Kurt Shintaku's Blog

Today’s news is big: We’ve made it way easier to manage company acquisitions and mergers with the public preview of Azure AD Cloud Provisioning – Easily sync from multiple on-premise forests to one AAD Tenant!

From the announcement post:

Today we’ve got some amazingly cool news to share.

If you work in a large enterprise, you probably already know how big the challenges can be when your company makes an acquisition and you suddenly get asked to provide cloud identity services to an entirely new business group, usually one with their own set of Active Directory domains and forests.

If this is a challenge you face, I’m excited to let you know about the public preview of Azure AD Connect cloud provisioning!

With cloud provisioning, customers can easily provision identities from multiple disconnected AD forest to Azure AD. Azure AD Connect cloud provisioning moves the heavy lifting for provisioning from AD to Azure AD to the cloud with lightweight agents on-premises and provides the following benefits:

• Helps with provisioning from disconnected AD forests to Azure AD—Organizations may have disconnected AD forests due to mergers and acquisitions or remote office locations. Whatever the reason may be, cloud provisioning allows you to quickly integrate these multiple disconnected AD forests into an Azure AD tenant.
• Reduces on-premises footprint—The provisioning agent is a lightweight agent with the sync complexity (configuration and processing) in the cloud.
• Enterprise grade high availability—Multiple provisioning agents can be deployed to ensure high availability for provisioning especially for password hash sync.

…

Read more from the announcement post here:

• Azure Active Directory Identity Blog: Bring identities from disconnected ADs into Azure AD with just a few clicks!
  https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Bring-identities-from-disconnected-ADs-into-Azure-AD-with-just-a/ba-p/827835

Gartner has named Microsoft Security a Leader in five Magic Quadrants. This is exciting news that we believe speaks to the breadth and depth of our security offerings. Gartner places vendors as Leaders who demonstrate balanced progress and effort in all execution and vision categories. This means that Leaders not only have the people and capabilities to deliver strong solutions today, they also understand the market and have a strategy for meeting customer needs in the future. Microsoft was identified as a Leader in the following five security areas:

• Cloud Access Security Broker (CASB) solutions
• Access Management
• Enterprise Information Archiving
• Unified Endpoint Management (UEM) tools
• Endpoint Protection Platforms

For a review of all 5 Gartner Magic Quadrants, visit:

• Microsoft Security—a Leader in 5 Gartner Magic Quadrants
  https://www.microsoft.com/security/blog/2019/12/03/microsoft-security-leader-5-gartner-magic-quadrants/

Check out the new “SharePoint look book”, with more samples and designs to help you start building your next stunning site.

• INFO: SharePoint Look Book site
  http://aka.ms/sharepointlookbook 
  (https://lookbook.microsoft.com/)
• DOWNLOAD: SharePoint Look Book (.PDF)
  https://lookbook.microsoft.com/assets/SharePoint_lookbook_2019.pdf

Also, if you’re looking for how to get the most out of your SharePoint sites and pages, visit the SharePoint Design Guidance site for more information on how to design beautiful and performant sites, pages, and web parts with SharePoint in Office 365.

• INFO: SharePoint Design Guidance site
  http://aka.ms/spdesignguidance
  (https://spdesign.azurewebsites.net/)

If you’re interested in accessing Gartner’s Magic quadrant for Data Management Solutions for Analytics, we’ve made it available for you below.

Gartner has, once again, recognized Microsoft as a Leader in the Magic Quadrant for Data Management Solutions for Analytics (DMSA) for 2019. “Gartner defines DMSA as a complete software system that supports and manages data in one or more file management systems (usually databases). DMSAs include specific optimizations to support analytical processing. The breadth and scope of associated roles and skills is also expanding as organizations engage with new use cases. These use cases include supporting ongoing traditional, operational, logical, and context-independent data warehousing."

At Microsoft, we’ve championed a data platform evolution to make big data processing and analytics simpler and more accessible, helping you transform data into intelligent action. We do this through SQL Server 2017 and key Azure services such as Azure SQL Data Warehouse (a fully managed, Massively Parallel Processing, or MPP, cloud data warehouse) and Azure Databricks (an Apache Spark-based analytics platform). Start exploring our comprehensive portfolio of solutions for data warehousing, big data, and advanced analytics solutions.

Download the Gartner report here:

• Gartner names Microsoft a Leader in the 2019 Magic Quadrant for Data Management Solutions for Analytics (DMSA)
  https://info.microsoft.com/ww-landing-gartner-mq-dmsa-2018.html

We are excited to announce the general availability of Microsoft Cloud App Security and Azure Advanced Threat Protection (ATP) for US Government GCC High customers! The release of these services completes the Enterprise Mobility + Security (EMS) E5 product suite for US GCC High customers, delivering advanced security functionality by driving critical information and threat protection capabilities for these customers. Additionally, Office 365 Cloud App Security and Cloud Discovery, services which are a subset of Microsoft Cloud App Security for Office 365 E5 and EMS E3/Azure AD P1/P2, respectively, are also now available for GCC High customers.

With the availability of the Microsoft Enterprise Mobility + Security E5 product suite, our US GCC High customers now have access to the full suite of Microsoft 365 security products, following the announcement of the general availability of Microsoft Defender ATP in August.  As US Government customers embark on their journey to the cloud, our industry-leading end-to-end solution will protect sensitive data and information wherever it travels – across users, applications, files, and platforms.  Through these solutions, we’ll empower departments and agencies to create highly secure workplaces and achieve their mission objectives.

• Microsoft Cloud App Security is a Cloud Access Security Broker (CASB) that supports various deployment modes including log collection and API connectors. It provides rich visibility, control over data travel, and sophisticated analytics to identify and combat cyberthreats across your Microsoft and third-party cloud services. Microsoft was recently named a leader in Gartner’s 2019 Cloud Access Security Broker (CASB) Magic Quadrant based on our completeness of vision and strong ability to execute in the CASB market. Microsoft currently has the largest customer base of all participating vendors and we believe that this, along with being ranked as a leader, reflects our continued commitment to building the best possible solution for our customers to help them protect their Microsoft and third-party cloud apps and platforms.
• Azure ATP is a cloud-based security solution that leverages on-premises Active Directory signals to identify, detect, and investigate advanced threats, compromised identities, and malicious insider actions directed at your organization. This service enables your organization to monitor users and behaviors and identify and investigate suspicious activities and advanced attacks.

For more information on this announcement, visit:

• Microsoft Security offerings for US Government customers continue to grow with general availability
  https://techcommunity.microsoft.com/t5/Public-Sector-Blog/Microsoft-Security-offerings-for-US-Government-customers/ba-p/998774

To learn more about specific features and functionality for Microsoft Cloud App Security and Azure ATP for GCC High customers, please review the service descriptions here.

We are excited to announce that the new conversation reconstruction capability is now generally available in the Microsoft 365 Advanced eDiscovery. (Part of Microsoft 365 E5)

This capability threads the Microsoft Teams messages into conversations, allowing you to efficiently review and export complete dialogues with context, not just individual messages.

With our new built-in conversation reconstruction capability, you can identify relevant chats by using targeted queries and include contextual messages in your collection. You will no longer need to run multiple searches to understand the context surrounding your search results.

Chats can be exported as threaded conversations or as individual messages. You can choose the format that integrates better with your downstream processes. Regardless of your export format, your export will include all the metadata unique to each message such as sender, time sent, etc. You also have the option to export all your case work on the content, including tags and redactions.

If you have the Microsoft E5 suite, you have access to all features in this announcement. Simply navigate to the Microsoft 365 Compliance Center to get started.

For more information about conversation reconstruction for Teams, read more at:

• SECURITY, PRIVACY & COMPLIANCE: Manage eDiscovery for Teams – Announcing conversation reconstruction and more
  https://techcommunity.microsoft.com/t5/Security-Privacy-and-Compliance/Manage-eDiscovery-for-Teams-Announcing-conversation/ba-p/961170

For more information, visit:

• eDiscovery in Office 365
• Advanced eDiscovery solution in Microsoft 365

We are excited to announce the preview of “Microsoft Dynamics 365 Fraud Prevention”.

Interested businesses do not need to own Microsoft Dynamics today to take advantage of this new Fraud Prevention technology: This is a stand-alone service now made available to help to control fraud losses & reduce wrongful rejects while maintaining a frictionless customer experience.

Microsoft’s fraud solution was designed in-house at Microsoft to combat almost $1 billion in fraud losses.  Using Dynamics Fraud Protection for the last two years, Microsoft saw:

• Decreased wrongful rejects creating 1.38% revenue lift
• Increased bank acceptance rates driving a 7.69% revenue lift
• Reduced operational expenses by more than $76M, as a combination of less fraud loss and fewer manual reviews

For more information, visit the Preview site:

• PREVIEW: Dynamics 365 Fraud Protection
  https://dynamics.microsoft.com/en-us/ai/fraud-protection/

We just published the following short “how to” videos for Microsoft Defender Advanced Threat Protection.

• Onboarding: Get a quick overview of how easy it is to onboard your endpoints:
• Role-based access control: See how simple it is to specify granular access control with role-based access control (RBAC):
• Conditional access: Contain a threat by not letting risky devices access your corporate resources, and configure Microsoft Conditional Access:
• Automated investigation and remediation: Enhance your SOC by turning on automated investigation and remediation:
• APIs: Develop Microsoft Defender ATP connected solutions and workflows with a rich set of APIs.
• Advanced hunting: Use advanced hunting to create your own powerful queries and turn them easily into custom detections:
• Threat Analytics: Assess the impact of threats to your environment and identify actions that can contain them with Threat Analytics.
• Deep analysis: Use the built-in sandbox to detonate suspicious files with a single click and get a detailed & readable report back.

Watch the videos here:

• TRAINING: Short & sweet educational videos for Microsoft Defender ATP
  https://techcommunity.microsoft.com/t5/Microsoft-Defender-ATP/Short-amp-sweet-educational-videos-for-Microsoft-Defender-ATP/ba-p/1021978

Without the proper understanding of NIST compliance requirements, it is easy to misinterpret the need for ATP & EMS licensing.

The following post describes the tools necessary for NIST compliance and why.  If you are a government contractor, this is a must read:

In a 2018 report provided by the National Defense Industrial Association (NDIA), researchers found companies “severely underestimate(d) the costs of becoming compliant by as much as a factor of 10”. The burden of compliance is significant yet important, and businesses are considering ways to secure their information systems without breaking the bank. One area of cost savings at first glance: email only users. These individuals will likely only need a corporate email, which would reasonably lead IT leadership to purchase an Exchange Only license and carry on.

However, we advise contractors purchase Office 365 Advanced Threat Protection (ATP) and Enterprise Mobility + Security (EM+S) in addition to their Exchange license as a best practice for NIST 800-171 compliance. Without the proper understanding of NIST compliance requirements, it is easy to misinterpret the need for ATP & EM+S licensing. It is also reasonable to think consultants are trying to make a quick dollar by upselling.

…

Read the rest of the article at:

• Microsoft Enterprise Mobility + Security (EMS) & ATP are Necessary for NIST Compliance
  https://techcommunity.microsoft.com/t5/Public-Sector-Blog/Why-Microsoft-Enterprise-Mobility-Security-EMS-amp-ATP-are/ba-p/917615