smore.gifWithout the proper understanding of NIST compliance requirements, it is easy to misinterpret the need for ATP & EMS licensing.

The following post describes the tools necessary for NIST compliance and why.  If you are a government contractor, this is a must read:

In a 2018 report provided by the National Defense Industrial Association (NDIA), researchers found companies “severely underestimate(d) the costs of becoming compliant by as much as a factor of 10”. The burden of compliance is significant yet important, and businesses are considering ways to secure their information systems without breaking the bank. One area of cost savings at first glance: email only users. These individuals will likely only need a corporate email, which would reasonably lead IT leadership to purchase an Exchange Only license and carry on.

However, we advise contractors purchase Office 365 Advanced Threat Protection (ATP) and Enterprise Mobility + Security (EM+S) in addition to their Exchange license as a best practice for NIST 800-171 compliance. Without the proper understanding of NIST compliance requirements, it is easy to misinterpret the need for ATP & EM+S licensing. It is also reasonable to think consultants are trying to make a quick dollar by upselling.

Read the rest of the article at:

imageFor the second year in a row, Microsoft is ranked as America’s most ethical public company according to non-profit research group Just Capital.

This adds to Microsoft’s list of honors & recognition associated with corporate responsibility.

For more on how Microsoft attained this rank, visit:

For the full rankings list, visit:

For more on Microsoft’s commitment to ethics & integrity, visit:

imageIs your company leading or lagging in cloud adoption?

Transitioning to cloud computing has become a strategic requirement for companies to maintain their competitive edge. Read this report by Forrester Research to learn how your company’s cloud adoption priorities, concerns, and strategies compare to the broader market.

Download now to find out:

  • If your company is leading or lagging in cloud adoption compared to other enterprises.
  • How companies are addressing their security and compliance requirements.
  • How to start planning your cloud migration.
  • Trends in cloud computing platforms, including hybrid, multi-cloud, public, and private cloud environments. 

Read the report from Forrester for more:

imageAre you interested in Microsoft’s security strategy & the technologies that support it’s pillars?

Microsoft Security Architect, Matt Soseman, did a great 45min video that discusses the pillars of Microsoft cybersecurity.  It also showcases some amazing demos on some of Matt’s favorite Microsoft 365 security products and demonstrates the art of the possible.

Here’s a list of some of the quick demonstrations Matt shows in just 45min:

  1. Compliance Manager (Regulatory Compliance)
  2. Microsoft SecureScore
  3. Multi-factor Authentication
  4. Conditional Access – Blocking Non-Compliant PCs
  5. Conditional Access – Blocking Malware
  6. Office 365 Advanced Threat Protection
  7. Azure Information Protection
  8. Office 365 Data Loss Prevention
  9. Intune Mobile Application Protection
  10. Shadow IT Discovery using Cloud App Security
  11. Controlling SaaS Applications
  12. Windows Autopilot

See the presentation and download the deck below:

imageFor 12 consecutive years, Gartner has recognized Microsoft as a Leader in analytics and business intelligence.

In this report, you’ll learn about Gartner’s assessment of the features and capabilities that differentiate the various products in this market.

Learn how a comprehensive product vision, positive sales experience, and intuitive user experience contributed to high levels of customer satisfaction and helped position Microsoft as a Magic Quadrant Leader among analytics and business intelligence platforms.

Read the report here:

Posted by: kurtsh | November 14, 2019

RELEASE: Azure Bastion

    imageAt Ignite 2019, Microsoft announced the general availability of Azure Bastion, a fully managed platform as a service (PaaS) service that provides more secure and seamless RDP and SSH access to virtual machines directly through the Azure portal. Azure Bastion is provisioned directly in a customer’s virtual network (VNet) and supports all VMs in their virtual network (VNet) using SSL without any exposure through public IP addresses. 

    Previously available in preview, Azure Bastion is now generally available in six Azure regions—West U.S., East U.S., West Europe, South Central U.S., Australia East, and Japan East. 

    It’s easy to initiate a remote Azure Bastion session directly from Azure portal. Azure Bastion then brokers a more secure RDP/SSH session to the target virtual machines in the virtual network. Azure Bastion always connects to the target VM in the virtual network over its private IP.

    Azure Bastion videos are here:

    imageJoin this webinar to learn how to use Azure Arc Preview to manage all your resources in a hybrid environment. Seamlessly govern and manage on-premises and cloud resources including Linux and Windows virtual machines, Kubernetes clusters, and databases within in Azure. Watch a product demo and ask questions through a live Q&A.

    You’ll learn how to:

    • Centrally manage role-based access control, security policies and implement unique Azure threat detection capabilities.
    • Adopt DevOps techniques such as infrastructure as code.
    • Automate database tasks at scale such as automated patching and upgrades, and access up-to-date data innovation with Azure SQL Database and Azure Database for PostgreSQL Hyperscale.

    Thursday, December 5, 2019
    1:00 PM–2:00 PM Pacific Time


    Posted by: kurtsh | November 14, 2019

    RELEASE: Desktop Analytics

    imageWe’re thrilled to announce the general availability of Desktop Analytics—the cloud-connected service that integrates with System Center Configuration Manager to help IT professionals take a data-driven approach to their management of Windows endpoints.

    Since announcing public preview in July, thousands of organizations have already benefited from the intelligence and insights generated by millions of enrolled endpoints. We’ve been hard at work delivering new features and improvements that address your feedback on the service.

    Read the full announcement from CorpVP of Security & Management, Brad Anderson:

    Also taken from the Desktop Analytics blog:

    imageAs Brad announced this morning, Desktop Analytics is now generally available! Since our public preview release in July, we’ve seen over 3 million endpoints enrolled in Desktop Analytics. We can’t thank our public preview customers enough for trying out the service and providing valuable feedback.

    Over the past few months, we’ve been hard at work delivering new features and addressing your feedback. Below is just a sample of what you can expect to find in the generally available Desktop Analytics solution:

    • Auto-rationalization of low-risk apps such as system components published by Microsoft and apps delivered via the Microsoft Store
    • Administrator data migration from Windows Analytics: Upgrade Readiness
    • Deeper integration with ConfigMgr phased deployments
    • Back-end improvements to performance, scale, and reliability

    If you’ve been waiting to onboard to Desktop Analytics, the time is now! We encourage you to read up on what benefits Desktop Analytics can provide you, and get started with the service today. And as you onboard and use the tool, don’t forget to give us your feedback on UserVoice or directly in the Desktop Analytics portal—we look forward to reading it.

    Read the original post here:

    Additional resources:

    For folks concerned about Office telemetry sent to Microsoft, we’re introduced a new privacy controls switch:

    imageUser data and personal information sent in Office telemetry
    Starting with Version 1908 of Semi-Annual Channel (Targeted) Office 365 ProPlus, a new setting was released: “Neither”

    No diagnostic data about Office client software running on the user’s device is collected and sent to us. This option, however, significantly limits our ability to detect, diagnose, and remediate problems your users may encounter using Office.

    It is expected to be available in Semi-Annual Channel (Standard) in January 2020.

    For more information on this switch, visit:

    (Please consult to address any other user/data privacy concerns you have regarding how Microsoft treats customer data.)

    Posted by: kurtsh | November 14, 2019

    INFO: MyAnalytics & Privacy

    imageThere are a number of resources that explain what MyAnalytics, how it works, what it’s intended for, and how it complies with GDPR & other privacy concerns.

    Privacy guide for MyAnalytics admins

    By using data generated from everyday work in Office 365, MyAnalytics helps people understand how they spend their limited time and who they spend it with, and then presents intelligent tips on how to work smarter.

    This page answers key questions on how MyAnalytics processes information in a manner that protects employee privacy and supports compliance with local regulations, such as General Data Protection Regulation (GDPR).


    • MyAnalytics is not designed to enable employee evaluation, tracking, automated decision-making, profiling, or monitoring.
    • MyAnalytics does not give employees access to new personally-identifiable information on other coworkers.
    • MyAnalytics data is processed and stored in the employee’s Exchange Online mailbox.
    • MyAnalytics supports General Data Protection Regulation (GDPR) compliance.
    • MyAnalytics can be configured so that individuals must purposefully opt in.
    • MyAnalytics reminds people that their data is private and secure.

    For more details, visit the following:

    MyAnalytics privacy, security, and compliance

    Microsoft’s vision focuses on empowering your employees. Microsoft MyAnalytics supports this vision by helping knowledge workers better understand how they use their most important and limited resource: time. By using data that people generate as they work in Office 365, MyAnalytics helps them understand how they spend their time, and then gives them tips on how to work smarter.

    It can be challenging to explain these benefits to employees and gain their buy-in on an application that appears to store and process personal information. The Privacy, security, and compliance white paper explains how Microsoft built MyAnalytics with this concern in mind. This content will help business leaders and Office 365 administrators who are considering purchasing, trialing, or deploying MyAnalytics for their employees.

    Frequently Asked Questions about MyAnalytics

    This FAQ provides insights & specific answers to questions to Privacy questions, End User questions, and IT Administrator questions, such as:

    Q1. Who can see my data?

    Only you can see your data. The statistics and insights that are generated from your data are for your eyes only. Your manager or system administrator cannot view your personal data.

    Read the FAQ here:

    « Newer Posts - Older Posts »