by Contributed | Feb 16, 2023 | Technology
This article is contributed. See the original author and article here.
offers a huge library of written content, including technical documentation and paths. But what if you need something a little more visual and demonstrative while learning new skills? Enter Microsoft Learn’s vast collection of video content.
Whether you’re searching for a walk-through of Azure or wanting to know the newest trends within the tech world, Microsoft Learn offers a wide variety of unique video content. Produced as both stand-alone how-tos and episodic shows on Microsoft Learn, videos will help you attain new skills and knowledge while keeping up with the latest Microsoft technology.
Although Microsoft Learn offers content that fits learners at every stage of their journey, these seven videos can help new users take the first step towards achieving their learning goals.
1.
2. Exam Readiness Zone
If you need to prepare for a Microsoft Certification exam and you don’t know where to begin, check out this show that offers study tips, content overviews, and sample questions and answers for each featured exam.
Watch now
3. FastTrack for Azure Learn Live Series
Interact with Microsoft Azure engineers in real-time via livestreams. Geared towards helping you migrate or initiate new workloads in Azure, this series will give you added confidence when preparing for highly technical implementations.
Watch now
4. The Low Code Revolution
Learn how to develop and optimize applications and processes with Microsoft Power Platform direct from industry experts. Focused on low code solutions, this series is a great resource for developers of all backgrounds.
Watch now
5.
Catch up on the latest trends and news snippets within the developer community in this engaging and informative series. Watch highlights of interesting projects and discover tips and tricks for developers of all backgrounds and skillsets.
Watch now
6. Microsoft Graph Fundamentals
This multi-part series introduces Microsoft Graph basics. Best of all, it features interactive exercises that showcase how to use Microsoft Graph for connecting Microsoft 365 data with app development platforms.
Watch now
7. The AI Show
Learn about what’s new in artificial intelligence in this Friday evening series. Watch as host, Seth Juarez, works on machine learning and AI projects while offering tips for getting started on your own.
Watch now
you’re looking for a live demonstration of complex skills or a last-minute knowledge check before a certification exam, videos on Microsoft Learn are here to help. Check out what’s available today!
Explore shows on Microsoft Learn
Watch on-demand events
by Contributed | Feb 16, 2023 | Business, Microsoft 365, Technology
This article is contributed. See the original author and article here.
Despite living in a connected world, the way we use our apps can often feel distinctly disconnected. Today, we’re announcing a new way to help you stay focused with help from two Microsoft apps that many people use daily and consistently together—the classic Microsoft Outlook app on Windows and the Microsoft Edge web browser.
The post Discover new ways to multitask with Microsoft 365 and Edge appeared first on Microsoft 365 Blog.
Brought to you by Dr. Ware, Microsoft Office 365 Silver Partner, Charleston SC.
by Contributed | Feb 15, 2023 | Technology
This article is contributed. See the original author and article here.
It is common that IT personnel tasked with monitoring the health and performance of database systems be given very high privileges such as SQL sysadmin. This enables them to do their job but comes with significant risks. Those privileges enable them to read or modify the data that other users in the organization store in those databases. That data is commonly referred to as “user data”. Sometimes user data can be very sensitive, for example, the consolidated financial information of a public company prior to being disclosed in an earnings report, a technological achievement that gives the company a competitive edge, and customer or employee information that must be protected to comply with privacy regulations. Sensitive data may be leaked or tampered with because of malicious intentions or simply poor security practices. When that happens, the company usually suffers financial damage and litigation against its officers.
Microsoft Purview DevOps policies support the Principle of Least Privilege (PoLP), which simply states that people should be given only the minimum access they need to be able to perform their job and no more. DevOps policies address the scenario of IT personnel tasked with monitoring the health and performance of database systems. This article showcases the experience for Azure SQL Managed Instance, the newest source supported for DevOps policies (soon to enter private preview). Azure SQL Database and SQL Server 2022 are already supported, and the configuration steps are linked at the end.
First, register the Azure SQL MI in Microsoft Purview and enable Data use management. This means consenting that you would like to use Microsoft Purview to grant users access to the Azure SQL MI.
Second, navigate to the Data Policy App in Microsoft Purview and then to DevOps policies. Create a policy, selecting the Azure SQL MI data source in the prior step. Once you do that, the Data resource path will show <subscription name > resource-group name > data source name>. Next, select one of two role definitions “SQL Performance Monitor” or “SQL Security Auditor”. Finally, select the Add/remove subjects to specify the Azure AD user(s) or group(s) that should be granted access:
Once you save the policy, Microsoft Purview will communicate it to the Azure SQL MI. It may take up to 5 minutes to be enforced.
To test, you can use SSMS. Connect with one of the AAD users that was granted access and then execute a query to get system metadata (DMVs and DMFs). For example, SQL Performance Monitor grants access to see the virtual file stats or the wait times. SQL Security Auditor grants access to see database encryption keys. An IT user granted SQL Performance monitor user should be able to perform the operations:
Next, try accessing a table in one of the databases. The IT user is denied, which means the crown jewels are protected.
Recommended steps:
- DevOps policies for Azure SQL MI (Private Preview): Click here to test-drive this new experience. Note, your Microsoft Purview account and Azure SQLM MI will be allow-listed after you enroll.
- DevOps policies for Azure SQL Database (Public Preview) and SQL Server 2022 (GA):
by Contributed | Feb 14, 2023 | Technology
This article is contributed. See the original author and article here.
Introducing the New Post-delivery Activities Report in Microsoft Defender for Office 365
Attackers are always evolving to adapt to the newest protections enacted by security teams and the products they rely on. Today, attackers frequently attempt to bypass security tools by sending messages that only become malicious after they have been delivered. This requires a robust post-delivery detection and response mechanism. In this blog, we will explore the evolution of an attack, how Defender for Office 365 provides out of the box post-delivery protection, and how you can see this value for your organization. Today we’re announcing a new report in Microsoft Defender for Office 365 that highlights messages that have been acted upon or moved by Microsoft after they have been delivered to the inbox.
Post-delivery activities
Before diving into this new report, we want to start by covering post-delivery activities – what they are and how they work in Defender for Office 365.
How do attacks land in the mailbox?
Threat actors work on the fact that they can send messages and weaponize them later. Attackers frequently send messages with an inactive URL which won’t be detected at time of delivery, and once the messages have been delivered to inboxes, the URLs are then weaponized. This puts your end users at risk of credential theft and your organization at risk of a widespread attack. Threats can also be reclassified post-delivery, based on this weaponization by attackers.
That’s where Zero-Hour Auto Purge (ZAP) comes in to protect your organization from these types of attacks. ZAP is powered by Microsoft’s advanced security graph to detect and neutralize threats. ZAP is constantly reviewing your messages to identify and neutralize these threats.
How does Defender for Office 365 detect and respond to these attacks?
Microsoft Defender for Office 365 includes ZAP, a post-delivery activity which acts on malicious messages after delivery. Upon identifying a malicious Indicator of Compromise (IoC), ZAP can find all messages in user mailboxes that contain the malicious IOC. Once the messages are identified, ZAP acts on the message based on the specific policy action, securing your end users and your organization. With secure by default, our filtering will keep many potentially dangerous or unwanted messages out of your mailboxes. The secure by default feature enables malware and high confidence phishing messages detected post-delivery to be sent to quarantine by ZAP, with no additional configurations required.
ZAP receives signals from our advanced security graph and utilizes this threat intelligence to remove malicious messages from the inbox, providing out of the box post-delivery protection for all customers. And this isn’t just for Defender for Office 365 customers; we provide ZAP actions for all Microsoft email services, including Exchange Online Protection and even Outlook.com consumer accounts. The quick system-driven actions reduce the exposure time of your end users, securing your organization in a timely and effective way. There is no need for any admin intervention to identify and trigger an action. Upon detection of the malicious content, ZAP removes the message from the inbox.
Post-delivery protection with ZAP
Where can I review messages that were neutralized by ZAP?
With our Microsoft Defender for Office 365 P2 and E5 licenses, you can review messages that are neutralized by ZAP within Advanced Hunting and Threat Explorer. You can learn more here.
Introducing the new Post-delivery activity report
We’ve heard customer feedback that understanding when ZAP took action can be challenging. As a result, we’re happy to announce the launch of a new Post-delivery activity report. The report will display all the ZAP events that occurred in your organization. If the verdict assigned to a message has been changed, the new report will display this updated data, making it easier to investigate the messages.
You can find the Post-delivery activities report under Email & collaboration reports.
Figure 1: Access the Post-delivery activities report under Email & collaboration reports
Figure 2: Post-delivery activities report
From the report, you have direct access to the email entity side panel to review additional information about the message:
Figure 3: Access the email entity summary panel from the report view
Learn more about the report by viewing our documentation.
You can use the following PowerShell cmdlets to access the report information for your organization.
- GetAggregateZapReport
- GetDetailZapReport
You can learn more about these PowerShell cmdlets here.
If you are part of a Security Operations team or a Cyber Threat Intelligence team, get started by navigating to security.microsoft.com/reports/PostDeliveryActivities, to review the messages we have blocked in your organization post-delivery.
For questions or feedback about Microsoft Defender for Office 365, engage with the community and Microsoft experts in the Defender for Office 365 forum.
by Contributed | Feb 13, 2023 | Technology
This article is contributed. See the original author and article here.
Today, we got a question where our customer asked that if using ApplicationIntent=ReadWrite with an user with db_datareader permision, the results of DATABASEPROPERTYEX(DB_NAME(), ‘Updateability’) will be affected or not.
In this situation, let’s try to create a business critical database with readscale out enabled and create the following user. Right now, the answer is not affected.
create user UserName with password = 'PasswordX2X3X1!'
alter role db_datareader add member UserName
Once we have established the connection using SQL SERVER Management Studio using this user and execute the query
SELECT DATABASEPROPERTYEX(DB_NAME(), 'Updateability');
The results will be:
However, using applicationIntent=Readonly with the same user the results will be the expected one:
Additionaly, I would like to share an article that explain the behaviour when we are using Transparent Failover Group and ApplicationIntent at the same time – Lesson Learned #131: ReadScale Out and Failover Group – Microsoft Community Hub
Enjoy!
Recent Comments