About thommck

Trying to show people that computers are supposed to make things EASIER

The big themes from Microsoft Ignite, March 2021: Part 3, Security for all

This is part 3 of a series of articles on the key themes from Microsoft Ignite, March 2021:

This keynote kicked off with Microsoft’s Corporate Vice President of Microsoft Security, Compliance and Identity, Vasu Jakkal.

Session Link

Microsoft want to make our digital world safe for everyone by providing security that reflects, empowers and includes everyone. When Microsoft says security for all it really means all:

  • All organisations, big and small
  • All your data
  • All clouds (Azure, AWS, GCP etc)
  • All your people (wherever they are)
  • All your devices and platforms
  • All the risks you face
  • All the opportunities ahead
Vasu describes Microsoft’s combined approach to Security, Compliance, Identity & Management

As always, there is an evolving threat landscape. Microsoft gather over 8 trillion security signals a day and have seen an increase in cybercrime, ransomware and nation state attacks. These have been led by attacks emanating from Russia, but also Iran, North Korea and China. Microsoft produced a Digital Defence Report in September 2020 that describes the current threat intelligence landscape and provides guidance and insights from experts, practitioners, and defenders at Microsoft.

Solorigate was an incredibly sophisticated nation state attack that targeted the SolarWinds Orion software. FireEye found it and asked Microsoft to help investigate. Using the 8 trillion signals they could find the traces/footprints and then could highlight it to customers. Microsoft don’t just sell security software or respond to threats, it is working to reduce digital crimes, disrupt botnets and nation state actors. You can read more about Microsoft’s analysis of Solorigate/NOBELIUM on its security blog.

Continue reading

The big themes from Microsoft Ignite, March 2021: Part 2, The Hybrid Workplace

In part 1 of this recap we looked into the keynote from Microsoft’s Satya Nadella and Alex Kipman. Part 2 of my Microsoft Ignite blog series will have a look at another keynote session all about how workplaces have been impacted by the global COVID-19 pandemic and how Microsoft are supporting organisations to work in the new normal.

The Hybrid workplace

Session Link

This fun 15 minute keynote from Microsoft Corporate Vice President, Jared Spataro, was packed with news around flexible approaches to work. Microsoft believe that there will be no going back to a pre-pandemic reality of an office permanently full of employees. Physical meetings are important but they won’t be the same as before.

over 
O 
of managers expect more 
flexible work from home 
policies post-pandemic 
more than 
70% 
Of employees expect 
to adopt these flexible 
work from home policies 
microsoft.com/worklab
Jared presents statistics from the WorkLab research

The Microsoft WorkLab is a site dedicated to understanding the trends of working during the pandemic & the need to change the employee experience. There’s lot to explore on that site, and info on how Microsoft will bring that to life in organisations with its Employee Experience Platform (EXP) Microsoft Viva. Microsoft have seen a large rise in video meetings, longer workdays, a break-up of the traditional 9-5 work pattern and an increase in chat. With over 115 million daily active users, Microsoft Teams has been the centre of a lot of that activity. Here are the new features and improvements Teams will be getting soon:

Continue reading

The big themes from Microsoft Ignite, March 2021: Part 1, Microsoft Mesh

It seems like only yesterday I was blogging and live tweeting about the annual Microsoft Ignite conference, when it was actually September last year! The global pandemic has meant for some changes to how Microsoft showcase all their big announcements and instead of the usual Ignite: The Tour sessions we get in the following Spring (in the northern hemisphere) we were treated to another global 3-day virtual event. In this post, I will take you through the big announcements and updates as well as take a bit of a deeper look at the overall themes from Microsoft and what they tell us.

Solution areas 
Business 
applications 
Data & Al 
Security
Judson Althoff, executive vice president of Microsoft’s Worldwide Commercial Business describes Microsoft’s core solution areas

If you want to take a look for yourself, the good news is that all of the content is available on-demand from myignite.microsoft.com. There are well over 200 sessions, from the keynotes or general “what’s new” sessions, to deep-dives and proper technical training available. A little tip for finding the sessions you want: Once you’ve signed in to MyIgnite go to the session scheduler, use the filters to find the area you are interested in, then sort A-Z (by default they are sorted chronologically which makes it confusing to pick out the duplicate sessions!).

You may also want to check out the Book of News. This is a fairly concise online report that shows calls out all the newsworthy announcements. Each announcement has a small description, then links off to a more in-depth Tech Community blog or Microsoft Docs page. It took me about 90 mins to read through it all, including a bit of jumping out to find out more on the topics I was really interested in.

Continue reading

Quick Tip: Make the most of the Microsoft Teams app bar

Microsoft Teams is fast becoming the hub for people’s productivity at work. I wanted to highlight a small feature that can make a big difference to the usability of Teams and help people find what they need, fast.

Microsoft Teams uses an “App Bar” on the left hand side of the UI to let you switch between the different apps available. You are probably familiar with the Activity, Chat, Teams, Calls and Calendar apps as they are pinned by default to the app bar but did you know you can move these around, unpin them or pin new ones?

screenshot of Microsoft Teams on the apps page
The app bar on the left with the default pinned apps, and there is even an app for more apps!
Continue reading

🧨 Ignite The Tour: London Highlights – Data and Containers in Azure

Many of us don’t get the opportunity to travel to the States for Microsoft’s biggest public convention: Ignite. Fortunately, over the last few years Microsoft have been taking the show on the road visiting countries all of the globe for a 2-day highlight tour. It also has the benefit of being a good few months after all the initial announcements so there is a bit more depth and understanding on all of the topics up for discussion. There’s content for IT Pros, engineers, admins and developers and did I mention it’s free to attend!? I headed to London with some of my risual colleagues to #LearnItAll (or at least as much as we could cram in!). At these kind of events I like to have a good mix of different sessions. This time, I focussed on finding out what’s new in IT Operations (rather than DevOps), Containers and Data, as well as the latest announcements on new Azure and Office 365 technologies like Azure Arc and Project Cortex. Originally I was planning to live blog this, and then I decided on a summary blog but it turned out there was so much content this article was left in draft and I forgot about it! So I’m publishing it with the Data and Container sessions now and hope to write up the rest in the future!

Continue reading

The 6 Rituals of Working from Home

My current job as an “Enterprise Architect” has my place of work officially listed as my home, although I’m regularly out visiting clients. I share that home with my wife, 3 sons and a cat (the cat is the only one with me in the daytime). As a relative newcomer to the home-working scene, I thought it would be interesting to share my experience over the last year in how I’ve adjusted to this new way of working. I was inspired by one of Scott Hanselman’s tweets around going for a morning commute even if you work from home:

Now, I’m sure most home-workers will tell you one of the best perks of being based at home is avoiding the traffic-filled commute but something about Scott’s tweet definitely rings true. It made me think of what I’ve done to motivate me to get out of bed in the morning when I could just as easily roll out at 8:55. How do you get into good habits rather than develop bad habits? So here are my personal 6 rituals of working from home.

My desk in my snazzy home office
Continue reading

Word Document only showing an image in read mode or Word Online

My colleagues and I were updating a Word document and we noticed that if the document was opened in Word Online (as it is stored in SharePoint Online) then a mystery image appeared in the top-right corner. As it only appeared like this in Office 365 we weren’t too concerned as this document is primarily for sharing as a PDF. However, it started to bug me and, as I recently qualified as the top-ranking Microsoft Office Word Expert Specialist in our company, I thought I had a rep to protect 😉.

Continue reading

🔮 Future Decoded 2019

Future Decoded is Microsoft’s annual 2-day conference aimed at business strategy leaders and IT Pros. It’s been held in the UK every autumn since 2014 at ExCeL London. I had the pleasure of returning for the 5th time this year. What I love about this conference is the way it looks ahead at the big themes in technology and how they can be used to help organisations achieve more. Usually there is a business-focussed day and a technical-focussed day, however, this year it was primarily targeted at business leaders and decision-makers. I think that is down to Microsoft establishing their “Ignite: The Tour” event, which brings the more technical content to the UK each Spring.

The AI showcase on expo floor at Future Decoded
The AI showcase had loads of great interactive examples of how artificial intelligence is transforming the world we live in

Here’s my wrap up of my visit on Day 2

Continue reading

⏰ It’s been a while…

This is the news you’ve all been waiting for, I’m getting back into blogging!

A lot has happened since my last post, to me, technology and the IT Pro community. I’ve been really impressed by some of the work my peers have been doing publishing articles, producing YouTube videos and recording some great podcasts, so I feel it’s about time I jumped back in the water.

My blog posts will continue to be varied but will mostly focus on my interests in cloud computing and especially the Microsoft stack. I’ll be avoiding “paid for” articles like a few of my previous ones to keep a better sense of integrity and provide better value to those of you who may stumble across my ramblings.

The point of this article is to give me a kick to actually put some content on here, so hopefully that’s done the trick and you’ll see more regular posts (if I don’t get too distracted with updating my “about” pages and tinkering with the theme/layout!).

For now, follow me on Instagram and Twitter and say hi.

Insider threats – what they are and how to defend against them

Full disclosure: this is a paid vendor article

Insider Threats

Insider Threats

Many organisations see external breaches as the biggest threat to their data security and spend millions building walls to guard themselves against hackers. It may come as a surprise to many that insider security threats – both intentional and accidental insider abuse and misuse – were seen to be by far the biggest cause of data leakage in 2015. With this in mind, it is imperative that you take steps to ensure you understand what your employees are doing with sensitive data.

The repercussions of insider threats can be enormous and can often go unnoticed. An insider may already have keys to the door so won’t trigger any security measures and they may already know where sensitive data is stored. Many cases of insider data breaches have been accidental, but the outcome is still the same – potentially large chunks of company profits spent on damages.

How to identify insider threats

In general, there are three types of insider that could be a threat to your organisation:

Malicious Insiders

Malicious insiders could be a current or former employee, a contractor or any other business partner who is authorised to access your organisation’s data. The motives for their attacks could range from revenge against a company they feel has mistreated them to simply personal profit. Theoretically everyone with access to your data could potentially exploit it for personal gain.

People who make mistakes unintentionally

A large proportion of data leakages occur due to honest mistakes on the part of insiders. They may have been caught in phishing scams, given their password out when they shouldn’t or left their account logged on across multiple machines. These threats are easier to detect and preventable by taking the right measures.

Outsiders posing as insiders

These are external attacks using an authorised user account with real credentials. External hackers can gain access through inactive accounts or by guessing passwords. Whichever way they gain access, they use genuine account details so do not show up as external threats.

Regardless of whether an insider leaks data intentionally or accidentally, you still need to make sure you are taking preventative measures to mitigate the risk. Dealing with insider threats is an ongoing, pro-active process that requires time and dedication.

How you can mitigate the risks of insider abuse

Know where your sensitive data is

It’s very important to know which areas of your IT infrastructure are the most likely to be of value to potential insider threats. It is also important to understand who has access to this data and how regularly it is accessed. Knowing these things will enable you to better detect when something out of the ordinary occurs in files and folders with sensitive data.

Evaluate your security strategy

Security breaches should be treated in the same way as a fire – there should be regular evaluations of safety regulations and ideally testing should take place to assess your current reaction to breaches. This kind of testing should enable you to spot anything you have overlooked or any loophole that currently exists.

There are some basic security practices you can enrol that will help firm up security; including patch-management procedures, IDPS configuration, passwords and authentication policies, firewalls and log review procedures.

Be sure to also look at how up to date your current security measures are. Threats evolve very quickly, and new versions of critical IT systems are released fairly regularly, it’s important that you stay up to date.
A regular and pro-active approach to auditing and monitoring critical IT systems needs to established. This will enable you to track activity in files and folders to ensure only the right people are accessing the right data. Being constantly aware of this will help you mitigate the damage should a data breach occur.

Maintain a least privilege policy

Employees often move departments, get promoted or be tasked with something that requires extra levels of permission. In all these cases new permissions may need to be granted and old permissions may need to be revoked. Maintaining a least privilege policy by monitoring these changes can ensure that only the right people have the right levels of access to the right data. Accounts with inappropriate levels of access are more likely to be damaging to your organisation.

Make insider threats a priority

Often the main issue is that certain people within the organisation won’t admit there’s a problem. Unfortunately, with insider threats, it’s only a matter of time before you experience the problem for yourself. Keep insider threats at the forefront of your mind when developing new security plans, assigning new permissions or managing employees.

Monitor your users

If you are able to make use of behavioural analytics tools, like User Behavioural Analytics or Network Analytics, then make sure you take advantage of them. These tools will highlight any behaviour deemed abnormal after establishing a base-line for what normal is. It can also simplify the process of identifying users with high-risk identity profiles.

Conclusion

Insider threats should be the number one cause for concern for any organization when it comes to protecting their sensitive data. Organisations that store personal information about their employees, clients, partners or customers have a duty to protect that information. A simple way of ensuring that you are able to pro-actively audit and monitor your critical IT systems is to deploy an automated solution like LepideAuditor Suite. This solution can clearly show who accesses what information as well as when and from where it was accessed. It actively audits, monitors and alerts on changes made to critical IT systems, tracks current permissions and permission changes and monitors all aspects of file/folder activity – all from a centralised console. Be sure to consider using an automated solution, like LepideAuditor Suite, when you address insider security threats in your organization.