. Before you settle into a relaxing weekend, take a look back at the news and find some great reasons to feel inspired.


Ten teens and young adults with cool ideas to do good in the world won Microsoft’s YouthSpark Challenge for Change contest. Winner Abhishek Paudel is now even more dedicated to bringing health care to remote areas of Nepal after the April earthquake destroyed his family’s entire village, and Dana Berejka, who learned about the sad toll of malaria when a little girl she was corresponding with in Rwanda died from it, plans to help protect others from the disease.

Paudel, Berejka and the other eight winners each get $2,500 to kick-start their projects, a Windows Phone and an incredible trip to Nicaragua to do hands-on volunteer work. If you want to be inspired — and possibly feel like an underachiever — you can read more about these ambitious young people and their big ideas to change the world.

Of course you, too, can do more in the world with a couple of cool new apps coming to Windows 10 that let you move seamlessly among all of your devices regardless of which operating system you’re using. The Phone Companion app on Windows 10 PCs will help you set up a Windows phone, Android Phone or iPhone to make sure your photos, music, documents and other important stuff are there wherever you are.

The second app is good news for Android and iPhone users: You’ll soon be able to access Cortana, letting you take advantage of all the great perks of having Microsoft’s super-smart digital personal assistant bring some order to your busy life.

Android tab

And more good news comes from the company’s “cross-platform services strategy to bring an array of Microsoft services to every person on every device,” writes Nick Parker, corporate vice president of Microsoft’s Original Equipment Manufacturer Division: Microsoft apps and services will now be available on even more Android tablets. Agreements with 20 new device partners, including LG, Sony and Haier, mean a total of 31 partners will soon offer Android tablets pre-installed with Word, Excel, PowerPoint, OneNote, OneDrive and Skype.


And speaking of new partners, what happens when you pair a gifted symphony maestro with Kinect? The result was a 20-minute performance that captivated audience members who were lucky enough to attend the one-of-a kind event. Seattle Symphony Music Director Ludovic Morlot used the motion-sensing technology to control a set of reed horns, chimes and a grand piano to play “Above, Below and In Between,” by Seattle-based kinetic sculptor Trimpin. Learn more about the two-year effort in this video.

Morlot says the idea of conducting with Kinect took him out of his comfort zone. “I’ve been old-fashioned in a way, studying music. The element of bringing technology to it is foreign to me,” he says. “That’s what attracted me to it.”


Another novel idea is giving kids in southwest Detroit a safe, reliable way to get to tech classes, reading programs and sports camps. The Detroit Bus Company’s efforts are featured in a series about how entrepreneurs are reshaping a post-bankruptcy Detroit. Learn more about the bus line’s creator, Andy Didorosi, and others who break boundaries and #DoMore on Microsoft’s Instagram page.

photo caption

Ever need to write a quick caption for a photo? Soon, a computer could be doing it for you. Microsoft researchers are developing technology that can automatically identify the subjects in a picture, interpret what’s happening and write an accurate caption explaining it. Beyond being a useful tool, it shows big promise for Microsoft’s work in the artificial intelligence arena.

Rhonna designs

Looking for a little flair for your photos instead? You can add some style with Rhonna Designs, our app of the week. Or for some weekend adventure, dive in and save humanity in “Overkill 3” — new for Windows — or battle villains in “Monster GO!” Too much pressure? Popping balloons as you navigate a twisty maze in “Bloons TD 5” might be the way to go.

And from this edition of Weekend Reading, that’s a wrap! Time for you to find your own ways to change the world — or at least enjoy your Saturday and Sunday.

Posted by Tracy Ith
Microsoft News Center Staff

Big changes for education in the Big Apple

As a native New Yorker, I take special pride in the announcement made today by City Council Speaker Melissa Mark-Viverito during her State of the City address. Today, 1.1 million students in the New York City Public Schools are taking a significant step forward in their educations and will now have free access to the productivity powerhouse that is Office 365.

In collaboration with the City Council, the New York City Department of Education is making the Office 365 ProPlus benefit available to all teachers and students – at no cost – providing them with up to five downloads of the latest versions of Microsoft Word, Excel, PowerPoint, OneNote, Outlook, Access and Publisher, along with anywhere, anytime access to OneDrive cloud storage. Students and teachers can also download Office to 5 additional mobile devices (smartphones or tablets).

What’s the impact of this bold move? In the city that is a world leader in so many areas, every student will gain proficiency in what IDC called the number-three most in-demand skills valued for employers. Quite simply, the integration of Office 365 into every student’s daily schoolwork prepares them for future success by developing both the hard and soft skills they’ll need as they enter college and the workplace.

For educators – like my brother, who teaches history at the Bronx’s largest public high school — the Office 365 ProPlus benefit means they can expect more from their students. With free at-home access to the same tools students use at school, classroom assignments will no longer be confined to the classroom. Students will be free to research, create, collaborate and share — anywhere, and at any time. And educators can create and review assignments and assess student progress just as easily, freeing them up to concentrate on the business of learning.

With the program, educators can access full Office on up to five PCs or Macs and can unlock the editing capabilities of Office apps for iPad. They can also take advantage of great Office apps and add-ins like Office Mix to record and publish class lectures. With tools like Lync, the students in NYC can communicate with other classrooms around the world, and collaborate instantaneously. And with OneNote, teachers can share lesson plans, class notes, photos, and ideas on any device, accessible from anywhere.

Microsoft is committed to improving education outcomes and helping young people around the world do more and achieve more. We fulfill that commitment every day through the more than 30 free programs and hundreds of partnerships that make up the Microsoft YouthSpark initiative. We also bring that commitment to life through the Office 365 ProPlus benefit.

We applaud Speaker Mark-Viverito, Chancellor Carmen Fariña, and Mayor Bill DeBlasio for their commitment and dedication to the students, and the future, of New York. By making the world’s most widely used productivity platform available in a district as massive as New York City, the benefit represents transformational change at scale – and game-changing progress.