by Contributed | Jul 1, 2021 | Technology
This article is contributed. See the original author and article here.
The pandemic has permanently changed how organizations of all sizes work. A substantial increase in hybrid and remote work has presented new compliance challenges, and organizations have responded by growing their compliance functions. A recent study shows that there were 257 average daily regulatory alerts across 190 countries in 2020 and keeping up with regulatory changes continues to be the top compliance challenge[1].
To help organizations simplify compliance and reduce risk, we built Microsoft Compliance Manager, generally available since September 2020. Compliance Manager translates complex regulatory requirements into specific recommended actions and makes them available through premium assessment templates, covering over 300 regulations and standards. By leveraging the universal mapping of actions and controls, premium assessment templates allow customers to comply with several requirements across multiple regulations or standards with one action, providing an efficient solution to manage overlapping compliance requirements. Premium assessment templates along with built-in workflows and continuous compliance updates allow organizations to constantly assess, monitor, and improve their compliance posture.
To meet customers where they are in their compliance journey, we are excited to announce that Compliance Manager premium assessment templates will no longer require a Microsoft 365 E5 or Office 365 E5 license as a prerequisite. This update enables all enterprise customers to assess compliance with the regulations most relevant to them and meet their unique compliance needs. Starting July 1st, 2021, all Enterprise customers, both commercial and government, can purchase premium assessment templates as long as they have any Microsoft 365 or Office 365 subscription. Customers who have already purchased a premium assessment template or are using the default templates included with their subscription will not experience any disruption or change. Customers with Microsoft 365 E1/E3 or Office 365 E1/E3 subscriptions will now be able to see the list of 300+ premium assessment templates in their tenants. The capability to create a new template, customize an existing template, or add customized actions to a given template will continue to require a Microsoft 365 E5 or Office 365 E5 subscription.
We look forward to hearing your feedback.
Get Started
Navigate to the Microsoft 365 compliance center or sign up for a Microsoft 365 E5 Compliance trial to get started with Compliance Manager premium assessments today! Compliance Manager premium assessment SKUs can be purchased in Microsoft admin center.
Learn more:
- Compliance Manager licensing details.
- List of premium assessment templates here.
- Learn more about Compliance Manager here.
Shilpa Bothra,
Product Marketing Manager
On behalf of the Compliance Manager team.
[1] Cost of Compliance, 2021, Thompson Reuters
by Contributed | Jul 1, 2021 | Technology
This article is contributed. See the original author and article here.
It’s been nearly two years since we first announced the July 31, 2021 retirement of Skype for Business Online. Hundreds of upgrade workshops and millions of successful Skype for Business Online to Teams transitions later, we’re closing in on this significant milestone.
With a month before service retirement, we encourage remaining Skype for Business Online customers to continue transitioning users and workloads to Teams. Here’s some additional guidance to help ensure a successful journey to Teams:
Microsoft-assisted Upgrades to Teams
Organizations that have not yet upgraded to Teams Only will be scheduled for Microsoft assisted upgrades to Teams to help with last-mile technical elements of the transition. Scheduling notifications are sent to tenant admins within the Microsoft 365 Message Center and Teams admin center 90 days before the date of the assisted upgrade. Even after scheduling, customers may still self-upgrade prior to the assisted upgrade date to better control the timing of their upgrade experience.
Assisted upgrades will begin in August 2021 with tenant-specific dates shared in the scheduling notifications mentioned above. Organizations that are scheduled for assisted upgrades after July 31, 2021 will be able to use Skype for Business Online until their upgrade is complete.
The assisted upgrade experience will differ slightly depending on whether organizations have a Skype for Business Online-only or a Skype for Business Online with hybrid environment.
- Skype for Business Online-only: The assisted upgrade process will apply the TeamsUpgradeOverridePolicy policy to the tenant. When this policy is applied, all Skype for Business Online users will be placed in Teams Only mode.
- Skype for Business Online users in hybrid environment: The assisted upgrade will only switch Skype for Business Online users to Teams Only mode if they’re not already in that mode. Skype for Business Server users won’t be impacted by the assisted upgrade process and will remain on-premises.
The duration of the upgrade will vary by volume of users and the characteristics of the deployment. In most cases, users within a tenant will be upgraded within 24 hours of the start of the upgrade. During this time, end users will still have access to Skype for Business Online functionality. Once the upgrade has completed and users sign out of Skype for Business Online, they’ll start using Teams for messaging, meetings, and calling. Post-upgrade, all new online users will be added in Teams Only mode.
Learn more about the post-upgrade experience.
Migrating Skype for Business Online Meetings and Contacts to Teams
Regardless of whether an organization manages all aspects of the upgrade or use the assisted process, our guidance includes steps to ensure meetings and contacts are successfully migrated from Skype for Business Online to Teams.
- Migrating Meetings Data to Teams: It’s important for customers with Skype for Business Online-only deployments to use the Meeting Migration Service (MMS) to migrate existing Skype for Business Online meetings to Teams meetings prior to the assisted upgrade date to avoid the potential for data loss. Learn more about how MMS works.
- Migrating Contacts to Teams: Existing contacts from Skype for Business Online including federated (but no distribution lists) will be migrated when users log into Teams for the first time. Users must take this step within 90 days of the completed upgrade.
Got that. What else?
Here are a few other things to know about the retirement of Skype for Business Online:
We’re here to help
The following upgrade resources are available to help enable a successful transition to Teams and prepare for the retirement of Skype for Business Online:
Organizations that have completed their transitions can attest to the transformational benefits Teams brings. And while the retirement of Skype for Business Online has us a little nostalgic, we can’t be more excited about how Teams helps our customers accomplish more across work, school, and life.
See you in Teams!
by Contributed | Jul 1, 2021 | Technology
This article is contributed. See the original author and article here.
Why?
In April, I showed how to unpack and repack Power Apps .msapp files of Canvas Apps in the blog post Power Apps Source Code file editing for Canvas Apps (microsoft.com) Using this functionality, we can view and edit the source code of Canvas Apps. In a recent announcement (Canvas source code tool integrated with Power Platform CLI | Microsoft Power Apps), Microsoft announced that the same functionalities are now available within the Power Platform VS Code Extension of Visual Studio Code!
This means that after installing this extension, we can do the same unpacking and packing without leaving Visual Studio Code.
What?
This posts will show how easy it is to use Visual Studio Code so we can unpack and (re)pack .msapp files of Canvas Apps:
How?
1) First install the Power Platform VS Code Extension in your Visual Studio Code Client using the Visual Studio Marketplace (Power Platform VS Code Extension – Visual Studio Marketplace).
2) After installing the extension a computer restart may be required. We can from this moment on, run commands from within Visual Studio using the built-in Terminal.
In my example I saved the text file with commands as a Power Shell file (.ps1). In this type of files, short cuts like F8 can be used to run selected commands:
Notice the improved commands where referencing (input and output) files is much easier now!
In the Marketplace screenshot above, you can see that the extension is in Preview at the moment.
Please be aware of this and read the announcement link above on how to report issues.
Originally published at Power Apps: source code edit for Canvas Apps in Visual Studio Code » Knowhere365
by Contributed | Jul 1, 2021 | Technology
This article is contributed. See the original author and article here.
ADF does not directly support copying a folder/multiple files from SharePoint Online, but there are workarounds to achieve this. Two additional steps needed here as compared to single file copy are:
- Get the list of files:
- User can maintain the file names in a text file manually, OR
- Use Web Activity to call SharePoint Rest API to get the list of files.
- ForEach Activity to loop the list of relative file names and pass the file name to Copy Activity (Base URL changes a bit as compared to single file copy)
Below is how the pipeline flow would look like:
Web1 – Get the access token from SPO
Web2 – Get the list of files from SPO folder
ForEach1 – Loop the list of file names
Copy1 – Copy data with HTTP connector as source
Step1:
Grab Access token from SPO
Copy file from SharePoint Online leverages AAD/service principal authentication and SharePoint API to retrieve files.
- Register SharePoint Application and Grant permission – https://docs.microsoft.com/en-us/azure/storage/common/storage-auth-aad-app?tabs=dotnet#register-your-application-with-an-azure-ad-tenant
a) Register AAD Application
- On Azure Portal, go to AAD app registration page: https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/RegisteredApps
- New Registration à Enter your App name
- Go to “Certificates & secrets”, create new client secret, you can set the expire to 1Y/2Y/Never
b) Grant SharePoint site permission to your registered App (need site owner permission on SharePoint)
Full details on how to register app and also granting permissions is mentioned in prerequisites here – https://docs.microsoft.com/en-us/azure/data-factory/connector-sharepoint-online-list#prerequisites
c) Create an ADF Pipeline. Start with creating a Web Activity to get the access token
Headers:
- Content-Type: application/x-www-form-urlencoded
- Body: grant_type=client_credentials&client_id=[Client-ID]@[Tenant-ID]&client_secret=[Client-Secret]&resource=00000003-0000-0ff1-ce00-000000000000/[Tenant-Name].sharepoint.com@[Tenant-ID]
Debug run to check if the activity succeeds and also check the activity output to see if it returns the access token in the payload. You can also verify the same using Postman client to check if the token is valid.
Step 2:
Get the list of Files
- Create another Web Activity to get the list of files
Headers:
- Authorization: @{concat(‘Bearer ‘, activity(‘WebActivity1Name’).output.access_token)}
- Accept: application/json
Debug run to see if the activity succeeds, and check it shows the list of files under the folder in the output.
Step 3:
Loop the list of relative file names
- Create a ForEach Activity with inner Copy activity
- Items: @activity(‘WebActivity2Name’).output.value
Step 4:
Create Copy activity
- New dataset -> HTTP -> Binary type:
a) HTTP linked service
b) Configure copy activity HTTP source
Dataset properties:
- Name: RelativeURL (Any name)
- Value: @{item().ServerRelativeUrl}
- Request method: GET
- Additional header: “Authorization: Bearer <accessToken>” (accessToken is generated in Step1)
Tip: You can test with a static access token gotten from the previous Web activity output first. You can also use expression (add dynamic content): @{concat(‘Authorization: Bearer ‘,activity(‘WebActivityName’).output.access_token)}
c) Configure Linked Service properties
- Name: FileName (Any Name)
- Value: @dataset().RelativeURL
2. Create Copy sink as below
Successful pipeline run as follows:
Thanks to @Jijo Puthooran for helping me in authoring this blog.
by Contributed | Jul 1, 2021 | Technology
This article is contributed. See the original author and article here.
Hello everyone,
Continuing our normalization journey, we added to the networking and DNS schemas the Authentication, Process Events, and Registry Events schemas and delivered normalized content based on the two. We also added ARM template deployment and support for Microsoft Defender for Endpoints to the Network Schema.
Special thanks to @Yuval Naor , @Yaron Fruchtmann , and @Batami Gold , who made all this possible.
Why should you care?
- Cross source detection: Normalized Authentication analytic rules work across sources, on-prem and cloud, now detecting attacks such as brute force or impossible travel across systems including Okta, AWS, and Azure.
- Source agnostic rules: process event analytics support any source that a customer may use to bring in the data, including Defender for Endpoint, Windows Events, and Sysmon. We are ready to add Sysmon for Linux and WEF once released!
- EDR support: Process, Registry, Network, and Authentication consist the core of EDR event telemetry.
- Ease of use: The Network Schema introduced last year is now easier to use with a single-click ARM template deployment.
Deploy the Authentication, Process Events, Registry Events, or Network Session parser packs in a single click using ARM templates.
Join us to learn more about the Azure Sentinel information model in two webinars:
- The Information Model: Understanding Normalization in Azure Sentinel
- Deep Dive into Azure Sentinel Normalizing Parsers and Normalized Content
Why normalization, and what is the Azure Sentinel Information Model?
Working with various data types and tables together presents a challenge. You must become familiar with many different data types and schemas, write and use a unique set of analytics rules, workbooks, and hunting queries for each, even for those that share commonalities (for example, DNS servers). Correlation between the different data types necessary for investigation and hunting is also tricky.
The Azure Sentinel Information Model (ASIM) provides a seamless experience for handling various sources in uniform, normalized views. ASIM aligns with the Open-Source Security Events Metadata (OSSEM) common information model, promoting vendor agnostic, industry-wide normalization. ASIM:
- Allows source agnostic content and solutions
- Simplifies analyst use of the data in sentinel workspaces
The current implementation is based on query time normalization using KQL functions. And includes the following:
- Normalized schemas cover standard sets of predictable event types that are easy to work with and build unified capabilities. The schema defines which fields should represent an event, a normalized column naming convention, and a standard format for the field values.
- Parsers map existing data to the normalized schemas. Parsers are implemented using KQL functions.
- Content for each normalized schema includes analytics rules, workbooks, hunting queries, and additional content. This content works on any normalized data without the need to create source-specific content.
|
|
|
Ofer Shezaf
Principal Product Manager, Azure Sentinel
|
Recent Comments