2. December 2015 17:12
Office 365 . Security
Office 365 provides customers with a continuous stream
of innovative features that provide significant productivity improvements while
keeping information highly secure. We are working on resources and tools to
help you leverage Office 365 information security features and controls, so you
can manage security in your Office 365 tenant. The Office 365 Service Trust Portal (STP), launched earlier
this year, is an example of a feature that provides deep insights into how Office
365 services are operated and independently audited.
Now we are pleased to present the customer security
considerations (CSC) workbook that can be used to facilitate a quick review and
implementation of the security controls available in Office 365. The CSC
workbook is designed to provide you with information on key security and
compliance features to consider when adopting, deploying and managing Office
I’ve downloaded this and the information in the spreadsheet
is fantastic. Controls are organized by
objective, and directions for configuration with PowerShell and the admin
portal are provided. I strongly
recommend downloading this resource and going through it, just so you know what
you can do.
If you have not registered for the O365 STP, you’ll
need to do so in order to access this resource. Follow the blog link above for
an overview and instructions. We didn't have an entry on this, but it's a fantastic resource that customers have been asking for!!
Read the Office
365 Team Blog entry for more details and instructions.
19. November 2015 08:11
Azure . Security
Microsoft is excited
to announce that we have made Threat
for preview on Azure SQL Database. Azure SQL Database Threat Detection provides
a new layer of security to your database by detecting anomalous database
activities which may indicate a common threat like SQL injection attacks.
of this feature helps customers detect and respond to potential threats as they
occur. Users can immediately explore the potential threat by using SQL
database auditing to determine if the event is the result of an attempt to
access, breach or exploit data in the database.
The benefits of
Azure SQL Database Threat Detection include:
- Simple configuration of SQL threat
detection policy via Azure portal.
- Clear email alerts upon detection of
suspicious databases queries indicating potential SQL injection events.
- Ability to explore the audit log
around the time of the event using the Azure portal or a pre-configured
- No need to modify database procedures
or application code.
Go to this
Azure Blog entry to read more, see how to set it up and view a demo.
19. November 2015 08:11
Azure . Security
Azure Disk Encryption for virtual machines (VMs) helps you
address organizational security and compliance requirements by encrypting your
VM disks, including boot and data disks, with keys and policies you control in
Azure Key Vault. Disk Encryption for VMs works across both Linux and Windows
operating systems. It also uses Key Vault to help you safeguard, manage, and
audit use of your disk encryption keys. All the data in your VM disks is encrypted
at rest using industry-standard encryption technology in your Azure Storage
accounts. The Disk Encryption solution for Windows is based on proven Microsoft
BitLocker Drive Encryption, and the Linux solution is based on dm-crypt.
You can read more on this
Azure Virtual Machines Security page.
Today, Microsoft announced that we’re delivering some new
enhancements to Microsoft Intune. Intune already delivers mobile device and
application management capabilities to ensure data and apps are protected on
mobile devices. Now, Intune will provide
expanded capabilities to manage company apps and data in many more cases,
- Intune now provides data leakage prevention through its
Mobile Application Management (MAM) features. Intune MAM was recently updated
to isolate corporate and personal data within the same app – something no other
- With today’s announcements, Intune’s MAM is being extended
to “Bring your own” (BYO) devices that are not enrolled for device management
(MDM). This protects company data in
mobile apps without requiring IT to enroll and deeply manage that end users’
entire device. The end-user preserves complete control over their personal
apps, data, and settings – while the IT department controls the protection of
- Intune MAM is also being extended to protect company
information on devices enrolled into non-Microsoft MDM solutions. This allows
you to start extending Intune MAM protections to mobile apps without having to
first migrate your entire MDM solution.
- Additional Microsoft apps are announcing support of for
Intune MAM, including Power BI, and Remote Desktop client (both of which are
available now). Support for the Skype
for Business and Dynamics CRM apps is coming soon.
- Major companies like Box and Adobe have announced iOS and
Android apps with native support for Intune mobile application management.
Additionally, SAP Fiori mobile apps that are customized and built by SAP’s customers
using SAP’s Fiori mobile services will also support these management and data
protection capabilities delivered by Microsoft Intune.
Read this major announcement on Brad Anderson’s In
the Cloud blog. Find out how Intune
MAM can now complement your current MDM solution, whatever it may be.
16. November 2015 15:11
Azure . Windows 10
Organizations of any size can benefit from using the Store for Business provides:
Scales to fit the size of your business - For smaller businesses, with Azure AD accounts and Windows 10 devices, you can quickly have an end-to-end process for acquiring and distributing content using the Store for Business. For larger businesses, all the capabilities of the Store for Business are available to you, or you can integrate the Store for Business with management tools, for greater control over access to apps and app updates. You can use existing work or school accounts.
Bulk app acquisition - Acquire apps in volume from the Store for Business.
Private store - Curate a private store for your business that’s easily available from any Windows 10 device.
Flexible distribution options - Flexible options for distributing content and apps to
your employee devices
- Distribute through Store for Business services. You
can assign apps to individual employees, or make apps available to all
employees in your private store.
- Use a management tool from Microsoft, or a 3rd-party
tool for advanced distribution and management functions, or for managing
- Offline licensing model allows you to distribute apps
without connecting to Store services, and for managing images.
Line-of-business apps - Privately add and distribute your internal
line-of-business apps using any of the distribution options.
App license management: Admins can reclaim and reuse app licenses. Online
and offline licenses allow you to customize how you decide to deploy apps.
Up-to-date apps - The Store for Business manages the update process for apps with online licenses. Apps are automatically updated so you are always current with the most recent software updates and product features. Store for Business apps also uninstall cleanly, without leaving behind extra files, for times when you need to switch apps for specific employees.