CISA releases two Industrial Control Systems Advisories

This article is contributed. See the original author and article here.

CISA has released two Industrial Control Systems (ICS) advisories on September 01, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. 

CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations: 

Announcing General Availability (GA) of Zone Redundancy for Azure SQL Database Hyperscale tier

Announcing General Availability (GA) of Zone Redundancy for Azure SQL Database Hyperscale tier

This article is contributed. See the original author and article here.

We are excited to announce the General Availability (GA) of enabling Zone Redundancy for Azure SQL Hyperscale databases. The zone redundant configuration utilizes Azure Availability Zones to replicate databases across multiple physical locations within an Azure region. By selecting zone redundancy, you can make all layers of your Hyperscale databases resilient to a much larger set of failures, including catastrophic datacenter outages, without any changes of the application logic. For more information see Hyperscale zone redundant availability


 


Creating a zone redundant Hyperscale Database


 


A zone redundant Hyperscale database can be created with Portal, Azure CLI, PowerShell, or REST API. Zone redundancy for Hyperscale service tier can only be specified at database creation. This setting cannot be modified once the resource is provisioned. Database copy, point-in-time restore, or creating a geo-replica can be used to update the zone redundant configuration for an existing Hyperscale database.


 


Portal


The following image illustrates how to use Azure portal to configure a new Hyperscale database to be zone redundant. This can be configured in the Configure database blade when creating a new database, creating a geo replica, creating a copy database, doing a point in time restore or doing a geo restore. Zone-redundant or Geo-zone-redundant backup storage and at least 1 High-Availability Secondary Replica must be specified.


 


RajeshSetlem_0-1659597410620.png


 


CLI


The following CLI commands can be used to create a zone redundant Hyperscale database using the –zone-redundant {false, true} parameter.



The Hyperscale database must have at least 1 high availability replica and zone-redundant or geo-zone-redundant backup storage. Below is an example CLI command for creating a new zone redundant Hyperscale database.


 


 


 


 

az sql db create -g mygroup -s myserver -n mydb -e Hyperscale -f Gen5 –ha-replicas 1 –-zone-redundant -–backup-storage-redundancy Zone

 


 


PowerShell


The following PowerShell commands can be used to create a zone redundant Hyperscale database using the -ZoneRedundant parameter.



 


The Hyperscale database must have at least 1 high availability replica and zone-redundant or geo-zone-redundant backup storage must be specified. Below is an example PowerShell command for creating a new zone redundant Hyperscale database.


 


 


 

New-AzSqlDatabase -ResourceGroupName "ResourceGroup01" -ServerName "Server01" -DatabaseName "Database01" -Edition “Hyperscale” -HighAvailabilityReplicaCount 1 -ZoneRedundant -BackupStorageRedundancy Zone

 


 


 


Current Limitations


 



  • Zone redundant configuration can only be specified during database creation. This setting cannot be modified once the resource is provisioned. Database copy, point-in-time restore, or creating a geo-replica can be used to update the zone redundant configuration for an existing Hyperscale database. When using one of these update options, if the target database is in a different region than the source or if the database backup storage redundancy from the target differs from the source database, the copy operation will be a size of data operation.

  • Named replicas are not currently supported.

  • Only Gen5 compute is supported.

  • Zone redundancy cannot currently be specified when migrating an existing database from another Azure SQL Database service tier to Hyperscale. 


Regions where this is available


All Azure regions that have Availability Zones support zone redundant Hyperscale database.


 

Public Preview: Leverage Azure Active Directory Kerberos with Azure Files for hybrid identities

Public Preview: Leverage Azure Active Directory Kerberos with Azure Files for hybrid identities

This article is contributed. See the original author and article here.

We are excited to announce Azure Files integration with Azure Active Directory (Azure AD) Kerberos for hybrid identities. With this release, identities in Azure AD can mount and access Azure file shares without the need for line-of-sight to an Active Directory domain controller.


 


Until now, Azure Files supported identity-based authentication over Server Message Block (SMB) through two types of Domain Services: on-premises Active Directory Domain Services (AD DS) and Azure Active Directory Domain Services (Azure AD DS). On-premises AD DS requires clients to have line-of-sight to the domain controller, while Azure AD DS requires deploying domain services onto Azure AD and domain joining to Azure AD DS. Azure AD Kerberos is a new addition to these identity-based authentication methods. Azure AD Kerberos allows Azure AD to issue Kerberos service tickets over HTTPS for service applications in Azure AD. This removes the need to setup and manage another domain service, while also removing the line-of-sight requirement to the domain controller when authenticating with Azure Files. For this experience, the clients connecting to Azure Files need to be Azure AD-joined clients (or hybrid Azure AD-joined), and the user identities must be hybrid identities, managed in Active Directory.


 


This experience builds on what we previously announced for FSLogix profiles support. Now, the experience is much simpler, and the use cases are no longer limited to Azure Virtual Desktop user profiles.


 


blogteaser.jpg


 


To learn more and get started, visit our documentation page.

The AI-powered contact center, part 4: Enhance contact center security with biometric authentication

The AI-powered contact center, part 4: Enhance contact center security with biometric authentication

This article is contributed. See the original author and article here.

When a customer needs support, they not only expect fast, convenient ways to get help, but also to have their personal information protected. However, when verifying that people are who they say they are, many contact centers use traditional authentication methods that are no longer fit for purpose. That’s why the biometric security on the Microsoft Digital Contact Center Platform is so essentialwith biometrics, contact centers can provide intelligent fraud prevention and fast, effortless customer authentication. 

Why contact center security must change

The classic methods for verifying customer identities and weeding out fraudsters depend on knowledge-based authentication (KBA)the PINs, passwords, and security questions we are all familiar with.

However, KBA causes problems in multiple ways:

  1. It’s very easy for fraudsters to steal, buy, or phish for customers’ information, which makes it simple for them to pass KBA checks.
  2. Lengthy authentication processes add friction to the customer journeyand often have to be performed multiple times as customers move between channels.
  3. Customers expect brands to know who they are; they don’t want to sit through an interrogation to prove their identity.
  4. Customers often lose or forget the authentication information they need, increasing the time, effort, and frustration of the interaction as they search for usernames and passwords.

That is why biometric security is so important for helping organizations protect their customers and their business.

With biometrics, organizations can leave the issues of KBA in the past by enabling fast, frictionless, and accurate authentication for genuine customers while quickly detecting fraudsters and preventing fraud in every channel.

By layering voice, behavioral, and conversational biometrics (how people sound, how they behave, and what they say) with non-biometric factors, a central AI risk engine can make intelligent assessments of authentication and fraud risk. By using biometrics, the system can identify the actual person behind the interaction, rather than just the information they have or the device they are using.

And now that Nuance Gatekeeper biometric security is closely integrated with Microsoft products on the Microsoft Digital Contact Center Platform, our combined solutions will multiply the benefits for all our customers.

Seamless authentication

The combination of Gatekeeper and Microsoft Dynamics 365 Customer Service on the Microsoft Digital Contact Center Platform will help strengthen the overall identification and verification (ID&V) process and give agents tools that help them provide seamless service across any channel. While customer relationship management (CRM) data provides the customer ID, multimodal biometrics bolsters verification to validate customer identities quickly and accurately. Meanwhile, call validation detects common fraud tactics like Automatic Number Identification (ANI) spoofing, and environment detection interrogates the trustworthiness of device and network signals.

Stronger fraud prevention

As stated earlier, biometric security has a dramatic impact on organizations’ ability to detect and prevent fraud in customer engagements across any channel. Dynamics 365 Fraud Protection is a perfect complement to biometricsproviding an adaptive AI tool that guards organizations against payment fraud, account takeovers, and many other transactional fraud threats.

With these technologies working in unison, the AI has an enriched data set to make better-informed decisions about when to use step-up authentication or flag a transaction or individual as suspicious. Gatekeeper identifies the human behind the transaction while Dynamics 365 examines the transaction itselfa powerful combination that delivers a unique offering in the fraud protection market.

Enhanced personalization

With biometric authentication, it is also much simpler to personalize customer engagements from the beginning; particularly with passive voice biometrics, where customers can be identified and their experience tailored within seconds as they explain their need to an agent or a conversational interactive voice response (IVR).

Voice biometrics solutions make it simpler to offer personalized service and specialized support to a variety of customers. For example, Telefnica, the leading Spanish telco needed a way to prioritize vulnerable customers at the start of the pandemic, when call volumes skyrocketed. It used voice biometrics to identify seniors based on numerous voice characteristics and route them directly to a priority service line, offering a more personalized experience for seniors who depend on Telefnica to keep them connected.

There is also an opportunity to create more personalized experiences for employees. Another exciting benefit of bringing Nuance and Microsoft products together on the Microsoft Digital Contact Center Platform is the integration between Gatekeeper and Azure Active Directory (Azure AD). Employees at many enterprises across the globe use Azure AD to log into their accounts every day, and that will become even simpler by using biometric authentication instead of usernames and passwords.

Create a more secure contact center

Our vision for the future of the digital contact center is one where biometric security is built into all customer engagements to streamline, personalize, and protect every interaction.

By integrating our products on a single platform, we are bringing that vision to life, empowering customer engagement teams to serve and sell more effectively and enabling fraud teams to detect and prevent more fraud.

Learn more about our contact center solution

Throughout this series, we have explored how to create engaging, personalized digital experiences, achieve superior self-service voice support, and build conversational AI applications with the protection of advanced biometric security solutions. This is the contact center of the future, made possible through the Microsoft Digital Contact Center Platform.

The post The AI-powered contact center, part 4: Enhance contact center security with biometric authentication appeared first on Microsoft Dynamics 365 Blog.

Brought to you by Dr. Ware, Microsoft Office 365 Silver Partner, Charleston SC.