Kurt Shintaku's Blog

The first 10 videos for the Microsoft Cybersecurity Reference Architecture (MCRA) are up on YouTube (more being added as we speak).

The first video is an introduction to the MCRA:

Introduction and overview of Microsoft Cybersecurity Reference Architectures (MCRA) with Mark Simos and Richard Diver. This video covers all the various different diagrams and sections in the MCRA, from the main capabilities diagram to the highly popular security operations (SecOps/SOC) and Zero Trust diagrams and the sections on key integration points and zero trust overall. We also cover newer diagrams including the multi-cloud section (covering AWS, GCP, and on-premises datacenters) and the operational technology (OT) diagram covering supervisory control and data acquisition (SCADA) and industrial control systems (ICS).

See the entire series here:

• VIDEO: Microsoft Cybersecurity Reference Architecture – SERIES
  https://aka.ms/mcra-videos

Is Compliance your primary focus in the cloud?

If you want to follow all compliance-related updates in Azure, try Azure Compliance Heat Map.

• Azure Compliance Heat Map http://aka.ms/azcmplupd

For those customers who need more time to upgrade and modernize their Windows Server and SQL Server 2008 and 2008 R2 on Azure, we will now provide one additional year of free extended security updates only on Azure.

With this, customers will have until:

• January 14, 2024 for Windows Server 2008/ 2008 R2
• July 12, 2023 for SQL Server 2008/ 2008 R2

…to upgrade to a supported release.

Again – this is only available for Windows Server 2008/R2 and SQL Server 2008/R2 instance running in Azure and is available at no additional cost.  This is not available for instances running on-premises.

For reference, this is documented on this page under “Additional year of extended security updates, only on Azure, for Windows Server and SQL Server 2008 and 2008 R2” and “General Questions for 2008/2008 R2 Extended Security Updates”.

• Extended Security Updates for Windows Server & SQL Server
  https://www.microsoft.com/en-us/windows-server/extended-security-updates

Welcome to the Power Apps community call. These calls are the 3rd Wednesday of each month where we will share the latest news about Power Apps, demonstrate tips and tools to help you build awesome Power Apps. In these calls you will meet the Power Apps product team and community experts to get your questions answered.

For September we have two of the Power Platform MVPs: Reza Dorrani and May Alhajri covering two of the hottest Power Platform topics: Power Apps design and Power Platform integration.

This month’s agenda:

• Introductions Todd Baginski
• Value Proposition Design: Canvas by May Alhajri
• Power BI Tiles & Reports in Power Apps | Inventory Management Solution by Reza Dorrani
• PNP Updates by April Dunnam
• Next call details – 1 minute (Todd)
• Q&A – Till end of call (Todd and Chuck)

Details below.

• When: September 15th 8:00AM PST
• Where: https://aka.ms/powerappscall-join

(Source: Power Apps community call: Power Platform Integration and Value Proposition Design
https://powerapps.microsoft.com/en-us/blog/september-power-apps-community-call-power-platform-integration-and-value-proposition-design/)

IDC has released their MarketScape report for “Worldwide Advanced Authentication for Identity Security 2021 Vendor Assessment”.

Azure Active Directory, Azure AD MFA, Azure AD Conditional Access, and other Premium features have Microsoft positioned as a leader.

Microsoft is positioned in the Leaders category in the 2021 IDC MarketScape for advanced authentication for identity security vendor assessment.

The capabilities are included within the premium licenses for Azure Active Directory and are increasingly being adopted by larger organizations to meet their security and compliance needs. Hardly a compromise, Microsoft MFA is a strong offering and is getting stronger by the year; the company understands the importance of this security control point and is now sharing details about its efforts to improve offerings and drive the industry toward better user experiences. Previously, many licenses were bundled with O365, but Azure AD premium capabilities offer additional incentives that have propelled the company’s customer base in excess of 300,000 subscribers.

…

Download & read the report excerpt here:

• DOWNLOAD: IDC MarketScape: Worldwide Advanced Authentication for Identity Security 2021 Vendor Assessment
  https://idcdocserv.com/US46178720e_Microsoft

Microsoft Defender for Endpoint is massive and supports a lot of OSs – not just Windows.

Implementation and features vary, and Ru Campbell couldn’t find a document that easily compared them all, so he produced this .PDF.

• The Big Comparison of Defender for Endpoint Features by Operating System
  https://campbell.scot/the-big-comparison-of-defender-for-endpoint-features-by-operating-system/

The shift to hybrid work has led businesses of all sizes to seek new and more efficient ways to secure and deploy modern employee devices. Join this webinar to learn how to optimize hybrid work environments using PC devices and infrastructure that are built for modern workloads.

In this session we will be joined by guest speaker and Forrester Research analyst J.P. Gownder who will cover:

• Brand new Forrester Consulting research, commissioned by Microsoft, on the role of modern devices in optimizing hybrid work environments.
• Detailed analysis of why 76% of companies surveyed around the world are increasing their investments in PCs over the next two years.
• Practical recommendations for maximizing device ROI and purchase decisions.
• Overview of critical device features and improvements to build productive and secure hybrid work.

Register below:

• Speaker:
  J.P. Gownder, Vice President and Principal Analyst, Forrester
• Date/Time:
  Wednesday, September 15, 2021 10:00 AM–11:00 AM Pacific Time
• Registration:
  https://info.microsoft.com/ww-landing-understanding-the-role-of-modernized-PCs-in-hybrid-work-optimization.html?lcid=en-us

In May 2021, the Biden Administration signed Executive Order (EO) 14028, placing cloud security at the forefront of national security. Federal agencies are at different stages in their digital transformations yet are all facing similar challenges: rapidly changing workloads, insecure configurations, shortages of skilled professionals, and increase in sophistication and number of attacks.

The Azure Security suite helps federal agencies and partners improve their cloud security posture and stay compliant with the recent EO. While there are many areas Azure Security can support, this blog will focus on how Azure Security Center and Azure Sentinel can empower federal agencies to address the following EO goals:

• Modernize and Implement Stronger Cybersecurity Standards in the Federal Government
• Improve Detection of Cybersecurity Incidents on Federal Government Networks

Microsoft applies its industry-leading practices to Azure Security products, generating meaningful insights about security posture that simplify the process of protecting federal agencies and result in cost and time savings.

Azure Security Center (ASC) is a unified infrastructure security management system that strengthens the security posture of your data centers.

Azure Defender, part of Azure Security Center, provides advanced threat protection across your hybrid workloads in the cloud – whether they’re in Azure or not – as well as on premises.

Azure Sentinel, our cloud-native security information event management (SIEM) and security orchestration automated response (SOAR) solution, is deeply integrated with Azure Security Center and provides security information event management and security orchestration automated response.

Read more here:

• BLOG: Meeting the Cybersecurity Executive Order requirements with Azure Security
  https://techcommunity.microsoft.com/t5/azure-security-center/meeting-the-cybersecurity-executive-order-requirements-with/ba-p/2683561

Ransomware is a growing threat to organizations and home users, as it is a low-cost, high-return business model that works. Follow these seven recommendations from the Microsoft Compromise Recovery Security Practice (CRSP) — the team that helps our customers recover from #cyberattacks — so you never have to meet them!

• BLOG: 7 ways to harden your environment against compromise
  https://www.microsoft.com/security/blog/2021/08/11/7-ways-to-harden-your-environment-against-compromise/

Information Security has always been a complex subject, and it evolves quickly with the creative ideas and implementations of attackers and security researchers. The origin of security vulnerabilities started with identifying and exploiting common programming errors and unexpected edge cases. However over time, the attack surface that an attacker may explore and exploit has expanded well beyond that. Attackers now freely exploit vulnerabilities in system configurations, operational practices, and the social habits of the systems’ users. As system complexity, connectedness, and the variety of users increase, attackers have more opportunities to identify unprotected edge cases and to “hack” systems into doing things they were not designed to do.

Security is one of the most important aspects of any architecture. It provides confidentiality, integrity, and availability assurances against deliberate attacks and abuse of your valuable data and systems. Losing these assurances can negatively impact your business operations and revenue, as well as your organization’s reputation in the marketplace. In the following series of articles, we’ll discuss key architectural considerations and principles for security and how they apply to Azure.

Register here:

• Azure Well-Architected Security, Incorporating Security into your Azure Architecture (60min)
  https://mtt.eventbuilder.com/event/49116