Microsoft 365 now has “Safe Links” protections across Microsoft Teams for any organisation that uses Microsoft Defender for Office 365 (formally Office 365 ATP).
Defender for Office 365
What is Safe Links?
Safe Links is a feature of Defender for Office 365 that scans URLs clicked by end users to check for malware and malicious or phishing sites in real time.
Safe Links was first introduced in 2015 (for just Exchange Online at the time) and was originally used to “detonate” links in e-mails to detect malicious payloads. Safe Links was subsequently added to Microsoft 365 applications, as well, such as PowerPoint and Word.
With the latest update and expansion across Microsoft 365, Safe Links now provides transparent, integrative and native intelligent protections against malicious links in conversations, group chats and channels chat across Microsoft Teams.
Enabling the feature
This can be configured in the Microsoft 365 Defender portal. Detailed instructions can be found here
As with SafeLinks across the other Office services, admins can add exclusions and trusted sites if needed.
Coming to complement the newly released “Standout mode” that rolled out to Microsoft Teams last months, 2 new immersive presentation modes are about to start rolling out.
This update is referenced within Microsoft 365 Roadmap ID 83371.
What do the new modes mean for presenters?
Thia update will enhance the presenter view to make desktop or app sharing more inclusive and better for hybrid meetings, ensuring the presenter can be seen at all times. Side by Side and Reporter Mode
Side by Side Mode
In this mode, meeting participants will see the presenter’s video feed and content overlaid on a background image (which can be customised).
Side by side presenter mode (image (C) Microsoft)
Reporter Mode
In this mode, the meeting participants will see the presenter’s video feed superimposed over the background image while having the content over their shoulder, placed diagonally. Like. TV broadcast.
Reporter Mode (image (C) Microsoft)
The modes are customisable..
What can be customised?
Presenters are able to customise the background image before starting the presentation.
Presenters are able to enable or disable the video feed during the presentation from the sharing bar.
After their acquisition RiskIQ just last week and ReFirm the month before, Microsoft have just annouced they are now aquiring CloudKnox, a leader in Cloud Infrastructure Entitlement Management (CIEM).
Who are CloudKnox?
Founded in 2015, CloudKnox, are the only multi-cloud, hybrid cloud permissions management platform that provide granular visibility, automated remediation and continuous monitoring consistently enforcing least-privilege principles to reduce risk. CloudKnox works with Azure, as well as the AWS and Google public clouds as well with leading virtualisation and hybrid cloud vendors including VMware.
CloudKnox
CloudKnox are the leaders in Cloud Infrastructure Entitlement Management (CIEM) space and offers complete visibility into privileged access within cloud services.
What Microsoft plans to do with the CloudKnox acquisition.
In Microsoft’s most recent security blog, Joy Chik (VP of Identity at Microsoft) said:
“Modern identity security needs to protect all users and resources consistently across multi-cloud and hybrid cloud environments….Today, Microsoft is taking a significant step toward this goal with the acquisition of CloudKnox Security, a leader in Cloud Infrastructure Entitlement Management (CIEM). CloudKnox offers complete visibility into privileged access. It helps organizations right-size permissions and consistently enforce least-privilege principles to reduce risk, and it employs continuous analytics to help prevent security breaches and ensure compliance. This strengthens our comprehensive approach to cloud security.”
Joy Chik, Corporate VP of Microsoft Identity
The post (which can be read here) summarises how Microsoft will leverage the CloudKnox technology to help Security Admins with tasks such as managing privileged access in multi-cloud and hybrid cloud environment through a set of comprehensive yet simple threat assessments and prevention methods as well as ensuring security enforcement and governance.
Finally Microsoft said that the acquisition of CloudKnox will allow Microsoft to further harden Azure Active Directory with more granular visibility, continuous monitoring and automated remediation for their hybrid and multi-cloud identities, access and permissions further solidifying their market leading position in Identity and Access Management.
Extended Security Updates were made available (at a cost) by Microsoft for both SQL Server and Windows Server versions 2008 and 2008 R2 since “official support” ended but these extended support update are also now coming to an end on:
SQL Server 2008: July 9th, 2022
Windows Server 2008/2008 R”: Jan 14th, 2023 respectively.
If your organisation is still running any of these older server products in Azure then you will be currently entitled to (and receiving) 3 years of free Extended Security Updates, and Microsoft have recently announced that one more year of Extended Security Updates will be available BUT ONLY if these workloads are running in Azure.
SQL Server and Windows 2012
Support for SQL Server 2012 and Windows Server 2012 / 2012 R2 is also coming to an end:
SQL Server 2012: July 12th, 2022
Windows Server 2012/2012 R2 on October 23rd 2023
As with version 2008, Microsoft will be making (again at a cost) 3 years of Extended Security Updates available from your licensing partner or Cloud Solution Provider (CSP) and, as before these will be free if these workloads are running (or moved into) Azure.
If you are no planning on moving these into Azure, then you’ll need to buy licences for each server instance you need to cover.
Cost for ESU are
Year 1: 75% of the licence cost
Year 2: 100% of the licence cost
Year 3: 125% of the licence cost
What are my options?
If you are still on Windows Server 2008 or SQL 2008, you have 3 options:
Migrate the VMs/Servers into Azure for ONE MORE YEAR of free support
Migrate or Rehost apps and workloads to Windows Server and SQL Server on Azure virtual machines
Modernize with Azure services such as App Service and Azure SQL Managed Instance, and never have to patch or upgrade again.
If you are Windows or SQL Server 2012, you have 4 options:
Pay for Extended Support for up to 3 years
Upgrade the Servers to a supported version of SQL and Windows
Migrate or Rehost apps and workloads to Windows Server and SQL Server on Azure virtual machines
Modernize with Azure services such as App Service and Azure SQL Managed Instance, and never have to patch or upgrade again.
Further Reading and References
You can find the formal announcement here, along with the data sheet which does into more detail, as well as a FAQ from Microsoft.
After experiencing huge growth like many Cloud UC vendors) during the COVID-19 pandemic, Zoom has made its first major acquisition by agreeing to buy cloud contact center Five9 for $14.7 billion.
In the past year, Zoom have been adding more enterprise and home collaboration tools to its services including new room systems partnerships and office collaboration products, their new cloud phone system, and an all-in-one home communications appliances in an aim to rule the home and enterprise market space.
This acquisition will allow Zoom to expand into call center space (a market said to be worth around $24 billion. In the official announcement, Zoom CEO, Eric Yuan said “We are continuously looking for ways to enhance our platform and the addition of Five9 is a natural fit that will deliver even more… value to our customers,”.
Zoom feed on twitter
Once the audition completes in early 2022,Five9 will become an operating unit of Zoom and its chief executive, Rowan Trollope (Ex Cisco), will become a president of the company.
How are Five9?
Five9 was founded in 2001 and has around 2,000 customers globally, including major brands like SalesForce and Under Armour. They processes in excess 7 billion minutes of calls annually.
Zoom, (like other leading UCaaS vendors) already partner and integrate their solutions Five9 to add integrated contact and customer experience solutions into its platform. The contact centre business has grown hugely since the start of COVID-19 and with customer habits now “the way of life”, the move to deliver a better online customer experience will now benefit zoom through these new integrated revenue streams.
It’s a 3 legged race in the UCaaS market…
According to Gartner, global spending on cloud-based video conferencing technology is forecast to reach $5.5 billion this year, up from $5.0 billion in 2020, a space where today, Zoom, Microsoft and Cisco as the clear front runners leaders. Cisco and Zoom will now own a slice of the contact centre market directly while Microsoft continue to leverage the partner eco system to drive options and choice to customers.
Thanks for reading and I welcome your thoughts and feedback on this acquisition and the UCaaS space generally…
The next big update to #MicrosoftTeams (dubbed Teams 2.0) will be faster, allow multiple accounts, provide seemless integration into #Windows11 and will look and behave much more like a native Windows app.. Yay.
Teams 2.0 on Windows 11 (image:Microsoft)
Inline with the release of Windows 11 later this year (though will likely be in preview way before then), Microsoft is finalising the work on a totally resigned version of Microsoft Teams. Designed specifically for Windows 11 but will also be realised and will work on Windows 10.
What’s different?
The main difference between the existing Teams client and Microsoft Teams 2.0 is that the new version is based on Edge WebView2 rather than Electron. Leveraging Edge WebView2 allows for embedded Web technology such embedded as HTML, CSS and JavaScript along with the full power of the Chromium rendering engine. Microsoft will also move away from Angular and will instead now use the open source front-end JavaScript library React.js.
Introducing Microsoft Teams 2.0
The new Teams client is built around Microsoft Teams for the web though it won’t actually look much different from the existing Teams. The main changes come in the form of performance, application size, integration and extensibility.
A version that leaked on the Internet last week (with missing features) confirms the claims Microsoft have already made around significantperformance increase whilst also runs better on lower-end devices due to reduction in both app size and memory usage. According to Microsoft..
“Teams 2.0 will consume half the memory of the current Teams 1.0 client”.
Teams and Windows 11
Teams 2.0 will launch instantly and users will no longer “get stuck” on the loading screen on older devices or when teams is loaded when lots of other apps are already open.
Unlike the old client, the Teams 2.0 app window can now be resized and the interface scales alongside it automatically. It will also support the new snap view and snap assist features in Windows 11. With Teams 2.0, Microsoft has also added integrations with native notifications and other features within both Windows 10 and of course Windows 11.
Teams 2.0 will also finally properly support multiple accounts without having to switch/log in and out of different Tennants.
Coming “soon”
Microsoft Teams 2.0 should be a welcome upgrade whe it arrives. I’ll update this one it enters an official public preview state or hear more official word from the Microsoft Teams Team!
Windows365 is a new service that will let users access their corporate ‘cloud’ PC from anywhere by streaming a version of Windows 10 (or Windows 11 when released) in a web browser. At launch, in early August, organisations will have two edition options – Windows 365 Business and Windows 365 Enterprise – with multiple Cloud PC configurations based on performance needs. Additional options will come later.
Designed for the disparate and agile workforce
Windows 365 allows organisations to equip distributed workforces, temporary and seasonal employees, contractors, and employees who have a need for specialised workloads in a flexible and highly secure manner – regardless of their location or device. Windows 365 will allow organisations to add and remove users with secure managed Cloud PCs according to the changing needs of the business and of the individual user, allowing them to scale for busy periods without the logistical challenges of issuing new hardware. Cloud PCs can be scoped, and scales based on the specification/power that best meets the user need and is paid for on a simple per user per month price.
Built on Azure Virtual Desktop – runs on anything
Windows 365 is built on Azure Virtual Desktop but simplifies the virtualization experience and licensing. Organisations that require greater customization and flexibility can of course still opt for Azure Virtual Desktop to modernize their VDI (Virtual Desktop Infrastructure) in the cloud or use a combination of both.
Windows 365 offers a consistent Windows experience, across any device/operating system including Windows, Mac, Linux, iOS, or Android. It promises to support all your business apps such as Microsoft 365, Dynamics 365, Power Platform, line of business apps, and more as well as the Office 365 suite.
It provides an instant-on boot experience that enables users to stream all their personalized applications, tools, data, and settings from the cloud across any device and allow them to pick up right where they left off. The state of a user’s Cloud PC remains the same, even when they switch devices.
Windows 365 Device Support (July 2021)
Consistent Device Management
Microsoft Endpoint Manager is used to procure, deploy, and manage Cloud PCs for their organisation, since Windows 365 is consistent with how they manage physical devices with Microsoft End Point Manager. Cloud PCs are managed alongside physical devices and can apply management and security policies to them in the same way as they do on physical devices. There is extensive monitoring too and IT can change on the fly the specification (processor, RAM, and disk) to adjust the performance of the Cloud PC to make sure the users are getting the best experience. There’s also built-in analytics and performance metrics to look at connection health across network to make sure the Cloud PC users can reach everything they need.
Build on Zero Trust Foundation
Windows 365 is built with a focus on a Zero Trust architecture. It stores information in the cloud, not on the device, and encryption is used everywhere as you’d expect with an Azure service. All managed disks running Cloud PCs are encrypted, stored data is encrypted at rest, and all network traffic to and from the Cloud PCs is also encrypted.
Pricing and Licensing Information
Unlike other virtualisation services, Windows 365 is priced on a per-user price and are allocated via the Microsoft 365 admin center portal in the same way as other Microsoft 365 E3/E5 licenses.
Windows 365 will initially come in two flavours – Business and Enterprise, and Microsoft will offer 12 different configurations for both the editions. The Cloud PCs can be configured with a single CPU, 2GB of RAM, and 64GB of storage at the low-end, all the way up to eight CPUs, 32GB of RAM, and 512GB of storage.
A full range of available configuration and example scenarios is available here.
Windows 365 will be officially available on August 2, 2021, and pricing will be announced on the same day, though rumours say we expect pricing to start from ~£25pupm
I read an article recently about StephenKitay – the Former Deputy Assistant Secretary of Defense for Space Policy, who is now Senior Director at Microsoft Azure Space. It got me thinking… Firstly.. what a cool job title…. and secondly… what is Azure Space..
It’s quite cool.. Tech and Space!
Microsoft says that “Azure Space was created to be the platform and ecosystem of choice for the mission needs of the space community” . It’s designed to make connectivity and compute increasingly attainable across industries including agriculture, energy, telecommunications, and government.”
Azure Space Overview
I loved researching and sharing some of what I read. What a great project to be part of… Imagine being asked what do you at a networking event and saying “supporting customers on their space missions off and on the planet, using the power of cloud and space technology to help business across industries re-imagine solutions to some of the world’s most challenging problems”
Taking cloud-powered innovation beyond Earth with “Azure Space”.
With the enormous challenges space presents, there also comes great opportunity. The space community is growing rapidly, and innovation is lowering the barriers of access for public and private sector organizations.
Microsoft is the first hyperscale cloud service provider to join the Space Information Sharing and Analysis Center (ISAC) as a member organization and they plan to share our unique global threat insights to protect critical infrastructure and strengthen cybersecurity expertise across the space community.
What is the purpose and applications for Azure Space?
“Microsoft are diligently working to make Azure the platform of choice for the mission needs of the space community, bringing our unique global threats insights to protect critical infrastructure and strengthen cybersecurity expertise in the space industry“.
But…. Its not just about sticking Azure in space stations and shuttles.
Putting compute, data and AI into space makes connectivity and compute increasingly more attainable and accessible across the globe and has huge benefits across industries such as agriculture, energy, telecommunications as well as across the public sector and in particular in regions where traditional connectivity and access to compute is more sparse. Third and developing world nations will also hugely benefit. “ our ambition is to grow the entire world community, which is the basis for Azure Space.”
OK so what is Azure Space though?
Azure Space is basically a set of innovative service offerings, a new partner ecosystem and a global strategy focused on specific core areas to addresses never-before-seen security challenges. Azure Space is made up of 3 main things..
Azure Space Components Overview
Azure orbital
Azure Orbital is a Ground Station As-a-Service that provides communication and control of a satellite and enables satellite operators to communicate with and control their satellites, process data, and scale operations within Microsoft Azure.
Azure Orbital brings satellite data directly into Azure, where it can immediately be processed with market-leading data analytics, geospatial tools, machine learning, and Azure AI services.
In essence Azure Orbital will allow organisations/providers of “space connected stuff”, to take full advantage of the Microsoft’s global network and services infrastructure to build new product offerings and services with the edge, 5G, SD-WAN, and AI.
Azure Modula Datacenter
The Azure Modular Datacenter (MDC) is a complete, rugged datacenter solution for organisations/servjce providers that need cloud computing capabilities in hybrid, sparse or challenging environments like space.
Microsoft designed the MDC to support high-intensity, secure cloud computing in challenging environments, such as situations where critical prerequisites like power and building infrastructure are unreliable. Built on Azure Stack(r), it is a self-contained unit the provides the capability to deploy a complete datacenter to remote locations, or to complement existing infrastructure. The MDC runs primarily on terrestrial fiber, low-bandwidth networks, or be completely disconnected.
Azure Orbital Simulator
With space mow opening up to more commercial and government space organisation, the pace and demand of developing interconnected satellite networks increases exponentially.
To aid with this, Microsoft have created Azure Orbital Emulator, an emulation environment that conducts massive satellite constellation simulations with software and hardware in the loop. This allows satellite developers to evaluate and train AI algorithms and satellite networking before ever launching a single satellite reducing cost, time and money as well as human safety naturally. With Azure Orbital Emulator, Azure can emulate an entire satellite network including complex, real-time scene generation using pre-collected satellite imagery for direct processing by virtualized and actual satellite hardware.
“The Goal of Azure Orbital Emulator is to aid the preparation of space missions with the power of Azure.”
Azure Orbital Emulator is already being used Azure Government customers globally.
Credits and further reading
Some of the content here is referenced/quoted from the full comprehensive report. https://www.helpnetsecurity.com/2021/07/13/microsoft-azure-space and on twitter at @helpnetsecurity. Much of the information comes from Microsoft Azure blogs referenced below.
For further reading (it’s quite interesting) you can read Microsofts official blurb and ongoing updates here.
Microsoft has just announced that they are to acquire cyber security company RiskIQ ina $500m deal.
RiskIQ provide cloud-based software as a service (SaaS) for businesses to identity various phishing, fraud, malware and other online threats.
Risk IQ
Microsoft’s Eric Doerr (VP of Cloud Security) explained in their annoucement how RiskIQ’s expertise and global threat intelligence platform will help their customers to better apprehend online threats in their digital transformation journey with the technology to become part of their integrated Security and Threat protection suite(s).
“The combination of RiskIQ’s attack surface management and threat intelligence empowers security teams to assemble, graph, and identify connections between their digital attack surface and attacker infrastructure and activities to help provide increased protection and faster response”.
Eric Doerr (Microsoft VP of Cloud Security)
Microsoft have a growing and comprehensive industry leading portfolio of integrated security and threat protection solutions for addressing the needs of hybrid and multi-cloud environments. The acquisition of RiskIQ’s expertise follows an ongoing list of acquisitions in the cybersecurity area.
“Our (Risk IQs) technology and amazing people will be a powerful addition to Microsoft solutions. Together, we’ll empower CISOs and security operations teams to proactively detect and defend their enterprise against all threats, both on-premise and across multi-cloud. “
Statement from RiskIQ
You can read the full annoucement in the Microsoft Security Blog here.
Windows 11 is new – in this blog I look into some of the reasons why we have a Windows 11 and not simply another update to Windows 10!
In summary, I think Windows 11 is about three main things which I will discuss below…
Taking advantage of the huge surge in demand in hardware.
A new modern and fresh visual UI
The ability to considerably secure and protect users (not just corporates either)
Wasn’t Windows 10 supposed to be the last version of Windows?
That’s what we all thought, since when Microsoft released Windows 10, Jerry Nixen (a former senior technical evangelist at Microsoft) had said “Right now we’re releasing Windows 10, and because Windows 10 is the last version of Windows, we’re all still working on Windows 10“. This, however, was never really the official line by “THE MICROSOFT”, and was more of a throwaway comment but one that people seem to have remembered (including me!!). Anyway, there is a Windows 11 coming. Period.
To answer the “why”, during the official announcement of Windows 11, Panos Panay said that “You have to step back and consider what’s most important for people right now, and so much has changed over the last 18 months. A lot of the time spent over the last 18 months [within Microsoft] was looking at Windows and what it means to be for what’s next [with hybrid work].”
But why Windows 11 and not Windows 10 2022H1?
“The PC started to move from fitting into people’s lives to shifting our lives to fit into the PC,” said Panos Panay at the announcement of Windows 11 back in June.
Six years after launch, the vast majority of the Windows world is now (finally) running Windows 10. With the surge (ok, like, everyone) suddenly working from home combined with the increase in security threats from phishing and ransomware also combined with the first significant PC growth spurt in more than a decade, Microsoft clearly saw a big reason (and opportunity) to re-invent Windows in a year which has reportedly seen a 75% year-over-year increase in the time people “spent” in Windows.
According to Canlays, “the PC market is expected to remain strong through at least the end of the year and into 2022″ as hybrid working seems set to stay and requires (in most cases) mobile computing which typically have a “refresh” cycle of 3 years (4 at a push). Any Windows upgrade cycle (new version) that Microsoft launch risks causing demand issues (especially with the current silicon shortages), but at the same time, the fact that demand is strong and people are upgrading presents an immediate opportunity.
What’s more important (if you push the marketing and commercial aspect to one side for a moment) is that the devices people are upgrading to, typically support more advanced and modern security standards than the 4 year old devices they are typically replacing!
In short, I think Windows 11 is about three main things
A new modern and fresh visual UI
The ability to considerably secure and protect users (not just corporates either)
Taking advantage of the on-going demand for PCs/laptops.
The new Flashy UI
There is no doubting that the UI in Windows 11 looks different (yet also very familiar). There are a also bunch of new features in the first initial build (with loads more coming in later builds) – you need to bear in mind that there is still at least 5 months of development and refinement to go before Windows 11 is officially launched).
Many of the new features have been shaped around the changing ways in which people have learned, worked and played during the pandemic. As an example,
Universal mute – a new mute button is now present on the taskbar which essentially mutes every app in Windows 11 except your UC app (by that they mean Microsoft Teams), to prevent those embarrassing microphone moments.
Leave my apps where there were mode (ok it’s not officially called that), but Microsoft in Windows 11 finally leaves your apps on the screen you left them when using multiple monitors. In Windows 10, apps are rearranged or moved to single screen when you disconnect or reconnect a monitor. To be honest though – they could have easily (and still could fix this in Windows 10 21H2)
There’s lots more to the UI and reasons why some of the changes (like the centred start menu) are where they are – you can read/watch more about this here
Security, Security, Security
Outside of the cosmetics (which are of course important as it’s what we interface on a daily basis), Microsoft (who by the way invest over $1B in security R&D each year) want to push the market forward to adopt the much needed new security standards. Setting minimum standards around security (rather than just RAM and Processor speed) is of course a good way to this. Again – they didn’t really need a new “version” to do this – after all, Windows 11 is “built” on Windows 10, so with notice and planning they “could” have still achieved the same result in my book, but this way they can continue with Windows 10 (bear in mind that Windows 10 will be supported until at least 2025) but use Windows 11 as the driving force to improve security – something their commercial customers will likely not want to ignore.
Microsoft have been talking about Security from Chip to Cloud with Surface and Windows 10 for about a year now and given the huge demand for new PCs/Laptops, Microsoft should be able to drive a quicker shift towards better security standards. Microsoft sees hardware as a currently security flaw (in many cases) which is why there will be emphasis and requirement on TPM 2.0 for Windows 11 which has been standard in Microsoft Surface for several generations now but has not been a Windows requirement…..until now!
So what is TPM anyway? TPM stands for Trusted Platform Module and even though this technology has existed in new PCs for some years, its only really Microsoft that have talked about extensively. Since TPM 2.0 will be requirement for Windows 11, we will heard a lot more about it from PC manufacturers with Windows 11 certified hardware.
In a recent security blog post from Microsoft’s director of enterprise and Operating Security, they explain in detail the importance of TPM 2.0, along with some other security benefits of Windows 11.
TPM is a chip that’s integrated into a main motherboard on a PC or Laptop and is designed to helps protect sensitive data, user credentials, and encryption keys as well as protect these devices from malware and ransomware attacks, which are becoming ever more common. This, combined with the ransomware protection features built into Windows 11 (and Windows 10) known as “Controlled folder access” will go along way to further protect users and organisation against cyber crime.
TPM 2.0 is a “critical building block for providing security with Windows Hello and BitLocker to help customers better protect their identities and data,” Microsoft explains in their blog.
In addition to the TPM requirements, Windows 11 also provides new built-in security features including:-
Microsoft Azure Attestation, which can enforce Zero Trust policies with supported mobile device management tools like Intune
Support for virtualization-based security, hypervisor-protected code integrity,
Secure Boot built-in, and hardware-enforce stack protection for supported hardware from both Intel and AMD.
Become a Windows Insider and test Windows 11 today
People always ask me “how you download it or get a dodgy build like the one that leaked a few weeks ago”. Its actually really simple and legal to get Windows 11 – but to do so you (or your organisation) need to be enrolled in the Windows Insider Programme. I’ve been a Windows Insider for 6 years now and it’s been a great journey to be (or at least feel) part of the on-going development of Windows moving forward.
I’ve written about what it means to be a Windows Insider before, but you can check out the Real Inside story of Windows 11here.
Watch to learn more about the key design & security concepts of Windows 11
