The date: Tuesday 19th July.
The venue: The Kew auditorium on the 5th Floor at the impressive new Microsoft UK offices in Paddington, London. (Check out the view from the lift below and you’ll see what I mean)
The hosts: System Professional and Microsoft.
The presenters: Wayne Emerson (System Professional – Commercial Director) and Andrew Butler (Microsoft Partner Technology Strategist – Office 365 and Enterprise Mobility).
Wayne is seated on the left-hand side and Andrew is (looking pensive) in the middle of the shot below;
The event: “Microsoft’s Enterprise Mobility Suite – Why it’s More Than Just a Mobile Device Management Solution.”
On the hottest day of the year (34 degrees and rising) so far, a range of IT Directors / Managers and Mobility Specialists from across the Engineering, Finance, Charity, Construction and Software sectors braved the latest bout of rail transport challenges and Mediterranean temperatures for System Professional’s latest Microsoft event.
Thankfully the air-con in the Kew room was primed and we got underway with the first of the two presentations;
1st Session – Enterprise Mobility and Security
After Wayne opened the event, Andrew started his first technical presentation and gave the context for the briefing – how users’ expectations and demands of IT have changed, the increasing pressures on IT to permit greater freedom and flexibility but still retain control of critical company data and applications.
Microsoft have developed a suite of products (Microsoft EMS) that acknowledge, address and resolve these seemingly conflicting objectives – and ultimately make things easier for both IT and users.
Andrew outlined how in the Microsoft mobile first, cloud first world, “Identity is absolutely critical – and is at the core of everything.”
He elaborated further and explained that Identity is at the core of Enterprise Mobility, for both on-premise and Cloud, via Single sign-on and Microsoft Azure Active Directory. This one identity then enables secure access to thousands of applications.
After highlighting that Microsoft have been confirmed as a Leader in the recent “Gartner Magic Quadrant for Identity Management” (see the full IDaaS report for June 2016), he took a delegate question about Okta and confirmed it is seen as the biggest competitor to Microsoft in the IDM space.The following topics were then covered in quick succession;
• How to monitor and protect access to Enterprise Apps.
• Identity driven security – managed by Location IP range, Device State, User Group and Risk.
• Azure AD Identity Protection and Privileged Identity Management.
• The ability to collaborate with partners and consumers.
Enterprise Mobility Management with Intune is a key area for System Professional. Andrew explained how Intune helps organisations provide users with access to corporate apps, data and resources from virtually everywhere, whilst ensuring device and resource security.
It allows IT to address and manage issues above and beyond a simple MDM requirement and extend to Apps and PCs. The mantra here is Enrol, Provision, Manage and Protect, Retire – enabling a comprehensive Lifecycle Management process;
• Mobile Device Management
• Mobile Application Management
• PC Management
With Intune, there is a new (enhanced) intuitive dashboard that allows you to manage devices from virtually anywhere, manage software deployments, configure and deploy policies, as well as respond to alerts and view reports. You can also evaluate policy compliance for the device itself.
Conditional Access for Office 365 was covered as well as the Exchange on-premise option. Then “Enterprise Data Protection” for Windows 10.
The final demo before the break centred around Mobile Application Management and how to maximise productivity while preventing company data leakage by restricting actions such as cut, copy, paste and save as between Intune-managed apps and unmanaged apps.
Refreshed with coffee and pastries, it was time for the 2nd element of Andrew’s technical presentation;
2nd Session – Azure Information Protection, Advanced Threat Analytics, & Cloud App Security:
Andrew explained how the second presentation would cover both live products currently available and also some of the future initiatives that are coming down the line with Microsoft, particularly on the security side of things.
He started with the Azure Rights Management vision – how this covers Encryption, Access Control, Policy Enforcement, Document Tracking, Document Revocation, Classification and Labelling.
The (relatively) recent Secure Islands acquisition from November 2015 was explained in some detail, along with an outline of how their security technologies have been integrated into the Azure Rights Management Service (Azure RMS). Andrew then covered Azure Information Protection and how the Microsoft engineering team have built on the Secure Islands data classification and labelling technology.
(A more detailed summary of Azure Information Protection by Dan Plastina on the Microsoft Technet Blog site in June 2016 can be found here)
The context of new, changing and emerging security threats were highlighted and how Microsoft is analysing, addressing and resolving these challenges – “The frequency and sophistication of cybersecurity attacks are getting worse.”
Andrew detailed how compromised user credentials are seen in the vast majority of security breaches and intruders typically stay (undetected) in the network for an average of 8 months. Obviously, this has significant implications for businesses, in terms of staff accountability, brand reputation, and potential data as well as financial losses.
Data leaving the organisation is seen as one of (if not the) top security concerns and for some light relief, he showed a Jimmy Kimmel YouTube clip around user behaviour and (lack of) password integrity.
UEBA – User & Entity Behaviour Analysis – was explained and how this creates a different way of assessing and alerting IT to new security threats.
Traditional IT security solutions are seen as 1. Complex 2. Prone to False Positives and 3. Designed to Protect the Perimeter. Therefore, we need an on-premise solution that identifies advanced security attacks before they can cause damage. The Microsoft solution is Advanced Threat Analytics (ATA).
In his overview of ATA, Andrew gave the comparison to credit card monitoring. If unusual or abnormal behaviour is observed, the cardholder is notified. ATA can therefore be seen as a comparable on-premise solution that uses behavioural analytics to identify advanced security attacks and insider threats.
After showing how ATA works, Andrew then demonstrated a topology gateway that would enable an ATA installation.
The final ATA slide revealed “What’s New in Advanced Threat Analytics 1.6”, including both new and improved existing detections, easier deployment, improved performance and expanded SIEM support.
We then moved onto the final presentation section of the day “Cloud App Security – Obtaining Visibility and Control over your SaaS Apps.”
Again, Andrew gave the business context for the technical innovation and outlined how security is seen as a key challenge in holding back Enterprise SaaS adoption, but also how more than 80% of employees admit to using non-approved SaaS in their daily jobs according to a survey in Computing magazine. Cloud App Security has been designed to provide both Visibility and Control to IT.
So, what does Cloud App Security provide?
The next demo covered the Cloud App Security Dashboard / Console, and the granular reports for Activities monitored, Files monitored, Users monitored, Activities blocked, User notifications, Open alerts and both Activity and Content violations.
The tool works on a basis of Discover > Investigate > Control > Alerts.
The final slide covered the Microsoft latest licensing and the entitlements available with the different EMS E3 and E5 plans;
So, lots to absorb and take in.
A special System Professional thank you goes out to Andrew Butler from Microsoft for delivering both technical presentations on the day. If you get a chance to hear Andrew speak at an event, then make the most of it – he is not just a real subject matter expert, but is a great presenter. He is really passionate about the Microsoft technology and his evangelist role, and most importantly kept an audience interested, amused and engaged for 2.5 hours.
The delegate feedback (which we monitor closely) on the Microsoft content and technology overview was really positive, although we need to work on providing a bigger lunch next time round judging by a few of the comments…..
So keep a look out for future System Professional and Microsoft tech briefings – we hope to get something organised for the autumn / winter 2016. Watch this space….