Posts

Microsoft Customer Guidance for WannaCrypt Attacks

As you no doubt are aware, the WannaCrypt attacks over the last couple of weeks have been quite pervasive. Microsoft has provided some guidance on the WannaCrypt attacks that I thought you should be aware of, both for Azure as well as on-premises.

https://azure.microsoft.com/en-us/blog/wannacrypt-attacks-guidance-for-azure-customers/
https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/

Of note, Microsoft has released security patches for OS versions that are no longer in mainstream support, i.e. Windows XP, Windows 8 and Windows Server 2003.

Five reasons to run SQL Server 2016 on Windows Server 2016

The Microsoft SQL Server team is publishing a five-part series on why to run SQL Server 2016 on Windows Server 2016.  Can you guess reason #1?  

Yes, it's security.  We're going to see a much bigger push on the MS front addressing its commitment to a holistic security approach across the whole Microsoft stack, building and integrating security throughout its platforms, and product and service offerings.  Read on to see how SQL Server 2016 on Windows Server 2016 increase your security posture, using features such as Device Guard, Credential Guard, Control Flow Guard and Windows Defender on Windows Server 2016 and Always Encrypted protection, Row-Level Security and Dynamic Data Masking in SQL Server 2016.

https://blogs.technet.microsoft.com/hybridcloud/2017/03/23/five-reasons-to-run-sql-server-2016-on-windows-server-2016-1-security/

The second part of the series focuses on the performance increases and cost savings that can be had with SQL Server 2016 on Windows Server 2016.


https:/…

Happy Birthday EMS: How cloud architecture and customer obsession is disrupting EMM

Read on for Brad Anderson's reflections on the disruptive nature of the cloud, on the three year anniversary of EMS.

https://blogs.technet.microsoft.com/enterprisemobility/2017/03/27/happy-birthday-ems-how-cloud-architecture-and-customer-obsession-is-disrupting-emm/

Perspectives on the New Intune Console

Check out Brad Anderson's perspective on the new Intune console that is now part of the Azure admin portal. We're finally seeing the convergence of the various EMS offerings into one single glass of pane.

https://blogs.technet.microsoft.com/enterprisemobility/2017/01/24/perspectives-on-the-new-intune-console/

Also, watch Brad go over the changes and how to use them in this video from Channel 9's Endpoint Zone:

https://channel9.msdn.com/Series/Endpoint-Zone/The-Endpoint-Zone-with-Brad-Anderson-1701

Cyber Security Attackers Toolkit – What You Need to Know

For the security-interested, a more technical look at the tools attackers use during a cyber attack and how Advanced Threat Analytics plays a role in detecting these attacks and provides a higher level of visibility into them.

https://blogs.technet.microsoft.com/enterprisemobility/2017/01/24/cyber-security-attackers-toolkit-what-you-need-to-know/

Eliminating Plaintext Passwords With Microsoft Advanced Threat Analytics Using LDAP

Happy New Year to everyone!

To start off 2017 on an easy note, have a look at this article regarding the use of Microsoft Advanced Threat Analytics (ATA) to identify those applications and services that may still be sending passwords in plaintext in your network environment.  This is typically the result of simple LDAP binds being used for authentication purposes, which exposes your environment to attacks focused on privilege escalation.

https://blogs.technet.microsoft.com/enterprisemobility/2017/01/09/eliminating-plaintext-passwords-with-microsoft-advanced-threat-analytics-using-ldap/


New survey shows hybrid is leading approach, security waning as blocker to cloud adoption

A posting by Julia White on the key findings from a survey of cloud use in 2016. Notably, hybrid deployments will continue to be the deployment model for years to come; vendor lock-in and privacy are moving up in terms of concerns; and security in the cloud remains a hot topic, but the nature of it has changed, with 50% of respondents seeing it as a benefit to cloud adoption, and the other half seeing it as a blocker.

https://azure.microsoft.com/en-us/blog/new-survey-shows-hybrid-is-leading-approach-security-waning-as-blocker-to-cloud-adoption/

Risk-based Conditional Access now in the new Azure portal

Microsoft now allows you to apply risk-based conditional access policies at the Azure AD application level, providing you with real-time detection and automated protection that is fueled by the vast data in Microsoft’s Intelligent Security Graph.

Today, several improvements to conditional access in have been published through the new Azure Portal:

Risk-based access policies per application: Leverage machine learning on a massive scale to provide real-time detection and automated protection. Now you can use this data to build risk-based policies per application.Greater flexibility to protect applications: Set multiple policies per application or set and easily roll out global rules to protect all your applications with a single policy.All these capabilities are now available in a unified administrative experience on the Azure portal. This makes it even easier to create and manage holistic conditional access policies to all your applications.https://blogs.technet.microsoft.com/enterprisem…