Cloud security is a constant concern for organizations of every size. Stopping malicious actors from accessing your company’s systems and data is a top priority, but is made difficult by the number of different exploit techniques coupled with the sophistication of the attacks. One area of particular concern is legitimately compromised user credentials. For example, if a password I use frequently (maybe even a strong one) is exposed in a breach of an e-commerce company. The malicious actor located in Moscow who obtains this userID (likely an email of mine) and password then does a quick lookup on LinkedIn and finds that I work at Daymark. From here, the exploit is obvious. They now have a legitimate username and password combination and while we do employ multi-factor, there are constant threats to that.Read More
Properly securing assets is a constant challenge for IT. Staying one step ahead of the bad actors is a never-ending job and with a well-known shortage of IT security professionals, it’s critical that those of us responsible for protecting systems, networks and data are smart about deploying tools that will help remediate or minimize cybersecurity risks. Microsoft built Azure Security Center to help. It aligns Azure resources with Microsoft best practices to mitigate risks associated with security vulnerabilities that could lead to a breach or other security incident.
Microsoft Security Quick FactsRead More
As COVID forced organizations around the world to send their workforce home, creating the work from home (WFH) phenomenon, IT and security teams rapidly focused on Zero Trust approaches to security to mitigate challenges of enabling secure remote work. Modern workplace employees are getting their work done any way they can these days – using personal devices, sharing data through new services, maxing out home WiFi, and collaborating outside the confines of traditional corporate network security. It has created an IT balancing act between security and WFH productivity.Read More
Secure access to email and other business productivity tools continues to be a top priority for IT administrators. Microsoft services, such as Azure Active Directory and Office 365, use OpenID Connect for authentication and OAuth 2.0 for authorization. Here’s how that process works: When Outlook connects to Exchange Online, the API requests are authorized using OAuth 2.0 Access Tokens. They are valid for one hour. When the tokens expire, the Outlook client is redirected back to Azure AD to refresh them. This provides an opportunity to re-evaluate policies for user access. If a user has been disabled in the directory or because of a Conditional Access policy, the admin might choose not to refresh the token.Read More
I haven’t met an organization yet that isn’t interested in saving money and optimizing their cloud spend. That’s where Azure Reserved Instances (RIs) come in. Properly leveraged, Reserved Instances, particularly Virtual Machine Reserved Instances can result in some significant savings. In fact, it was the topic of discussion at one of our recent Daymark Cloud Clinics where our technical cloud consultants offer free technical training and tips on a wide range of Azure and Office 365 features.Read More
Azure Sentinel is a cloud native Security Information Event Management (SIEM) and Security Orchestration, Automation and Response (SOAR) solution from Microsoft. It was the topic of discussion at one of our recent Daymark Cloud Clinics where our technical cloud consultants offer complimentary technical training and tips on a wide range of Azure and Office 365 features.Read More
Conditional Access in Azure AD provides a level of security required to maintain appropriate controls over who can access confidential and privileged information. It was the topic of discussion at our most recent “Ask the Engineer Q&A Roundtable” where attendees learned tips for a successful Conditional Access deployment and got answers to their specific questions.Read More
The benefits of migrating applications to Microsoft’s Azure cloud make a very compelling business case – agility, scalability, a pay for what you use cost model, etc. But as you move workloads to Azure, don’t assume they are automatically protected, because while Azure does ensure a secure infrastructure, you are responsible for ensuring protection of your data – not Microsoft.
It’s all detailed in Microsoft’s Shared Responsibility Security Model. Understanding where the Shared Responsibility model starts and stops is critical to ensuring your data is secure and compliant. Here are some key considerations:Read More
Time is running out. Microsoft deadlines for SQL Server 2008 and Windows Server 2008 end of support are quickly approaching with Extended Support for SQL Server 2008 and 2008 R2 ending on July 9, 2019 and Extended Support for Windows Server 2008 and 2008 R2 ending on January 14, 2020. Don’t risk possible security or compliance gaps of unsupported software.
End of support for these releases means the end of regular security updates. With cyberattacks becoming more sophisticated and frequent, running applications and data on unsupported versions can create significant security and compliance risks. With these risks and end of support dates coming soon, Microsoft has provided a cost-effective alternative to allow you to keep your 2008 release servers by migrating to the Azure cloud.Read More
Last week, 5 members of the Daymark Cloud Consulting team traveled down to Orlando, Florida to attend the annual Microsoft Ignite technical conference. As always, the first day of the conference was filled with several major announcements. This blog will focus on the Azure related enhancements that were announced and Daymark’s thoughts on how they could help our clients in the future.Read More