Quadra

Office 365 is the fastest growing SaaS offering globally. It is also the most targeted by hackers today as phishing and Ransomware transform into business models in the Dark Web world. Breaches come from emails and misused identities and the attacks only accelerate by the minute. It is high time that Office 365 admins hack-proof their environments – and it is possible with the tools available from Microsoft – tools for studying, analyzing, warning and preventing attacks and plugging vulnerabilities.

The recent Wannacry ransomware attack has created a sense of panic among enterprises using Office 365; remember other cloud services too, are not immune to hacking attacks. Attackers use Social engineering to gain access to the victim’s identity, data and device. It is a security attack vector that involves tricking someone into breaking normal security procedures.

A social engineer runs what used to be called a "con game." Techniques such as appeal to vanity, appeal to authority and appeal to greed are often used in social engineering attacks. Many social engineering exploits simply rely on people's willingness to be helpful. For example, the attacker might pretend to be a co-worker who has some kind of urgent problem that requires access to additional network resources.  

Popular types of social engineering attacks include:

• Baiting: Baiting is when an attacker leaves a malware-infected physical device, such as a USB flash drive in a place it is sure to be found. The finder then picks up the device and loads it onto his or her computer, unintentionally installing the malware.
• Phishing: Phishing is when a malicious party sends a fraudulent email disguised as a legitimate email, often purporting to be from a trusted source. The message is meant to trick the recipient into sharing personal or financial information or clicking on a link that installs malware.
• Spear phishing: Spear phishing is like phishing, but tailored for a specific individual or organization.
• Pretexting: Pretexting is when one party lies to another to gain access to privileged data. For example, a pretexting scam could involve an attacker who pretends to need personal or financial data in order to confirm the identity of the recipient.
• Scareware: Scareware involves tricking the victim into thinking his computer is infected with malware or has inadvertently downloaded illegal content. The attacker then offers the victim a solution that will fix the bogus problem; in reality, the victim is simply tricked into downloading and installing the attacker's malware.

Security experts recommend that IT departments regularly carry out penetration tests that use social engineering techniques. This will help administrators learn which types of users pose the most risk for specific types of attacks while also identifying which employees require additional training. Security awareness training can go a long way towards preventing social engineering attacks. If people know what forms social engineering attacks are likely to take, they will be less likely to become victims.

Fortunately, Microsoft provides enough tools to protect its users and especially Office 365 subscribers from such attacks.

Exchange Online Protection (EOP)

Microsoft Exchange Online Protection (EOP) is a cloud-based email filtering service that helps protect your organization against spam and malware, and includes features to safeguard your organization from messaging-policy violations. EOP can simplify the management of your messaging environment and alleviate many of the burdens that come with maintaining on-premises hardware and software.

As a part of Microsoft Exchange Online   By default, EOP protects Microsoft Exchange Online cloud-hosted mailboxes. Exchange Online Protection provides protection against malicious links by scanning content.

Advanced Threat Protection (ATP)

• Securing mailboxes - With Exchange Online Advanced Threat Protection, admins can protect mailboxes against new, sophisticated attacks in real time. By protecting against unsafe attachments and expanding protection against malicious links, it complements the security features of Exchange Online Protection to provide better zero-day protection.
• Protection against Unsafe Attachments - With Safe Attachments, admins can prevent malicious attachments from impacting the messaging environment, even if their signatures are not known. All suspicious content goes through a real-time behavioral malware analysis that uses machine learning techniques to evaluate the content for suspicious activity. 
• Unsafe attachments are sandboxed in a detonation chamber before being sent to recipients. The advantage is a malware free and cleaner inbox with better zero-day attack protection.
• Protection of the environment when users click malicious links - Safe Links expands on EOP by protecting the O365 environment when users click a link. While the content is being scanned, the URLs are rewritten to go through Office 365. The URLs are examined in real time, at the time a user clicks them. URL detonation provides deeper protection against malicious URLs. Not only does Microsoft check a list of malicious URLs when a user clicks on a link, but Office 365 will also perform real-time behavioural malware analysis in a sandbox environment to identify malicious attachments. URL reputation checks are part of Advanced Threat Protection. If a link is unsafe, the user is warned not to visit the site or informed that the site has been blocked. Reporting is available, so administrators can track which users clicked a link and when they clicked it.
• Dynamic delivery— Better performance and lower latency for emails with attachments. Users will see a placeholder while attachments are scanned in a sandbox environment. If deemed safe, attachments are re-inserted into the email.
• Rich reporting and tracking links in messages — Gaining critical insights into who is being targeted in the organization and the category of attacks the organization is facing. Reporting and message trace allow admins to investigate messages that have been blocked due to unknown viruses or malware, while URL trace capability allows admins to track individual malicious links in the messages that have been clicked. Get better insights to malware activity. Security admins will have a new reporting dashboard to see details of malware that Office 365 Advanced Threat Protection is analyzing.
• Intelligence sharing with Windows Defender Advanced Threat Protection— Security admins will be able to see malware activity and relationships across Windows 10 and Office 365.
• Broader protection— Advanced Threat Protection extends to include protection for SharePoint Online, Word, Excel, PowerPoint and OneDrive for Business. 

Threat Intelligence

• The office 365 Threat Intelligence service provides information on security using data from various sources. The data is harvested via the Microsoft Intelligent security Graph technology. Organizations are being targeted with increasingly sophisticated attacks. 
• Threat Intelligence, which helps admins proactively uncover and protect against advanced threats by analysing billions of data signals across Office consumer and commercial services.
• It also provides deep insights from cyber threat hunters to create a comprehensive view of malware trends around the world. In addition, Microsoft is integrating signals from Windows and Azure to help customers realize the full benefit of the Microsoft Cloud.
• Security admins will see a dashboard with rich insights to do deep investigation of malware and will be able to integrate data with existing security management tools.
• Threat Intelligence takes it a step further by alerting security admins and proactively creating and suggesting security policies to help protect against malware. For example, if analytics show that attacks are happening in the financial industry, the service will alert customers in finance and related areas to the trend. Threat Intelligence will also dynamically create and suggest additional security policies to help protect you before they get to your network.

Advanced Data Governance

Microsoft has also brought Advanced Data Governance to Office 365 to help customers manage the exploding volume and increasing complexity of corporate data. Microsoft applies intelligence to help admins achieve organizational compliance and automate data retention.

Enterprises will be able to classify, set policy and take action on the data that is most relevant for their organization and industry, with recommendations driven by behavioral analysis and machine learning.

Advanced Data Governance includes the following capabilities:

• Import—Intelligently import only the data needed from on-premises and third-party archives using classifications such as age, data type, user or groups, sensitivity or importance.
• Policies—Policy recommendations are provided, based on machine assisted insights of the data, classifications, tenant, organization, industry, geography and more. Recommendations may include delete, move, encrypt or share.
• Retention—Intelligently preserve only what’s important to the organization by using classifications such as keywords, age, data type, user or group, sensitivity, importance. Integration with line-of-business systems allows admins to trigger retention based upon events, such as creation of a human resources record.

 Advanced Data Governance will help organizations apply the right actions to preserve high value data and purge redundant or obsolete data.

Advanced Security Management (ASM)

Microsoft has launched Advanced Security Management to help give organizations visibility and control over security in Office 365.

They have added a new feature lately called Productivity App Discovery, which will help IT pros and security operations teams understand their organization’s usage of Office 365 and other productivity cloud services. This will help them to better determine the extent to which shadow IT is occurring in their organization.

Productivity App Discovery shows usage of Office 365 and other productivity cloud services. App Permissions will assist in monitoring applications that users are connecting to Office 365.

Office 365 Secure Score

The Office 365 Secure Score is available to help organization evaluate their security level in Office 365. Secure Score analyzes an Office 365 organization’s security based on their regular activities and security settings and assigns a score. It is a credit score for security.

Secure Score figures out what Office 365 services an organization is using (like OneDrive, SharePoint, and Exchange) then looks at the settings and activities and compares them to a baseline established by Microsoft. O365 admins get a score based on how aligned they are with best security practices.

Using Secure Score helps increase an organization’s security by encouraging them to use the built-in security features in Office 365 (many of which they have already purchased but might not be aware of). Learning more about these features as they use the tool will help give them piece of mind that they are taking the right steps to protect their organization from threats.

Admins must check secure scores reports weekly. A sample list of reports is presented here:

• Sign-ins after multiple failure report
• Sign-ins from unknown sources report
• Sign-ins from multiple geographies report
• Mailbox access by non-owners report
• Malware detections report
• Sing-in devices report
• Account provisioning activity report
• Non-global administrators report

A cloud kitchen or a digital restaurant is a fast growing trend that has quickly established itself as a formidable restaurant format. Internet-first restaurants are stepping on the gas and companies such as Zomato, Swiggy and Fresh Menu have already started grabbing a slice of this fast-growing sector.

So what is cloud kitchen a.k.a Internet-first restaurant?

A cloud kitchen is basically a restaurant kitchen that accepts incoming orders only through online ordering systems and offers no dine-in facility. They just have a central kitchen that delivers food at customer’s doorsteps.

The primary source of revenue for these internet restaurants is through the various food ordering platforms, such as Swiggy, Food Panda, Zomato, etc. Critical to their business model is a Point of Sales software that accepts orders from multiple sources. 

Food, at the click of a button

Digital technologies are reshaping our daily experiences as consumers and businesses, and these cloud kitchens are no exception. They have the potential to redefine the contours of the restaurant business. For example, take Swiggy, the trending food delivery app that has its roots in Bengaluru. It was the first among the crowd in the cut throat market to venture cloud kitchen in India. Swiggy has set up ‘The Bowl Company’ in Bengaluru joining hands with the popular restaurateurs to offer a wide selection where the restaurant need not have a physical presence.

Following this, Zomato has opened its first cloud kitchen in the suburb of Delhi, Dwarka as a pilot for its new project, Zomato Infrastructure Services, in which they provide their partner restaurateurs with 300 square feet of space and kitchen equipment. So, an aspiring chef has to just walk in and cook on gas while Zomato takes care of the rest. This could be a great opportunity for budding chefs and entrepreneurs.

The secret sauce!

Inexpensive access to pervasive computing power via cloud and mobile technologies is the secret sauce. Market reports indicate that Swiggy’s technology stack comprises of Amazon (EC2, RDS, Cloudfront and Route53) while Zomato’s technology stack also includes Amazon Route53.  With cloud and mobile technology facilitating online ordering, cloud kitchens suddenly seem like the only rational thing to do to manage the high rentals and poor margins in the F&B industry.

Why is this restaurant stuff important for my business?

Just as cloud and mobile technologies are redefining a traditional industry, the ramifications are just as huge for any other business. It’s no longer about “technology has no role to play in my business”. Chances are, if you don’t know how technology can impact your business, your competitor already does.

With a plethora of services provided by cloud, every business can benefit - from SMBs to large enterprises; from education to hospitality.  The cloud is like this huge switchboard where anyone can plug in and use it when they want to but they don’t have to carry the switchboard, they just use the “service”. Gone are the days of expensive, complex IT infrastructure which deterred many businesses from taking advantage of technology.

The cloud allows you to focus on what you do best - run your business. You can move from being a reactive business to a proactive business that offers transformational products and services. The cloud is also highly resilient, especially during these trying times.

For instance, during an unprecedented natural disaster like Cyclone Vardha, which shut down many businesses, or even during a watershed day like Flipkart’s Big Billion Day, the cloud has played knight in shining armor through its various features like instant scalability, disaster recovery, backup & restore and many more. A survey says 60% of SMBs pull the plug after a disaster but with the advent of cloud technology, they could surely turn the tables and cope up equally with large businesses in this uphill battle.

Your technology GPS

At Quadra, we can help you plan and prioritize your cloud journey by helping you formulate well defined business objectives, along with a business and risk analysis that considers multiple dimensions such as long term cost savings; data criticality, security and privacy concerns; audit and assurance; and regulatory norms, right down to service provider agreement review.

The cloud offers many security benefits to organizations, but also raises new security considerations. It can also add to existing ones such as shadow IT, the use of software that is not formally sanctioned by the organization. Office 365 Advanced Security Management, a new set of capabilities powered by Microsoft Cloud App Security gives you greater visibility and control over your Office 365 environment.

Advanced Security Management includes:

• Threat detection - Helps you identify high-risk and abnormal usage, and security incidents.

• Enhanced control - Shapes your Office 365 environment leveraging granular controls and security policies.

• Discovery and insights - Get enhanced visibility into your Office 365 usage and shadow IT without installing an end point agent.

Threat Detection

Office 365 Videos is an intranet website portal where people in your organization can post and view videos. It's a streaming video service for your organization that's available with SharePoint Online in Office 365. It's a great place to share videos of executive communications or recordings of classes, meetings, presentations, or training sessions.

Here are some of the ways that organizations benefit from Yammer.

• Centralize teams and projects. Simplify collaboration by providing teams and projects flexible workspaces that allow them to communicate, share files, and find resources in one place.

• Promote knowledge sharing. Improve decision-making and reduce duplicate work by using Yammer to tap into knowledge across the organization and build on the work of others.

• Foster innovation. Foster innovation by connecting employees, ideas, and information without regard for time zones, geographies, or hierarchies

• Support remote/mobile workers. Identify and resolve problems with the customer experience by giving employees on the front line an efficient way to communicate with headquarters and supporting teams.

• Improve internal communications. Improve the effectiveness of the corporate communications strategy by connecting employees to executives, groups, and feedback.

• Expand external collaboration. Extend collaboration to customers, partners, and vendors by sending them a Yammer message, inviting them into a Yammer group, or setting up an external network.

• Empower sales. Yammer can maximize your sales team’s effectiveness with better account insight, instant access to experts, and enhanced information when on the road.

• Enhance HR practices. Reduce cost and initial training cycles for new employees by creating a designated group with the onboarding resources they need, while giving them access to subject matter experts across the organization.

• Extend the reach of IT. Speed end-user adoption by sharing tips and tricks for new products. Enable self-help, access to peer expertise, and a searchable knowledge base to reduce total time to problem resolution.

Transform Your HR Organization

An engaged workforce means good things for your company’s HR and Corporate Communications Organizations. With Yammer, employees feel empowered to make a difference by contributing to recruiting efforts, recognizing peer performance, and learning from experts throughout the company or industry. Yammer increases employee engagement by giving every team member a voice and the tools and information to do more.

• Onboard new hires quickly. Enable new hires to ramp up faster and continue to develop their skills over time as they learn from their peers.

• Recognize top talent. Identify high performers and publicly recognize employees who do great work - increasing engagement, satisfaction, and retention.

• Gain insight into performance. Keep up to date with what your team is working on and the progress made.

• Start a company dialogue. Connect with your coworkers and encourage two-way dialogues in order to improve communication among teams, employees, managers, and executives.

• Give employees a voice. Spark creativity and innovation by allowing all employees to share ideas, offer feedback and help drive business results.

Transform Your Marketing Organization

Collaboration across teams and with customers is critical to your organization’s marketing success. With Yammer, you can engage with agencies to build high-impact campaigns across geographies, share customer insights, and drive refined go-to market strategies. You can also improve execution through real-time collaboration of collateral. Empower your employees to become brand ambassadors and strengthen your competitive position with Yammer.

• Centralize information. Create one workspace where designated teams can sync up and get projects done.

• Accelerate collateral development. Develop quality collateral much faster and in real-time with colleagues, ensuring that the salesforce is always equipped with the latest materials.

• Collaborate securely with agencies. Share information and gather feedback easily with internal and external agencies through external private networks.

• Plan and execute events. Drive awareness of activities and promote interaction among attendees pre-, during-, and post-event.

• Create brand ambassadors. Easily ensure employees and partners are aligned with company messaging and positioning.

Empower Your Sales Organization

Finding the right information at the right time is critical to the success of your sales team. With Yammer, sales representatives can tap into the collective knowledge of your organization to close deals quickly and increase customer retention. Empower your teams to instantly access expertise and information, gain a competitive advantage, and secure deals faster.

• Access and share key information. Quickly distribute the latest key messaging out to the entire field.

• Connect mobile workers. Give your mobile and remote sellers access to key information in a timely manner with the Yammer mobile app.

• Beat the competition. Share in real-time what is and isn’t working in the field, giving your team a competitive advantage.

- Office 365: Everything You Wanted to Know - Jan 2017 - Microsoft

When you attach a file in a cloud location such as OneDrive or SharePoint, Outlook will send your recipients a link to the file. Permission to access the file is granted automatically to every recipient. This makes collaboration easy because you don't have to worry about attachments being dropped, and you can be sure that everyone is collaborating on the same (and most up-to-date) version of the file.

1. In Outlook, create a message.

Note: For an existing message, click Reply, Reply All, or Forward.

2. On the ribbon, click Attach File, and choose Browse Web Locations.
3. Choose OneDrive, the file you want to attach, and then choose Insert.
4. In your email message, choose the down arrow for the attachment.
5. Choose Change Permissions, and then choose one of the following:
• Recipients can Edit if you want recipients to be able to modify the file.
• Recipients can View, the default option, if you want recipients to be able to read, but not modify, the file.

 - Microsoft Support

Microsoft wants to ensure that its Office 365customers have access to the information that is relevant for them to perform a risk assessment on Office 365 services—on demand. Access to this information should be seamless.

To achieve these goals, they have released the Service Assurance Dashboard as part of the Office 365 Security and Compliance Center, which provides you immediate access to:

• Details on how Office 365 implements security, privacy and compliance controls including details of how third-party independent auditors perform audits to test these controls.

• Third-party independent audit reports including: SSAE 16 / SOC 1, SOC 2 / AT 101, ISO 27001 and ISO 27018.

• Deep insights into how we implement encryption, incident management, tenant isolation and data resiliency.

• Information on how you can leverage Office 365 security controls and configurations to protect your data.

While there are many detailed insights provided through Service Assurance, initial customer feedback indicates that Audited Controls are particularly helpful. The Audited Controls feature in Service Assurance helps you to understand how Office 365 protects customers' data by detailing:

• Test status—Status of the Office 365 controls.

• Control implementation details—Explanation of how Office 365 implements a control.

• Testing performed to evaluate control effectiveness—How independent auditors test the effectiveness of our security, compliance and privacy controls.

• Test date—When a control was validated.

• Office 365 controls—How the Office 365 internal controls map to standard controls.

- Azure blog

Organizations own the data they keep in the cloud and they need to know how it is being handled at all times.

Microsoft is the industry leader in cloud compliance for enterprise customers. With the Office 365 E5 plan, advanced compliance is integrated into the service, so organizations can meet their unique requirements using a single cloud service.

Microsoft recognizes that organizations want control over access to content stored in cloud services. To maximize data security and privacy for Office 365 customers, Microsoft has engineered the service to require nearly zero interaction with customer content by Microsoft employees. Access is obtained through a rigorous access control technology called Customer Lockbox for Office 365, which helps enterprises meet compliance obligations for explicit data access authorization. In the rare instance when a Microsoft service engineer needs access to enterprise data, access control is extended to you so that you grant final approval for access. Actions taken are logged and accessible to you so that they can be audited.

Office 365 Advanced eDiscovery simplifies the eDiscovery process, reducing the volume of data by finding near-duplicate files, reconstructing email threads and identifying key themes and data relationships. Leveraging machine learning and predictive coding, it helps compliance administrators intelligently explore and analyze large, unstructured datasets and quickly zero in on what’s relevant to save time and money.

-Office 365 pages from the net

Choose your language, workload, operating system 

With support for Linux, Windows Server, SQL Server, Oracle, IBM, and SAP, Azure Virtual Machines gives you the flexibility of virtualization for a wide range of computing solutions—development and testing, running applications, and extending your datacenter. It’s the freedom of open-source software configured the way you need it. It’s as if it was another rack in your datacenter, giving you the power to deploy an application in minutes instead of weeks.

Get more choice

It’s all about choice for your virtual machines. Choose Linux or Windows. Choose to be on-premises, in the cloud, or both. Choose your own virtual machine image or download a certified pre-configured image in our marketplace. With Virtual Machines, you’re in control.

Scale to what you need

Combine the performance of a world-class supercomputer with the scalability of the cloud. Scale from one to thousands of virtual machine instances. Plus, with the growing number of regional Azure datacenters, easily scale globally so you’re closer to where your customers are.

Pay only for what you use

Keep your budget in check with low-cost, per-minute billing. You only pay for the compute time you use.

Enhance security and compliance

We’ll help you encrypt sensitive data, protect virtual machines from viruses and malware, secure network traffic, and meet regulatory and compliance requirements.

-Azure web pages

Microsoft has announced an update to the Office 365 people profile experience under Delve, which consolidates the profile and activity pages to make it easier for users to discover relevant content, connect with colleagues and find experts inside an organization.

Learn more about your colleagues

The new profile page gives users a place to learn more about their colleagues, providing their contact information, a photo, who they work for and a summary of their experience and expertise, as well as discover their recent activity and a quick glimpse of what they are working on. The profile is actionable, too. Users can start a Skype chat, call or email to a colleague right from their profile page. Remember, Delve only shows content that the user already has permission to see.

The whole experience is responsive and looks great on any device.

Customize User profile and quickly find documents

Users can give their Delve profile a personal touch—upload a favorite profile photo, choose a unique background or edit your expertise. Up-to-date profiles make it easier for others to find out about the user and help the user when the user is looking for information. From the user’s profile, users can also quickly and easily get back to their documents, as well as see documents their most frequent contacts are working on.

Delve is more useful and intuitive than ever thanks to the new profile page. By connecting the users with the content and the contacts who are relevant to them, Delve helps break down silos and keeps the user in the know.

The new profile experience has been rolled out to First Release Office 365 tenants over the past several weeks, and Microsoft expects it to roll out to all eligible Office 365 customers by the second quarter of 2016.

Delve is included in the Office 365 Enterprise E1–E5 subscription plans (including the corresponding A2–A4 and G1–G4 plans for Academic and Government customers, respectively). Delve is also included in the Office 365 Business Essentials and Business Premium plans.

Delve never changes any permissions and only shows the users content that they already have permission to view. Only they can see their private documents in Delve, and other people can’t see their private activities—such as what documents they’ve read, what emails they’ve sent and received or which Skype for Business conversations they have participated in. Other people can see that they’ve modified a document, but only if they have access to the same document.