Posted by: kurtsh | June 27, 2024

INFO: NTLM Deprecation in Windows coming H2 CY2024

Deprecating NT LAN Manager (NTLM) has been a huge ask from our security community as it will strengthen user authentication, and so we are announcing that deprecation of NTLM is planned in the 2nd half of 2024 in Windows.

Why?

  • No server authentication (read: can’t verify malicious authentication servers)
  • Legacy MD4 encryption used for hashing password (read: weak & guessable)
  • Password submitted not salted (read: offline crackable)
  • Only supports password-based authentication (read: no certs, biometrics, MFA, FIDO, etc.)
  • Bugs (read: vulnerabilities)

Read more at:

Comments Off on INFO: NTLM Deprecation in Windows coming H2 CY2024

Posted in Uncategorized

Posted by: kurtsh | June 27, 2024

RELEASE: “Comprehensive Document Translation Solution” from Microsoft

Government organizations have numerous requirements around document translation:

  • Intelligence and Security: Translating foreign documents and communications to monitor threats and understand global dynamics.
  • International Cooperation and Alliances: Translating treaties, agreements, and training materials in support of global military alliances.
  • Local Engagement and Stability Operations: Translation in support of humanitarian, disaster relief, and local engagement.
  • Technical and Equipment Manuals: Translation required to ensure correct use and maintenance of diverse technologies and equipment. While international support often includes financial and equipment aid, a significant challenge arises when equipment manuals are not in the recipient’s native language. This impedes the effective and timely use of the equipment, highlighting the critical need for document translation to ensure the success of missions.
  • Government Communications: Translating official communications, public service announcements, and information about public health, safety, and welfare ensures that all members of a diverse population have access to important information.
  • Immigration Services: Translating documents related to immigration, visas, and citizenship services helps streamline the process for both applicants and the authorities.

Microsoft’s open source Comprehensive Document Translation Solution offers the perfect balance between the accuracy of digital text-only documents and the completeness of scanned documents. The CDTS solves this problem through a “Hybrid Translation” approach. The Hybrid Translation process splits the digital PDF into two files. One file is a digital document that contains all the pages that are text-only. The other file is a scanned document that contains all the pages that have images, including images embedded with text. The solution then translates both files separately. By translating both, we get the most accurate translation and layout of text-only digital documents and the completeness of scanned documents.

After both versions are translated, the solution then “stitches” back together the complete document, in the correct page order, taking the best and most accurate translation of each page from either the digital or scanned document.

For more information, read the announcement page at:

Comments Off on RELEASE: “Comprehensive Document Translation Solution” from Microsoft

Posted in Uncategorized | Tags: , , , ,

Posted by: kurtsh | June 21, 2024

TRAINING: Copilot for Microsoft 365 (Pacific Time)

We are running an assortment of free-to-register events for end users & IT Professionals around Copilot for Microsoft 365. Take a look at these scheduled events to register for anything you’re interested in:

Event Experiences – Copilot for Microsoft 365

  • Microsoft Copilot for Microsoft 365 Training for Executives
  • Microsoft Copilot for Microsoft 365 Training for Sales
  • Microsoft Copilot for Microsoft 365 Training for Marketing Professionals
  • Microsoft Copilot for Microsoft 365 Training for IT Professionals
  • Microsoft Copilot for Microsoft 365 Training for HR
  • Microsoft Copilot for Microsoft 365 Training for Operations
  • Microsoft Copilot for Microsoft 365 Training for Finance

Virtual Briefings (Webinars) – Copilot for Microsoft 365

  • Unlocking AI-Powered Productivity: Exploring the Potential of Copilot
  • Ready, Set, Copilot: Preparing Your Tenant for Microsoft 365 Copilot
  • Navigating the Future of Work with Copilot for Microsoft 365
  • Data Security in the Era of Generative AI

Virtual Training Days – Copilot for Microsoft 365

  • Prepare Your Organization for Microsoft Copilot for Microsoft 365
    (IT Decision Makers, Microsoft 365 Administrators, Search Administrators & IT Help Desk roles)

On Demand Instructor-led Training Series – Copilot for Microsoft 365

  • MS-4006 Copilot for Microsoft 365 for Administrators
  • MS-4007 Copilot for Microsoft 365 User Enablement Specialist
  • MS-4005 Craft effective prompts for Copilot for Microsoft 365
  • MS-4004 Empower your workforce with Copilot for Microsoft 365 Use Cases
  • Get Started with Copilot for Microsoft 365

Unified Enterprise Workshops (for Unified Support customers only)

  • Copilot for Microsoft 365 Pilot
  • Copilot for Microsoft 365 Activation
  • Copilot for Microsoft 365 Workshop
  • Copilot for Microsoft 365 Optimization
  • Copilot for Microsoft 365 Champions Workshop
  • Copilot for Microsoft 365 Extensibility Workshop
  • Copilot for Microsoft 365 Champions Pilot
  • Copilot for Microsoft 365 Champions Activation
  • Microsoft 365 Copilot for Adoption Acceleration
  • Microsoft 365 Copilot Adoption Strategy and Design
  • Exploring Copilot Studio Governance
  • WorkshopPLUS – Microsoft 365 Security and Compliance: Microsoft Purview
  • Activate Microsoft 365 Security and Compliance : Sensitivity Labels
  • Activate Microsoft 365 Security and Compliance : Purview Data Classification

Comments Off on TRAINING: Copilot for Microsoft 365 (Pacific Time)

Posted in Uncategorized | Tags: , , , ,

Posted by: kurtsh | June 21, 2024

INFO: SharePoint Add-ins retirement in Microsoft 365

The SharePoint Add-In model in SharePoint Online has been retired as of November 27th 2023. Microsoft will be retiring the SharePoint Add-In extensibility model over the following timeline:

  • SharePoint Add-Ins will stop working for new tenants as of November 1st, 2024
  • SharePoint Add-Ins will stop working for existing tenants and will be fully retired as of April 2nd, 2026

This applies to all environments including Government Clouds and Department of Defense. For more details, visit:

Comments Off on INFO: SharePoint Add-ins retirement in Microsoft 365

Posted in Uncategorized

Posted by: kurtsh | June 21, 2024

RELEASE: Azure Updates feed

If you’ve ever looked at the list of updates that Azure publishes, as well as the announcements & releases published on the ridiculous number of Azure blogs (Azure SQL, Azure Networking, Azure Apps, Azure Updates, Azure Integration Services, Azure Compute, Azure AI Services, +30 others), you know it can be overwhelming.

I personally don’t have the time to go through every update that’s published because on any given day, we can release 3-4 major features or services.

Enter Azure Updates from AzureCharts.

This is a concise list of updates that are sourced from the published Azure update list as well as the many, many dozens of blogs that officially support Azure from Microsoft.

  • Updates are filterable by month, 11 categories and over 70 Azure-specific services.
  • Data is subscribeable using RSS or exportable to CSV.

To view & subscribe to this Azure Updates list from AzureCharts, visit:

Comments Off on RELEASE: Azure Updates feed

Posted in Uncategorized

Posted by: kurtsh | June 20, 2024

AUDIO: “Generative AI is Coming to California’s Public Sector. What Now?” (55min)

This is a great audio interview about the use value of AI in government from KQED, discussing:

✅ Reducing repetition to help with the overwhelming volume of work
✅ Rewriting content to make it easier to understand
✅ Reducing the volume of text in a regulation for comprehension
✅ Translating council meetings to extend community reach
✅ Identifying unsafe intersections that require attention

The interview features conversations with:

  • Jason Elliott, deputy chief of staff to Governor Gavin Newsom
  • Jennifer Pahlka, author, “Recoding America: Why Government Is Failing in the Digital Age and How We Can Do Better”; senior fellow, the Nisaken Center and the Federation of American Scientists
  • Khaled Tawfik, chief information officer, Information Technology Department of the City of San Jose

Listen to the 55min recording here:

Comments Off on AUDIO: “Generative AI is Coming to California’s Public Sector. What Now?” (55min)

Posted in Uncategorized

Posted by: kurtsh | June 19, 2024

WHITEPAPER: Transcription Management in Copilot for Microsoft 365

We’ve published a new whitepaper about “Transcription Management in Copilot for Microsoft 365”. It’s designed to uncover the depths of access, governance and privacy controls available to manage transcription in Teams Meetings to leverage it with Copilot. The paper covers:

  • How Copilot for Microsoft 365 integrates with transcription and recording
    capabilities in Microsoft Teams to enhance collaboration and
    productivity
  • Microsoft’s approach to managing transcription and recording
    data through application of controls for access, governance,
    and privacy
  • Specific controls customers can implement to manage
    transcription data
  • The value of transcription with Copilot for Microsoft 365

Download the whitepaper here:

Read more about Copilot Transcription here:

Comments Off on WHITEPAPER: Transcription Management in Copilot for Microsoft 365

Posted in Uncategorized | Tags: , , , ,

Posted by: kurtsh | June 18, 2024

INFO: Compliance Challenges with Transcription & Copilot for Teams Meetings

I stumbled upon an article that was written by a 3rd party that was interesting enough that I decided to share it. Written by Mahmoud Hassan of Avanade and backed with information from Microsoft Digital (our IT dept), it goes over real-world concerns about Teams Meeting transcriptions & Copilot for Microsoft 365.

The topics Mahmoud goes over relative to Microsoft’s own deployment & policies include:

  • Microsoft’s own policies around Teams transcription
  • Employee opt-out, alerts around recording
  • Legal guidance sources
  • Control over what can be recorded based on meeting classification
  • Meeting content expiration
  • etc.

Specific areas Mahmoud goes over that are interesting:

  • “Explicit Recording Consent” in Teams Meetings
  • The “Transcription only” Compliance Challenge in Teams Meetings
  • Copilot in Teams Meetings *without* Transcription

Read the full article here:

Comments Off on INFO: Compliance Challenges with Transcription & Copilot for Teams Meetings

Posted in Uncategorized

Posted by: kurtsh | June 18, 2024

RELEASE: Edge for Business policy for blocking screenshots; ensure up-to-date installations

Microsoft Edge for Business is enhancing its defense against data leaks and vulnerabilities with two new capabilities:

  • Screenshot prevention: Data exfiltration in the browser is a major concern for organizations due to financial, reputational and operational impact. Edge for Business will support screenshot prevention policies set across Microsoft 365, Microsoft Defender for Cloud Apps, Microsoft Intune Mobile Application Management and Microsoft Purview. Screenshot prevention policies will secure against data exfiltration in the browser by blocking the ability to take screenshots on pages labeled as sensitive or protected. Screenshot prevention will be generally available in the coming months.
  • Easily stay up to date: Managed browser instances that are not up to date are at risk for exploitation through vulnerabilities, including zero-day attacks. The Edge management service will enable IT admins to see which devices have Edge instances that are out of date and at risk. It will also provide mitigating controls, such as forcing a browser restart to install updates, enabling automatic browser updates or enabling enhanced security mode for added protections. This capability will be in preview in the coming weeks.

Read more below:

Comments Off on RELEASE: Edge for Business policy for blocking screenshots; ensure up-to-date installations

Posted in Uncategorized

Posted by: kurtsh | June 17, 2024

DOWNLOAD: Microsoft Teams Data Loss Prevention Playbook

This document provides an overview of how enterprise customers can deploy Microsoft Teams-DLP for protecting sensitive information that is traversing with-in or outside of the organization. Unified DLP has integration with multiple workloads that help to protect customer data with a single policy. Teams-DLP is one of the workloads within the Unified-DLP console. This guide walks through the different aspects of deploying use cases across content/containers and shows the effectiveness of the unified DLP portal as a single place to define all aspects of your DLP strategy.

In summary, this play book will help to

  • Understand the unified console and interface.
  • Develop a strategy for deploying Teams-DLP across the organization.
  • Provide near real time Alerts with notifications.
  • Review various scenarios to test Teams-DLP over chat and channel communication.

This document helps readers plan and protect sensitive information scenarios that normally exist in every organization. This Playbook helps as a user guide to mitigate the risk of exchanging crucial data while communicating over chat or giving access to sites for guest users.

Comments Off on DOWNLOAD: Microsoft Teams Data Loss Prevention Playbook

Posted in Uncategorized | Tags: , , ,

Older Posts »

Categories