Microsoft have announced that real-time co-authoring support for encrypted documents (which has been in preview for a while) is now generally available. Co-authoring is a feature that allows users to collaborate on documents across Word, Excel, and PowerPoint for example, but it only worked on files that weren’t protected with encrypted….. until now.
Image (C) Microsoft
“With Microsoft 365, when sensitivity labels are used to encrypt Word, Excel, or PowerPoint documents, multiple users can now edit these documents in real-time with AutoSave, empowering teams to do their best work while maintaining protection across the document lifecycle,” Paras Kapadia, Principal Program Manager for Office 365 explained.
Co-authoring support for protected files is supported now on the Web, Windows and Apple Mac clients and willbe coming to iOS and Android “soon“.
You must “enable it” to enable it!!
It’s worth noting that unlike many Microsoft 365 features which are “on by default”, organisations who want to use co-authoring on protected documents need to enable this in the Microsoft 365 Compliance Center.
Microsoft 365 Compliance Centre
Microsoft also provide full guidance for admins on how to do this here. Please note: once enabled, you need to contact Microsoft support should you want/need to turn this off for any reason.
Windows 11 will be the first version of Windows developed under the leadership of Panos Panay.
In final stages of development, tweaks and bug squashes before the official release in October, Microsoft is introducing Windows 11 as the first version of Windows developed for a hybrid work world. Windows 11 will ship with a major UI design overhaul, new start menu, new modern components (though some legacy components still remain) and what is touted to be a much more developer-friendly App Store,
Faster and More efficient
It’s important to also know that there are is also a heap load of important changes under the hood of Windows 11 too.
Microsoft have provided various technical docs along with a new YouTube video from Microsoft Mechanics which detail these various optimisation and performance improvements which you can watch below.
Windows 11 performance improvements
If you watch the video, you will see the Windows Management team explain why and how Windows 11 feels more responsive and faster than Windows 10 on the same hardware due to “a lot of work in memory management to favour the app windows you have running in the foreground so that they’re prioritised with more CPU and other system resources.”.
Unlike Windows 10, Microsoft have ensured that with Windows 11 foreground optimisation now also applies not only to the focus and running apps but also to the Windows shell and open tabs within Microsoft Edge (made possible though Microsoft Edge’s Sleeping Tabs feature).
Microsoft claim that this results in average Memory efficiency gains of 32% and up to 37% for processor usage, which of course therefore equate to faster performance, better mutki taking and more efficient use of battery (longer life).
Microsoft also explains in the video, they have achieved an “almost instantaneous” resume from sleep experience for most Windows 11 users. Microsoft also claim that Windows Hello is now 30% faster also (not that it was slow before).
A word in updates too..
Finally and probably one of the most noticeable things I have found in testing as part of the Windows Insider Programme is that Windows 11 updates are and will be significantly smaller and faster to install.
With the updated Windows Update, the update components only download the necessary files from Microsoft rather than the whole update making updates on average 40% smaller. Thus reducing network bandwidth and increasing update speed. Which is massively noticeable with updates (in testing) taking well under 5 mins.
Read more..
You can read more on this on the Microsoft Tech community here.
Microsoft has annouced and launched (starting today) Microsoft Start, which is a new(ish)/revamped personalised news service which pulls together personalised and targeted news and information from the Microsoft anews Service (MSN) and from “more than a thousand” other publishers.
“Microsoft Start” (image (C) Microsoft)
Microsoft Start will be available via the web at MicrosoftStart.Com, from the Microsoft Edge “new tab” page, Windows PCs, tablets and mobile devices and will provide a consistent yet personalised feed with news feeds and stories coming from a over a thousand selected publishers, which will be fine tuned as users like or dislike content or content types that appear in their feeds as Microsoft Start learns more about the user.
“Microsoft Start brings new technology to content experiences, including Microsoft’s latest advancements in AI and machine learning, coupled with human moderation, to help people stay up to date with information that is personalized for their interests.”
Liat Ben-Zur | Microsoft CVP
You can read the official annoucement from the Microsoft blog here:
Get started with MicrosoftStart
The Start experience currently looks and feels familiar (I’d almost go as far as saying the same) as the existing MSN service. Users can customise Start by clicking on the “Personalize” button which will allows access to managing interests and tweaking the types of news recommendations the service provides.
Microsoft Start seems to be a combination of a number of different Microsoft services, including Cortana and MSN. For example the Cortana app (as it was) was able to use AI and Machine Learning to determine your interests and display the latest “useful” news and headlines in the feed, as well give you travel time estimates based to meetings based on your location.
Microsoft Start has adaptive “cards” similar in some ways to the old “live tiles” in Windows 8-10 and the widgits in Windows 11 today. These cards provide updates to things like local weather, breaking news, finance, traffic, and sports etc.
The experience on Edge is pretty much no different to the current MSN one and the http://microsoftstart.com url even redirects you to https://www.msn.com but I expect this will change over the next few days as the service rolls out.
Microsoft do say though that Microsoft Start doesn’t replace MSN.com, and the dedicated Microsoft News app for Windows 10 and Windows 11 will continue to exist for the time being.
Why the name change?
You’ve got me on this one….
Microsoft haven’t offically revealed why they have brought in a brand new name for the service. Microsoft News Service (MSN) worked for me (like Apple News, or Sky News or BBC news) it was it was and did…
I’m sure we will find out more at somepoint though… There’s always a reason after all..
Available now…..
Microsoft Start is live now at MicrosoftStart.com, and is live on the Microsoft Edge new tab page (try it), the News and interests taskbar thingy on Windows 10, and also in the Widgets app IN Windows 11.
In the coming days, the Microsoft News app on Android and Apple iOS will be updated and rebranded to Microsoft Start (so don’t confuse it with something else!) .
Microsoft have announced a more cost effective endpoint protection plan for Microsoft 365 and Windows customers. Named Microsoft Defender for Endpoint P1 this provides comprehensive threat prevention and protection for any endpoints including those running Windows, macOS, Android, and iOS and will be included for free in Microsoft 365 E3/A5 SKUs.
The existing Microsoft Defender for Endpoints SKU will become Defender for Endpoints Plan 2 and is the version currently included in Windows E5 and Microsoft 365 E5.
Microsoft say that this new solution “will make it easier for more security teams across the globe to buy and adopt the best of breed fundamentals of Microsoft Defender for Endpoint” and will provide generation protection, device control, endpoint firewall, network protection, web content filtering, attack surface reduction rules, controlled folder access, device based conditional access, APIs and connectors, and the ability to bring your own custom TI are some of the capabilities of this new plan.
Why now?
The endpoint remains one of the most targeted attack surfaces as new and sophisticated malware and ransomware continue to be prevalent threats and it’s not slowing down. Ransomware in particular continues to persist and evolve, financial damage continues to increase, and the impact is felt across numerous industries.
Over the last year, Microsoft have seen more than a 120% increase in organisations who have encountered some form of ransomware attack as shown in the graphic provided by Microsoft.
Image from Microsoft Security
Microsoft are keen to ensure they provide “security for all” and this comes just days after a commitment with Biden to invest more than $20billion in security over the next 5 years.
Microsoft claims they already provide best of breed, multi-platform, and multi-cloud security for all organisations across the globe and their integrated suite of security and threat protection and remediation services provides simplified, comprehensive protection that prevents breaches and enables our customers to innovate and grow.
Microsoft say that “as part of that commitment, we’re excited to offer a foundational set of our market leading endpoint security capabilities for Windows, macOS, Android, and iOS at a lower price in a new solution to be named Microsoft Defender for Endpoint Plan 1 (P1) which will also be included in Microsoft 365 E3 for free.
Licensing and Pricing
The great news is that “Plan 1” will be included in Microsoft 365 E3 /A3 at no addition cost and will be a made available as a low cost add-on for other SKUs. Microsoft 365 E5/A5 will continue to include Defender for Endpoint “Plan 2”.
This is currently in public preview, meaning you can sign-up for it for free for 90 days now. After the 90 days is up, you can buy this from your friendly Microsoft CSP or licensing partner. Customers already of Microsoft 365 E3/A5 will get this for free once released for General Availability (within the next 90 days) and will then be able to enable/user the service.
How to buy Defender for Endpoints Plan 1
Plan and Plan 2 compared
The diagram below shows the extent of the threat protection and remediation services offered by Microsoft Defender for Endpoints.
Microsoft Defender for Endpoint (C) Microsoft.
Plan 1 is aimed at organisations looking for mainly endpoint protection (EPP) where you get best of breed fundamentals in prevention and protection for all your client endpoints. It includes next generation protection, device control, endpoint firewall, network protection, web content filtering, attack surface reduction rules, controlled folder access, device based conditional access, APIs and connectors, and the ability to bring your own custom TI. Finally, it includes access to the Microsoft 365 Defender security experience to view alerts and incidents, security dashboards, device inventory, and perform investigations and manual response actions on next generation protection events.
Plan 2 is aimed at most larger enterprises who need full endpoint detection and response (EDR). This builds on Plan 1 and provides full EDR capabilities to further prevent security breaches, reduce time to remediation, and minimise the scope of attacks with vulnerability management, endpoint detection and response, fully automated remediation, advanced hunting, sandboxing, managed hunting services, and in-depth threat intelligence and analysis about the latest malware campaigns and nation state threats.
The below table offers a comparison of capabilities are offered in Plan 1 versus Plan 2.
Image (c) Microsoft.
Getting Started
You can sign up for the preview using the link here, and Microsoft have provided a detailed blog which goes into more detail than have shared above also provide a simple walk-through for admins and sec ops.
You can also read the latest Gartner report which details Industry leading security capabilities.
Here’s my summary of the top new capabilities and changes that were released in Microsoft Teams over the summer break.
As usual the official teams blog details all the changes in detail as usual. Here’s the high level summary however.
Meetings and webinars
Here’s the new and updated for meetings and webinars in August:
Reporter and Side-by-Side options in Presenter Mode when sharing / presenting content.
New assignment experience in separate window for Teams Breakout Rooms.
Live Captions and Live Transcript in 27 additional languages.
Ability to start recording and live transcript simultaneously.
Ability to set meetings to start recording automatically.
Image courtesy Microsoft
The new presentation modes, namely, reporter mode and side by side mode are the main new standout features for meetings and webinars this month. In this presentation mode, Teams places the presention / screen behind or next to the presenter and places content next to them in a similar way to how a presenter looks on TV.
Teams Room Devices
A fair number of new features and enhancements was released for Teams Room devices this month including the following…
Image from Microsoft
NativeSupport for screen sharing with HDMI ingest
Auto answer for Meet Now meetings
New remote provisioning and sign-in experience for admins
1080p resolution for outgoing video
Teams panels released and shipping
Ability to better customise the Teams panels experience with Teams Extensibility/LoB app support
Ability to hide / omit meeting names for sensitive spaces or meeting topics
New bunch of Teams Certified Devices
Teams Education updates
Teams for Education got a chunk of updates over the summer holiday, the biggest new feature being the Reading Progress feature, which lets students practice their reading. Teaching staff can review the recorded practice of students within the Assignments section of Teams.
Here’s key features and changes that rolled out for Teams for Education in August 2021:
Ability to create, edit, and join Microsoft Teams meetings in Canvas.
Ability to communicate and collaborate with class teams from Blackboard.
Reading Progress feature addition.
Updated and simplified navigation across class teams.
The full verbose version
The full list of features and enhancements can be found in the official Teams Blog here.
Microsoft announced today that Windows 11, will be officially released on October 5, 2021 and will start rolling out to “eligible” Windows 10 devices on that date onwards.
Windows 11 will also come pre-installed on many new devices from Microsoft, Dell, Lenovo, Asus, Samsung etc.
Windows 11 is already available for WindowInsiders and the “beta testing” will continue though to October 5 and then continue for the next batch of feature releases as it did with Windows 10.
Windows 11 start menu
Windows 11 requirements
Whilst Microsoft annouced last week that some select 7th gen Intel chipsets (like Surface Studio 2) will support Windows 11, in most cases the core system requirements include:
‘modern’ 64bit dual-core or higher CPU
4GB of RAM (but 8GB ideally)
64GB storage (SSD ideally)
DirectX12 supported GPU
Secure Boot
TPM 2.0 chip (enabled) in UEFI settings
Phased Rollout
As usual with Windows updates and upgrades the Windows 11 upgrade will roll out gradually to devices that meet the minimum requirements for Windows PCs and say their upgrade system will use “intelligence algorithms” to make it available on more devices over time. “We expect all eligible devices to be offered the free upgrade to Windows 11 by mid-2022,” Microsoft said in the annoucement.
Interestly, Microsoft said last week that users will be able to use Windows 11 ISOs to manually install Windows 11 on unsupported PC though there is a caveat in that Microsoft are not committed to service these devices via Windows Update, and that includes security updates.
One thing to note is that Android app support, a feature announced during the Windows 11 unveiling event, won’t be shipping this year but will start testing with Windows Insiders soon.
What about Windows 10 support
For devices not capable of running Windows 11, or for users/organisation not ready to move to Windows 11, Windows 10 will still be supported through to 2025.
In addition to the recent price rises annouced last week to almost all Microsoft 365 plans (other than the highest E5 plans), Microsoft also annouced some good value news for users of Microsoft Teams.
And today, we are announcing that we will add unlimited dial-in capabilities for Microsoft Teams meetings across our enterprise, business, frontline, and government…
Jared Spataro, Corporate VP | Microsoft 365
What’s it currently cost?
At time of writing, Microsoft’s PSTN Audio Conferencing is included with Microsoft 365 E5 and Office 365 E5 (for free) but requires an add-on licence for all other licences such as E3 (the most common base licence across most organisations).
The PSTN audio conferencing licence (add on) is currently priced at circa £3pupm (about $4) and for enterprise customers on an Enterprise Agreement (EA), there is also an option to pay via Pay Per Minute billing.
What about dial-out conferencing?
In the official Microsoft blog, they refer to unlimited dial-in conferencing and do not specifically talk about any changes to dial-out conferencing where a meeting participant calls a user into a conference from a meeting rather than them dialing in.
Under the currently model, each licenced user gets a pooled 60 minutes per user per month that can be used to dial-out to non-premium numbers in any of the Zone A countries. More info on that here.
It’s not known (well I couldn’t find it) if this is also changing under the new plan.
Big value or not?
Microsoft has more than 300 million commercial paid seats, though less than 10% of these are E5 so adding this value to all Office/Microsoft 365 plans is of course welcomed value.
This, on the Surface is clearly good news and should potitivley impact a very large number of organisations (assuming they use Microsoft Teams for meetings of course) adding more value to the license they pay for (price rises aside of course).
The question remains of course, as in todays online world how many people still “dial in” to conferences and this of course limits the other mediums and media in a teams meetings such as video, content sharing/viewing and app Co authoring but is useful in situations where you are perhaps driving, travelling or in a area with no or poor Internet connectivity.
Announced this week on the Microsoft 365 Admin Center, the latest version of Whiteboard is now rolling out to Microsoft Teams and Web users but is also coming soon for Windows and iOS. The new features are coming in 2 waves with the first set of updates coming now.
Rolling out now
This 1st new update brings new collaboration capabilities including new sticky note colours, highlighter colours, new content types, improved inking support and a few other features. There’s also a “read-only mode” for education.
More on the way…
In addition to these features, Microsoft is also agressively working on additional features (due late September), including laser pointer, collaborative cursors, customizable templates, better object alignment, and a new lick of pain for the overall UI which also promise to bring performance enhancements to the Whiteboard app performance in Teams and web clients. These were annouced at ignite earlier this year.
Microsoft’s have annouced the first ‘substantive’ price increase for many of its commercial Office 365/Microsoft 365 subscription plans is coming in March 2022.
On March 1, 2022, Microsoft will be increasing prices for most of its commercial Office 365 and Microsoft 365 subscriptions with the exception of consumer, education and also Microsoft 365 E5, which will not be increased.
The increases will range from $12 per user per year more for Microsoft 365 Business Basic, to $48 per user per year more for Microsoft 365 E3. In some cases, Microsoft is increasing prices to match those of the competition (read, Google), officials said. In other cases, it is adjusting prices to reflect the considerable value added to the Office 365/Microsoft 365 suites over the past several years, they added.
Microsoft have said in a blog post that since the introduction of Microsoft 365 four years ago, they has added 24 apps to their Office 365/Microsoft 365 suites, including Teams, Power Apps, Power BI, Power Automate, Stream, Planner, Visio, OneDrive, Yammer and Whiteboard as well as over 1,400 new features to its the core products across Microsoft 365 subscriptions over the past decade.
How much are the increases?
I’ve only seen the US$ pricing so far, but price increases range from $12 pupm for Microsoft 365 Business Basic, to $48 pupm for Microsoft 365 E3. In many cases the reason for these increases is to reflect the considerable amount of value added services added to the Office 365/Microsoft 365 over the past few years.
Microsoft 365 Business Basic up $1 to $6pupm
Microsoft 365 Business Premium up $2 to $22 pupm
Office 365 E1 up $2 to $10 pupm
Office 365 E3 up $3to $23 pupm
Office 365 E5 up $3 to $38 pupm
Microsoft 365 E3 up $4 to $36 pupm
Microsoft 365 E5 No change at $57 pupm.
Microsoft 365 F SKUs – No change.
Jared Spataro, Microsoft Corporate VP for Microsoft 365 said “Microsoft believes the changes in prices may make the Microsoft 365 E5 SKU even more attractive” to customers”.
Take but give back..
Microsoft also said (more quietly) that that will be adding unlimited dial-in capabilities for Teams meetings across all its paid enterprise, business, frontline worker and government suites over the next few months (after offering free conferencing on a limited time for the last 12 months). This will help drive more people towards audio dial in (and presumably voice services) within Microsoft Teams and allows meeting participants to dial-in and join a Teams meeting from any device. Without needing the Teams client installed.
Read more….
For the official annoucement (US only at time of writing), read the official blog here.
MICROSOFT and Rubrik (a US-based, Gartner leading data backup and protection company) have announced a new strategic partnership which will see them working together to providing Zero Trust data protection to help organisations protect and mitigate against the rising threat and risks of ransomware attacks across cloud and hybrid cloud environments, including or course Azure and Microsoft 365.
This work will address the rising customer needs to protect against surging ransomware attacks, which are growing 150% year on year.
As part of the partnership, Microsoft has also made an equity investment in Rubrik.
Who are Rubrik?
Rubrik work with enterprise customers, helping them protect and recover from ransomware attacks, automate data security operations, and transition data from on premises data centres to the cloud.
Like Microsoft, Rubrik takes a Zero Trust approach to data management, which follows the NIST principles of Zero Trust. Zero Trust is based on the concept of “never trust, always verify.” In practice, this means that access to any resource within the network must be subject to specified trust dimensions, or parameters. Failure to meet these parameters results in denial or revocation of access. This is in complete contrast to previous security models thatassumed implicit trust within the network perimeter.
Rubrik said in an annoucement that;
“As the pioneer of Zero Trust Data Management, Rubrik is helping the world’s leading organizations manage their data and recover from ransomware. Together with Microsoft, we are delivering tightly integrated data protection while accelerating and simplifying our customer’s journey to the cloud.”
Bipul Sinha | Co-founder and CEO |Rubrik
The better together story
Rubrik and Microsoft are already partners and according to Microsoft in their press statement, have been working together with over 2,000 mutual customers using Azure across six continents. In a press release announcing this new strategic partnership, Microsoft said that “the two companies will be providing Zero Trust data protection for hybrid cloud environments, including Microsoft 365“.
“End-to-end application and data management is critical to business success, and we believe that integrating Rubrik’s Zero Trust Data Management solutions with Microsoft Azure and Microsoft 365 will make it easy for customers to advance their Zero Trust journey and increase their digital resilience. ”
Nick Parker, Microsoft CVP Global Partner Solutions.
Summary and Thoughts
The data backup and recovery market is a big and crowded marketplace with leading companies like Veeam, Acronis, Veritas, ArcSerce, Commvault etc, making data backup and recovery their market and currency.
Magic Quadrant for Enterprise Backup & Recovery
Microsoft uses a “shared responsibility” model for data and availability in that they take responsibility for the services being available, online and resilient, but it’s up to the customer delivered online to govern, secure, backup, and maintain their data and content which has been where the traditional backup and recovery vendors have stepped in.
This investment could signal a new longer term area of focus and growth for Microsoft which could put pressure on the other vendors in this space especially if Microsoft now have a vetted interest to have a “preferred” partner / vendor for data protection and recovery.
What do you think?
Do you work with or use Rubrik for data protection? How do you see this playing out. Good or bad for the market?
Microsoft Teams is getting a new much needed feature that will allow users to swap between shared content and the Gallery view during meetings.
Now in Public Preview, this new feature is (though I’m sure it was there once before) rolling out to users enrolled in the public preview channel using Windows 10 and macOS clients.
What does this new feature provide?
The new swap experience (supported in both large gallery & dynamic mode as well as Together Mode) finally means that users can now simply swap between any content being shared and on their chosen participant video feeds, bringing participant videos to the center and content like shared desktop/window, PowerPoint presentation or Whiteboard etc to the side or top.
Clicking on the shared content again brings the shared content back to the center of the meeting window. Gallery view and Together mode. Previously, the app used to disable the 49-person Large Gallery view in screen sharing mode, but this release lets users enable Large Gallery while sharing content or screen.
This may sound like a little thing… It is, but it’s been a niggle of many of my customers (and me once I discovered you actually couldn’t do…. I’m convinced I used to be able to).
A few bugs…
I’ve only tried this a few times in meetings as it “lit up” for me today and there a few bits that don’t quite work yet (which Microsoft do state in their blog).
In the preview version, Whiteboard content and PowerPoint Live presentations cannot be viewed in the swap state though I expect this will get sorted before it’s officially live for everyone.
If you have this preview feature, test out and make sure to file feedback via the Teams Feedback section in the app.
This week (end of July 21), Microsoft made Windows 11 available to #WindowsInsiders in the BETA channel (it’s been available for a month now in the DEV channel).
To help Insiders (and the general consumer and corporate) understand exactly what did and is going into the development of Windows 11, Microsoft have put together a informative “Windows 11 Innovation Portal”
What’s inside?
The portal has a collection of videos from various key Windows 11 developers, marketing managers and Panos Panay himself which look at how general product feedback from users and #WindowsInsiders have helped and will continue to help shape Windows 11.
Windows 11 Insider portal
Other videos in the collection focus on the extensive ways in Windows11’s accessibility features have been designed and there’s then a section of info and videos that introduce some of the newly designed and AI fueled features such as the new start menu, touch keyboard, voice typing, snap view and new “tablet posture”.
So.. If you want to know more (before during or after you’ve installed Windows11) check it out now and let me (and other #WindowsInsiders) know what you think.
Microsoft 365 now has “Safe Links” protections across Microsoft Teams for any organisation that uses Microsoft Defender for Office 365 (formally Office 365 ATP).
Defender for Office 365
What is Safe Links?
Safe Links is a feature of Defender for Office 365 that scans URLs clicked by end users to check for malware and malicious or phishing sites in real time.
Safe Links was first introduced in 2015 (for just Exchange Online at the time) and was originally used to “detonate” links in e-mails to detect malicious payloads. Safe Links was subsequently added to Microsoft 365 applications, as well, such as PowerPoint and Word.
With the latest update and expansion across Microsoft 365, Safe Links now provides transparent, integrative and native intelligent protections against malicious links in conversations, group chats and channels chat across Microsoft Teams.
Enabling the feature
This can be configured in the Microsoft 365 Defender portal. Detailed instructions can be found here
As with SafeLinks across the other Office services, admins can add exclusions and trusted sites if needed.
Coming to complement the newly released “Standout mode” that rolled out to Microsoft Teams last months, 2 new immersive presentation modes are about to start rolling out.
This update is referenced within Microsoft 365 Roadmap ID 83371.
What do the new modes mean for presenters?
Thia update will enhance the presenter view to make desktop or app sharing more inclusive and better for hybrid meetings, ensuring the presenter can be seen at all times. Side by Side and Reporter Mode
Side by Side Mode
In this mode, meeting participants will see the presenter’s video feed and content overlaid on a background image (which can be customised).
Side by side presenter mode in Teams
Reporter Mode
In this mode, the meeting participants will see the presenter’s video feed superimposed over the background image while having the content over their shoulder, placed diagonally. Like. TV broadcast.
Reporter Mode in Teams
The modes are customisable….with different backgrounds (not custom ones yet though).
What can be customised?
Presenters are able to customise the background image before starting the presentation.
Presenters are able to enable or disable the video feed during the presentation from the sharing bar.
After their acquisition RiskIQ just last week and ReFirm the month before, Microsoft have just annouced they are now aquiring CloudKnox, a leader in Cloud Infrastructure Entitlement Management (CIEM).
Who are CloudKnox?
Founded in 2015, CloudKnox, are the only multi-cloud, hybrid cloud permissions management platform that provide granular visibility, automated remediation and continuous monitoring consistently enforcing least-privilege principles to reduce risk. CloudKnox works with Azure, as well as the AWS and Google public clouds as well with leading virtualisation and hybrid cloud vendors including VMware.
CloudKnox
CloudKnox are the leaders in Cloud Infrastructure Entitlement Management (CIEM) space and offers complete visibility into privileged access within cloud services.
What Microsoft plans to do with the CloudKnox acquisition.
In Microsoft’s most recent security blog, Joy Chik (VP of Identity at Microsoft) said:
“Modern identity security needs to protect all users and resources consistently across multi-cloud and hybrid cloud environments….Today, Microsoft is taking a significant step toward this goal with the acquisition of CloudKnox Security, a leader in Cloud Infrastructure Entitlement Management (CIEM). CloudKnox offers complete visibility into privileged access. It helps organizations right-size permissions and consistently enforce least-privilege principles to reduce risk, and it employs continuous analytics to help prevent security breaches and ensure compliance. This strengthens our comprehensive approach to cloud security.”
Joy Chik, Corporate VP of Microsoft Identity
The post (which can be read here) summarises how Microsoft will leverage the CloudKnox technology to help Security Admins with tasks such as managing privileged access in multi-cloud and hybrid cloud environment through a set of comprehensive yet simple threat assessments and prevention methods as well as ensuring security enforcement and governance.
Finally Microsoft said that the acquisition of CloudKnox will allow Microsoft to further harden Azure Active Directory with more granular visibility, continuous monitoring and automated remediation for their hybrid and multi-cloud identities, access and permissions further solidifying their market leading position in Identity and Access Management.
Extended Security Updates were made available (at a cost) by Microsoft for both SQL Server and Windows Server versions 2008 and 2008 R2 since “official support” ended but these extended support update are also now coming to an end on:
SQL Server 2008: July 9th, 2022
Windows Server 2008/2008 R”: Jan 14th, 2023 respectively.
If your organisation is still running any of these older server products in Azure then you will be currently entitled to (and receiving) 3 years of free Extended Security Updates, and Microsoft have recently announced that one more year of Extended Security Updates will be available BUT ONLY if these workloads are running in Azure.
SQL Server and Windows 2012
Support for SQL Server 2012 and Windows Server 2012 / 2012 R2 is also coming to an end:
SQL Server 2012: July 12th, 2022
Windows Server 2012/2012 R2 on October 23rd 2023
As with version 2008, Microsoft will be making (again at a cost) 3 years of Extended Security Updates available from your licensing partner or Cloud Solution Provider (CSP) and, as before these will be free if these workloads are running (or moved into) Azure.
If you are no planning on moving these into Azure, then you’ll need to buy licences for each server instance you need to cover.
Cost for ESU are
Year 1: 75% of the licence cost
Year 2: 100% of the licence cost
Year 3: 125% of the licence cost
What are my options?
If you are still on Windows Server 2008 or SQL 2008, you have 3 options:
Migrate the VMs/Servers into Azure for ONE MORE YEAR of free support
Migrate or Rehost apps and workloads to Windows Server and SQL Server on Azure virtual machines
Modernize with Azure services such as App Service and Azure SQL Managed Instance, and never have to patch or upgrade again.
If you are Windows or SQL Server 2012, you have 4 options:
Pay for Extended Support for up to 3 years
Upgrade the Servers to a supported version of SQL and Windows
Migrate or Rehost apps and workloads to Windows Server and SQL Server on Azure virtual machines
Modernize with Azure services such as App Service and Azure SQL Managed Instance, and never have to patch or upgrade again.
Further Reading and References
You can find the formal announcement here, along with the data sheet which does into more detail, as well as a FAQ from Microsoft.
After experiencing huge growth like many Cloud UC vendors) during the COVID-19 pandemic, Zoom has made its first major acquisition by agreeing to buy cloud contact center Five9 for $14.7 billion.
In the past year, Zoom have been adding more enterprise and home collaboration tools to its services including new room systems partnerships and office collaboration products, their new cloud phone system, and an all-in-one home communications appliances in an aim to rule the home and enterprise market space.
This acquisition will allow Zoom to expand into call center space (a market said to be worth around $24 billion. In the official announcement, Zoom CEO, Eric Yuan said “We are continuously looking for ways to enhance our platform and the addition of Five9 is a natural fit that will deliver even more… value to our customers,”.
Zoom feed on twitter
Once the audition completes in early 2022,Five9 will become an operating unit of Zoom and its chief executive, Rowan Trollope (Ex Cisco), will become a president of the company.
How are Five9?
Five9 was founded in 2001 and has around 2,000 customers globally, including major brands like SalesForce and Under Armour. They processes in excess 7 billion minutes of calls annually.
Zoom, (like other leading UCaaS vendors) already partner and integrate their solutions Five9 to add integrated contact and customer experience solutions into its platform. The contact centre business has grown hugely since the start of COVID-19 and with customer habits now “the way of life”, the move to deliver a better online customer experience will now benefit zoom through these new integrated revenue streams.
It’s a 3 legged race in the UCaaS market…
According to Gartner, global spending on cloud-based video conferencing technology is forecast to reach $5.5 billion this year, up from $5.0 billion in 2020, a space where today, Zoom, Microsoft and Cisco as the clear front runners leaders. Cisco and Zoom will now own a slice of the contact centre market directly while Microsoft continue to leverage the partner eco system to drive options and choice to customers.
Thanks for reading and I welcome your thoughts and feedback on this acquisition and the UCaaS space generally…
The next big update to #MicrosoftTeams (dubbed Teams 2.0) will be faster, allow multiple accounts, provide seemless integration into #Windows11 and will look and behave much more like a native Windows app.. Yay.
Teams 2.0 on Windows 11 (image:Microsoft)
Inline with the release of Windows 11 later this year (though will likely be in preview way before then), Microsoft is finalising the work on a totally resigned version of Microsoft Teams. Designed specifically for Windows 11 but will also be realised and will work on Windows 10.
What’s different?
The main difference between the existing Teams client and Microsoft Teams 2.0 is that the new version is based on Edge WebView2 rather than Electron. Leveraging Edge WebView2 allows for embedded Web technology such embedded as HTML, CSS and JavaScript along with the full power of the Chromium rendering engine. Microsoft will also move away from Angular and will instead now use the open source front-end JavaScript library React.js.
Introducing Microsoft Teams 2.0
The new Teams client is built around Microsoft Teams for the web though it won’t actually look much different from the existing Teams. The main changes come in the form of performance, application size, integration and extensibility.
A version that leaked on the Internet last week (with missing features) confirms the claims Microsoft have already made around significantperformance increase whilst also runs better on lower-end devices due to reduction in both app size and memory usage. According to Microsoft..
“Teams 2.0 will consume half the memory of the current Teams 1.0 client”.
Teams and Windows 11
Teams 2.0 will launch instantly and users will no longer “get stuck” on the loading screen on older devices or when teams is loaded when lots of other apps are already open.
Unlike the old client, the Teams 2.0 app window can now be resized and the interface scales alongside it automatically. It will also support the new snap view and snap assist features in Windows 11. With Teams 2.0, Microsoft has also added integrations with native notifications and other features within both Windows 10 and of course Windows 11.
Teams 2.0 will also finally properly support multiple accounts without having to switch/log in and out of different Tennants.
Coming “soon”
Microsoft Teams 2.0 should be a welcome upgrade whe it arrives. I’ll update this one it enters an official public preview state or hear more official word from the Microsoft Teams Team!
Windows365 is a new service that will let users access their corporate ‘cloud’ PC from anywhere by streaming a version of Windows 10 (or Windows 11 when released) in a web browser. At initial launch, (2nd August 2021), organisations have two edition options – Windows 365 Business and Windows 365 Enterprise – with multiple Cloud PC configurations in each edition based on performance needs.
Designed for the disparate and agile workforce
Windows 365 allows organisations to equip distributed workforces, temporary and seasonal employees, contractors, and employees who have a need for specialised workloads in a flexible and highly secure manner – regardless of their location or device. Windows 365 will allow organisations to add and remove users with secure managed Cloud PCs according to the changing needs of the business and of the individual user, allowing them to scale for busy periods without the logistical challenges of issuing new hardware. Cloud PCs can be scoped, and scales based on the specification/power that best meets the user need and is paid for on a simple per user per month price.
Built on Azure Virtual Desktop – runs on anything
Windows 365 is built on Azure Virtual Desktop but simplifies the virtualization experience and licensing. Organisations that require greater customization and flexibility can of course still opt for Azure Virtual Desktop to modernize their VDI (Virtual Desktop Infrastructure) in the cloud or use a combination of both.
Windows 365 offers a consistent Windows experience, across any device/operating system including Windows, Mac, Linux, iOS, or Android. It promises to support all your business apps such as Microsoft 365, Dynamics 365, Power Platform, line of business apps, and more as well as the Office 365 suite.
It provides an instant-on boot experience that enables users to stream all their personalized applications, tools, data, and settings from the cloud across any device and allow them to pick up right where they left off. The state of a user’s Cloud PC remains the same, even when they switch devices.
Windows 365 Device Support (July 2021)
Consistent Device Management
Microsoft Endpoint Manager is used to procure, deploy, and manage Cloud PCs for their organisation, since Windows 365 is consistent with how they manage physical devices with Microsoft End Point Manager. Cloud PCs are managed alongside physical devices and can apply management and security policies to them in the same way as they do on physical devices. There is extensive monitoring too and IT can change on the fly the specification (processor, RAM, and disk) to adjust the performance of the Cloud PC to make sure the users are getting the best experience. There’s also built-in analytics and performance metrics to look at connection health across network to make sure the Cloud PC users can reach everything they need.
Build on Zero Trust Foundation
Windows 365 is built with a focus on a Zero Trust architecture. It stores information in the cloud, not on the device, and encryption is used everywhere as you’d expect with an Azure service. All managed disks running Cloud PCs are encrypted, stored data is encrypted at rest, and all network traffic to and from the Cloud PCs is also encrypted.
Licensing Information
Unlike other virtualisation services, Windows 365 is priced on a per-user price and are allocated via the Microsoft 365 admin centre portal in the same way as other Microsoft 365 E3/E5 licenses.
Windows 365 will initially come in two flavours – Business and Enterprise, and Microsoft will offer 12 different configurations for both the editions. The Cloud PCs can be configured with a single CPU, 2GB of RAM, and 64GB of storage at the low-end, all the way up to eight CPUs, 32GB of RAM, and 512GB of storage.
A full range of available configuration and example scenarios is available here.
Windows 365 will be officially available on August 2, 2021, and pricing will be announced on the same day, though rumours say we expect pricing to start from ~£25pupm
I read an article recently about StephenKitay – the Former Deputy Assistant Secretary of Defense for Space Policy, who is now Senior Director at Microsoft Azure Space. It got me thinking… Firstly.. what a cool job title…. and secondly… what is Azure Space..
It’s quite cool.. Tech and Space!
Microsoft says that “Azure Space was created to be the platform and ecosystem of choice for the mission needs of the space community” . It’s designed to make connectivity and compute increasingly attainable across industries including agriculture, energy, telecommunications, and government.”
Azure Space Overview
I loved researching and sharing some of what I read. What a great project to be part of… Imagine being asked what do you at a networking event and saying “supporting customers on their space missions off and on the planet, using the power of cloud and space technology to help business across industries re-imagine solutions to some of the world’s most challenging problems”
Taking cloud-powered innovation beyond Earth with “Azure Space”.
With the enormous challenges space presents, there also comes great opportunity. The space community is growing rapidly, and innovation is lowering the barriers of access for public and private sector organizations.
Microsoft is the first hyperscale cloud service provider to join the Space Information Sharing and Analysis Center (ISAC) as a member organization and they plan to share our unique global threat insights to protect critical infrastructure and strengthen cybersecurity expertise across the space community.
What is the purpose and applications for Azure Space?
“Microsoft are diligently working to make Azure the platform of choice for the mission needs of the space community, bringing our unique global threats insights to protect critical infrastructure and strengthen cybersecurity expertise in the space industry“.
But…. Its not just about sticking Azure in space stations and shuttles.
Putting compute, data and AI into space makes connectivity and compute increasingly more attainable and accessible across the globe and has huge benefits across industries such as agriculture, energy, telecommunications as well as across the public sector and in particular in regions where traditional connectivity and access to compute is more sparse. Third and developing world nations will also hugely benefit. “ our ambition is to grow the entire world community, which is the basis for Azure Space.”
OK so what is Azure Space though?
Azure Space is basically a set of innovative service offerings, a new partner ecosystem and a global strategy focused on specific core areas to addresses never-before-seen security challenges. Azure Space is made up of 3 main things..
Azure Space Components Overview
Azure orbital
Azure Orbital is a Ground Station As-a-Service that provides communication and control of a satellite and enables satellite operators to communicate with and control their satellites, process data, and scale operations within Microsoft Azure.
Azure Orbital brings satellite data directly into Azure, where it can immediately be processed with market-leading data analytics, geospatial tools, machine learning, and Azure AI services.
In essence Azure Orbital will allow organisations/providers of “space connected stuff”, to take full advantage of the Microsoft’s global network and services infrastructure to build new product offerings and services with the edge, 5G, SD-WAN, and AI.
Azure Modula Datacenter
The Azure Modular Datacenter (MDC) is a complete, rugged datacenter solution for organisations/servjce providers that need cloud computing capabilities in hybrid, sparse or challenging environments like space.
Microsoft designed the MDC to support high-intensity, secure cloud computing in challenging environments, such as situations where critical prerequisites like power and building infrastructure are unreliable. Built on Azure Stack(r), it is a self-contained unit the provides the capability to deploy a complete datacenter to remote locations, or to complement existing infrastructure. The MDC runs primarily on terrestrial fiber, low-bandwidth networks, or be completely disconnected.
Azure Orbital Simulator
With space mow opening up to more commercial and government space organisation, the pace and demand of developing interconnected satellite networks increases exponentially.
To aid with this, Microsoft have created Azure Orbital Emulator, an emulation environment that conducts massive satellite constellation simulations with software and hardware in the loop. This allows satellite developers to evaluate and train AI algorithms and satellite networking before ever launching a single satellite reducing cost, time and money as well as human safety naturally. With Azure Orbital Emulator, Azure can emulate an entire satellite network including complex, real-time scene generation using pre-collected satellite imagery for direct processing by virtualized and actual satellite hardware.
“The Goal of Azure Orbital Emulator is to aid the preparation of space missions with the power of Azure.”
Azure Orbital Emulator is already being used Azure Government customers globally.
Credits and further reading
Some of the content here is referenced/quoted from the full comprehensive report. https://www.helpnetsecurity.com/2021/07/13/microsoft-azure-space and on twitter at @helpnetsecurity. Much of the information comes from Microsoft Azure blogs referenced below.
For further reading (it’s quite interesting) you can read Microsofts official blurb and ongoing updates here.
