Released: March 2021 Quarterly Exchange Updates

by Contributed | Mar 16, 2021 | Technology

This article is contributed. See the original author and article here.

Today we are announcing the availability of quarterly servicing cumulative updates (CUs) for Exchange Server 2016 and Exchange Server 2019. These CUs include fixes for customer reported issues as well as all previously released security updates. Although we mentioned in a previous announcement that this release would be the final cumulative update for Exchange 2016, we do expect to release one more CU for Exchange 2016 next quarter which will includes all fixes made for customer reported and accepted issues received before the end of mainstream support.

A full list of fixes is contained in the KB article for each CU, but we wanted to highlight that these latest CUs contain the fixes that were previously released as Exchange Server Security Updates on March 2, 2021. This means you don’t have to install the March 2021 Security Updates after installing the March 2021 CUs.

Release Details

The KB articles that describe the fixes in each release and product downloads are as follows:

• Exchange Server 2019 Cumulative Update 9 (KB4602570), VLSC Download


• Exchange Server 2016 Cumulative Update 20 (KB4602569), Download, UM Lang Packs

Additional Information

Microsoft recommends all customers test the deployment of any update in their lab environment to determine the proper installation process for your production environment. These updates contain schema and directory changes and so require you prepare Active Directory (AD) and all domains. You can find more information on that process here.

Also, to prevent installation issues you should ensure that the Windows PowerShell Script Execution Policy is set to Unrestricted on the server being upgraded or installed. To verify the policy settings, run the Get-ExecutionPolicy cmdlet from PowerShell on the machine being upgraded. If the policies are NOT set to Unrestricted you should use these resolution steps to adjust the settings.

Additionally, a reminder that if you plan to install any Cumulative Update using the unattended option with either PowerShell or Command Prompt, make sure you specify either the full path to the setup.exe file or use a “.” in front of the command if you are running it directly from directory containing the update. If you do not the Exchange Server Setup program may indicate that it completed successfully when it did not. Read more here.

Reminder: Customers in hybrid deployments where Exchange is deployed on-premises and in the cloud, and those using Exchange Online Archiving with their on-premises Exchange deployment are required to deploy the currently supported CU for the product version in use.

For the latest information on the Exchange Server and product announcements please see What’s New in Exchange Server and Exchange Server Release Notes.

Note: Documentation may not be fully available at the time this post is published.

The Exchange Server team

Starting your information governance and records management journey

by Contributed | Mar 16, 2021 | Technology

This article is contributed. See the original author and article here.

(VOICES OF DATA PROTECTION – Episode 4)

Host:  Bhavanesh Rengarajan – Principal Program Manager, Microsoft

Guest:  Vivek Bhatt – CTO, Infotechtion

The following conversation is adapted from transcripts of Episode 4 of the Voices of Data Protection podcast.  There may be slight edits in order to make this conversation easier for readers to follow along.

This podcast features the leaders, program managers from Microsoft and experts from the industry to share details about the latest solutions and processes to help you manage your data, keep it safe and stay compliant.  If you prefer to listen to the audio of this podcast instead, please visit:  aka.ms/voicesofdataprotection

BHAVANESH: Welcome to Voices on Data Protection. I’m your host, Bhavanesh Rengarajan, and I am a Principal Program Manager at Microsoft.  Vivek, why don’t you give us a quick introduction about yourself?

VIVEK: I’m the CTO for Infotechtion, a Microsoft partner consulting firm. We specialize in information protection and governance solutions for Microsoft 365 and beyond.

A bit of a background for me, I started my professional career in software development in Microsoft Technologies and then leveraged that experience to transition into kind of more defining business solutions strategies. And the last decade has really been a focus area on information governance solutions, especially working with Microsoft team, engineering team and joint customers and advising them on what’s the best way to transition to managing information effectively, especially as they have been moving in the last decade from more paper-based solutions to more digital and cloud-based solutions.

BHAVANESH: So, Vivek, one question that we are asked all the time is, “Where do I start in my information governance or records management journey, and where should I get to and where do I need to be and how does organization scale and developer roadmap for implementation?” Could you kind of put everything in a nutshell for this audience?

VIVEK: Yeah, thank you. I get that question a lot. And my experience, the starting point is it’s really always your goal before you start the journeys. Before you set the direction of your travel, you need to know where you’re going. And a key aspect of that goal definition is to really outline the strategic, operational, and legal benefits which will ultimately deliver value to your business. And in that regards, you you’re looking at clearly defined goals, which is essential to confirm whether your governance initiative is set to travel in the right direction or not.

And for me, a good test is always when you when you define your governance goals, is whether those governance goals support your business or corporate goals or not. If they do, then that’s the best place to be and that’s the best starting point.

The second step, you really want to develop a minimum viable product definition or what we call as an MVP. And that MVP is really based on your goals, your business use cases and what your key success factors are.

Information governance is a very wide space and organizations can spend multiple years to actually implement it. And so, it’s very key to start defining what’s your benchmark, what are you trying to achieve as a first step, and in that an MVP definition is a clear benefit.

In that regard we focus on documenting business use cases instead of technology requirements. We really want to ensure that the governance program is enabling staff to excel at work instead of creating a change fatigue because we are just deploying another technology for them. We really want to make it contextual for them.

And the third step is really to develop then a roadmap that quickly delivers value for them. Plan your roadmap with focus on priorities to showcase the value and turn your users into champions. And then through those users and which have become your champions, you further penetrate the adoption of governance into your organization. And you can actually do that by involving your users in proof of concepts to verify the technology solution and really learn from that experience to improve your roadmap.

The advantage is, once you have adopted the culture and collective information governance mindsets are fantastic, and we have seen practical examples of how effective governance has enabled organizations to gain competitive edge and advantage and manage their compliance commitments.

BHAVANESH:  Vivek, over the last six to eight months, a lot of organizations have moved all their working to over the remote work locations and they want to begin this information governance journey as well.  For such organizations, it’s a journey which could span years before you can start and understand the processes behind it. What would it be the right first step to take in this information governance journey?

VIVEK: That’s a really good question and that’s where we also want organizations to get started with, with their journey.

And something going back to my previous point is goals are important and identify your top priority. Where do you want to actually focus on and where are you expected to gain the maximum value out of it? Is it compliance? Is it protecting data value leakage? Is it protecting information from sharing externally? And really, we can tie those into some specific implementations which can really quickly apply some governance capabilities into it.

For example, one of the customers that we’ve been working with is going through a rapid digital transformation, as a lot of companies have gone through, and one of their concerns is that as they’re going through with the Teams deployment. They want to control how Teams is created, how people are sharing information and actually put some controls on that doesn’t add any additional burden on the users on taking the responsibility of sharing the right thing.

We don’t talk about records management with them, but from a governance point of view, we really take the priority in terms of how Teams are provisioned, how metadata is provisioned to Teams, and how information protection controls are applied, so that the users, when they work with the information, the system automatically knows and understands those rules and actually applies accordingly and prevents users from making some mistakes.

BHAVANESH: So, what I’m hearing you say is that we’ve had a few other episodes with various other industry leaders from Microsoft and the industry. What I’ve heard them say is that when you are establishing a particular product in your organization, deploying Teams, I think there is a governance aspect to it and there is a protection aspect to it.  They both basically go hand-in-hand.

VIVEK: Indeed. And so, behind the scenes, they might be different technologies, but from an end user point of view, we really don’t want to talk about different or discrete technologies. It really is about protecting and applying governance to the information that you deal with. And whether behind the scenes that gets applied using sensitivity labels or some other components, such as data loss prevention or insider risk, we bring those all together to solve a collective problem.

BHAVANESH: And do you see the personas as the same people in organization doing both the information protection and governance, or are they split apart?

VIVEK: Traditionally, it’s been all fragmented and different teams have been responsible for, for example, protection of information has very much traditionally been the responsibility of information risk management teams, whereas governance has fallen into the hands of ethics and compliance, e-discovery and litigation teams.

But I am definitely seeing a shift and in some of our customers where we are actually driving that shift is really moving away from that mindset and looking at information governance as a holistic product, so really taking people away from a project-based mindset to a product-based mindset where information governance has the core concepts, capabilities and it serves a collective purpose rather than applying discrete solutions and different solutions to solve specific problems.

BHAVANESH: The next thing is the implementation itself, that goes beyond a lot of processes. You also need to bring people and employees into the full picture, right? What have been some of the best practices that you’ve learned on how to approach this successfully?

VIVEK: That actually has been one of the hardest parts of actually going with through information. And especially when I say information governance, we’ve all been doing information governance for several years, but it really is the modernization of information governance has really been quite a big shift and a behavior change within organizations.

For me, it’s always important to know your customers. And when you say, know your customers, it’s about identifying where the leadership stands on information governance. Do you have the right support from leadership on the value information governance is going to deliver? Identify potential adoption blockers and find a way to turn them into your champions.

As part of the implementation, I’ve seen that the technology has improved quite significantly, and governance programs are no longer technology-led programs. They’re all business-led programs. It’s all about delivering business value. And technology is really a key enabler in that process. Having a strong multi-marketing and engagement strategy is essential, is a big part of governance programs.

Because an information governance program impacts and enables everyone in the organization, you will need an engaging marketing plan and active change network to carry your message to your users and actually find a way to consistently communicate that message, not just during the implementation, but find a mechanism and a structure through which that communication continues to flow because information, governance, the principles, the definitions, and the landscape is constantly evolving.

I think in that space I see things like leveraging technology to enable the change is a very, very key enabler. Technology is a key enabler for adoption as the way I see it. The outcome is truly beautiful when technology is implemented to solve real life issues.

We’ve gone to great lengths to apply technology to assist and make it easy as possible for users to adopt the changes. And there are again some great examples where Microsoft governance is integrated seamlessly with business processes, almost working behind the scenes, yet making a positive impact to their business outcomes.

BHAVANESH: It’s actually good to know, Vivek, because the way in which we are also approaching this problem statement is we are putting the business users ahead of the IT crowd because they are the ones who are making the decision and trying to basically bring the data across them.

When you said, know your customers, at the end of the day, for the customers, they need to understand about the data. We have this pillar called ‘Know Your Data’, which basically brings it out to the customer to tell them exactly how all their datasets get classified in the organization. So, we are heavily pivoting on trying to bring that insight out to the customer, saying, okay, you have so many documents which contain Social Security number or credit card number, and how many of these are unlabeled and how many of these are basically protected by the right DLP policies and how many of these are guarded by the right retention policies? We are thinking about that.

The second part over here is you have the protection and the governance working on it, so we have the right protection policies and governance policies that you can apply on it.

And last but not the least, you need to have the right monitoring capability because life is not always green, some things go wrong. So, you need to have the right capabilities and you can try to go and figure out what are the activities which could lead to some sort of a data leak or a risk or some sort of an issue with not retaining the content for the right amount of time. We need to provide those abilities to our administrator as well.

BHAVANESH: I think that’s a great example of knowing your customer through your data. And I see that ‘Know Your Data’ capability or the analytics capabilities are a great way to actually understand the customer and understand the behaviors and the changes that we need to include, and we should include in our marketing and adoption strategies to make sure that the message is actually well received by the customers.

What have been some of the best practices from a development and deployment point of view that you’ve seen from organizations who you’ve worked with closely?

VIVEK: I’ve been playing this role for many years in multiple projects and I’ve kind of played the role of design authority in that space to really develop some of the best practices, and especially from an implementation point of view, not just from a technology implementation, but the best practices as regards to how that piece of technology should be explained to the end user so that it is seamless and it works part of their business processes rather than something in addition to what they do today. And so, my advice would be to always take time to set up and survey the landscape properly and its complexities.

And coming back to your point, it’s about knowing your data, right? So, know your data, know your complexities, know what customizations exist because they do exist, and people do customized things and configure things and are actually very specific to them and there is a personal attachment to it. We want to understand all of those behavioral aspects and make sure that we are not breaking those by deploying the new change in behaviors.

I absolutely believe that architecture is a key foundation to any solution strategy, and so working with different architectural teams, including Microsoft, to ensure that the governance capabilities, the protection capabilities are actually implemented in the way that they are intended to be. So, always work with the experts and actually really develop a blueprint or a solution foundation.

I think what we’re seeing now is a day and age that automation, machine learning is actually becoming reality, and we are seeing some great examples of how machine learning is actually solving real life problems.

And so absolutely proactively seek automation options, not only to actually solve business problems, but it actually helps us simplify, repeat tasks, and enable our teams to focus on important activities than doing tasks which can actually be done by a simple script or an automation script, right?

And finally, one of the best practices that I’ve followed is that technology will always have constraints and will always have challenges, and it’s always evolving. So, understanding the roadmap and adopting a fail fast approach is always really efficient because it helps us quickly learn and adjust our solutions strategy. The technology might not be available today, but if we know and if we understand what the roadmap for technology is, then our business is much more accepting of the current solution.

BHAVANESH: Okay, so the way in which I see it is it’s not a one-way street, it’s more a cycle. You’re going to keep coming back to it.

VIVEK: No, indeed it’s not. I mean, those days are gone that you would implement a piece of software and then forget about it for five years until there is the next upgrade. Change is constant. We don’t see that anymore as a single project implementation activity, it’s a continuous change.

Anything that we do and any implementation that we do has to evolve as part of the evolving technology and also the evolving landscape, which is not just technology, environmental landscape, business landscape and the risk that the businesses are carrying these days.

BHAVANESH: Yeah, we here in Microsoft, as we do with you folks, as well as design partners, so we have a customer experience team wherein we reach out to a lot of customers. We have these regular surveys happening because the needs keep shifting every quarter. So, we kind of get in touch with a lot of our customers, understand exactly where they are in their journey and what is that they really would like from Microsoft, right? And we prioritize and start developing.

The days are gone where we are into a box and trying to develop things for a couple of years and shift it and what we are doing is every quarter or every half year, we are reaching out to the customers, understanding their priority because those keep switching and then trying to adopt a roadmap according to that.

So that has been one of our core areas wherein we’ve spent a lot of our time over the last year or so and we hope to make that process better, so I think with an intent that people get to learn about this more and try to reach out to us and we can include them in that community wherein you’re giving constant feedback, what you need at the end of the day. and try to see how we can prioritize and ship the same thing for you.

VIVEK: I think that really has been one of the significant shifts that I’ve seen in the past five, six years in that shift of change of relationship from being a vendor to customer is to really being in partnership, not just between Microsoft and Microsoft customers, but even for us, it really is about being in a partnership with customers and actually listening to them and it’s no longer a one-way discussion. It really is a circular discussion of continuous feedback and learning from each other.

BHAVANESH:  With that, Vivek, before we close out the session, so let’s kind of do a quickfire exercise. Let me throw some terms at you and why don’t you tell me what comes into your head, first?  Information governance?

VIVEK: Oh, don’t wait. Start practicing right now.

BHAVANESH: Defensibility.

VIVEK: I think essential to stay relevant right now and stay competitive.

BHAVANESH: Collaboration on records.  I’m biased here. Advanced versioning.

VIVEK: Puts an end to copies and broken hyperlinks.

BHAVANESH: Retention schedule.

VIVEK: Just keep them simple. Don’t complicate them.

BHAVANESH: And Microsoft 365 podcast.

VIVEK: I think we should do it again. It was good fun. Thank you.

To learn more about this episode of the Voices of Data Protection podcast, visit:  https://aka.ms/voicesofdataprotection.

For more on Microsoft Information Protection & Governance, click here.

To subscribe to the Microsoft Security YouTube channel, click here.

Follow Microsoft Security on Twitter and LinkedIn.

Keep in touch with Bhavanesh on LinkedIn.

Keep in touch with Vivek on LinkedIn.

Drive Business Outcomes For IoT Projects With Azure IoT and Infiot

by Contributed | Mar 16, 2021 | Technology

This article is contributed. See the original author and article here.

Azure IoT is a leading platform of choice for organizations to develop applications and extract value from their sensor data. In order to do that, we need efficient tools and services that can help extract, collect, and understand relevant data to the Azure IoT platform from a variety of sensors from devices located on the edge. 

Azure IoT Edge allows parts of AI, machine learning, advanced analytics, and other workloads that have traditionally been run in the cloud to be offloaded to on-prem IoT devices. Additionally, the runtime implements many of the mundane tasks required to create any IoT device (provisioning, secret integration with HSM, and observability) so that developers can concentrate on the business logic being run by the device. Even with these benefits, other aspects of IoT solutions are still pushed on to customers.

Orchestrating deployment of Azure IoT Edge on devices, managing the hardware, or ensuring secure and consistent data delivery from the sensors on to Azure IoT Hub are all areas that extend the development of IoT solutions. Customers need robust end-to-end IoT edge lifecycle management with orchestration optimized to scale their IoT deployments, and the ability to route relevant data securely and efficiently to both Azure IoT and on-prem. 

Infiot’s integration with Azure IoT delivers relevant capabilities to more quickly unleash the power of Azure IoT at scale. With Infiot and Microsoft together, the solution unlocks value from IoT sensor data by solving the challenges of provisioning and securing IoT Edge devices, deploying applications, and accelerating the transmission and collection of data headed to Azure IoT Hub and enables capabilities like analytics and machine learning. The solution offers the following:

• Azure IoT Edge Runtime Deployed on : Customers benefit from complete life-cycle of container management for Azure IoT Edge Runtime and service modules on edges with policy based workflows.


• Automated Azure IoT Hub Connectivity: With API integration, Azure IoT Edge devices automatically connect to Azure IoT Hub and IoT devices are auto provisioned in the IoT Hub via Device Provisioning Service, making scalability simple and straightforward.


• Zero Trust Security: Comprehensive security functionality based on zero trust models safeguards IoT traffic from sensor devices to Azure IoT cloud services. 


• Infiot Private Access: IoT devices can easily be accessed securely from anywhere with remote maintenance and troubleshooting with Infiot Private Access.


• Ruggedized Form Factor: Automated connectivity to Azure IoT Edge runtime deployed on Infiot ruggedized edges to Azure IoT cloud over wired or wireless (LTE/5G) WAN with complete link visibility and insights. 


• Infiot Store and Forward: Upon blackout conditions, Infiot’s thin, wireless ruggedized edges locally store telemetry data bound for Azure IoT Hub. Once connectivity is restored, locally stored messages are delivered to IoT Hub. 

Infiot Intelligent Access is ideal for all IoT deployments requiring converged connectivity, zero trust security, and edge compute, connecting IoT devices over LTE and 5G cellular networks, and addressing the challenges of most IoT projects around complexity and efficiency. Infiot thin, wireless ruggedized edge devices collect data from various assets and sensors running on a wide spectrum of protocols, govern data ownership, and send the right data to the right place by the right personnel – enabling deploying and managing hundreds of Azure IoT Edge devices at scale.

To learn more, please visit: https://www.infiot.com/azure-iot/