Kurt Shintaku's Blog

The shift to hybrid work has led businesses of all sizes to seek new and more efficient ways to secure and deploy modern employee devices. Join this webinar to learn how to optimize hybrid work environments using PC devices and infrastructure that are built for modern workloads.

In this session we will be joined by guest speaker and Forrester Research analyst J.P. Gownder who will cover:

• Brand new Forrester Consulting research, commissioned by Microsoft, on the role of modern devices in optimizing hybrid work environments.
• Detailed analysis of why 76% of companies surveyed around the world are increasing their investments in PCs over the next two years.
• Practical recommendations for maximizing device ROI and purchase decisions.
• Overview of critical device features and improvements to build productive and secure hybrid work.

Register below:

• Speaker:
  J.P. Gownder, Vice President and Principal Analyst, Forrester
• Date/Time:
  Wednesday, September 15, 2021 10:00 AM–11:00 AM Pacific Time
• Registration:
  https://info.microsoft.com/ww-landing-understanding-the-role-of-modernized-PCs-in-hybrid-work-optimization.html?lcid=en-us

In May 2021, the Biden Administration signed Executive Order (EO) 14028, placing cloud security at the forefront of national security. Federal agencies are at different stages in their digital transformations yet are all facing similar challenges: rapidly changing workloads, insecure configurations, shortages of skilled professionals, and increase in sophistication and number of attacks.

The Azure Security suite helps federal agencies and partners improve their cloud security posture and stay compliant with the recent EO. While there are many areas Azure Security can support, this blog will focus on how Azure Security Center and Azure Sentinel can empower federal agencies to address the following EO goals:

• Modernize and Implement Stronger Cybersecurity Standards in the Federal Government
• Improve Detection of Cybersecurity Incidents on Federal Government Networks

Microsoft applies its industry-leading practices to Azure Security products, generating meaningful insights about security posture that simplify the process of protecting federal agencies and result in cost and time savings.

Azure Security Center (ASC) is a unified infrastructure security management system that strengthens the security posture of your data centers.

Azure Defender, part of Azure Security Center, provides advanced threat protection across your hybrid workloads in the cloud – whether they’re in Azure or not – as well as on premises.

Azure Sentinel, our cloud-native security information event management (SIEM) and security orchestration automated response (SOAR) solution, is deeply integrated with Azure Security Center and provides security information event management and security orchestration automated response.

Read more here:

• BLOG: Meeting the Cybersecurity Executive Order requirements with Azure Security
  https://techcommunity.microsoft.com/t5/azure-security-center/meeting-the-cybersecurity-executive-order-requirements-with/ba-p/2683561

Ransomware is a growing threat to organizations and home users, as it is a low-cost, high-return business model that works. Follow these seven recommendations from the Microsoft Compromise Recovery Security Practice (CRSP) — the team that helps our customers recover from #cyberattacks — so you never have to meet them!

• BLOG: 7 ways to harden your environment against compromise
  https://www.microsoft.com/security/blog/2021/08/11/7-ways-to-harden-your-environment-against-compromise/

Information Security has always been a complex subject, and it evolves quickly with the creative ideas and implementations of attackers and security researchers. The origin of security vulnerabilities started with identifying and exploiting common programming errors and unexpected edge cases. However over time, the attack surface that an attacker may explore and exploit has expanded well beyond that. Attackers now freely exploit vulnerabilities in system configurations, operational practices, and the social habits of the systems’ users. As system complexity, connectedness, and the variety of users increase, attackers have more opportunities to identify unprotected edge cases and to “hack” systems into doing things they were not designed to do.

Security is one of the most important aspects of any architecture. It provides confidentiality, integrity, and availability assurances against deliberate attacks and abuse of your valuable data and systems. Losing these assurances can negatively impact your business operations and revenue, as well as your organization’s reputation in the marketplace. In the following series of articles, we’ll discuss key architectural considerations and principles for security and how they apply to Azure.

Register here:

• Azure Well-Architected Security, Incorporating Security into your Azure Architecture (60min)
  https://mtt.eventbuilder.com/event/49116

Today we are releasing an eBook that lays out key Azure native capabilities and defenses for ransomware attacks and guidance on how to proactively leverage these to protect your assets on Azure cloud.

Ransomware and extortion are a high profit, low-cost business which has a debilitating impact on targeted organizations, national security, economic security, and public health and safety. What started as simple single-PC ransomware has grown to include a variety of extortion techniques directed at all types of corporate networks and cloud platforms.

To ensure customers running on Azure are protected against ransomware attacks, Microsoft has invested heavily on the security of our cloud platforms and has provided you the security controls you need to protect your Azure cloud workloads.

By leveraging Azure native ransomware protections and implementing the best practices recommended in this eBook, you are taking measures that ensures your organization is optimally positioned to prevent, protect and detect potential ransomware attacks on your Azure assets. 

This eBook lays out key Azure native capabilities and defenses for ransomware attacks and guidance on how to proactively leverage these to protect your assets on Azure cloud.

Download the eBook here:

• WHITEPAPER: Azure Defenses for Ransomware Attack (.PDF, 38pgs)
  https://azure.microsoft.com/en-us/resources/azure-defenses-for-ransomware-attack/

A lot has been said about Windows 11’s noticeable performance improvements over Windows 10 on the same hardware… and a lot has been said about security & hardware requirements of Windows 11 over Windows 10.

This blog goes over the performance improvements made in Windows 11 and how they are made, including a quick 11min video that was done by Microsoft Mechanics Jeremy Chapman with Microsoft VP, Steve Dispensa.

02:09 — Prioritizing apps and processes

04:22 — Resume from sleep

05:42 — Reduced disk footprint

06:25 — Windows 11 hardware requirements

07:28 — Application compatibility & servicing model

08:38 — Update process for admins

10:16 — MEM policies

11:38 — Wrap up

Read the blog post here:

• BLOG: Windows 11: The Optimization and Performance Improvements
  https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/windows-11-the-optimization-and-performance-improvements/ba-p/2733299

Task publishing to frontline workers, along with a few other features, has just been released for users of Microsoft Planner for GCC!

We’ve extended Microsoft Planner functionality in Microsoft Teams for GCC customers, with GCC High and DoD availability coming soon. These added features for organizing and assigning tasks include:

• A new List view for quickly seeing and sorting more tasks. It also supports bulk editing so you can change the details of several tasks, like progress, priority, and due date, all at once. The List view is available for Planner in Teams alongside the traditional Board, Charts, and Schedule views from Planner for the web.
• A left navigation pane that organizes your tasks by Important (based on priority), Planned (based on due date), and Assigned to me (tasks that others assign to you). That same pane also shows all your Teams and channels that contain a Planner plan to help you quickly navigate to the right team effort.
• Native integration with Teams notifications (i.e., messages, channels, and email) for certain task updates, like when you’re assigned a task or when a task is completed.
• Task publishing to frontline workers. With this feature, leadership can create tasks centrally at the corporate level and publish those tasks to targeted frontline locations like stores, clinics, or factories. Frontline workers at those locations see a simple list of their task assignments through Teams, while corporate has full visibility into task progress across all locations.
• …

Read the announcement here:

• New capabilities for the Microsoft Planner app in Microsoft Teams for GCC customers
  https://techcommunity.microsoft.com/t5/public-sector-blog/new-capabilities-for-the-microsoft-planner-app-in-microsoft/ba-p/2575803

Here we go again. One guess what we’re announcing.

“Join us to see what’s next.”

• Date/Time:
  Wednesday, September 22nd
  8:00AM
• View Page:
  https://www.microsoft.com/en-us/event/
• Save the date:
  https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RWKhPH

Microsoft is acquiring Clipchamp which provides in-browser video editing.

Clipchamp, which has been likened to Canva, provides easy-to-use in-browser video editing tools for users.  The company aims to combine the simplicity of a web app with the full computing power of a PC with graphics processing unit (GPU) acceleration.

Microsoft says the acquisition will boost its Microsoft 365 offering and provide users with tools fit for the current environment.

Read more here:

• ANNOUNCEMENT: Microsoft acquires ClipChamp to empower creators
  http://www.microsoft.com/en-us/microsoft-365/blog/2021/09/07/microsoft-acquires-clipchamp-to-empower-creators/
• NEWS: Microsoft acquires Aussie video startup Clipchamp
  https://www.bandt.com.au/microsoft-acquires-aussie-video-startup-clipchamp/
• BLOG: Microsoft acquires Clipchamp to empower creators
  https://clipchamp.com/en/blog/microsoft-acquires-clipchamp-to-empower-creators/

This is for SQL Server 2012 licensees that don’t have Software Assurance:

• SQL Server 2012 is going out of support soon – meaning it won’t get security updates, unless Extended Security Updates are obtained (usually a separate, annual subscription)
• By moving to Azure Dedicated Hosts in Microsoft’s cloud, your SQL Server 2012 will receive Extended Security Updates (ESUs) at no cost

Here’s the recently announced details on how customers can migrate their SQL Server 2012 installations to Azure Dedicated Hosts to get ESUs at no additional cost while in Azure:

Migrating your on-premises infrastructure and architecture to the cloud may seem like a daunting task, especially if you don’t have Software Assurance for your on-premises licenses. While this may seem difficult and challenging, there is a pain-free way to bring your existing on-premises licenses to the cloud through Azure Dedicated Host. Not only does Azure Dedicated Host provide you with your own private cloud on Azure, but it also allows you control over host maintenance and lets you continue using your existing licenses, and offers continued support for applications that would not otherwise be supported on other clouds. For example, when you run your Dedicated Host on Azure you can take advantage of free SQL Server 2008 or SQL Server 2012 Extended Security Updates, only in Azure.

…

The following blog post will take you on a deep dive into moving SQL Server licenses to Azure Dedicated Host, its infrastructure benefits, and why it is the easiest way to bring your existing on-prem licenses to the cloud.

• BLOG: Move SQL Server licenses without Software Assurance to Azure
  https://cloudblogs.microsoft.com/sqlserver/2021/08/30/move-sql-server-licenses-without-software-assurance-to-azure/