Infrastructure + Security: Noteworthy News (December, 2019)

This post has been republished via RSS; it originally appeared at: New blog articles in Microsoft Tech Community.

Hi there! You are reading the next issue of the Infrastructure + Security: Noteworthy News series!

As a reminder, the Noteworthy News series covers various areas, to include interesting news, announcements, links, tips and tricks from Windows, Azure, and Security worlds on a monthly basis.


Microsoft Azure

Bring identities from disconnected ADs into Azure AD with just a few clicks!

If you work in a large enterprise, you probably already know how big the challenges can be when your company makes an acquisition and you suddenly get asked to provide cloud identity services to an entirely new business group, usually one with their own set of Active Directory domains and forests. With cloud provisioning, customers can easily provision identities from multiple disconnected AD forest to Azure AD.

Customer Lockbox for Microsoft Azure

Customer Lockbox for Microsoft Azure provides an interface for customers to review and approve or reject customer data access requests. It is used in cases where a Microsoft engineer needs to access customer data during a support request. Customer Lockbox is now generally available and currently enabled for remote desktop access to virtual machines. This article covers how Customer Lockbox requests are initiated, tracked, and stored for later reviews and audits.


Windows Client

What’s new for IT pros in Windows 10, version 1909

Windows 10, version 1909 is now available through Windows Server Update Services (WSUS) and Windows Update for Business, and can be downloaded from Visual Studio Subscriptions, the Software Download Center (via the Media Creation Tool), and the Volume Licensing Service Center (VLSC). As you begin to roll out this new update to your organization, here are some of the new, key features and enhancements that will allow you to benefit from intelligent security, simplified updates, flexible management, and enhanced productivity.


Ransomware response—to pay or not to pay?

The increased connectivity of computers and the growth of Bring Your Own Device (BYOD) in most organizations is making the distribution of malicious software (malware) easier. Unlike other types of malicious programs that may usually go undetected for a longer period, a ransomware attack is usually experienced immediately, and its impact on information technology infrastructure is often irreversible.

Short & sweet educational videos for Microsoft Defender ATP

Delivering on our mission to help customers take full advantage of Microsoft Defender ATP capabilities, we're continuously adding new features to the platform. Check out the first set of videos we've compiled to help customers easily discover and learn about enhancements and new capabilities. Stay tuned for more upcoming videos!

EDR capabilities for macOS have now arrived

We are excited to announce that Microsoft Defender Advanced Threat Protection (ATP) endpoint and detection response (EDR) capabilities for macOS devices are now generally available. We are extending Microsoft Defender ATP capabilities into non-Windows platforms in line with our commitment to build security solutions not just for Microsoft, but also from Microsoft. Customers can expect the same familiar investigation experience, the same solid backend, and the same consistent progression of features coupled with excellent performance that have historically been Microsoft Defender ATP’s signature.

Go passwordless to strengthen security and reduce costs

We all know passwords are inherently unsecure. They’re also expensive to manage. Users struggle to remember them. It’s why we’re so passionate about eliminating passwords entirely. Passwordless solutions, such as Windows Hello, FIDO2 security keys, and the Microsoft Authenticator app, provide more secure and convenient sign-in methods. But transitioning your organization to passwordless authentication takes time and careful planning. You may wonder where to start and how long it will take to realize benefits.

Introducing the integrated Microsoft Threat Protection solution (public preview)

Every day, attackers compromise endpoints, identities, and email to infiltrate and quickly expand their foothold in an organization. Customers need protection across these attack vectors to defend against evolving threats. Microsoft Threat Protection is an integrated solution that’s built on our best-in-class Microsoft 365 security suite: Microsoft Defender Advanced Threat Protection (ATP) for endpoints, Office 365 ATP for email and collaboration tools, Azure ATP for identity-based threats, and Microsoft Cloud App Security (MCAS) for SaaS applications. 

The quiet evolution of phishing

The battle against phishing is a silent one: every day, Office 365 Advanced Threat Protection detects millions of distinct malicious URLs and email attachments. Every year, billions of phishing emails don’t ever reach mailboxes—real-world attacks foiled in real-time. Heuristics, detonation, and machine learning, enriched by signals from Microsoft Threat Protection services, provide dynamic, robust protection against email threats. Phishers have been quietly retaliating, evolving their techniques to try and evade these protections. In 2019, we saw phishing attacks reach new levels of creativity and sophistication. Notably, these techniques involve the abuse of legitimate cloud services like those offered by Microsoft, Google, Amazon, and others. At Microsoft, we have aggressive processes to identify and take down nefarious uses of our services without affecting legitimate applications.

Microsoft 365 Security for Business Decision Makers

This article discusses some of the most common threat and attack scenarios currently faced by organizations for their Microsoft 365 environments, and recommended actions for mitigating these risks. While Microsoft 365 comes with a wide array of pre-configured security features, it also requires you as the customer to take responsibility to secure your own identities, data, and devices used to access cloud services.

Introduction to Azure Security Compass | Azure Security Basics (Video)

In this video, we introduce the Azure Security Compass and how you can use these best practices to rapidly secure your assets on Azure.

Azure best practices for network security

This article discusses a collection of Azure best practices to enhance your network security. These best practices are derived from our experience with Azure networking and the experiences of customers like yourself. These best practices are based on a consensus opinion, and Azure platform capabilities and feature sets, as they exist at the time this article was written. Opinions and technologies change over time and this article will be updated on a regular basis to reflect those changes.

Azure Information Protection Documentation Update for November 2019

The Documentation for Azure Information Protection been updated on the web and the latest content has a November 2019 (or later) date at the top of the article. Of course, the focus for this month was Ignite 2019 in Orlando. If you missed the excellent recap that Nir Hendler provided, you'll find it here: Microsoft Information Protection - Ignite 2019 recap. We listen to your feedback and try to incorporate it whenever possible. Let us know if you have feedback about the technical documentation for Azure Information Protection.

Changing security incident response by utilizing the power of the cloud—DART tools, techniques, and procedures

This is the first in a blog series discussing the tools, techniques, and procedures that the Microsoft Detection and Response Team (DART) use to investigate cybersecurity incidents at our customer organizations. Today, we introduce the team and give a brief overview of each of the tools that utilize the power of the cloud. In upcoming posts, we’ll cover each tool in-depth and elaborate on techniques and procedures used by the team.

Introducing remote deployment guidance for Microsoft Defender ATP and Office 365 ATP

In today’s heterogeneous environments, security is becoming more and more complex. Customers are facing a growing attack surface and need help speeding up deployment of their protection tools at scale. To help security teams address these complexities and better protect, detect and respond to threats faster, we are excited to announce Microsoft FastTrack remote deployment guidance for Microsoft Defender Advanced Threat Protection (ATP), our unified endpoint security platform for proactive threat protection, post-breach detection, automated investigation, and response. We are also announcing an expanded FastTrack scope for Office 365 Advanced Threat Protection, which protects customers against sophisticated threats like phishing and malware with automated investigation and remediation.

Improve cyber supply chain risk management with Microsoft Azure

For years, Microsoft has tracked threat actors exploiting federal cyber supply chain vulnerabilities. Supply chain attacks target software developers, systems integrators, and technology companies. Tactics often include obtaining source code, build processes, or update mechanisms to compromise legitimate applications. This is a key concern for government cybersecurity in the cloud, as the expanding digital estate requires movement towards a Zero Trust security model.

Introducing campaign views in Office 365 Advanced Threat Protection

It’s no secret that most cyberattacks are initiated over an email. But it’s not just one email – it’s typically a swarm of email designed to maximize the impact of the attack. Attackers typically pick a carefully crafted attack pattern or template and send email in waves where they introduce slight variances to try and thwart defenses and dupe users. The common pattern or template across these waves of email defines their attack ‘campaign’, and attackers are getting better and better at morphing attacks quickly to evade detection and prevention. Being able to spot the forest for the trees - or in this case the entire email campaign over individual messages - is critical to ensuring comprehensive protection for the organization and users as it allows security teams to spot weaknesses in defenses quicker, identify vulnerable users and take remediation steps faster, and harvest attacker intelligence to track and thwart future attacks.

Updates and Support Lifecycle

Plan for Z-Day 2020: Windows Server 2008 end of support is coming! (Ignite session recording)

Windows Server 2008 still roams the earth. Support ends on January 14th: Z-Day! Learn how to migrate off legacy infrastructure machines with the Storage Migration Service, in-place upgrades, cluster rolling upgrades, and Azure Migrate. Modernize your on-premises workloads, explore Azure IaaS options, and get insider information on the roadmap. Watch Ned battle your servers that are going end-of-support with just a few clicks!

Microsoft Extending End of Support for Exchange Server 2010 to October 13th, 2020

After investigating and analyzing the deployment state of an extensive number of Exchange customers we have decided to move the end of Extended Support for Exchange Server 2010 from January 14th 2020 to October 13th 2020. Our commitment to meeting the evolving needs of our customers is as strong as ever, and we recognize discontinuing support for a product that has been as popular and reliable as Exchange Server 2010 can be an adjustment. We also know that some of you are in the midst of upgrades to a newer version of Exchange Server on-premises, or more transformative migrations to the cloud with Office 365 and Exchange Online. With this in mind, we are extending end of support to October 13th 2020 to give Exchange Server 2010 customers more time to complete their migrations. This extension also aligns with the end of support for Office 2010 and SharePoint Server 2010.

Windows 7 support will end on January 14, 2020

Microsoft made a commitment to provide 10 years of product support for Windows 7 when it was released on October 22, 2009. When this 10-year period ends, Microsoft will discontinue Windows 7 support so that we can focus our investment on supporting newer technologies and great new experiences. The specific end of support day for Windows 7 will be January 14, 2020. After that, technical assistance and automatic updates that help protect your PC will no longer be made available for the product. Microsoft strongly recommends that you move to Windows 10 sometime before January 2020 to avoid a situation where you need service or support that is no longer available.

Extended Security Updates for SQL Server and Windows Server 2008/2008 R2: Frequently Asked Questions (PDF)

On January 14, 2020, support for Windows Server 2008 and 2008 R2 will end. That means the end of regular security updates. Don't let your infrastructure and applications go unprotected. We're here to help you migrate to current versions for greater security, performance and innovation.

Products reaching End of Support for 2019

Products reaching End of Support for 2020

Microsoft Premier Support News

Check out Microsoft Services public blog for new Proactive Services as well as new features and capabilities of the Services Hub, On-demand Assessments, and On-demand Learning platforms.

REMEMBER: these articles are REPUBLISHED. Your best bet to get a reply is to follow the link at the top of the post to the ORIGINAL post! BUT you're more than welcome to start discussions here:

This site uses Akismet to reduce spam. Learn how your comment data is processed.