Information Technology Navigator

Microsoft’s Azure Government has become a trusted cloud for US government agencies, contractors and the Defense Industrial Based (DIB), providing unified security to protect the nation's data, and solutions for secure remote collaboration. Microsoft’s Azure Government uses the same underlying technologies as Azure, which includes the core components of Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS), and Software-as-a-Service (SaaS). The increased security is achieved because it is a physically isolated sovereign cloud environment dedicated to US federal, state, local, and tribal governments, and their partners. It provides an extra layer of protection to mission-critical workloads through contractual commitments regarding storage of customer data that is subject to various US government regulations such as Export Administration Regulations (EAR) and International Traffic in Arms (ITAR). Azure Government offers additional security by relying on screened US personnel.

Azure Government and CMMC

Read More

Microsoft 365 GCC vs. GCC High

How do you know which level of GCC is right for you? Here’s key criteria to help you distinguish GCC and GCC High so that your organization makes the move to the right cloud.

Government Community Cloud (GCC)

You can think of GCC as a government version of the Microsoft 365 commercial environment. It resides on the Azure Commercial infrastructure and has many of the same features, but servers must be located in the continental United States (CONUS) as mandated by FedRAMP Moderate. Although the servers are only in CONUS, access to data is available on a global basis. In general, non-defense-related government agencies and contractors can deploy GCC. 

Read More

Cloud security is a constant concern for organizations of every size. Stopping malicious actors from accessing your company’s systems and data is a top priority, but is made difficult by the number of different exploit techniques coupled with the sophistication of the attacks. One area of particular concern is legitimately compromised user credentials. For example, if a password I use frequently (maybe even a strong one) is exposed in a breach of an e-commerce company. The malicious actor located in Moscow who obtains this userID (likely an email of mine) and password then does a quick lookup on LinkedIn and finds that I work at Daymark. From here, the exploit is obvious. They now have a legitimate username and password combination and while we do employ multi-factor, there are constant threats to that.

Read More

Properly securing assets is a constant challenge for IT. Staying one step ahead of the bad actors is a never-ending job and with a well-known shortage of IT security professionals, it’s critical that those of us responsible for protecting systems, networks and data are smart about deploying tools that will help remediate or minimize cybersecurity risks. Microsoft built Azure Security Center to help. It aligns Azure resources with Microsoft best practices to mitigate risks associated with security vulnerabilities that could lead to a breach or other security incident.

Microsoft Security Quick Facts

Read More

As COVID forced organizations around the world to send their workforce home, creating the work from home (WFH) phenomenon, IT and security teams rapidly focused on Zero Trust approaches to security to mitigate challenges of enabling secure remote work. Modern workplace employees are getting their work done any way they can these days – using personal devices, sharing data through new services, maxing out home WiFi, and collaborating outside the confines of traditional corporate network security. It has created an IT balancing act between security and WFH productivity.

Read More

Secure access to email and other business productivity tools continues to be a top priority for IT administrators. Microsoft services, such as Azure Active Directory and Office 365, use OpenID Connect for authentication and OAuth 2.0 for authorization. Here’s how that process works: When Outlook connects to Exchange Online, the API requests are authorized using OAuth 2.0 Access Tokens. They are valid for one hour. When the tokens expire, the Outlook client is redirected back to Azure AD to refresh them. This provides an opportunity to re-evaluate policies for user access. If a user has been disabled in the directory or because of a Conditional Access policy, the admin might choose not to refresh the token.

Read More

I haven’t met an organization yet that isn’t interested in saving money and optimizing their cloud spend. That’s where Azure Reserved Instances (RIs) come in. Properly leveraged, Reserved Instances, particularly Virtual Machine Reserved Instances can result in some significant savings. In fact, it was the topic of discussion at one of our recent Daymark Cloud Clinics where our technical cloud consultants offer free technical training and tips on a wide range of Azure and Office 365 features.

Read More

Conditional Access in Azure AD provides a level of security required to maintain appropriate controls over who can access confidential and privileged information. It was the topic of discussion at our most recent “Ask the Engineer Q&A Roundtable” where attendees learned tips for a successful Conditional Access deployment and got answers to their specific questions.

Read More

The benefits of migrating applications to Microsoft’s Azure cloud make a very compelling business case – agility, scalability, a pay for what you use cost model, etc. But as you move workloads to Azure, don’t assume they are automatically protected, because while Azure does ensure a secure infrastructure, you are responsible for ensuring protection of your data – not Microsoft.

It’s all detailed in Microsoft’s Shared Responsibility Security Model. Understanding where the Shared Responsibility model starts and stops is critical to ensuring your data is secure and compliant. Here are some key considerations:

Read More

Time is running out. Microsoft deadlines for SQL Server 2008 and Windows Server 2008 end of support are quickly approaching with Extended Support for SQL Server 2008 and 2008 R2 ending on July 9, 2019 and Extended Support for Windows Server 2008 and 2008 R2 ending on January 14, 2020. Don’t risk possible security or compliance gaps of unsupported software.

Security Options

End of support for these releases means the end of regular security updates. With cyberattacks becoming more sophisticated and frequent, running applications and data on unsupported versions can create significant security and compliance risks. With these risks and end of support dates coming soon, Microsoft has provided a cost-effective alternative to allow you to keep your 2008 release servers by migrating to the Azure cloud.

Read More