Eastern Cloud Blog

This blog is aimed at our East Region State & Local Government customers. Opinions are our own - be gentle with us.

Azure SQL Database Threat Detection now in Public Preview

Microsoft is excited to announce that we have made Threat Detection available for preview on Azure SQL Database. Azure SQL Database Threat Detection provides a new layer of security to your database by detecting anomalous database activities which may indicate a common threat like SQL injection attacks.

The introduction of this feature helps customers detect and respond to potential threats as they occur. Users can immediately explore the potential threat by using SQL database auditing to determine if the event is the result of an attempt to access, breach or exploit data in the database.

The benefits of Azure SQL Database Threat Detection include:

  • Simple configuration of SQL threat detection policy via Azure portal.
  • Clear email alerts upon detection of suspicious databases queries indicating potential SQL injection events.
  • Ability to explore the audit log around the time of the event using the Azure portal or a pre-configured excel template.
  • No need to modify database procedures or application code.

Go to this Azure Blog entry to read more, see how to set it up and view a demo.

Azure Disk Encryption in public preview

Azure Disk Encryption for virtual machines (VMs) helps you address organizational security and compliance requirements by encrypting your VM disks, including boot and data disks, with keys and policies you control in Azure Key Vault. Disk Encryption for VMs works across both Linux and Windows operating systems. It also uses Key Vault to help you safeguard, manage, and audit use of your disk encryption keys. All the data in your VM disks is encrypted at rest using industry-standard encryption technology in your Azure Storage accounts. The Disk Encryption solution for Windows is based on proven Microsoft BitLocker Drive Encryption, and the Linux solution is based on dm-crypt.

 You can read more on this Azure Virtual Machines Security page.

Announcing New Microsoft Enterprise Mobility Capabilities

Today, Microsoft announced that we’re delivering some new enhancements to Microsoft Intune. Intune already delivers mobile device and application management capabilities to ensure data and apps are protected on mobile devices.  Now, Intune will provide expanded capabilities to manage company apps and data in many more cases, specifically:

  • Intune now provides data leakage prevention through its Mobile Application Management (MAM) features. Intune MAM was recently updated to isolate corporate and personal data within the same app – something no other solution provides.

  • With today’s announcements, Intune’s MAM is being extended to “Bring your own” (BYO) devices that are not enrolled for device management (MDM).  This protects company data in mobile apps without requiring IT to enroll and deeply manage that end users’ entire device. The end-user preserves complete control over their personal apps, data, and settings – while the IT department controls the protection of corporate IP.

  • Intune MAM is also being extended to protect company information on devices enrolled into non-Microsoft MDM solutions. This allows you to start extending Intune MAM protections to mobile apps without having to first migrate your entire MDM solution.

  • Additional Microsoft apps are announcing support of for Intune MAM, including Power BI, and Remote Desktop client (both of which are available now).  Support for the Skype for Business and Dynamics CRM apps is coming soon.

  • Major companies like Box and Adobe have announced iOS and Android apps with native support for Intune mobile application management. Additionally, SAP Fiori mobile apps that are customized and built by SAP’s customers using SAP’s Fiori mobile services will also support these management and data protection capabilities delivered by Microsoft Intune.

Read this major announcement on Brad Anderson’s In the Cloud blog.  Find out how Intune MAM can now complement your current MDM solution, whatever it may be.

Microsoft launches Windows Store for Business


Organizations of any size can benefit from using the Store for Business provides:

Scales to fit the size of your business
- For smaller businesses, with Azure AD accounts and Windows 10 devices, you can quickly have an end-to-end process for acquiring and distributing content using the Store for Business. For larger businesses, all the capabilities of the Store for Business are available to you, or you can integrate the Store for Business with management tools, for greater control over access to apps and app updates. You can use existing work or school accounts.

Bulk app acquisition
- Acquire apps in volume from the Store for Business.

Private store
- Curate a private store for your business that’s easily available from any Windows 10 device.

Flexible distribution options - Flexible options for distributing content and apps to your employee devices

    • Distribute through Store for Business services. You can assign apps to individual employees, or make apps available to all employees in your private store.
    • Use a management tool from Microsoft, or a 3rd-party tool for advanced distribution and management functions, or for managing images.
    • Offline licensing model allows you to distribute apps without connecting to Store services, and for managing images.

Line-of-business apps - Privately add and distribute your internal line-of-business apps using any of the distribution options.

App license management
: Admins can reclaim and reuse app licenses. Online and offline licenses allow you to customize how you decide to deploy apps.

Up-to-date apps - The Store for Business manages the update process for apps with online licenses. Apps are automatically updated so you are always current with the most recent software updates and product features. Store for Business apps also uninstall cleanly, without leaving behind extra files, for times when you need to switch apps for specific employees.

Learn more on how to sign up here...

Microsoft Office apps are ready for the iPad Pro

Microsoft is taking another step forward in bringing a great Office experience to everyone across a range of devices and platforms. As we announced in September, we have optimized Word, Excel, PowerPoint, Outlook and OneNote apps for the iPad Pro. On the same day the iPad Pro was made available, these Office apps are also now available and take full advantage of new multitasking features, so you can be productive on your iPad Pro right away.

Read the Office Blog entry for information, screen shots and links to the apps.


Role-Based Access Control generally available in Azure

Role-Based Access Control (RBAC) provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs. Download the generally available RBAC command-line management tools or use the Azure preview portal to manage access to your production workloads. RBAC is provided at no additional cost to all Azure subscribers.

For more information, videos and guidance, please visit the Active Directory Team Blog.

Be an Office Insider