MS Tech Summit – 2018 – Day Two Recap

header

My Day two at #MSTechSummit was focused around Office 365, in particularly the security aspects of the service. Security and compliance of these services are quickly become and equal to availability, people are not just interested in whether the service is going to be up 99.999% of the time, but how they deal with security and compliance

You can see that Microsoft are extremely aware that their threat footprint is huge, and they are spending huge amounts of effort providing the right features to protect their customers.

Security Score:

Security score is a dashboard which gives Office 365 customers with their security score based on the features which are enabled. This score is given out of the maximum features available based on your subscription license. This dashboard also provides assistance on what features can be enabled to increase your score.

file2

 

One really clever feature on this is ‘Compare your score’ this will allow you to compare your score against all other Office 365 customers. Whats clever about this feature is the comparisons. If your Office 365 tenant has 25 mailboxes you may not be as security focused as an enterprise with ten thousand mailboxes, so it’s not useful to compare the score. So you have the option to compare against similar size tenants. In the example above this is a tenant with 25 mailboxes, which has  score of 210. The average across similar tenants in 40, and the overall Office 365 average score is 38

Advanced Threat Protection

Advanced Threat Protection or ATP, is another new feature within Office 365. This completes multiple actions to help protect your Office 365 tenants. Features include reputation checking against known malicious URLs. This prevents users from directing to URLs that are known to ATP.

Email attachments are the primary cause of malicious or Ransomware from entering your business. Office 365 ATP follows a procedure to help your users staying protected. All attachments are stripped from the Office 365 mail and run through a scanning process to see if anything harmful. Furthermore these attachments are sent to a ‘Detonation Chamber’ to execute the file in a secure location and report what the file is attempting to complete. If anything harmful or unusual occurs, the file is deleted and replaced with a text file informing the user that ATP has stripped the attachment

Attack Simulator

This is my favourite security feature of Office 365. These set of features allows you to perform simulation attacks against your user base. The attack simulator includes phishing attacks, brute force password attacks and password spray attacks.

Simulated phishing attacks will send your users emails that mirror normal phishing emails. The feature then reports back and informs you which users fell of the attack. You can then target those users and provide some training on how to spot phishing attacks in the future.

Brute force password attacks will stress test the user base against a set of common passwords. Again this will provide a report on the weak users so you can educate them on password security!

Cloud App Security

Another really cool feature of the security suite in Office 365. Cloud App Security monitors the users for abnormal behaviour. This can be really useful for large scale attacks or disgruntled users!

In this picture Cloud App Security has picked up that the user is an administrator and is now trying to login from a new external IP and new ISP. Additionally there was three failed logon attempts before the successful logon. They’ve not performed an admin change to forward mail to an external address, which hasn’t happened since 82 days ago. All this information tied together indicates that something strange is going on and will allow admins to disable to account and investigate the issue further

MS Tech Summit – 2018

header

Today we kicked off the MS Tech Summit in Birmingham. I attended the same event last year, and heard loads on the Microsoft vision for #Azure and Microsoft 365. This year was no different, we kicked off the event with a back to back key note on Microsoft 365 and Azure:

Microsoft 365 Keynote:

Microsoft Teams was a clear forefront to everything Microsoft 365. The technology underpinned all the future integration that’s coming within 365. Teams will start to centralise integration between Skype for Business, SharePoint and Yammer.

Azure AD as can overlay provides seamless authentication across all these technologies, including hybrid for on premises services.

Centrica then provides a great customer story on how they successfully migrated over 50000 users to Microsoft 365, and are leveraged O365/Yammer/Teams to collaborate with staff all over the world. They have introduced digital champions across their business to understand how different departments can better leveraged digital technology. They have two digital evangelists who are working to continue their digital transformation.

Microsoft Autopilot may well be the most exciting announcement of the two days. Using Azure Ad and InTune, you now have the capability to deploy corporate images to OOB devices out in the wild. When a user receives their Windows 10 device, they enter their email address it checks against Azure to see if they are utilising Azure AD. From that it then deploys the company gold build down to the device from anywhere in the world, including apps, policies and updates. I can see this been extremely beneficial to both customers and CSP. Multi factor authentication underpins all this to ensure security is upheld. The live demo of this was a treat!

 

Azure Keynote

Another great keynote. Azure has now integrated the ability to run ‘Cloud Shell’ over a browser to run PowerShell commands against customer’s azure instances. The shell is browser agnostic and even works on EDGE! (Proof below). This increases customers’ ability to utilising the ‘single pane of glass’ when deploying, managing or updating their infrastructure.

file2.jpeg

Hybrid deployments certainly aren’t going away. Microsoft envision ‘Hybrid 2.0’ allowing better integration between applications/services that can reside anywhere. Diagram below shows the examples of traditional on premises services and their Azure equivalent

Docu-Sign then provided another great customer story. They decided to lift and shift their entire SQL estate to Azure to help them with their incredible scale. They lifted SQL DB’s and put them into Azure Database Services, and repointed applications to the new backend. They are currently completing 1.1million records annually, which doubles in volume year-on-year.

 

Azure Fundamentals

This session was a real treat. Dan Baker (@AzureDan) and Adam Raffe (@AdamRaffe) presented some great use cases for azure. Adam started with an introduction to cognitive services running with Azure. These are allowing business to create interactive bots which can use a multitude of factors to authenticate users. May that be photo recognition or voice.

Azure Dan then revealed how he is using Azure services in his everyday life., This is an important flip to the large scale use cases that we are used to. Dan has created some serverless applications which provide him with information on his day streamed to his famous ‘Magic Mirror’

The next demonstration what his twitter bot. Dan checks important RSS feeds every 30 minutes and then posts into his twitter account when important blogs or services updates are raised. He then extracts information from within the link and adds this to the tweet. I can think of multiple use cases where customers can gain benefit from something very similar!

Following this the session turned interactive. To gain feedback on sessions, Dan collates tweets using the tag #Azuredandemo, and interprets the positive or negative feedback. This then presents as a webpage which changes colour based on the feedback

file6

Finally, IoME! We’ve all heard storied about how someone has saved x in efficiencies by deploying data collections nodes and analysing the data. Dan has performed this magically at a much lower scale. Using an arm strap which takes readings of his blood sugar level, he then tracks this data into Azure. He can then monitor his sugar level automatically every 5 minutes. This has provided Dan with the data on when and how he has high or low levels. If levels are too high or too low this can then alert Dan using an App/Phone or Watch.

Find me a more valuable digital transformation story than Dan monitoring his sugar levels!

Digital Transformation – Microsoft Tech Summit

Over the last couple of days, I have attended the Microsoft Tech Summit in Birmingham, during which, Digital Transformation underpinned a lot of the content delivered by the Microsoft Team. Digital Transformation is going to be a hot topic in the industry, so the main question i had on my mind was ‘What is Digital Transformation?’

In the Keynote, Microsoft provided two use cases that demonstrated the value of Digital Transformation, but the one that really resontated with me was from The British Museum. This was presented by two delegates from The British Museum on how they use data analytics to improve the experience of the millions of annual visitors. They have created a data pipeline from over 200 data sources, and they now have the resources to present tangible information to the key decision makers at the Museum. This data allows The British Museum to tailor elements of their business such as; opening times, exhibits or even audio guides to their consumers.

Let’s look at an example of how they use this data. The British Museum monitor’s visitor WiFi footprint to ascertain how long they spend in each area or exhibit. This data is cross-referenced against social media streams to see what their visitors are posting about. Why is this important? Imagine been able to present to key decision makers with feedback on how well exhibits are been received and how they can trend future displays within the Musuem? Based on the knowledge gained from this data, this will allow the Museum to tailor how long exhibits are shown, what location they are set within the Museum, or even what items should be made available in the gift shop? Take this to the next level, how about been able to understand what the age demographic of visitors are, and then use this to dictate where and what your marketing strategy is for a new exhibit?

The example above is based on two data sources from over 200 possible sources available. Imagine the possibilities. Now a lot of this may seem like common sense, but due to the amount of data that is generated, its extremely difficult to manually piece together and organise this data into presentable information. The British Museum are integrating legacy data sources together and querying the masses of data to provide the information. This is called a ‘Data Pipeline’

Below is the diagram of the Data Pipeline from The British Museum

IMG_0701 (2)

Picture Credit: The British Museum @ Microsoft Tech Summit

This is a perfect example of Digital Transformation. The Museum are using the power of data to transform their business processes and customer experience. What do you think you could do with the same level of data analytics for your business or customers? If the British Museum, who essentially collate historic artifacts and make them available to the public for free, can find ways to utilise Digital Transformation to improve their business then anyone can.

For more information how the British Museum have Digitally Transformed here is an article from @Alice_data from her keynote at #IDCC17: https://t.co/91qNN7FoUn