As Microsofts’ annual dev conference Build opened today (May 19 2020), Microsoft announced the launch of the Microsoft Cloud For Healthcare, — a new Microsoft Industry Cloud solution.
Microsoft said that the solution aims to integrate Microsoft Cloud with an “industry-specific data model” “cross-cloud connectors,” and APIs to better help serve the global healthcare industry.
Global capabilities uniting the healthcare industry
The Microsoft Cloud for Healthcare wi bring together capabilities from across many Microsoft Cloud Services 365. This includes Microsoft 365, Dynamics 365, Power Platform, and if course Azure. This will be powered by a common data model which will allow the sharing of data across various applications to provide better analytics. Microsoft say that this will allow health providers globally to provide better services for patients, clinicians and doctors by helping make it easier to deploy resources to the needs of all hospital and care units.
For example, Cloud for Healthcare, will focus on what Microsoft has identified as important needs for the field, like engaging patients, facilitating health team collaboration and improving operational efficiency, all with strict security measures.
Of course, an important component of healthcare is aftercare, where medical professionals need to keep in touch with their patients to follow up on their recovery and any post opp treatment, tools available to do so are generally limited to follow-up phone calls and emails, which are not only tedious but can sometimes not meet security standards or provide the best care.
Microsoft’s Healthcare Bot Service will be available as part of this service, which Microsoft say is behind more than 1,500 instances of COVID-19-based bots that have gone live globally since March 2020. These bots can help alleviate the strain on emergency hotlines for public and provide health providers while addressing common questions that patients might have.
Microsoft has said that a public preview will be coming in coming days and will be free for 6 months for evaluation, with general availability bringing late this calendar year.
Microsoft has also said that although the healthcare industry will be “first served” with the solution, they also promised that more industry-specific clouds solutions will follow.
What do you think.. Is industry specific Cloud solutions a good next step for Microsoft?
Microsoft’s Azure Cloud and Office 365\Teams collaboration services have seen a significant, in fact colossal, spike in usage over the past week as companies globally continue to deal with an increase in remote workers due to the ongoing COVID-19 outbreak and lock downs that are being put in place to help control the infection rate and curb the impact on the world’s health services like our incredible NHS.
Microsoft said yesterday that in the last week it has seen a 775% increase in the use of its cloud services in regions where enforced social distancing and lock downs have been put in place such as here in the UK, most of Europe and many States in the US.
Microsoft Teams is seeing more than 900 million meeting and calling minutes per day.
Microsoft had previously stated just last week that they was prioritising traffic for critical front line and public services such as NHS as well as also tuning and reprioritising services to cope with this unprecedented demand. This includes prior temporary limits on free offers (outside key workers and NHS for example) to prioritise capacity for existing customers and the downgrading of video in Teams for example to help manage traffic. Microsoft has said that these limits are typically being isolated to regions/locations that are seeing the most demand and that customers impacted can use alternative regions to get around some of the performance hits while they even out and scale out their services to handle the new demands.
Last week, Microsoft has some issues with adding new services to Azure in some regions, including the UK which caused them to “drop below the typical 99.99% success rates.”. This was caused by the huge surge in new Azure Virtual Desktop services being spun up as organisations looked to quickly enable remote desktop to facilitate homeworking after the UK mandated work from home as part of the UK Covid19 lock down measures.
COVID-19 sees huge demand and growth
Microsoft said last week that Teams has “seen a very significant spike” in usage and counted more than 44 million daily users. This week new numbers have revealed that last week they also saw more than 900 million meeting and calling minutes per day.
Windows Virtual Desktop has also seen a 300% increase in the last week with hundreds of thousands of new Desktops being added globally.
Other collaboration platforms like Cisco’s Webex and Zoom have seen similar surges in network traffic tied to the COVID-19 outbreak.
It’s not just Microsoft though…
Microsoft of course isn’t the only Web conferencing provider seeing such growth. Other collaboration platforms including Cisco Webex and Zoom have seen similar surges in network traffic tied to the COVID-19 outbreak.
Cisco has also reported large growth and demand and said Webex traffic from China had increased by more than 2,000% since the outbreak began and that more than 30% of its enterprise customers have reached out for help getting their employees set up to work from home.
Since the start of the outbreak, Microsoft, Zoom and Cisco have made their platforms available for free to most businesses affected by COVID-19 and are having to work relentlessly to expand the capacity of their services to ensure as few disruptions as possible…. All have had growing pains and as the lock downs continue globally, it probably won’t be the last time!
Microsoft Security. Now a Leader in 5 Gartner Magic Quadrants
Whatever you may have once thought about Microsoft and Security, (I remember the days when security engineers would say that its due to the amount of security holes in Microsoft that they have a job) Microsoft is now a global leader in cybersecurity, and invest more than $1b annually in security R&D as well as processing more than 6.5Trillion security and threat signals per day to protect organisations and further enhance and develop their platform and their customers businesses.
Gartner has now named Microsoft Security a Leader in five Magic Quadrants whichclearly demonstratesbreadth and depth of their security portfolio and depth of integration across their platforms. The leader awards include…
Cloud Access Security Broker (CASB)
Enterprise Information Archiving
Unified Endpoint Management (UEM)
Endpoint Protection Platforms
Gartner places vendors as Leaders who are able to demonstrate balanced progress and effort in all execution and vision categories. This means that Leaders not only have the people and capabilities to deliver strong solutions today, they also understand the market and have a strategy for meeting customer needs in the future.
Given this, Microsoft Security doesn’t just deliver strong security products in five crucial security areas only, as you look across the Microsoft 365, Azure and Dymanics platforms but also across customers in premise and 3rd party cloud providers, they are able to provide a comprehensive set of security solutions that are built to work together, from identity and access management to threat protection to information protection and cloud security.
Their services integrate easily and share intelligence from the 6.5 trillion of signals generated daily on the Microsoft Intelligent Security Graph. Customer thst are bought in to the wider Microsoft Security approach can monitor and safeguard identity, devices, applications and data across their end to end infrastructure and cloud solutions whether that is Microsoft Azure, Amazon Web Services, Slack, SAP, Citrix, Oracle, Salesforce, Google or many many others.
They key to this is their ability (like few others) to unify their security tools, bringing end to end visibility into their customer entire environment all drawn together with their new SEIM platform Azure Sentinel.
Where are the gaps?
There are some… Some of the main ones I see are around
1. Web security and DNS security.. The kind of stuff Cisco does really well with Umbrella for example.
2. Network and LAN segmentation. This is possible in Azure but other than some relatively “old” Network Access Control services in Windows Server, this is also an area Microsoft don’t really play in.
3. Industry Specific scenarios where long (99 year or so) retention policies and archiving is required. These are areas where solutions like Proof Point do really well in my experience.
What others do you see? Interested in your views and comments..
An Azure Dedicated Host provides a single-tenant, physical server that can be used to host your Azure virtual machines for either Windows and Linux. Unlike normal Azure hosts, the server capacity in a dedicated host is hardware-isolated (as the name suggests) and is therefore not shared with other customers, meaning you can now run general purpose, memory or compute intensive intensive workloads in a hardware-isolated and virtualized server environment dedicated to your organisation.
Azure Dedicated Host, helps organisations address specific compliance requirements while increasing visibility and control over the underlying virtual infrastructure. This has the following key benefits:
Increase control without limiting choice
Deliver against your compliance needs
Reduce cost by leveraging you Azure Hybrid Rights Benefits
Increase control without compromising choice
Azure Dedicated hosts support Windows, Linux, and SQL Server virtual machines on Azure. The full range of options and scale are available, from server type, CPU type, number of cores, plus all the additional features. The underlying hosts are provisioned as single-tenant and dedicated to your Azure VMs and workloads for maximum security, compliance and placement control. All platform-initiated maintenance operations, such as OS patching, or hardware or software reboots can be scheduled as needed so you have full control like you’d have with on-premises workloads.
Deliver against your compliance needs
Azure Dedicated Hosts mean that its easier for your organisation to comply with your corporate or regulatory policies and standards by taking advantage of the vast range of industry certifications that Azure has earned. Add this to the fact that you can now locate Azure VMs on an isolated and dedicated physical server that runs only your workloads, you can be sure you are meeting your compliance guidelines and standards.
Reduce costs by using existing software licenses
With Azure Dedicated Hosts, you can still use your on-premises Windows Server and SQL Server licenses with Software Assurance benefits, or subscriptions with equivalent rights, when you migrate your workloads to Dedicated Host. Azure Hybrid Benefit licensing terms are available only on Azure. Microsoft also give you free extended security updates for Windows Server and SQL Server 2008 and 2008 R2 for another 3 years (bear in mind these go end of support otherwise in January).
How are they priced
Pricing is surprisingly simple..
Dedicated Host is charged at the host level regardless of the number of Azure VMs you run on the host.
Software licenses are billed separately from compute resources at a VM level based on usage.
Today saw Day 1 of Microsoft’s Annual Ignite conference in Orlando.
As expected there was a lot of hot (mainly Teams and Azure) news announced first thing and after reading many of the blogs, tweets and linked in posts, I’ve tried to summarise and include all the main (and my favourite) highlights (so far) in this one post.
This will likely be out of date before I finishing writing it, as there will be other “smaller” announcements through the day and into the rest of the week. We have also seen some other key big announcements from Microsoft partners and even their “competition” all Microsoft focused of course.
1. Microsoft Teams: Wealth of new features and integrations from Cisco and Zoom.
As expected, Microsoft Teams got some big announcements today, with the much anticipated roll out (this week) of secure private channels. Also announced was early 2020 roll out of pinned channels, multi-window chats and meetings. Microsoft also announced new integrations with To Do, Microsoft Planner, Project, Outlook, Yammer and the newly updated Power Platform.
2. Breaking down the vendor wars with improved meeting room and interop between Cisco and Zoom
Microsoft and Cisco have announced a partnership to work together to simplify the interop between Microsoft Teams Rooms and Phone System with Cisco Webex Room devices and IP voice gateways respectively and includes three new initiatives to help customers to get more out of their current investments.
Cloud Video Interop (CVI): Cisco Webex will introduce an interop solution that will be certified as a Microsoft Cloud Video Interop (CVI) solution and will allow Cisco Webex Room devices and SIP video conferencing devices to join Microsoft Teams meetings with a reliable interop experience. Coming early FY20.
Direct guest join, for meeting room devices: Cisco and Microsoft are also working together on a new approach that enables meeting room devices to connect to meeting services from other vendors via embedded web technologies. They announced a new “direct guest join” capability from their respective video conferencing device to the web app for the video meeting service.
Direct Routing for Phone System: At the heart of Microsoft Teams Direct Routing are Session Border Controllers (SBC). Since many customers also use Cisco Networking technology including SBCs and want both companies to provide joint solutions that do not require replacement of key infrastructure. Support for Cisco as a certified SBC is due in CY2020.
Zoom and Microsoft also announced that they have worked together to enhance conference room interoperability and simplify how users connect to third-party meetings.
This Zoom and Microsoft collaboration provides interoperability between the Zoom conference room solutions to provide streamlined meeting experiences. This will mean Zoom Rooms will be able to join Microsoft Teams meetings and Microsoft Teams Rooms will be able to join Zoom meetings, all without the purchase of additional licenses or third-party services. This is coming early CY2020.
3. Microsoft Flow is renamed to “Power Automate”
So this might take some time to grow on me, but Microsoft Flow, is being renamed to Power Automate. The name change was announced to allow the platform to “better align” with the wider Power Platform. Microsoft Flow (Sorry Automate) is also getting new a bunch of new features including Robotic process automation (RPA) for automating complex processes that span legacy and modern applications.
4. New: Microsoft Endpoint Manager
Microsoft Endpoint Manager is an integrated solution that promised to centrally and securely manage all of the endpoints across an organisation. This the next major milestone for Intune and will bring together Microsoft Intune and System Center Configuration Manager functionality while also adding a new intelligent actions and analytics.
Endpoint Manager will deliver a unified, seamless, end-to-end management for Windows, Android and Apple devices, apps, and policies without the complexity of a migration or disruption to productivity.
Expected in Q1 of 2020, Microsoft have also said they will be making Intune available to all existing SCCM customers for Windows PC management, meaning that Starting on 1st December 2019, customers can start to co-manage these devices in Microsoft Endpoint Manager, and start using cloud-powered features like Autopilot and Desktop Analytics.
5. New Chromium-based Edge: Jan 15 2020 Release
Actually one of my favourite #Geekouts right now – Microsoft has said that January 15, 2020 will be be for official release date of their new Chromium-based Edge browser for Windows and Mac. Microsoft announced that a “release candidate” build is available to download today in more than 90 languages which can be installed alongside the Canary, Dev, or Beta builds you may already be running or testing.
If you are a big Google Chrome fan, I urge you to try this out – its a really great browser and has loads of enterprise features built right in including native integration with your Office 365 environment.
I’ve been using this for a while (well a week or so) and today Microsoft is making this generally available for preview. The new Office Mobile app for iOS and Android combines Word, Excel, and PowerPoint functionality into a a simple single mobile app, similar to the old Office Hub on Windows Phone for those that remember it!. The new app has a really useful comes with an “Actions” pane, with easy access to common tasks, including scanning documents.
7. New: Project Cortex – a Microsoft 365 application that leverages AI to help better organise company data
Microsoft today, announced Project Cortex, the first new Microsoft 365 app since the announcement of Microsoft Teams that uses AI to analyse business data and in turn create a kind of neuro-knowledge network. The app will be able to organise data into different projects and customers, and make it easier for employees to find important info that can be buried in documents, conversations, or videos across their hybrid IT environment. This to me sounds a bit like Delve on steroids and one I need to read a bit more on (as I’m sure you will too), but it seems to be able to recognise data in documents and pull them together into actionable and useful information.
Yes..is a battle to win one of the biggest contracts in the cloud, #Microsoft has won the sought-after #JEDI cloud computing contract with the #Pentagon valued at as much as $10 billion over a decade, dealing a blow to the market leader, #Amazon \ #AWS which had been the front-runner.
What is J. E. D. I?
JEDI, Not related to Starwars in anyway, the 10-year contract for the Joint Enterprise Defence Infrastructure, is aimed at making the US defence department more technologically agile. The US Department of Defense wants to replace its aging computer networks with a single cloud system.
Under the contract, Microsoft will provide artificial intelligence-based analysis and security as well as host secure and highly classified military secrets among other services.
The #Pentagon have said “JEDI continues our strategy of a multi-vendor, multi-cloud environment as the department’s needs are diverse and cannot be met by any single supplier.”
Microsoft haven’t formerly commented as yet so expect to hear more when they do.. This is a collossal win for Microsoft and for any company with a deal of this size.
The move from traditional on-premises IT solutions to cloud services has seen a dramatic change in the way that systems are managed and controlled. The access to services from any location and using any device means that a lot of the traditional management methods are not feasible.
Identity (not the firewall) is the modern control pane. Your user identity (and how ever its protected) is typically the key to your applications, devices and data within the modern workplace so keeping it safe should be paramount.
The UK National Security Agency, any reputable security company or agency will advise you not to use the same password in multiple places, to make it complex, and to not make it simple like Password123 or Comanyname2019 for example.
What is Azure Identity Protection?
Aslong as your organisation uses Microsoft Azure AD – which it will if you use Office 365 (and have Azure AD Premium P1 or P2), Microsoft provides a nifty service (known as Azure Active Directory Identity Protection) that can go a long way in helping organisations guarantee that their users are follow industry (and your) security guidance and that they aren’t using common passwords or passwords that are known to be included in recent data attacks and breaches.
In addition to the automatic protection provided by Microsoft’s Threat Intelligent, Azure Identity Protection also allows you to manually specify up to 1,000 custom passwords. I’d strongly recommend adding (or using) the top 1,000 common passwords which is available on GitHub as a starter and then adding your own organisation’s name, and any common terms used in your company or industry to the list.
If you haven’t used the service before, you can run this in “Audit” mode to allow you to review the number of “hits” against the new policy before enforcing it. Once enforced, when any user tries to set/reset their password, their password is “scored” based on a combination of risks including use of known and common /custom passwords or known breach credential/password.
How are passwords evaluated?
Whenever a user changes or resets their password, the new password is checked for strength and complexity by validating it against both the global and the custom banned password list (if the latter is configured).
Even if a user’s password contains a banned password, the password maystill be accepted if the overall password is strong enough otherwise. A newly configured password will go through the following steps to assess its overall strength to determine if it should be accepted or rejected.
An invalid password reset attempt which is poorly scored as secured, will be rejected and the user will receive an error message similar to the below:
“Unfortunately, your password contains a word, phrase, or pattern that makes your password easily guessable. Please try again with a different password.”
Reviewing the effectiveness
As well as users being informed (and prevented) to setting a password that is “banned”, admins can also see this activity in the Security Logs.
Read more from Microsoft
Microsoft provides a lot more detail and examples on how this works here:
This long awaiting announcement builds upon the previous Citrix HDX Realtime Optimization Pack for Skype for Business that has been used by nearly three quarters of a million users according to Citrix to achieve a native-like experience for Skype for Business within their virtual environments.
The diagram below, from Citrix illustrates the high level technical architecture of how this works.
As with the Skype for Business version, customers will get what is promised to be a fully native, fully featured Microsoft Teams experience within their Citrix Virtual Applications and Desktops. This wont just support the chat and collaborative features within Teams but will support the full HD voice, video and content sharing features. Citrix said that the upcoming update to the the Citrix Workspace app has a “built-in multi-platform HDX Media Engine that ensures optimized device and media handling, with audio, video, and screen sharing offloaded to the users device”.
This is currently in technical preview and Citrix have said that it should be released fully in the next couple of weeks. and will be shipped inline with an updated Citrix Virtual Apps and Desktops release.
Citrix have also said that once on the new version, they will need to deploy the VDI ready version of the Microsoft Teams client – no announcement was made when this version/update was expected however.
You can read the full announcement from Citrix here:
Microsoft and Dell have together announced a new partnership between themselves to deliver the full VMware cloud infrastructure natively in Microsoft Azure.
The partnership will allow customers to deploy and mansage VMware’s “Cloud Foundation”technology natively in Azure. Customers will be able to migrate and manage their on-premise workloads to Azure without needing to reconfigure any of their their applications or services.
What is unique and really impressive here is that unlike VMware’s partnership with Amazon, known simply as “VMware on AWS”, the Azure/VMware service will be fully managed by Microsoft.
Thsi partnership will also allow VMware to extend the capabilities of Microsoft Windows Virtual Desktop leveraging VMware Horizon Cloud on Microsoft Azure just like Microsoft have already done with Citrix.
Why would Microsoft be promoting VMware on Azure?
Despite the market share gains and traction Microsoft has with Hyper-V, there is no denying that VMware has an incredible install base which is still growing at an impressive rate. VMware customers are loyal and its customers know their products well. Brining the complete on-premise solution of virtualised compute, storage and network into Azure will not only help drive Azure consumption and growth but it does so on the customer’s terms without them having to compromise their investment and experience of VMware.
Is it available now?
Not yet, initial capabilities are expected to be available as a technical preview by the end of CY 2019.