Arraya Insights

by

No matter how strong your cyber security position, there will always be a chance your business could fall victim to a cyber attack. Today, cyber attacks lead to loss of critical and confidential information, resulting in significant business interruption costs. A cloud disaster recovery solution is a service that provides organizations with failover capabilities and remote access to their systems and data, should they suffer from a disaster, failure, or cyber attack.

This acts as the last line of defense in securing and providing you with access to your data.

Whether you currently have an on-premise disaster recovery solution in a data center, your workloads are already in the cloud, or you have no recovery solution at all, you’re a candidate for transitioning to a cloud disaster recovery solution. This will protect your business, all while accelerating your journey to the cloud.

Before we dive into the cloud disaster recovery solutions available, here are important factors to consider before deciding which solution is right for your business:

  • Hybrid Cloud Journey: Is your organization still in the planning-phase of cloud migration? Was this recently deployed? Or are you already in a multi-cloud or hybrid environment?
  • Recovery Point Objective (RPO): This is the maximum acceptable amount of data loss that is measured in time. For example, if the RPO is 30 minutes, data must be backed up every 30 minutes.
  • Recovery Time Objective (RTO): This is the maximum length of time that is deemed acceptable between a potential failure or attack and the resumption of normal operations.
  • Data Protection: Both the amount of data and level of protection and retention that your data requires will help determine what solution is best for your business to ensure you’re meeting all compliance requirements.

Cloud Disaster Recovery Solutions:

Most companies need a cloud disaster recovery solution. However, there is no one-size-fits-all option. Depending on your business or enterprise’s specific needs, budget, and exposure, these are four industry-leading solutions to consider:

  1. VMware Cloud Disaster Recovery:

Delivered as a SaaS solution, VMware Cloud Disaster Recovery is the last line of defense against a ransomware attack, should all other solutions fail. With this solution, users can confidently respond to an attack and continue to access their data to keep their business running, significantly reducing potential business-interruption costs (which average $250k per hour for enterprises).

This solution allows you to scale your DR environment with a pay-as-you-go simplified pricing model and includes:

  • Immutable cloud-based snapshot support
  • Continuous disaster recovery health checks
  • Non-disruptive testing

2. VMware Cloud Disaster Recovery with Pilot Light

For VMware Cloud Disaster Recovery users, Pilot Light pre-provisions and pre-configures a small initial footprint of hosts. This smaller subset of SDDC hosts is deployed ahead-of-time to recover critical applications with lower RTO requirements than an On Demand approach.

Pilot Light assists organizations in reducing the total cost of cloud infrastructure by keeping a scaled-down version of a fully functional environment running in warm-standby while ensuring that core applications are readily available when a disaster event occurs. This provides an option for administrators to add extra SDDC hosts through Cloud Bursting and failover the remaining applications.

Pilot Light deployments are useful when you want to mitigate the costs of an SDDC deployment with a slightly longer Site RTO, but you still need a low VM RTO/DR Plan RTO for certain workloads.

3. VMware Cloud on AWS & Azure VMware Solution with Site Recovery

VMware Cloud on AWS with Site Recovery is an on-demand disaster recovery as-a-service (DRaaS) solution that’s fully managed by VMware and available for those who have deployed a Software-Defined-Data-Center (SDDC) on VMware Cloud on AWS.

This solution protects your workloads both on-premises and on VMware Cloud on AWS with VMware Site Recovery. This service is available on-demand (charged hourly and billed monthly), and through a 1-year or 3-year subscription plan, which are charged upfront.

Azure VMware Solution with Site Recovery is a similar product that is managed by Microsoft and runs on Azure. This can be used from both on-premise VMware to an Azure VMware solution private cloud, or from a primary Azure VMware solution to a secondary Azure VMware solution.

4. Azure Site Recovery

Microsoft’s Azure Site Recovery is a native disaster recovery as a service (DRaaS) that offers ease of deployment, cost effectiveness, and dependability.

A number of key benefits include:

  • It’s simple to deploy and manage
  • It reduces infrastructure costs
  • It minimizes downtime with dependable recovery

Azure Site Recovery helps your business continue to run applications throughout both planned and unplanned outages.

Next Steps: Secure Your Cloud’s Defenses

A cloud disaster recovery solution offers the last layer of protection, should your organization fall victim to a cyber attack. To learn more about which cloud disaster recovery solution fits your business’s individual needs, contact an Arraya expert today.

To learn more about cloud security best practices moving forward, check out our recent blog, Prepping for Cloud Security in 2022: Is Your Business Ready?

Visit https://www.arrayasolutions.com//contact-us/ to connect with our team now.    

Comment on this and all of our posts on: LinkedInTwitter and Facebook.    

Follow us to stay up to date on our industry insights and unique IT learning opportunities.    

by

As always, the holidays have crept up and are now in full swing. Folks are busy working to close out the end of the year, finish their holiday shopping, and, hopefully, host safe gatherings with friends and family. While this time of year brings so much to look forward to, the rush of the season can lead many to let their guard down.  

With several industries still feeling the strain of the pandemic, cyber hackers are ready to take full advantage of users’ distraction and activity.  

This year, we’ve compiled a list to help keep you aware and safe this holiday season, so you can spend time on what really matters.  

Here are four areas you should be focusing on: 

  1. Phishing & Ransomware Scams 

Ransomware continues to be a consistent threat to the digital world. This type of cyber attack involves bad actors who take over your computer, systems, or network and hold it ransom until you pay their demand.  

Ransomware attacks are usually carried out through phishing techniques (often email) and it’s anticipated that these will increase throughout the holiday season.  

There are several red flags to watch for that are signs of a phishing email attempt:  

  • Poor grammar and spelling errors 
  • Generic greetings, such as “Dear customer” 
  • Warnings of a low balance, account issue, or a request for your information 
  • Sender’s email address is illegitimate  
  • False sense of urgency, specifically related to short-term sales and limited supplies 

Scammers are constantly updating their techniques to trick users into providing private information. Any message that conveys a sense of urgency warrants a close review to ensure it’s legitimate before taking any action.  

  1. Phony Advertisements 

If it’s too good to be true, it’s probably a scam. Social media has become a common place for scammers to advertise and social media companies do not validate the legitimacy of advertiser websites and products.   

This year, hackers will be taking advantage of the many global supply chain issues that are affecting holiday shopping.  

Here are a few tips to help you verify a company and their website before doing any online shopping: 

  • Research the company: At the least, type their name into a search engine with keywords like, “scam” or “complaint” 
  • Verify the website: Websites that use encryption will start with “https” at the beginning of the URL, however, this is not a sure sign that the site is legitimate as hackers can also encrypt their websites 
  • Check your connection: Most internet browsers display a padlock icon to the left of the website’s URL, which demonstrates whether your connection is secure 

This year, and well into the future, it’s going to be necessary to vet all websites before doing any online shopping. Be wary of advertisements touting limited supply of hot items or prices that are unusually low. These scams rely heavily on emotion and human error with the hope that you’ll act before thinking twice.

  1. Use of Company Assets 

While our work and home lives are more intermingled than ever, it’s important to maintain certain boundaries to ensure you’re keeping your systems secure.  

While you may be extra vigilante in watching for phishing attempts in your work email, hackers may also target your employer through your personal email. Opening a potentially malicious personal email from your company laptop could lead to an attack on your organization’s entire network and assets. 

Overall, it’s best not to access personal inboxes or bank accounts on company devices and leave personal shopping to your own laptop or cell phone.  

  1. Travel & Proper WIFI Use 

With the holidays comes travel and with travel comes remote work. For those planning to log on during their travels, use public WIFI carefully and sparingly.  

When using public WIFI, others may be able to see what you’re doing and what information you’re sending or receiving. You should seek to limit public WIFI use, overall.   

Should there be situations in which you do need to log onto public WIFI, here are a few steps you can take to increase your security: 

  • Maintain a firewall policy: A firewall protects your network from unnecessary and unwanted network traffic and software. These can be configured to block data from certain locations, applications, or ports.  
  • Limit your activity: Use public WIFI for casual browsing only. If you’re looking up restaurants in your area or catching up on the news, public WIFI should be fine. However, hold off on any online shopping, banking, or work-related activity for a more secure network. 
  • Delete the network: As soon as you’re done, delete the WIFI network from your device so it doesn’t automatically connect in the future without you knowing.  

In general, using your cell phone’s WIFI hotspot is often a better alternative to public WIFI use.  

Next Steps: Proceed with Caution This Season 

As the world continues to grapple with the many ways the pandemic is affecting our life and work, cyber hackers are taking advantage of any continued confusion and turmoil. It’s important to be extra cautious this holiday season and into the new year.  

To learn more about protecting your business’s network and devices, check out our recent blog, The Top 8 Security Fails to Avoid to #BeCyberSmart.   

Take action in protecting your business today. Contact an Arraya expert to get started. 

Visithttps://www.arrayasolutions.com//contact-us/ to connect with our team now.     

Comment on this and all of our posts on: LinkedIn, Twitter and Facebook.     

Follow us to stay up to date on our industry insights and unique IT learning opportunities.    

by

When remote work became the norm in 2020, the need for remote collaboration capabilities became more important than ever. Many employees and organizations are now moving forward with a remote or hybrid workforce and don’t plan to look back. Throughout this process, Microsoft continuously reinvested in their products to bring new innovations to users, further enhancing our remote work and collaboration capabilities.   

For the first time in 10 years, Microsoft has announced that it will increase the prices of some of its commercial products. Starting March 1, 2022, pricing will be updated to reflect the increased value that these products are delivering to Microsoft customers.  

Here are the price increases that consumers can expect:  

  • Microsoft 365 Business Basic: increase from $5 per user to $6 per user  
  • Microsoft 365 Business Premium: increase from $20 to $22 
  • Office 365 E1: increase from $8 to $10 
  • Office 365 E3: increase from $20 to $23 
  • Office 365 E5: increase from $35 to $38 
  • Microsoft 365 E3: increase from $32 to $36 

It’s important to note that there will be no changes to academic licensing or consumer product licensing. 

Are You Taking Advantage of Microsoft 365’s New Features & Capabilities?  

Microsoft credits this price increase to the various apps and solutions that it’s launched over the last decade that enhance the user’s efficiency and work experience.  

These innovations include: 

  1. Communication and collaboration 

Microsoft Teams, which was launched in 2017, now has more than 250 million active users. This provides users with the capability to call, chat, host meetings, and collaborate remotely, all of which became even more vital in 2020.  

Since then, over 300 new capabilities were launched to further enhance the virtual collaboration experience and Microsoft is continuing to re-invest in this technology to accommodate the workforce’s future needs.  

  1. Security and compliance 

As cyberattacks increase in severity and complexity, Microsoft has added new attack surface reduction capabilities to defend against threats, including ransomware.  

New capabilities, such as data loss prevention (DLP), sensitivity labels, and message encryption help organizations maintain the integrity of their data. Further, Content Search, eDiscovery, and core Litigation Hold help businesses and enterprises respond to increasing regulatory concerns. 

  1. AI and automation 

New AI-powered innovations are allowing companies to be more productive with maps, charts, tables, email-sorting capabilities, and the capacity to translate and transcribe in real-time. AI-powered processes remove countless redundant tasks, allowing employees to focus on what matters most.  

Based on the most recent announcements at Microsoft’s Ignite 2021 conference, users can expect exciting innovations in collaboration, security, the cloud, and more, well into the future.  

Next Steps: Make the Most of Your Licensing 

When it comes to licensing, it’s important to work with a trusted partner who can make sure you’re spending your money wisely.  

Organizations should be paying for licensing that provides value to their company, without over-buying for licensing that’s not relevant to their needs. 

At Arraya, our experts can help you ensure you’re using your licensing in a cost-effective manner. Take advantage of our free licensing assessment to help you streamline your budget and get the most out of your investment.  

To learn more about Microsoft 365 licensing, contact an Arraya expert today.  

Visithttps://www.arrayasolutions.com//contact-us/ to connect with our team now.     

Comment on this and all of our posts on: LinkedIn, Twitter and Facebook.     

Follow us to stay up to date on our industry insights and unique IT learning opportunities.     

by

In this episode of the Arraya Insights Vodcast, our panel looks at the hybrid cloud journey and specifically, how the modern data center conversation has changed. They discuss the cloud-first mindset vs. traditional data centers, application modernization, challenges to cloud adoption, and more. Hosted by Chuck Kiessling, Senior Director, Presales Solutions, this episode’s panel includes Ron Longley (Director, Data Center) and Gary Funt (Senior Cloud Solutions Architect).

Prefer an audio format? Subscribe to our Arraya Insights Radio feed in your Apple or Android podcast catcher for an audio-only version of our vodcast. Or, you can use the player below.

https://soundcloud.com/user-166960433-952960141/arraya-insights-vodcast-hybrid-cloud-journey-the-data-center-conversation-has-changed?si=5e3eff647ab04d9cb8fde84a7c41a713

by

The workplace must be prepared for change. Whether companies seek to develop outside of their traditional core or adopt new workflows to remain competitive, change is a necessary process.

For many companies, one of the biggest changes they will face is a merger, acquisition, or divestiture. Within these scenarios, a Microsoft 365 tenant-to-tenant migration can be a large undertaking. This involves transferring ownership of the data within an existing 365 tenant to another tenant.

When preparing for a tenant-to-tenant migration, there are three elements to consider:

  • Data: What kind of licensing does the existing tenant have in comparison to the new tenant? What types of workloads are they using? Are any app issues anticipated? Is there sufficient space or room in the targeted tenant?
  • Devices: How many devices are involved? Is this number declining or increasing with the migration? Are these Azure Active Directory (AD) joined, or hybrid-Azure AD joined? What will be done with the devices? Are we unjoining them from the existing domain and re-joining them to the new domain?
  • Security: Are we going from a low security tenant to a high security tenant? Or the opposite? Are there differences in multi-factor authentication, mailbox auditing, or login auditing?

When developing your migration plan, these are all important questions to consider and be prepared to answer before beginning the migration.

Types of Migrations:

Your migration journey will depend on what type of migration you’ll be conducting. These fall into three categories, depending on the business scenario, including:

  • Tenant-to-tenant migration without rebranding: This involves a business unit and brand identity that have been sold together. The identities will migrate to a target tenant and will keep the existing domain as part of the migration.

A single-event migration is recommended for migrations smaller than 15,000 users or 7 TB of site content.

  • Tenant-to-tenant migration with rebranding: This involves a business unit that has been sold and will be adopted by the target company’s branding. The identities will migrate to a new target tenant and will change the brand identity as part of the migration.

Either a single-event migration or a phased migration is recommended. A phased migration offers lower risk but a longer timeline.

  • Cloud tenant move: This involves users being split across two tenants. The identities remain in the source tenant, but all users in the affected domain and all workloads are moved to a new cloud tenant.

A tenant move or split is recommended. This is similar to a single-event migration but does not include migrating accounts to a new on-premises AS DS forest. This approach is not intended for long-term coexistence.

Migration Events:

While the specifics of your individual migration will vary depending on the type of migration you require, you can expect your migration to include the following stages:

  • Prior: Send communication to each user and put mailboxes and content into read-only mode
  • During: Stop reverse forwarding mail to allow new email to be delivered to the target tenant, enable target accounts (if required), and complete the final data migration
  • Post: Users recreate their mobile profiles and client software is reconfigured (Outlook, OneDrive Sync Client, and Microsoft 365 apps activation)

Three Tips to Ensure a Successful Migration

There are several challenges that both the divesting company and the targeted company may face. It’s important to have a clear plan for the end state for both companies.

Here are our top three tips that we offer to customers who are preparing to complete a tenant-to-tenant migration:

  1. Understand your own security posture prior to the migration 

Your existing tenant should be as organized and tidy as possible, including security. If you’re compromised in any way prior to beginning the migration, there are going to be significant issues. You should be clear on your current security status to ensure the migration process is secure and have a plan in place for security within the new tenant.

2. Enable multi-factor authentication for all users

While multifactor authentication was once an extra precaution, it’s now a baseline security necessity. All users should be enrolled in and actively using MFA. This simple security practice is one of the most effective measures to prevent unauthorized access.

3. Set up analytics within your new tenant

This proactive step can help your business make smarter security decisions moving forward. Through analytics, you can monitor who is logging in and from where. Regular mailbox audits can reveal potentially dangerous mailbox forwarding that you may not have know about and more. Further, you can reduce any unnecessary mailboxes to keep your tenant streamlined and organized moving forward.

Next Steps: Prepare for Your Successful Tenant-to-Tenant Migration

To learn more, check out our recent Expert Q&A video, Microsoft 365 Tenant-to-Tenant Migrations.

Chuck Kiessling, Arraya’s Senior Director, Presales Solutions, and Tony Shaw, Arraya’s Senior Solutions Engineer, discuss design considerations, the hurdles many clients face, and general best practices for migrating an existing M365 tenant to a new tenant.

Whether you’re ready to get started with a tenant-to-tenant migration or you’d like to learn more, contact an Arraya expert today.

Visithttps://www.arrayasolutions.com//contact-us/ to connect with our team now.    

Comment on this and all of our posts on: LinkedIn, Twitter and Facebook.    

Follow us to stay up to date on our industry insights and unique IT learning opportunities.   

  

by

There’s no doubt that the COVID-19 pandemic has changed the workforce indefinitely. During the initial lockdown in March 2020, hundreds of thousands of workers left the office and logged into work at home, where they could safely social distance. While the pandemic continues today, newly lifted restrictions mean more workers are returning to the office and the future of the workforce is beginning to take shape.  

Many companies faced significant change throughout the pandemic, whether they granted employees remote access for the first time or experienced growth and added to their team.   

As some employees are now returning to the office, many companies are moving forward with a hybrid model to accommodate the fluctuating workforce and provide continued flexibility for employees. It’s likely that hybrid work will be considered standard moving forward. It’s time to consider if your network is ready and up to par with your current status. 

We’ve put together a return-to-work assessment guide to help companies make sure their network is ready to support their present needs.  

Return to Work Checklist

Here, we’ve compiled a list of the six aspects of your network that you should review to ensure you’re prepared for your current environment:  

  1. Internet Bandwidth 

Bandwidth is the maximum capacity for data transfer of an electronic communications system.  Most of the applications that companies rely on today, especially SaaS offerings, require internet connectivity. Traffic flows have shifted from on premises east/west, to north/south  egress of the company’s environment for most day-to-day resources.  

It’s not only important that companies have enough bandwidth, but that they’re utilizing their bandwidth efficiently. Are your failover methods static? It may be time to consider SD-WAN to resolve these issues.   

2. Wireless Capacity 

If your workforce’s headcount has changed since the start of COVID-19, you’ll need to consider the amount of people logging onto your company’s WIFI. Further, the number of devices per employee may have increased as well.  

If you scaled back throughout the pandemic, it may be time to increase your wireless capacity.  

3. Proper Segmentation 

Proper segmentation involves dividing your network into different segments based upon their individual function or business unit. This provides more granular control over your user base and the ability to apply security controls that are specific to the needs of each segment.  

For example, you can add all IoT devices (such as cameras, door card readers, or HVAC systems) into a specific segment with stricter security.  

Proper segmentation will provide visibility into user and server traffic flows. In addition, this acts as a tag for identification and ensures proper enforcement and dynamic assignment to these segments.  

4. Port Capacity 

Many businesses and organizations have grown since the start of the pandemic. It’s important to make sure that your existing switching environment has enough ports to support all your current users and devices.  

If users are returning to the office, the switching environment will need to be prepared to handle the uptick in throughput and bandwidth increases. The wireless infrastructure will also need to accommodate increased users.  

As your workforce shifts, maintaining the correct port capacity will help ensure your network runs smoothly. 

5. Security Policies  

Whether you have an on-premises, hybrid, or fully remote workforce, these configurations all require very different security solutions.  

Back in March 2020, businesses and industries rapidly changed to accommodate the challenges associated with the pandemic. At the time, many adopted a fully remote model to allow employees to safely work from home.  

Now, as employees are beginning to return to the office, it’s important to ensure your security policies are prepared to accommodate your current or changing configurations. For more information on securing your cloud, check out our blog: Prepping for Cloud Security in 2022: Is Your Business Ready? 

As cyber criminals continue their onslaught of attacks with no signs of slowing down, it’s important to ensure that your cyber security posture is up to date, and any vulnerabilities are addressed.  

6. Cloud Optimized Network 

Today, it’s all about remaining flexible and agile. Migrating to the cloud offers several key benefits that help businesses remain competitive, including security, scalability, and cost efficiency. You’ll no longer need to purchase or maintain server equipment or system administrators.   

Whether you’re considering a public, private, or hybrid cloud model, migrating to the cloud provides access to you and your employees to applications from anywhere in the world. In today’s changing workforce, migrating to the cloud is a logical step for a more flexible workforce. 

Next Steps: Reconsider Your Network 

Is your business prepared for the unknowns of the future of the workplace? Do you have the capacity for a hybrid workspace?  

Contact Arraya for a full network assessment. This is a tumultuous time for cyber crime, and everyone is a target. 

From ensuring your network has proper segmentation to helping you with bandwidth requirements, we can prepare your network for the modern workforce. In addition, we can review your licensing to ensure you’re not paying for things you don’t need. It’s important that your network is ready to both run efficiently and securely.  

Reach out to an Arraya expert to start a conversation today.  

Visithttps://www.arrayasolutions.com//contact-us/ to connect with our team now. 

Comment on this and all of our posts on: LinkedIn, Twitter and Facebook.     

Follow us to stay up to date on our industry insights and unique IT learning opportunities. 

by

Cyber-crime has dangerously increased in recent years.

Exacerbated by the COVID-19 pandemic, the average ransomware demand increased from $5,000 in 2018 to $200,000 in 2020. This year, we saw the largest ever ransomware payout by an insurance company at $40 million.

The onslaught of cyber-attacks continues to evolve with recent strikes on global IT chains targeted by a group tracked as NOBELIUM.

NOBELIUM uses multiple tactics, including a new tool called FoggyWeb malware, to steal credentials with the goal of gaining admin access to Active Directory Federation Services (AD FS) servers.

Summary of FoggyWeb Malware

Microsoft Threat Intelligence Center (MSTIC) reports there is a post-exploitation backdoor that is being referred to as FoggyWeb.

Microsoft states that the use of FoggyWeb has been observed in the wild since as early as April 2021 and they have been analyzing this backdoor ever since. NOBELIUM is the notorious group behind the infamous SolarWinds supply chain attack and Microsoft and Arraya have stayed vigilant in providing updates on the attackers’ activity.

NOBELIUM uses FoggyWeb to remotely exfiltrate the configuration database of compromised AD FS servers, decrypted token-signing certificates, token-decryption certificates, and to download and execute additional components.

Once NOBELIUM obtains credentials and successfully compromises a server, the bad actor relies on that access to maintain persistence and deepen its infiltration using sophisticated malware and tools. It was uncovered that in order to establish persistence and enable further compromise, it drops two files on the server.

That action requires administrator privileges in the first place, meaning this backdoor must build on previously compromised or stolen credentials.

Detection and Mitigation

Protecting AD FS servers is key to mitigating FoggyWeb.

Detecting and blocking malware, attacker activity, and other malicious artifacts on AD FS servers can break critical steps in known attack chains. An assessment of your AD FS environment will ensure the proper security configurations are in place.

Below are recommended mitigation items:

  • Ensure only Active Directory Admins and AD FS Admins have admin rights to the AD FS system
  • Reduce local Administrators’ group membership on all AD FS servers
  • Require all cloud admins to use multi-factor authentication (MFA)
  • Ensure minimal administration capability via agents
  • Limit on-network access via host firewall
  • Ensure AD FS Admins use Admin Workstations to protect their credentials. Secure admin workstations are limited-use client machines that are built to substantially reduce the risk of compromise from malware, phishing attacks, bogus websites, and pass-the-hash (PtH) attacks, among other security risks.
  • Place AD FS server computer objects in a top-level Organizational Unit (OU) that doesn’t also host other servers
  • Ensure that all Group Policy Objects (GPOs) that apply to AD FS servers apply only to them and not to any other servers. This limits potential privilege escalation through GPO modification.
  • Ensure that the installed certificates are protected against theft. This is one of the backdoor’s main targets.
  • Set logging to the highest level and send the AD FS and security logs to a SIEM to correlate with AD authentication as well as Azure AD (or similar)
  • Remove unnecessary protocols and Windows features
  • Use a long (>25 characters) and complex password for the AD FS service account
  • Update to the latest AD FS version for security and logging improvements (as always, test first)

Another mitigation strategy would be to consider moving application authentication from AD FS to Azure Active Directory if your environment permits (and certain pre-requisites are met). Migrating all your application authentication to Azure AD is optimal, as it gives you a single control plane for identity and access management.

Your applications may use modern or legacy protocols for authentication. When you plan your migration to Azure AD, consider migrating the apps that use modern authentication protocols (such as SAML and Open ID Connect) first. These apps can be reconfigured to authenticate with Azure AD either via a built-in connector from the Azure App Gallery, or by registering the application in Azure AD. Apps that use older protocols can be integrated using Application Proxy.

Next Steps: Make the Transition to Azure AD

As the next evolution of identity and access management, Azure Active Directory (AD) provides a single sign-on and multifactor authentication to protect users from 99.9 percent of cyberattacks.

Azure AD allows your employees to log on, whether remote or on-site, so they can effectively work from anywhere.

Contact an Arraya expert today to explore decommissioning AD FS and moving to Azure AD.

Visit https://www.arrayasolutions.com//contact-us/ to connect with our team now.

Comment on this and all of our posts on: LinkedIn, Twitter and Facebook.   

Follow us to stay up to date on our industry insights and unique IT learning opportunities.

by

While we were already on the forefront of digital transformation, the pandemic pushed us forward much faster than anticipated. From the Metaverse to new Teams collaboration tools, Microsoft Ignite 2021 – held virtually November 2-4, 2021 – had several exciting announcements that will enhance remote collaboration, all while focusing on security.  

Overall, Microsoft is working to better integrate its various services to make things easier to manage across all systems.  

We’ve compiled a list of announcements that we’re most excited about to keep you up to date: 

1. Azure Arc 

It was announced that directly connected mode in Azure Arc will be made generally available. This allows you to use all supported Azure services such as updates, Azure Monitor, Azure Cost Analytics, and more with your Arc-enabled data services.  

This mode will unlock many solutions for modernizing your data centers, data services, and your stateful applications.  

2. Mesh & the Metaverse 

This will be a collaborative platform for virtual experiences that will be integrated directly into Teams in 2022. This is an effort to combine mixed reality and HoloLens work with meetings and video calls that anyone can participate in, from anywhere.  

Users will be able to engage with eye contact, facial expressions, and gestures to allow real emotion to shine through. Users can log in through holoportation to project themselves as their most lifelike, photorealistic self in mixed reality to interact as if they’re there in person or opt for an animated avatar version.  

3. Microsoft Loop 

Microsoft Loop is the future of document collaboration. This app combines a powerful and flexible canvas with portable components that move freely and stay in sync across applications.  

Loop organizes everything in one place, including files, links, and data, to make it easy to track progress and co-create naturally with notifications, highlighted changes, status labels, task lists, and more.  

4. Microsoft Viva 

Customers will now be able to purchase Microsoft Viva as a suite (also available with a Glint HR platform add-on) to access all the generally available modules.  

Powered by Microsoft 365 and experienced through Teams, this employee experience platform brings together communications, knowledge, learning, resources, and insights in the flow of work.  

5. Teams 

Continuing its heavy emphasis on Teams, Microsoft announced that users will now be able to collaborate with people outside of their organization. This will allow users to connect with customers, vendors, partners, and more in a more efficient and secure way.  

This will ultimately include the ability to chat with people outside of their organization who are using a personal account.  

6. Security 

As security remains a top priority in today’s climate, Microsoft made several security-related announcements. 

Microsoft Defender for IoT 

Previously called Azure Defender for IoT, Microsoft Defender for IoT will now offer agentless network detection and response (NDR) that is rapidly deployed, works with diverse IoT, OT, and industrial control system (ICS) devices, and interoperates with Microsoft 365 Defender, Microsoft Sentinel, and external security operations center tools. 

Microsoft Defender for Cloud 

Previously called Azure Security Center and Azure Defender, Microsoft Defender for Cloud is a tool for security posture management and threat protection to strengthen the security posture of your cloud resources. Integrated with Microsoft Defender plans, it protects workloads running in Azure, hybrid, and other cloud platforms.  

By reviewing a single score, users can assess their current security situation: the higher the score, the lower the identified risk level. Further, users can feel more secure by hardening all connected resources and services and detect and resolve threats. 

Microsoft Defender for Business 

This new endpoint security solution is specifically built to bring enterprise-grade endpoint security to businesses with up to 300 employees, in a solution that is easy-to-use and cost-effective.  

To protect against extortion and disruption from ransomware, Defender for Business elevates security from traditional antivirus to next-generation protection, endpoint detection and response, threat and vulnerability management, and more. With intelligent, automated investigation and remediation, it offers simplified configuration and management.  

Users can expect the following capabilities: 

  • Threat and vulnerability management 
  • Attack surface reduction 
  • Next-generation protection 
  • Endpoint detection and response (EDR) 
  • Automated investigation and remediation 
  • APIs and integration 

Zero Trust: 

Throughout Microsoft Ignite, Zero Trust remained a key focus. Microsoft emphasized that this security strategy should provide maximum flexibility with maximum security. Passwordless authentication will now be generally available for organizations to deploy at scale. This will offer both increased security for your organization, with more simplicity for your users.  

Next Steps: Bolster Your Hybrid Work Capabilities with the Latest from Microsoft 

Microsoft continues to develop and enhance the way we connect, collaborate, and control our networks. As hybrid work is the future, they focused on empowering this new era of flexible work, providing the ability to innovate from anywhere, and protect everything with end-to-end security. 

To take advantage of Microsoft’s latest offerings, contact one of our subject matter experts who can help you determine what will best serve your organization.  

Visithttps://www.arrayasolutions.com//contact-us/ to connect with our team now.     

Comment on this and all of our posts on: LinkedIn, Twitter and Facebook.     

Follow us to stay up to date on our industry insights and unique IT learning opportunities.     

   

by

While advancements in technology can make significant improvements in our daily lives, they also increase the attack surface for hackers. Today, everyone has become a target and cyber criminals know they’re on a lucrative track. As long as there’s money in it for them, they’re not slowing down anytime soon.  

Implementing new technology has become vital for businesses across the board to remain relevant. Technology offers convenience to customers while allowing businesses to remain competitive, agile, and run more efficiently.  

For many businesses and enterprises, the journey to the cloud was suddenly put on hyper-speed throughout the last nineteen months of the pandemic. Migrating to the cloud offers several benefits, including scalability, flexibility, cost efficiency, and more. Remote and hybrid work have now become standard in the workforce. While it’s clear that cloud computing is the future, many cloud environments aren’t prepared for rapidly developing cyberattacks.  

There are still many unknowns surrounding the cloud and we anticipate that this will be a hacker’s main target moving forward.  

For those who are already taking advantage of cloud computing, or are planning to: Is your current risk mitigation strategy prepared for the potential risks of a cloud environment? It’s time to take an in-depth look at your security posture.  

4 Steps to a Secure Cloud Experience  

Cyber security for the cloud is much different than on-premises. While you may have had a robust risk mitigation strategy for your on-premises environment, this will no longer be sufficient in the cloud.  

While migrating to the cloud generally offers cost savings, it’s also important to recognize the potential financial consequences you may face, should you fall victim to a cyber attack.  

When you adopt new tools, you must also adopt new digital security solutions.  

If you’ve already migrated to the cloud, or you’re planning to, here’s what you’ll need to do next: 

Reconsider Your Security Settings 

The configurations you set up in your on-premises environment won’t be available once you’re in the cloud, including pre-constructed alerts. For example, if you had an alert set for a potentially dangerous email, this won’t populate automatically once you’re in the cloud. If you’re unaware, you could overlook an avoidable attack. 

The cloud requires a completely different tool set. All ancillary security controls that were by default on-premises will need to be reconfigured. This is why it’s so important to do a full security and disaster recovery review when using cloud computing.    

Understand Your Responsibilities 

For on-premises users, data is entirely controlled by their company’s IT team. However, operating in the cloud is a shared responsibility between the cloud user and the cloud provider. One of the biggest pitfalls new cloud-users may face is incorrectly assuming all responsibilities fall under the cloud providers’ domain. Many business owners are unaware of their own obligations.  

In general, the cloud provider is responsible for maintaining a secure infrastructure within its platform. The cloud user is responsible for application encryption, multi-factor authentication, network configuration, and application management.  

Classify Your Data 

Data should be classified into high, medium, and low sensitivity categories. Data always exists in one of three basic states: at rest, in process, and in transit. Confidential information must stay confidential no matter what state it’s in.  

You can break down your data classification into four steps: 

  1. Plan: Identify data assets, a data custodian to deploy the classification program, and develop protection profiles 
  1. Do: Deploy the program and implement enforcement technologies as needed for confidential data 
  1. Check: Validate reports to ensure that the tools and methods being used are effective 
  1. Act: Review the status of data access and review files and data that require revision 

By classifying your data, you can set your access controls to best protect your most important assets.  

Manage Access Controls 

Access controls allow you to select who has access to your cloud, when, and what they’re able to do with that data. Using proper authentication tools, such as multi-factor authentication, will help verify that the user is who they say they are.  

By both limiting the amount of people who have access to your cloud and granting specific clearance levels, you can help keep your data secure. In general, you should grant the least number of permissions possible and adopt the Zero Trust security model. This reduces risks related to both malicious actors and careless employees. 

Next Steps: Protecting the Cloud with the Right Tools  

While ransomware is one of the biggest threats we face today, there’s no telling what types of threats we may become exposed to in the future.  

The cloud is an in-demand and lucrative target for hackers. With cloud migration, everyone should be prepared to adopt new digital solutions to strengthen their security status.  

Businesses have a number of solution options today to tailor to their specific needs, including: 

  1. Cisco Umbrella 
  1. Cloud App Security  
  1. Lacework   

For more information on the future of cyber security, check out the Arraya Solutions 2021 Tech Summit Opening Keynote: 

Securing The Future: Unmasking Cybercriminals and the Triple Threat Facing Business and You 

Theresa Payton, the first female White House CIO and leading cyber security expert, walks us through some of the largest cybercrime incidents in history and how you can guard yourself from these attacks in both life and work. Theresa’s keynote and all of the 2021 Tech Summit sessions can be accessed on-demand here.  

It’s time to have a conversation about your risk strategy. Contact an Arraya expert today to implement the best available digital solutions to protect your organization.  

Visithttps://www.arrayasolutions.com//contact-us/ to connect with our team now. 

Comment on this and all of our posts on: LinkedIn, Twitter and Facebook.     

Follow us to stay up to date on our industry insights and unique IT learning opportunities. 

by

Chuck Kiessling, Arraya’s Senior Director, Presales Solutions, and Tony Shaw, Senior Solutions Engineer, Workspace, discuss Microsoft 365 tenant to tenant migrations.

Whether for a merger, acquisition, divestiture, or other scenario, Arraya’s experts walk through design considerations, the hurdles they see clients face, and process best practices when it comes to migrating an existing M365 tenant to a new tenant.