Kurt Shintaku's Blog

Registration opens at 9:00 AM PST, February 15, 2018.

Microsoft Build
May 7-9, 2018
Seattle, WA
https://www.microsoft.com/en-us/build

Save the date:
https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE1PE9R

Big news for those looking for help in defending all your client devices from threats.

Windows Defender Advanced Threat Protection coming to Windows 7 SP1 & Windows 8.1
Windows Defender Advanced Threat Protection (WDATP) is coming to Windows 7 SP1 & Windows 8.1.  It was announced yesterday that starting this summer, customers moving to Windows 10 can add Windows Defender ATP Endpoint Detection & Response (EDR) functionality to their Windows 7, and Windows 8.1 devices, and get a holistic view across their endpoints.

For Windows 7 and Windows 8.1, we are building a behavioral based EDR solution to give security teams rich insights into threats on their endpoints. All detections and events are surfaced in Windows Defender Security Center, the cloud-based console for Windows Defender ATP. Security teams benefit from correlated alerts for known and unknown adversaries, additional threat intelligence, and a detailed machine timeline for further investigations and manual response options.

Although this solution can run side-by-side with third-party antivirus solutions, it is better together with Windows Defender Antivirus (also known as System Center Endpoint Protection (SCEP) for down-level). With Windows Defender Antivirus, security teams can see all malware detections and trigger response actions to prevent the spread of malware, in the same console.

More WDATP Cross Platform support for iOS, Android, MacOS, & Linux through partners
We previously announced CROSS-PLATFORM support for Windows Defender Advanced Threat Protection technology to detect, protect, and respond to security threats against macOS, Linux, iOS, and Android through partnerships with Bitdefender, Lookout, and Ziften.

We are now extending this partnership with SentinelOne Endpoint Protection & their EDR technology.  Read about it here.

• BLOG: Announcing: Windows Defender ATP support for Windows 7 and Windows 8.1
  https://blogs.windows.com/business/2018/02/12/announcing-windows-defender-atp-support-for-windows-7-and-windows-8-1/#c1zFfAUIcw6RRxD7.97

For more information on Post-breach Security Technology & Windows Defender Advanced Threat Protection, visit the following:

• PRODUCT: Windows Defender Advanced Threat Protection
  https://aka.ms/wdatp
• DOWNLOAD: Windows Defender Advanced Threat Protection Information Kit
  https://info.microsoft.com/ATPInformationKit-Registration.html
• STUDY: The Total Economic ImpactTM of Microsoft Windows Defender ATP
  https://info.microsoft.com/WNDWS-Forrester-TEI-Registration.html
• WHITEPAPER: Post Breach Dealing with Advanced Threats Whitepaper
  https://info.microsoft.com/Dealingwithadvancedthreats.html
• WEBCAST: The New Post-Breach Approach to Endpoint Security
  https://info.microsoft.com/Post-breachapproachtoendpointsecurity_OnDemand.html
• RESEARCH: Windows Defender ATP Blog
  https://cloudblogs.microsoft.com/microsoftsecure/tag/windows-defender-atp/?source=mmpc

The LinkedIn Resume Assistant for Word for Windows is now available to Office 365 Subscribers who receive updates through the Monthly Channel starting February 7, 2018 in select regions. The following blog post announcements discuss the general availability milestone.

• LinkedIn: How to rock your resume with Resume Assistant from LinkedIn + Microsoft
• Microsoft: Craft a compelling resume with Resume Assistant, powered by LinkedIn – Now Available

Availability

The LinkedIn Resume Assistant is only available for Windows versions of Word at this time. 

• Insiders Channels: November 9, 2017
• Monthly Channel: February 7, 2018
• Language: English
• Regions: Australia, Brazil, Canada, China, France, Germany, India, Ireland, Japan, Singapore, South Africa, Spain, New Zealand, United, Kingdom, and United States of America

The LinkedIn Resume Assistant requires an Office 365 Client subscription such as Office 365 Business or Office 365 ProPlus (the client can be a part of offering like Business Premium, E3, or E5)

Office setting for LinkedIn feature integration

LinkedIn feature integration can be enabled or disabled through a setting by going to the  File > Options, General tab in Excel, Word, PowerPoint or Outlook. When the setting is checked or unchecked in any of the four applications, all four applications respect the change.

This setting is available as a Group Policy.

Documentation

The following help articles are available from either Microsoft or LinkedIn related to this release.

Resume Assistant

• Microsoft: Write your best resume in Word with help from LinkedIn (Contains 2 minute video overview of feature)
• LinkedIn: LinkedIn features integrated into the Resume Assistant

LinkedIn Integration

• Microsoft: About LinkedIn information and features in Microsoft apps and services
• Microsoft: Enabling LinkedIn integration in Azure Active Directory
• LinkedIn: LinkedIn Public Profile Visibility

November Blog Posts:

• Microsoft: Bringing AI to job seekers with Resume Assistant in Word powered by LinkedIn
• LinkedIn: Creating your resume just got a whole lot easier with Microsoft and LinkedIn

The "Secure DevOps Kit for Azure" (will be referred to as ‘AzSDK’ henceforth) is a collection of scripts, tools, extensions, automations, etc. that caters to the end to end Azure subscription and resource security needs for dev ops teams using extensive automation and smoothly integrating security into native dev ops workflows helping accomplish secure dev ops with these 6 focus areas:

1. Secure the subscription: A secure cloud subscription provides a core foundation upon which subsequent development and deployment activities can be conducted. An engineering team should have the capabilities to deploy and configure security in the subscription including elements such as alerts, ARM policies, RBAC, Security Center policies, JEA, Resource Locks, etc. Likewise, it should be possible to check that all settings are in conformance to a secure baseline.
2. Enable secure development: During the coding and early development stages, developers should have the ability to write secure code and to test the secure configuration of their cloud applications. Just like build verification tests (BVTs), we introduce the concept of security verification tests (SVTs) which can check for security of various resource types in Azure.
3. Integrate security into CICD: Test automation is a core tenet of devops. We emphasize this by providing the ability to run SVTs as part of the VSTS CICD pipeline. These SVTs can be used to ensure that the target subscription used to deploy a cloud application and the Azure resources the application is built upon are all setup in a secure manner.
4. Continuous Assurance: In the constantly changing dev ops environment, it is important to move away from the mindset of security being a milestone. We have to treat security as a continuously varying state of a system. This is made possible through capabilities that enable continuous assurance using a combination of automation runbooks, schedules, etc.
5. Alerting & Monitoring: Visibility of security status is important for individual application teams and also for central enterprise teams. We provide solutions that cater to the needs of both. Moreover, the solution spans across all stages of dev ops in effect bridging the gap between the dev team and the ops team from a security standpoint through the single, integrated views it generates.
6. Cloud Risk Governance: Lastly, underlying all activities in the kit is a telemetry framework that generates events capturing usage, adoption, evaluation results, etc. This allows us to make measured improvements to security targeting areas of high risk and maximum usage before others.

Read more here/download it here:

• DOWNLOAD: Secure DevOps Kit for Azure
  https://github.com/azsdk/azsdk-docs

Azure Location Based Services (preview) provides developers from all industries, powerful geospatial capabilities, packed with fresh mapping data necessary to provide geographic context to web and mobile applications.

Azure Locaiton Based Services provides the ability to:

• Give context to your data for increased productivity
• Refresh your apps and devices with dynamic information
• Track more than geographic coordinates
• Use Azure Location Based Services with familiar tools and services

This service is an Azure One API compliant set of REST APIs, accompanied with a web-based JavaScript control to make development easy, flexible, and portable across multiple mediums.

The press has written quite a bit about it.  Tom Tom, Delphi, and other location-oriented manufacturers have adopted it:

• Fortune- ‘Microsoft’s next big challenge- Location, location, location’
• Track field assets and create location-aware apps with Azure Location Based Services
• Microsoft builds and integrates Azure Location Based Services directly into the cloud to make ci
• ZDNet- ‘Microsoft launches public preview of Azure Location Based Services with TomTom’
• Microsoft launches Azure Location Based Services for geospatial needs across industries

For more information, visit the product page:

• Infographic: Location is at the Heart of Everything
  https://go.microsoft.com/fwlink/?LinkId=863874&clcid=0x409
• SITE: Azure Location Based Services
  http://www.azure.com/locationbasedservices

This isn’t new however, it’s important to highlight this notice given that many folks are still deploying Office 2016 Professional Plus.

Office 365 ProPlus or Office perpetual minimum requirements
Starting October 13, 2020, Office 365 ProPlus or Office perpetual in mainstream support will be required to connect to Office 365 services. Office 365 ProPlus will deliver the best experience, but for customers who aren’t ready to move to the cloud by 2020, we will also support connections from Office perpetual in mainstream support. For more information: Office 365 system requirements updates

Office Perpetual is the “.MSI” installable version of the product that does not get updated with features in the same way that Office 365 ProPlus does. 

Office 2016 Professional Plus’ support for usage against Exchange Online/SharePoint Online implementations ends, per the Microsoft lifecycle site on 10/13/2020 – so folks will need to have transitioned off of Office 2016 Professional Plus by that date (to Office 365 ProPlus or Office 2019 Professional Plus), if they want to continue to use Exchange Online/SharePoint Online, etc. in a supported manner.

Program Manager, Michael Niehaus is the the technical lead for Windows 10 Deployment Services here at Microsoft.  He’s an incredibly important person to Enterprise desktop architects.

He has a blog and recently updated his long running post that talks about how to get Windows 10 Language Packs for deployment in worldwide Enterprise deployments of Windows 10 – specifically for Windows 10 1709 language packs.

Check out the post here:

• BLOG: Finding Windows 10 Language Packs
  https://blogs.technet.microsoft.com/mniehaus/2017/04/26/finding-windows-10-language-packs/

Jim Naroski covers recent enhancements to Office 365, Microsoft’s cloud-based productivity solution for the modern workplace. The course transcript, complete with all links mentioned, is available at http://aka.ms/o365update-blog.

Here are the topics covered in the January Update:

• Whiteboard [0:23]
• PowerPoint [1:50]
• Sway [2:54]
• Yammer [4:29]
• OneDrive [5:58]
• eDiscovery [6:52]
• Suggestion Box [7:43]

For previous updates, go to the Office 365 Update YouTube Playlist:
https://aka.ms/o365update-youtube

For written transcripts of new features, visit the Office 365 Update Blog: https://aka.ms/o365update-blog

• VIDEO: Office 365 Update for January 2018 
  https://youtu.be/IP6Toj3KTxk

Everyone knows that the interface for wireless profiles in Windows 8 & Windows 10 have been frustratingly dumbed down.

Let’s say you wanted to:

• Change the priority of the wireless networks that Windows automatically connected to
• View the WiFi password / key for a previously configured

Unless you like using command line tools like ‘netsh’, this is a little frustrating.

The good news is that there’s a 3rd party graphical tool out there called “WiFi Profile Manager” that provides a graphical view of:

• WiFi Profiles / SSID names
• Network connection order
• Security type
• Password / Wifi key

By right mouse clicking on a profile you can change the connection order, view the configured WiFi key/password, remove the profile, and set the network as the “default”.

It’s free so if this is something that you’d like to try, download the tool from below:
(Note: This is a 3rd party tool and not from Microsoft)

• WiFi Profile Manager: View Preferred Wireless Network Profiles in Windows 8/10
  http://www.thewindowsclub.com/wifi-profile-manager-windows-8

Join us in this session for an overview of the capabilities of Azure Active Directory, the Microsoft identity and access management cloud solution (IDaaS). Azure Active Directory provides secure, scalable and easy-to-use identity and access management for your employees, partners, and consumers.

With capabilities such as identity protection, SSO to thousands of SaaS apps, conditional access policies, user behavioral analytics and machine learning-based reports, cross-organization collaboration, social IDs for consumers, secure remote access to on-premises applications, self-service password reset, cloud app discovery and many more, Azure Active Directory is the most comprehensive IDaaS solution.

In this webinar you will learn:

• How Azure AD can help organizations with the comprehensive solutions it offers in cloud identity and access management
• Use cases that illustrate how Azure AD helps IT professionals achieve their objectives
• The set of functionalities available within Azure AD and the latest, most exciting developments within those functionalities

Enroll in the webcast here:

• Identity driven security for your employees, partners and customers with Azure Active Directory
  https://info.microsoft.com/en-us-resources-IdentitydrivensecurityforyouremployeespartnersandcustomerswithAzureActiveDirectory-OnDemand.html?wt.mc_id=AID625608_QSG_SCL_218842