The fifth video from Arraya’s new series “5 Ways to Save in 5 Minutes” covers the topic of automation. Javier Barron, Arraya’s Director, Modern Workplace, and Chris Bovasso, Director, Application Services, discuss how automation can save organizations time and money, while optimizing efficiency and reporting.
In recent years, the conversation around security has shifted. As cybercrime has reached an all-time high, organizations have to be ready to identify and react to threats before they can cause disruption.
Security Information and Event Management (SIEM) is a security solution that will log data from security-related events, identify abnormalities, and generate alerts when appropriate to address possible security threats.
A SIEM security solution provides your business with the ability to filter and manage an enormous amount of security data. However, some organizations with an existing SIEM solution may now be looking to expand their capabilities or migrate to a more enterprise solution.
The best security information and event management providers will:
- Scale easily and provide rapid searches
- Offer integrations with a vast array of third-party platforms
- Afford easy-to-build parsers
- Extend backup by a large library of vendor-supported native partners
- Not tie you into a limited agent for event log collection
Is your SIEM technology providing you with all of these capabilities? If not, it’s time to migrate to a new SIEM provider.
This blog will outline some of the best SIEM solutions available to help you begin planning your migration.
Critical Capabilities for Security Information & Event Management & How to Ensure a Successful Deployment
Not all SIEM solutions and teams are created equal. Your SIEM technology should provide reliable threat detection for security events across your applications, network, endpoints, and cloud environment.
If you’re unhappy with your current SIEM cloud app security and you’re seeking a SIEM alternative, here’s how you can ensure you select the right tool moving forward:
- Build multidisciplinary SIEM management teams
Representatives from every facet of an organization, technical and non-technical, should be included in the rollout of a SIEM and in the ongoing management and optimization conversations.
- Define “use cases” to focus efforts
Configure your SIEM to monitor only the data streams deemed most actionable and most mission-critical, using your organization’s core philosophies and objectives to guide the way.
- Search with specificity
When querying large swaths of data stored within a SIEM, specificity is key. Refine searches by both eliminating data you aren’t looking for and narrowing them to what you are looking for.
- Make SIEM optimization a standing meeting
Regularly review the results that your SIEM is providing. This should be done with various stakeholders to ensure they continue to reflect the priorities and solutions used by each team. It may be best to make certain changes to SIEM configuration as soon as an environment changes rather than waiting for the next meeting in a sequence.
- Confirm regulatory obligations & plan accordingly
Many regulations won’t require years of searchable SIEM data. Instead, they can be met with just 90 days of logs. Confirm the exact extent of your obligation in order to keep storage costs down and keep data levels manageable.
- Start small and gradually expand
Focus on select key areas at the start and gradually expand as your team grows more comfortable with either the technology itself or the team that you’re partnering with to help manage your SIEM.
Looking for a SIEM Alternative? Consider These Top Security Information & Event Management Tools
Due to the sheer volume of cyber-attacks that businesses experience today, the best security information and event management platforms will juggle the balance of protecting your organization from alert fatigue and making sure you don’t miss the alerts that really matter.
IBM QRadar
IBM QRadar on Cloud was named a leader in the 2022 Gartner Magic Quadrant for the 13th time for its strong analytics and customization options.
IBM QRadar’s architecture provides:
- Real-time security insights, including alerts into and the management of incidents
- Unified search operations via XDR and automated processes for greater accuracy and efficiency
- A secure attack surface across endpoints, networks, and cloud workloads
- Consolidated data from all of your existing security solutions
As the persistence of cyber-attacks means security teams are forced to sift through countless incidents and alerts, QRadar’s incident forensics prioritizes high-fidelity alerts to ensure that no threat slips through the cracks.
Arctic Wolf
For those seeking a Managed Detection & Response solution while fulfilling your log source and retention needs, Arctic Wolf can deliver.
As an MDR provider, Arctic Wolf will allow your organization to:
- Develop greater insight into your security posture with broad visibility, 24×7 monitoring, and advanced threat detection
- Ensure threats are contained with managed investigation and guided response
- Learn from incidents and make sure they don’t happen again with custom rules and workflows that will harden your security posture
As Arctic Wolf’s SIEM tool is built into their MDR solution, their platform analyzes your security data, and their experienced team investigates any suspicious activity so your organization doesn’t have to.
Microsoft Azure Sentinel
As Microsoft security is based on decades of experience, Azure Sentinel managed service was named a leader in the 2022 Gartner Magic Quadrant. This is delivered as SaaS via Azure’s data centers.
Managed Azure Sentinel, a cloud native SIEM, provides
- Highly integrated security products
- Fast and continuous increases in functionality
- Usability and growth so you can scale across all users
- The ability to configure several conjoined Sentinel instances for complex environments
Artificial intelligence makes threat detection smarter and faster so your organization can detect threats that may have previously gone unnoticed.
Rapid7
Rapid7 was named a challenger in the 2022 Gartner Magic Quadrant and offers InsightIDR, which unifies SIEM, UBA, ABA, NTA, and EDR with your existing network and security stack.
Like Arctic Wolf, Rapid7 also includes MDR as a part of its offering and provides:
- United risk and threat detection
- Cloud risk management across your entire threat landscape
- Accelerated detection and response across your attack surface
With InsightIDR via Rapid7, you won’t waste time chasing false alerts or become desensitized to the ones that really matter.
Next Steps: Plan Your SIEM Migration with an IR Readiness Discovery Session
Working with a SIEM is a big job and Arraya can help. Our team can partner with you to ensure your SIEM is fully optimized and operational.
We’ll walk your team through a custom-built scenario designed to validate and refine its focus and configuration. Understanding your specific security issues and risks will allow us to help you select the right SIEM tools to ensure your data results in meaningful security actions.
Contact one of our Arraya Cyber Team experts today to learn more.
Visit https://www.arrayasolutions.com//contact-us/ to connect with our team now.
Comment on this and all of our posts on: LinkedIn, Twitter and Facebook.
Follow us to stay up to date on our industry insights and unique IT learning opportunities.
Multi-factor authentication has become a de facto technology for enhancing security for all types of applications from online apps to desktop apps to VPNs. We’ve all experienced receiving phone calls, text messages, and notifications after providing a username and password.
However, the experience of MFA within the Microsoft Authenticator app has been limited for Microsoft 365 users as compared to Microsoft Live account holders.
To address this discrepancy, Microsoft has announced the general availability of several security enhancements for Microsoft 365 users within the Microsoft Authenticator app.
The History of MFA Fatigue Attacks, Microsoft Live & Number Matching
Previously, Microsoft Live was susceptible to an attack called “MFA fatigue” in which users would only receive “Accept” or “Deny” prompts if they used the Microsoft Authenticator app.
MFA fatigue attacks involve an attacker who can correctly guess a user’s credentials by constantly pushing MFA prompts until the user gets to a point where they will hit “Accept” just to stop the prompts. MFA fatigue attacks have ramped up in frequency ever since the pandemic and have affected major corporations.
To address this vulnerability, Microsoft Live account users have previously utilized a feature called Microsoft Authenticator number matching for MFA. This verification method requires that the user choose the matching number seen on the sign-in screen within the notification.
We have heard from multiple Microsoft 365 customers that they wished this feature was available for their users. Fortunately, Microsoft has now provided general availability for companies to implement these enhancements to Azure AD security. This isn’t limited to just Azure number matching but also geo-location verification!
Azure MFA Authentication Methods: Number Matching & Geo-Location Verification
Geo-location verification will elevate a user’s awareness of whether their Microsoft 365 identities are under siege. With Geo-location verification, the MFA prompt includes a prompt to enter a number and show a digital map of their approximate location based on the public IP address.
“This feature is a key security upgrade to traditional second factor authentications.” – Microsoft
Typically, only Azure AD administrator roles were able to see geographic details for user access and user sign-in. Although this was helpful, it didn’t necessarily help users take proactive measures themselves. Further, admins may not always monitor sign-in logs to catch these attempts.
Now, users will be able to report these rogue sign-in attempts, MFA requests, and social engineering in general so their administrators can block the locations found with the appropriate access controls.
Next Steps: How to Implement These Features into Your Policy
Come February 27th, 2023, Azure AD multi-factor authentication and number matching will be enabled by default for all Azure tenants. This means that users who have the MS Authenticator app as their default authentication method will be forced to utilize number matching for MFA prompts.
To avoid unnecessary calls to your help desk, it’s best to get ahead of this transition. Number matching can be configured today in a phased approach using security group assignments and internal communications. Configurations can be done using the Azure Portal or Microsoft Graph.
There are also additional configurations to keep in mind if you utilize Azure AD MFA for ADFS or NPS. Users that do not use the Authenticator app will not see this change.
To learn more about the enablement of this feature, contact your Arraya account executive today.
Visit https://www.arrayasolutions.com//contact-us/ to connect with our team now.
Comment on this and all of our posts on: LinkedIn, Twitter and Facebook.
Follow us to stay up to date on our industry insights and unique IT learning opportunities.
The fourth video from Arraya’s new series “5 Ways to Save in 5 Minutes” covers the topic of consolidation. Javier Barron, Arraya’s Director, Modern Workplace, and Chris Bovasso, Director, Application Services, discuss how consolidation of workloads, applications, and processes, can increase efficiency and optimize your systems.
The third video from Arraya’s new series “5 Ways to Save in 5 Minutes” covers the topic of application integration. Javier Barron, Arraya’s Director, Modern Workplace, and Chris Bovasso, Director, Application Services, discuss how application integration can help users save time, energy, and reduce error, all while saving businesses money.
Microsoft Azure is a rich and intuitive cloud computing ecosystem that offers IaaS, PaaS, IDaaS, DaaS, and SaaS solutions for your business. Each type of service runs in a consumption model where you, the customer, rent the infrastructure and licenses at a metered rate.
This consumption model provides customers with the flexibility that fixed costs, like on-premises data centers, do not allow. You’re able to spend only on what you use, and resources can be spun up or down at any time. So, while a cloud-native strategy is touted as more cost-efficient, why are businesses slowing down their adoption of the cloud? For many, cloud spend has become a concern.
The pricing rates for Azure resources are dynamic and change month to month throughout the year. Any lack of internal operational readiness can become a burden on your fiscal outlook. According to Flexera’s 2022 State of the Cloud Report, organizations have self-estimated that they waste about 32% of their spending in the cloud and 59% of respondents noted that optimizing their use of the cloud is a top initiative.
However, with the right cloud cost optimization strategies in place, businesses can reduce costs and make sure their cloud infrastructure is running as efficiently as possible.
Data-Driven CloudMonitor: A Cloud Cost Optimization Solution
CloudMonitor is a third-party tool and cloud spend management software developed by Data-Driven, a new partner of Arraya Solutions. CloudMonitor identifies cost-saving opportunities, so you can weed out idle resources and only pay for what you need.
CloudMonitor introduces the concept of Financial Operations (FinOps) which is the practice of maximizing your business value by getting engineering, finance, and executive leadership involved in cloud decisions and policy. By developing software that all parties in a business can use, it opens opportunities for different departments to be involved in the overall cloud spend optimization journey.
CloudMonitor vs. Native, First-Party Tools
Alongside the Well-Architected Framework, customers may find using Microsoft’s native cloud cost management tools can increase their cloud adoption and help in controlling cloud costs.
The Azure Cost Management suite, Microsoft’s native cost management tooling, consists of tools like Cost Analysis, Cost Alerts, Budgets, Advisor recommendations, and Azure reservations. We typically review cost optimization planning with our customers using Cost Analysis and Advisor recommendations.
However, these tools are more for the technical-minded and are not as user-friendly. Data-Driven’s CloudMonitor is a proven, effective, and user-friendly platform that drives inter-departmental efforts to control wasteful cloud spend. CloudMonitor offers a user-friendly dashboard out the gate that provides easy-to-understand charts and graphics showing exactly what is being spent in Azure.
Here is a sample of what to expect in the CloudMonitor dashboard:
Key callouts in the dashboard include:
- Month-over-month spend
- Total cost in a year (period)
- Projected cost for the rest of the fiscal year
- Potential monthly savings based on Data-Driven’s recommendations
CloudMonitor Use Cases: By Department
If you’re in finance, cloud spend analytics, including month-over-month and fiscal year projections, are a key benefit. When CloudMonitor is provisioned, you input when your fiscal year starts (ex. January 01). Additionally, you can dive further into cost variances and anomalies provided in the Power BI app menu.
If you’re in engineering, CloudMonitor allows you to see not only cost information, but information surrounding the Well-Architected Framework such as Security, Performance, Operational Excellence, and Reliability.
If you’re in an executive position like CTO, you’re able to view recommendations and plan out how to implement the recommendations without incurring downtime. Additionally, CloudMonitor allows you to dig into a resource to see exactly what services within the resource are driving costs.
Accessing the CloudMonitor Dashboard
The CloudMonitor dashboard is accessible using a provided Power BI app template that is offered to Power BI Pro subscribers. Power BI Pro standalone comes with a 60-day trial. If you have an E5 license, the service is included within the subscription.
As an alternative to Power BI, CloudMonitor comes with an administration portal which can be accessed by Azure AD users in the tenant. In the admin app page, you’re able to configure cost groups. Cost groups allow you to bundle similar resources together so you can manage just those resources as a whole unit.
You’ll be able to see unique recommendations and insights on those cost groups and only those assigned to the cost group can see the information. Lastly, you can protect the administration portal with multi-factor authentication.
CloudMonitor Features
CloudMonitor comes with other features such as Smart Scheduling, Cost Anomaly detection, and real-time alerting in MS Teams. The best part of it all is that the data CloudMonitor gathers is yours!
CloudMonitor infrastructure is deployed in your tenant and only you, the customer, have access to the data, as well as CloudMonitor support. CloudMonitor cannot see any data inside of resources like VMs or databases, so any sensitive data (like PII) is safe from prying eyes. Deleting CloudMonitor is simple as all resources are deployed in a managed resource group which can be deleted like any other resource group.
Next Steps: Achieve More Value from Cloud Spend Management with Arraya’s Managed Services
Cloud services offer unmatched accessibility, flexibility, and scalability. With the right cloud spend management platform, your business can ensure you’re optimizing both your cloud experience and costs.
Not only can our team implement CloudMonitor for your business and help get your cloud ROI back on track, but our managed services team can also help your organization stay on track. This is the most cost-effective way to manage your cloud spend. Don’t invest in optimizing your cloud spend only to let it get out of control all over again.
Continuous cloud spend management will allow your business to achieve more value from your cloud investments in the long run.
To learn more about Azure cost optimization of your cloud environment or if you would like a demo of CloudMonitor, contact your Arraya account executive today!
Visit https://www.arrayasolutions.com//contact-us/ to connect with our team now.
Comment on this and all of our posts on: LinkedIn, Twitter and Facebook.
Follow us to stay up to date on our industry insights and unique IT learning opportunities.
SharePoint is Microsoft’s hub for storing, organizing, file sharing, and accessing information across your organization. Launched in 2001, SharePoint has been a trusted product that millions of users depend on every day.
Whether reviewing documents in real-time while video calling, or collaborating in group chats, users familiar with these common tools are reliant on SharePoint. As more companies embrace digital transformation via cloud computing, SharePoint Online has quickly become dominant over an on-premises environment.
For those on-premises users who are unsure of their next steps, this blog will break down the benefits of moving to SharePoint in Microsoft 365 and why migrating SharePoint to the cloud is the true future-proof option.
Why Should You Move to SharePoint Online?
While every organization has different needs, it’s important to understand your options and how these options can make an impact. For transitioning to SharePoint Online, the benefits are clear:
- No More End-of-life Concerns:
Your on-premises SharePoint environment will only be supported by Microsoft for so many years:
| Listing | Start Date | Mainstream End Date | Extended End Date |
| SharePoint Server 2013 | January 9, 2013 | April 10, 2018 | April 11, 2023 |
| SharePoint Server 2016 | May 1, 2016 | July 13, 2021 | July 14, 2026 |
| SharePoint Server 2019 | October 22, 2018 | January 9, 2024 | July 14, 2026 |
While existing on-premises users do have some time, there’s little value in updating to another on-premises environment when you’ll be facing end-of-life not so far down the road.
By migrating to SharePoint Online, you won’t face these end-of-life deadlines and your investment in this technology will be extended much further, reducing your technical debt.
- No Hardware Requirements:
SharePoint Online is hosted in the cloud so your organization will not need to own, administer, or maintain back-end servers. This will all be handled by Microsoft directly.
The only requirement for a cloud-based SharePoint framework is your web browser.
- Improved Security:
Security should be a top consideration for businesses when deciding where to host data and files. Cybercrime continues to rise with the average total cost of a cyber-attack reaching $4.35 million in 2022.
With an Office 365 migration for SharePoint, your organization can leverage your existing security groups as far as your users/permissions. Whatever was previously established in O365 and Azure Active Directory can be implemented directly into SharePoint, making administrating permission and controls much more streamlined and efficient.
- Enhanced Functionality:
One of the main functionality benefits of migrating SharePoint to the cloud is its ability to integrate with O365 and your third-party applications. This enhances collaboration efforts as SharePoint Online is accessible from any device, making group chats via Microsoft Teams, sharing files and folders, video calling, and collaboration in real-time easier than ever.
SharePoint Online will natively interact with both Power Platform and Power Apps so it’s no longer necessary to deploy code/WSP packages. You simply create a Power App and link it up to your SharePoint site. Overall, there are more features available in SharePoint Online that may never be available in an on-premises environment.
- Cost Savings:
On-premises environments require upfront installation costs. With a cloud SharePoint environment, a subscription model allows your business to easily scale up or down, depending on your current needs for added flexibility.
Users no longer have to buy or maintain their own servers and all updates come from Microsoft directly, requiring no in-house efforts on your business’s part.
Ultimately, the benefits of SharePoint Online significantly outweigh staying on-premises. For those who are unsure of when to make this transition, there’s no time like the present. As your on-premises SharePoint environment will only be supported for so many years, there’s no reason not to migrate directly to the cloud moving forward.
Next Steps: Get Started with Arraya’s SharePoint Migration Services
As a Microsoft Gold Partner, our migration services can handle the complexities of SharePoint migrations of any kind for a no-impact transition.
We can assess your existing SharePoint environment to determine what’s needed and what’s not before making the transition. Think of this as spring cleaning. There’s no need to take those dusty old boxes with you if the contents aren’t necessary anymore.
Using the latest SharePoint migration tools, we conduct extensive research to design and build a SharePoint home that is sound and user-friendly for your data so employees can easily find what they’re looking for.
As we migrate content and all shared folders in the background, there will be little to no impact or disruptions for users. Once the migration process is complete, we go through your modern SharePoint Online environment with you to locate and correct any potential trouble spots.
For more information on making the move to SharePoint Online, check out our Expert Q&A video: When Should You Move to SharePoint Online?
To get started on your SharePoint migration journey, contact an Arraya expert today.
Visit https://www.arrayasolutions.com//contact-us/ to connect with our team now.
Comment on this and all of our posts on: LinkedIn, Twitter and Facebook.
Follow us to stay up to date on our industry insights and unique IT learning opportunities.
The second video from Arraya’s new series “5 Ways to Save in 5 Minutes” covers the topic of reporting & analytics. Javier Barron, Arraya’s Director, Modern Workplace, and Chris Bovasso, Director, Application Services, discuss the importance of utilizing strategic data from operational processes to truly measure the success of your organization.
As businesses and enterprises face increased costs with no signs of slowing down, it’s time to optimize your budget.
At Arraya, we focus on the many ways you can utilize the technology you’re likely already paying for. Now is not the time to leave money on the table. With Microsoft’s Power Platform, businesses can enhance productivity, innovation, and collaboration through low-code tools.
At this year’s Microsoft Ignite 2022 conference, Microsoft highlighted the ways customers can make the most out of their technology investments.
Technology demands are increasing and it’s time to take advantage of low-code automation. By infusing artificial intelligence (AI) into processes, businesses can do more without spending more. Here’s how the latest from Power Platform can help modernize your business practices.
Power Platform: Build End-to-End Business Solutions
Power Platform is made up of low-code automation solutions, including Power BI, Power Apps, Power Automate, and Power Pages. These solutions allow businesses to streamline their processes across their data, applications, workflows, and more. Backed by the smart, secure, and scalable Microsoft Dataverse, business users can be more agile without sacrificing their security.
Microsoft Power BI
Power BI is an analytics and dashboard tool that empowers businesses to collect, utilize, and review their data to provide actionable insights.
With Power BI, users can:
- Transform data into visual data models that can be shared with colleagues on any device
- Collaborate and share customized dashboards and interactive reports
- Visually explore and analyze data – on-premises and in the cloud – all in one view
- Scale across your organization with built-in governance and security
This low-code platform is available as either Power BI Desktop, a downloadable application, or as Power BI Service, a software-as-a-service.
What’s New? Power BI’s interactive charts can now be shared directly from Microsoft 365 via OneDrive and SharePoint. This feature is currently in private preview.
Microsoft Power Apps
Power Apps is a low-code programming solution that builds custom applications, without the need for professional software development. Your team can build and launch apps right away using pre-built templates, a drag-and-drop interface, and quick deployments.
The benefits of Power Apps include:
- Creating low-code applications that enable business transformation and improved business outcomes
- More advanced and faster decision-making due to improved access to information
- Increased employee satisfaction as users have more control over their work due to the ability to create applications that increase efficiency
- Secure applications that tie into Azure Active Directory and Microsoft’s security solutions
This form of application development costs 74% less and eliminates the need for vendor license costs.
What’s new? Now, coauthoring in Power Apps can be done in real-time, making development easier than ever.
Creators can now work together on the same app and page at the same time for easier collaboration and teamwork. Users will be able to see changes as they’re happening. This new feature is currently in preview.
Microsoft Power Automate
Power Automate provides users with the capability to streamline repetitive tasks and paperless processes through process automation. With this low-code workflow automation, businesses can boost the efficiency of their standard processes and cut down on busy work for employees.
For a specific low-code automation example, check out our webinar: Simplifying HR Processes with Power Platform.
What’s new? Power Automate has a new, low-code automation tool. This allows you to describe what you want to automate in a sentence, and AI will build the flow with natural language processing in seconds. The process of writing expressions to utilize data when automating workflows can now leverage AI to reshape data for more straightforward expression authoring.
Microsoft Power Pages
Announced in preview in May 2022, Power Pages creates secure, low-code business websites that will enhance your customers’ experience.
These in-demand websites (FAQ pages, partner portals, or self-support sites) can get the right information to the right people, without custom code.
What’s new? Power Pages is now generally available. It has a simplified business model by moving to capacity-based subscriptions and pay-as-you-go meters. The licenses are charged per website via monthly authenticated and anonymous users. There is no longer a distinction between internal and external authentication users.
Infuse AI into Your Business Processes with AI Builder
We would be remiss to leave out this crucial Power Platform capability. AI Builder provides AI models that are designed to optimize your business processes, making implementing AI easier than ever in both Power Automate and Power Apps.
You can either build custom models tailored to your specific needs or choose from prebuilt models that are ready to tackle common business scenarios.
Create document automation, process approvals, detect images, and test, all with pre-built models. This can be done through either robotic process automation (RPA) or process orchestration.
AI Builder uses Intelligent Document Processing (IDP), which is a software solution that captures, transforms, and processes data from documents. IDP solutions can extract data from:
- Structured documents: Pre-defined documents with a set layout, such as a loan application or tax form
- Unstructured documents: Freeform documents like a memo or contract
- Semi-structured documents: Documents that combine a fixed and free-form structure
In the latest release, IDP will have enhanced performance in table extraction, document classification, personal information identification, and in its ability to detect signatures.
Next Steps: Turn Great Ideas into Impactful Solutions
Rather than spending more, these low-code Microsoft tools provide an opportunity to take matters into your own hands. Solve real problems within your business processes with technology you probably already have in-house.
To learn more about automation, check out our blog, Harness the Power of Microsoft Teams: How to Take Advantage of All That Teams Offers. Here, we dive into ways you can eliminate redundant tasks with everything from bots to connectors to Power Virtual Agents.
To learn more about low-code automation with Microsoft, contact one of our Arraya experts today.
Visit https://www.arrayasolutions.com//contact-us/ to connect with our team now.
Comment on this and all of our posts on: LinkedIn, Twitter , and Facebook.
Follow us to stay up to date on our industry insights and unique IT learning opportunities.
The first video from Arraya’s new series “5 Ways to Save in 5 Minutes” covers the topic of licensing rationalization. Javier Barron, Arraya’s Director, Modern Workplace, and Chris Bovasso, Director, Application Services, discuss how organizations can evaluate the licensing they already have to determine whether they utilizing it to its full potential without overpaying. This exercise can deliver cost savings, reduce complexity, and maximize value.