As the world comes together to combat COVID-19, and remote work becomes a critical capability for many companies, customers have asked us how to best maintain the security posture of their cloud assets while enabling more remote workers to access them.
Misconfiguration of cloud security controls has been at the root of several recent data breaches, so it’s extremely important to continue monitoring your security posture as usage of cloud assets increases.
To help you prioritize the actions that you need to take, we are listing three common scenarios for remote workers and how to leverage Azure Security Center security controls to prioritize relevant recommendations for these scenarios:
Azure Security Center has a security control called Enable MFA, ideally you should remediate all recommendations that are part of this security control, as shown below:
2. Some users might need remote access via RDP or SSH to servers that are in your Azure infrastructure.
Instead of allowing full 24 x 7 access to those servers, ensure that you are using Just-In-Time (JIT) VM access to those servers. Make sure to review the Secure management ports control in Azure Security Center and remediate the recommendations that are relevant for this scenario.
3. Some of the workloads (servers, containers, databases) that will be accessed remotely by users might be missing critical security updates.
Review the Remediate vulnerabilities control in Azure Security Center to prioritize the updates that must be installed. Make sure to review the result of all recommendations in built-in vulnerability assessment and remediate those items.
Security posture management is an ongoing process. Review your secure score to understand your progress towards a fully compliant environment.
Users of Azure are likely just a portion of your user base. Below is additional guidance on enabling and securing remote work for the rest of your organization:
As so many organizations have shifted to remote work during COVID-19, we are hearing inspiring stories from customers discovering new ways to connect, collaborate, and keep business moving. From Sydney, Australia, to Seattle, Washington, schools, hospitals, small businesses, and large companies alike have found inventive ways to enable remote work across their organizations. We want to share what they are learning. Each week we will be spotlighting customers in one impacted region around the globe. First up: the Greater China Region. My colleague Lily Zheng in Shanghai is sharing stories for customers who, faced with extraordinary and difficult circumstances, have found innovative new ways to work.
Since we last heard from Lily and team, the region has begun to move into recovery mode. “Many businesses reopened, and more and more people have started going back to work,” Lily reports. “In the past two months, Teams has certainly played an important role in helping our customers pass through the most difficult time.” Looking ahead, she says: “Teams can play an even bigger role in helping our customers boost their productivity and increase their business resilience.” Here are some examples of how organizations in the Greater China Region kept things moving over the past few months.
With travel bans and health concerns keeping students, faculty, and staff at home over the past months, schools and universities have experienced a crash course in moving to remote learning. In February, the Peking University Guanghua School of Management used Teams to hold a digital school-opening ceremony with thousands of students. Meanwhile, Tamkang University, a private university headquartered in New Taipei City, Taiwan, quickly enabled distance learning for students in China, Macau, and Hong Kong by leveraging Microsoft Teams and cloud resources on their iClass Mobile Learning Platform. A total of 637 students and 1,041 teachers were set up to use the platform in 2,366 classes. Hong Kong Polytechnic University is conducting 120 to 160 concurrent teaching sessions daily through Microsoft Teams, with 10,000 to 11,000 students connecting simultaneously during peak times. And Wellington College International Tianjin, quickly established a solid e-learning program where students have been able to continue their learning journey with lessons conducted over Microsoft Teams.
The healthcare industry has faced extraordinary pressure during COVID-19. We’ve all seen news stories about medical supply challenges, but these organizations have experienced challenges in the IT space, too, including a lack of video conferencing solutions and heavy dependency on manual patient data inputting. Staff at the largest hospital in WenZhou, China, 2nd AffiliatedHospital of WMU, for instance, were unable to communicate with personnel inside the quarantined area. They had never used Teams before, but quickly deployed it and were able to communicate with quarantined-area colleagues. The team at Zhongshan Hospital in Shanghai hadn’t used Teams before the outbreak either, but they put it to use to hold their first remote leadership meeting. “It only took a few days to get reports,” said Mr. Li, Chief of Information Management Center at Zhongshan Hospital, “and we were able to successfully hold our first leader’s meeting, which was well-received by the whole leadership team.”
SF-Express is one of the best-known logistics companies in China. CIO Sheng Wang said, “Fortunately, we deployed Teams after we revamped our network branches [in] December of 2019. “It solves our needs for remote working, meeting, and training, and allows our staff to collaborate with high productivity.” DHL Supply Chain China also deployed Teams to handle its increasing remote collaboration needs.
The manufacturing industry has been hit hard by the impact of the outbreak, but also used it to discover new ways to digitally transform. Headquartered in Ningbo, China, Joyson Electronic has more than 100 bases in 30 countries and over 50,000 employees globally. “Microsoft Teams really helps Joyson improve our cross-regional and boundary collaboration productivity during the COVID-19 outbreak,” reported CIO Zong Jia. “We hold daily internal meetings, co-edit documents, and interview candidates on Teams.”
Over 50 percent of China International Marine Containers (CIMC) Group Ltd.’s business comes from export, which brings an urgent need for project-based management and real-time communications. CIMC has been using Teams to easily enable multiple collaborative team channels and remove restrictions imposed by different work locations. They’re finding it facilitates employee collaboration and has helped them complete their first successful step towards a modern workplace transformation.
We hope you’ve found it helpful to read about some of the innovative ways our customers have transformed their organizations during this difficult time. We have seen how schools have moved quickly to remote learning in virtual classrooms, and are continuing to hold important meetings, with Teams. We’ve seen how healthcare workers, faced with communication barriers brought on by COVID-19, have used Teams to connect. And we’ve seen how commercial enterprises are bringing distributed teams together and are bringing formerly in-person-only meetings—including job interviews—online. As the Greater China Region enters a new phase of its COVID-19 experience, we look forward to learning about how they apply what they’ve discovered in the days to come. We’ll be sharing more inspiring customer stories here soon, so check back often.
Employees forced to work from home due to the coronavirus pandemic are using a variety of internet-connected devices — including smartphones, tablets, smart speakers, and both corporate-owned and employee-owned computers — to get their jobs done. Yet the use of each additional device poses a threat to a company’s security strategy.
For IT administrators, the management of those devices, including such means as those provided by unified endpoint management products, is now a critical consideration for enterprises in a COVID-19 world. Endpoint management is used to secure devices before they are given access to a company’s network. Unified endpoint management is the concept of controlling multiple types of devices through a single console.
“With much of the global workforce moving to work remotely, endpoint security has never been more critical,” said Christopher Sherman, senior analyst at Forrester Research. “In many cases, enterprises are quickly provisioning new remote resources to their employees, further exposing an already increasing attack surface.”
With these additional devices potentially serving as new attack vectors, he said, opportunities for cybercriminals have grown.
“We’ve already seen opportunistic attackers taking advantage of the pandemic and increasing their campaigns against consumers, as well as employees,” he said. “This is likely to increase as the quarantines continue.”
Accelerating the mobility trend
Mark Bowker, senior analyst at Enterprise Strategy Group (ESG), said the trend toward mobility and remote work has existed since the launch of the iPhone and has already forced IT professionals to secure an “expanded perimeter” around a company’s data.
Citing an ESG survey of full-time employees — including those in sales, marketing, HR, finance, IT, engineering, software development and customer service — Bowker said 74% of respondents did at least some work in a non-office setting at least once a week, while 50% did so every day of the work week.
“Employees expect to be productive from anywhere, and most IT organizations have implemented capabilities to securely deliver applications and data to employees,” he said. “The current challenge is rapidly scaling existing deployment, while maintaining security policies for users that may have a higher risk profile associated with them — and [who are] no longer working on a known network or known device.”
Alex Willis, vice president of global sales engineering at BlackBerry, agreed, noting the predominance of the mobile workforce.
“Now there’s a lockdown, and at most places, people are having to do their entire job on these devices,” he said. “I think the problem organizations are seeing is the urgency in expanding it beyond the typical road warrior or mobile worker. They’re talking people who have never worked from home before and they’re having to, very quickly, set them up in a home office.”
Jason Dettbarn, founder and CEO of cloud-based Apple device management firm Addigy, said there had been increased demand for device-management products since the early days of the outbreak.
“The clear consensus is that a lot of people didn’t feel they needed device management for Apple,” he said. “They’ve had a BYOD model, maybe, or have allowed [Apple devices] in the office … now, they have this forced need where they really have to make sure they’re managing [these devices].”
Employee devices provide flexibility and risk
Given the widespread nature of the pandemic, many firms are trying to roll out remote work devices at the same time — making provisioning a challenge. This, experts noted, could lead to enterprises allowing employees to use their own devices — a flexible option, but one that imperils data security.
“Most people have really powerful home computers these days, but getting remote access to be productive on a home computer introduces a lot of risk,” Willis said. “If you don’t control the machines, you can’t really control the security posture of that machine.”
The same holds true on the mobile side, Dettbarn said. As Apple depends on China for manufacturing, the company is facing a shortage of devices available to enterprises — meaning those businesses may have to rely on the devices employees have on hand for mobile productivity.
“A lot of [employees] will likely have an Apple device in their home that they can use for BYOD,” he said. “Now, an organization that might be a little more Windows-focused might have to adapt to Apple devices to get people up and running.”
Zero trust for remote work
As companies may be forced to rely on employee devices, they could turn to zero-trust security — in which a user’s actions and devices are continuously evaluated — to allay security worries.
“When a company implements a zero-trust strategy extending to all their edge devices, they can afford to be less concerned with the health of the … employee’s home network, since protection is centered around what is most at risk — their corporate apps and company data,” Forrester’s Sherman said.
Willis said zero trust represented a departure from the castle-and-moat approach to security — a model in which everything outside the firewall was untrusted and everything inside was considered safe.
“Now, with zero trust, it doesn’t matter if you’re in the network or not. Everything is considered untrusted,” he said. “Even though the users don’t know it, they’re being authenticated with every step they take: How are they interacting with the application? What network are they on? What endpoint are they [using]?”
If something looks wrong, Willis said, the zero-trust management product will require reauthentication, but the hope is to keep employees from having to jump through hoops to accomplish their usual tasks.
Getting management in place
Like many other companies, both BlackBerry and Addigy are providing limited-time free access to some of their products during the coronavirus crisis. Dettbarn said the nature of the situation drove the decision.
“Everybody is so uncertain about what’s going on, that admins are handcuffed by financial constraints or a spending freeze,” he said. “If [IT administrators] had to go get those financial approvals [to buy new management products], that’s probably not going to happen.”
Alex WillisVice president of global sales engineering, BlackBerry
Sherman said proper patch and configuration management, as well as a robust endpoint security solution, are the best ways to protect the devices employees use for remote work.
“To this end, we’re seeing many endpoint management-focused products offering combined management and security,” he said.
Willis said organizations that are hoping to put work-from-home plans together quickly would do well to remember the importance of device management.
“[Companies] think the end goal is connectivity, but the real end goal needs to be secured connectivity,” he said.
It would work together yes and I have an unused stock Intel cooler. I would need £155 + postage for that bundle, with the ssd.
I would rather keep the bundles as they are though. The Z97, k-processor and ram are better suited together. You can’t overclock and take advantage of the 4690k on a h81 so the Xeon would better in the h81 and the DDR3 is far too fast to waste at standard 1600 speeds in the h81.
The 4690k is 3.5ghz boost to 3.9ghz, 4 cores 4 threads The Xeon is 3.5ghz boost to 3.8ghz, 4 cores, 8 threads so very little difference single core and much faster multi core with 8 threads and more cache
I can do the Xeon with the h81 board & ssd for £110 delivered and you could buy ram from here – undefined – CeX (UK): – Buy, Sell, Donate. I think I have a Geforce 8800 I can throw in for free with it too. Need to have a hoke in my box of bits.
Telia Carrier, a network services provider based in Stockholm, is looking to work with large master agents and regional partners in the U.S., targeting enterprise opportunities such as SD-WAN.
The company this week launched a partner program with the goal of raising its profile in the U.S. The channel initiative aims to help partners cross-sell a range of offerings that include internet services, Ethernet, MPLS, a public cloud gateway and SD-WAN services. Telia Carrier earlier this month released a new SD-WAN offering based on Cisco’s Viptela technology.
Rob Pulkownik, head of channel sales at Telia Carrier, said the company recently built out its internal infrastructure to work with partners, creating mechanisms to track orders, pay commissions and avoid channel conflict.
“Now that we have that in place, my plan for this year is to scale up with … two more of the large masters and then regional [agents], on a more ad hoc basis,” he said.
Telia Carrier has master agent agreements in place with AppSmart (formerly WTG), Telarus and other companies.
The channel sales effort represents a shift for Telia Carrier, which has operated primarily a wholesale player, with customers including content providers, carriers, multisystem operators and ISPs. The enterprise sector was much less of a focus. Telia Carrier has staffed eight to 10 salespeople in the U.S. market, while competitors have more than 1,000 salespeople, Pulkownik noted.
Rob Pulkownik Head of channel sales, Telia Carrier
“We are not going to ramp up a sales team like that,” he said. “We are going to rely on doing a lot of this through the channel.”
Features of Telia Carrier’s partner program include a self-service portal, which lets agents keep tabs on inventory, usage, trouble tickets, invoices, customer payments and commissions, according to the company.
Telia Carrier aims to roll out an automated deal registration system in the second quarter of this year. At the moment, deal registration is a manual process.
The move to make remote work the norm during the coronavirus pandemic could push mobile networks to the brink.
The pandemic has led to unprecedented changes, one of which has been the scale at which employees have been working from home. Mobile networks in the UK reported problems on March 17, although the carriers denied it was connected to the rise in home working.
Still, industry observers said the infrastructure that companies rely on to deliver work-at-home services such as video conferencing, virtual desktops or even phone calls could experience disruptions in the face of prolonged heavy usage.
“The spike in activity that has been initiated with work-from-home policies is going to test potential network choke points, bandwidth constraints and the ability of collaboration apps to scale to new levels,” said Mark Bowker, senior analyst at Enterprise Strategy Group.
Forrester Research principal analyst Dan Bieler said he had already heard reports of certain elements of mobile networks being under strain, and, anecdotally, said he had been on calls in which the quality and connectivity was not what it had been.
“That’s not entirely surprising,” he said, given the larger percentage of people now working from home.
Bieler noted that everyone who has the same mobile phone carrier within a certain area is sharing the wireless spectrum. The mobile network could be under particular stress, he said, in areas where people use their phones as hot spots to conduct business.
“If you’re in a rural context, you’re already on relatively shaky ground when it comes to cellular connectivity,” he said.
Bill Menezes, senior principal analyst at Gartner, said it was difficult to tell whether networks had been affected so far.
“[There’s been] a couple of reports of issues in some areas — dropped calls and whatnot — but that’s the kind of thing that could happen at any given time,” he said.
An extended peak
To some extent, Menezes said, networks are built to handle high traffic, but such events are brief. Weekends, for example, create a similar situation, with many streaming Netflix or playing video games.
“These [networks] are designed to handle theoretical peak usage, but not necessarily when the peak is shifting — it’s coming not only on the weekend, but Monday through Friday now,” he said. “It’s conceivable that you’d start seeing some bottlenecks in areas — especially on the cellular network — that weren’t designed for the constant high level of usage the way the wired broadband networks were.”
People with inefficient home internet connections, Menezes said, might start using their mobile phones as hotspots, furthering the strain on the network. If mobile traffic climbs above weekend levels, he said, there could be disruption.
Bill MenezesSenior principal analyst, Gartner
“If you look at events that have happened in the past — like the Boston Marathon bombing — even the first responders, who had network prioritization for making calls or doing data sessions, were having trouble getting through, simply because of the overwhelming volume of usage,” he said.
Dealing with heightened traffic
Should the use of mobile phone networks exceed what the available infrastructure can provide, experts said, there is not much carriers can do in terms of bolstering capacity.
“Ultimately, the network infrastructure we have right now is the network infrastructure we will have in four months, six months — however long this situation will last,” Bieler said.
Beyond how long a network improvement might take, carriers may be leery of spending billions of dollars at a time when the economy is uncertain, according to Bieler.
“Nobody knows how long this will last,” he said. While it is unlikely people will be working from home for years on end, Bieler said, carriers face a lack of certainty.
Menezes said they may instead look at other means of freeing up bandwidth.
“One of the things they can do — and they’ve done this in the past — is slow data speeds if the network gets too congested. Obviously, that’s not an optimal type of situation,” he said. “It could either be slowing down speeds for the heaviest users — folks who are home and are trying to use 100 gigabytes of data because they’re doing online gaming. They may be the types of people who are throttled first.”
Another approach, Menezes said, would be a general throttling. For example, limiting everyone to standard-definition video streaming as opposed to 4K.
Bieler said carriers in Italy and Spain have already announced some form of throttling.
Given the hammering the economy has taken, Bieler expects to see the continuance of work operations — ensuring companies keep cash flowing and get projects done on time — given precedence over personal entertainment.
Encouraging people to use networks at off-peak times, Menezes said, could be another way to reduce the strain.
“You see the same thing with utilities, setting up time-of-use pricing. During peak hours, it costs more to buy electricity than during the early morning or evening,” he said. “That’s not necessarily going to help people who have to work from 9 to 5, but the carriers could use those types of methods.”
Bieler said it will be interesting to see how the move to mass remote work will change the way people work and communicate. If the networks can indeed support the additional traffic posed by working and learning from home, it may lead to a fundamental shift in the way things are done.
Enterprise Strategy Group’s Bowker said the situation might emphasize how functional technology has become at enabling mobility and flexibility.
“[This is] a time to recognize how valuable business collaboration tools are during times like this and how employees, students, front line workers [and so forth] are staying connected and productive,” he said.
Among the areas that might be rethought, Bieler said, could be international business travel.
“Is it necessary for someone to travel to New York for a two-hour meeting?” he said.
So I have a number of computers for sale that I’ve got from work, they’ve recently upgraded so these were surplus. I’ve gone through them, cleaned them up and installed Windows 10 Pro, all are licensed using the original license keys.
All prices also include shipping.
The following are available,
3 x Dell 7020 SFF Hard Drive
They are in full working order and again will show signs of general use.
Intel core i5 4590 8GB DDR3 Ram 500GB Hard Drive Gigabit ethernet 4 x USB 3.0 ports 6 x USB 2.0 ports VGA 2 x Displayport Dvd drive
Looking for £90 each.
10 x Dell 390 SFF
In full working order and will show signs of use.
Intel Core i3 2120 3.3GHz 4GB DDR3 Ram 500GB Hard Drive Ethernet 8 x USB 2.0 Ports VGA HDMI DVD writer drive
Looking for £50 each.
Dell 3060 SFF
It’s in full working order and had very little use.
It’s had a fresh install of Windows Pro which is fully activated using the motherboards license key.
It has an NVME 256GB SSD Hard drive installed on the motherboard but also has space for a 3.5 inch hard drive.
Intel core i5 8500 3.00GHz cpu 8GB DDR4 Ram 256GB NVME SSD Hard Drive Intel UHD Graphics 630 Gigabit ethernet 4 x USB 3.0 Ports 4 x USB 2.0 Ports HDMI Displayport VGA DVD Writer Drive
Looking for £320.
Dell XPS 8300
It has been well looked after but does have some marks and scratches, nothing that affects the usage of it.
Intel Quad Core i7-2600 3.40GHz CPU 16GB DDR3 RAM Brand new 240GB SSD 1TB additial hard drive storage GT 545 1GB GDDR5 Graphics card Blu-ray rom drive Soundblaster X-FI soundcard Gigabit ethernet Integrated multi SD card reader 8 x USB ports 2 x DVI outputs 1 x mini HDMI output Windows 10 Pro
Looking for £280.
2 x Dell Optiplex 3020
I have a Dell 3020 SFF computer for sale.
It’s in full working order but will show signs of general use.
A fresh Windows 10 Pro install has been put on which is fully activated.
Intel core i5 4590 3.30GHz CPU 8GB DDR3 Ram 500GB Hard drive Gigabit ethernet 2 x USB 3.0 ports 6 x USB 2.0 ports VGA Displayport