MS Tech Summit – 2018 – Day Two Recap

header

My Day two at #MSTechSummit was focused around Office 365, in particularly the security aspects of the service. Security and compliance of these services are quickly become and equal to availability, people are not just interested in whether the service is going to be up 99.999% of the time, but how they deal with security and compliance

You can see that Microsoft are extremely aware that their threat footprint is huge, and they are spending huge amounts of effort providing the right features to protect their customers.

Security Score:

Security score is a dashboard which gives Office 365 customers with their security score based on the features which are enabled. This score is given out of the maximum features available based on your subscription license. This dashboard also provides assistance on what features can be enabled to increase your score.

file2

 

One really clever feature on this is ‘Compare your score’ this will allow you to compare your score against all other Office 365 customers. Whats clever about this feature is the comparisons. If your Office 365 tenant has 25 mailboxes you may not be as security focused as an enterprise with ten thousand mailboxes, so it’s not useful to compare the score. So you have the option to compare against similar size tenants. In the example above this is a tenant with 25 mailboxes, which has  score of 210. The average across similar tenants in 40, and the overall Office 365 average score is 38

Advanced Threat Protection

Advanced Threat Protection or ATP, is another new feature within Office 365. This completes multiple actions to help protect your Office 365 tenants. Features include reputation checking against known malicious URLs. This prevents users from directing to URLs that are known to ATP.

Email attachments are the primary cause of malicious or Ransomware from entering your business. Office 365 ATP follows a procedure to help your users staying protected. All attachments are stripped from the Office 365 mail and run through a scanning process to see if anything harmful. Furthermore these attachments are sent to a ‘Detonation Chamber’ to execute the file in a secure location and report what the file is attempting to complete. If anything harmful or unusual occurs, the file is deleted and replaced with a text file informing the user that ATP has stripped the attachment

Attack Simulator

This is my favourite security feature of Office 365. These set of features allows you to perform simulation attacks against your user base. The attack simulator includes phishing attacks, brute force password attacks and password spray attacks.

Simulated phishing attacks will send your users emails that mirror normal phishing emails. The feature then reports back and informs you which users fell of the attack. You can then target those users and provide some training on how to spot phishing attacks in the future.

Brute force password attacks will stress test the user base against a set of common passwords. Again this will provide a report on the weak users so you can educate them on password security!

Cloud App Security

Another really cool feature of the security suite in Office 365. Cloud App Security monitors the users for abnormal behaviour. This can be really useful for large scale attacks or disgruntled users!

In this picture Cloud App Security has picked up that the user is an administrator and is now trying to login from a new external IP and new ISP. Additionally there was three failed logon attempts before the successful logon. They’ve not performed an admin change to forward mail to an external address, which hasn’t happened since 82 days ago. All this information tied together indicates that something strange is going on and will allow admins to disable to account and investigate the issue further

MS Tech Summit – 2018

header

Today we kicked off the MS Tech Summit in Birmingham. I attended the same event last year, and heard loads on the Microsoft vision for #Azure and Microsoft 365. This year was no different, we kicked off the event with a back to back key note on Microsoft 365 and Azure:

Microsoft 365 Keynote:

Microsoft Teams was a clear forefront to everything Microsoft 365. The technology underpinned all the future integration that’s coming within 365. Teams will start to centralise integration between Skype for Business, SharePoint and Yammer.

Azure AD as can overlay provides seamless authentication across all these technologies, including hybrid for on premises services.

Centrica then provides a great customer story on how they successfully migrated over 50000 users to Microsoft 365, and are leveraged O365/Yammer/Teams to collaborate with staff all over the world. They have introduced digital champions across their business to understand how different departments can better leveraged digital technology. They have two digital evangelists who are working to continue their digital transformation.

Microsoft Autopilot may well be the most exciting announcement of the two days. Using Azure Ad and InTune, you now have the capability to deploy corporate images to OOB devices out in the wild. When a user receives their Windows 10 device, they enter their email address it checks against Azure to see if they are utilising Azure AD. From that it then deploys the company gold build down to the device from anywhere in the world, including apps, policies and updates. I can see this been extremely beneficial to both customers and CSP. Multi factor authentication underpins all this to ensure security is upheld. The live demo of this was a treat!

 

Azure Keynote

Another great keynote. Azure has now integrated the ability to run ‘Cloud Shell’ over a browser to run PowerShell commands against customer’s azure instances. The shell is browser agnostic and even works on EDGE! (Proof below). This increases customers’ ability to utilising the ‘single pane of glass’ when deploying, managing or updating their infrastructure.

file2.jpeg

Hybrid deployments certainly aren’t going away. Microsoft envision ‘Hybrid 2.0’ allowing better integration between applications/services that can reside anywhere. Diagram below shows the examples of traditional on premises services and their Azure equivalent

Docu-Sign then provided another great customer story. They decided to lift and shift their entire SQL estate to Azure to help them with their incredible scale. They lifted SQL DB’s and put them into Azure Database Services, and repointed applications to the new backend. They are currently completing 1.1million records annually, which doubles in volume year-on-year.

 

Azure Fundamentals

This session was a real treat. Dan Baker (@AzureDan) and Adam Raffe (@AdamRaffe) presented some great use cases for azure. Adam started with an introduction to cognitive services running with Azure. These are allowing business to create interactive bots which can use a multitude of factors to authenticate users. May that be photo recognition or voice.

Azure Dan then revealed how he is using Azure services in his everyday life., This is an important flip to the large scale use cases that we are used to. Dan has created some serverless applications which provide him with information on his day streamed to his famous ‘Magic Mirror’

The next demonstration what his twitter bot. Dan checks important RSS feeds every 30 minutes and then posts into his twitter account when important blogs or services updates are raised. He then extracts information from within the link and adds this to the tweet. I can think of multiple use cases where customers can gain benefit from something very similar!

Following this the session turned interactive. To gain feedback on sessions, Dan collates tweets using the tag #Azuredandemo, and interprets the positive or negative feedback. This then presents as a webpage which changes colour based on the feedback

file6

Finally, IoME! We’ve all heard storied about how someone has saved x in efficiencies by deploying data collections nodes and analysing the data. Dan has performed this magically at a much lower scale. Using an arm strap which takes readings of his blood sugar level, he then tracks this data into Azure. He can then monitor his sugar level automatically every 5 minutes. This has provided Dan with the data on when and how he has high or low levels. If levels are too high or too low this can then alert Dan using an App/Phone or Watch.

Find me a more valuable digital transformation story than Dan monitoring his sugar levels!