Quadra

Connecting Technology and Business.

Reduce the noise in your data to improve forecast

The cloud and big data


When the cloud came into being, it brought with it immense storage power at cheaper rates. It ushered in the era of Big data. As a result, it also raised expectation levels in the minds of statisticians - and decision makers who depended on them - that this would do wonders to their decision-making processes.


Boon or bane?


The sample space had drastically increased due to social media and IoT, leading to more data being made available now. Applying statistical models to this huge data would improve the probability of a predicted event occurring (or not occurring) or improve the reliability of the forecast by pushing the R squared value to near unity. Right? Wrong. The data deluge only added to more noise than dependable signals.

 

Illusion or disillusion?


As time went by, people became disillusioned by the failure of the system to aid them with reliable information in decision-making. So as their hyper-expectations were not met, they just drop off quickly without pursuing further this journey.


The signal and the noise


It was now the turn of the experts to come with their reasons as to why such huge data could not help them decide better. One significant reason is that while there is enough data - and more – for the model, it requires a great deal of cleaning – removing the noise in the data that could distort the results and predictions before this data can be put to any use at all.

 

Persistence pays!


Early adapters of technology gained over the long run. Microsoft and Amazon are examples of winners who persisted in their vision to make this big data the fuel to their decision-making engine. They soon gathered themselves up from the trough of disillusionment to the slope of enlightenment by applying scientific methods to the data gathered and adopting newer methods to remove noise and false signals from the data. This way, they could arrive at real signals that aided in building reliable data models. They have climbed to the plateau of productivity now with their data models helping them in better decision making based on information.

 

Here are a few points to ponder:


  • People expect a lot from technology today, but the problem is while we have a lot of data, there are not enough people who possess skills to make this big data useful and not enough training and skill building efforts being put to make data scientists out of this huge population of technology experts.
  • Cleaning up data is the first big problem in predictive analysis – there are many external factors that might tend to distort the data that has been collected.
  • If we are considering a correlation between two variables and don’t know what causes this correlation, it is better not to consider this correlation at all. (Star fish predicting the FIFA world-cup winner or a baseball team’s win or lose determining the movement of the share-market).
  • Seeking for signals desperately, people end up with more noise than signals – so they make decisions with their instinct / gut feeling / experience playing an 80% part and statistics playing the last 20%. Instead, we should be guided by statistics 80% and leave the rest to our instincts and that too only if there is a drastically negative indicator in the statistical model. 

Here are some suggestions to reduce the noise and arrive at signals:

 

Start with a hypothesis / instinct and then keep refining it as you go ahead with analysis – this might sometimes lead to reverse your hypothesis.


Think probabilistically


When predicting, consider the margin of error (uncertainty) of the historic data and then include that in the prediction to make a decision. The person that discloses the greatest uncertainty is doing a better job than the one who conceals this uncertainty to his prediction. Three things to carry with while predicting: Data models, Scientific theories that influence the situation and experience (learn from the number of forecasts made and the feedback about the forecast)


Know where you come from


Consider the background and the existing biases of the possible forecaster / decision maker and the situation the data is being collected / considered


Try and err


Companies need to focus on the 80% effort for the last 20% results to retain the competitive advantage – real statistics of a few customers would be better than hypothetical data of a huge number of customers.

 

Notes:

 

  • Large and smart companies especially Technology firms should dare to take risks in the competitive advantage area. Most of the risk-taking will pay off. As they are big, they can bear failures unlike small firms and individuals in which case this might be termed as gambling.
  • People make better inferences from visuals than just data presented as raw data. Charts must show simple essential info. Unless required to bring greater clarity, we must avoid showing more information that crowd together on the charts to create more noise.
  • People must become Bias detectors – raise business questions and be apprehensive about magic bullet solutions.
  • Analysts should disclose the limitations to their analyses.


- Insights from a session by Nate Silver

Innovations in Excel that users love

Real-time collaboration—As with other Office 365 apps, you and your co-workers can securely work simultaneously within an Excel file from any device (mobile, desktop, and web). This allows you to know who else is working with you in a spreadsheet, see where they’re working, and view changes automatically within seconds, reducing the time it takes to collect feedback and eliminating the need to maintain multiple versions of a file. Live, in-app presence indicators through Skype for Business make it easy to connect with available co-workers in the moment.

Powerful data modeling—Get & Transform is one of Excel’s most powerful features, enabling you to search for data sources, make connections, and shape your data to meet specific analysis needs. Excel can connect to data sitting in the cloud, in a service, or stored locally. You can then combine different data sets from these sources into a single Data Model for a unique, unified view. Plus, you can create a Data Model to import millions of rows of data into Excel—keeping your analysis in one place.

Insightful visualizations—Excel is an inherently visual tool, giving you new perspectives through a variety of charts and graphs. We continue to enhance visualization in Excel—with geographical maps and waterfall charts—to provide easier analysis and a better, more impactful way to share insights across your company.

Dashboard creation and sharing—Power BI is the cloud-based data visualization tool that allows you to create and publish dashboards. We intentionally designed Power BI and Excel to work together, so you can surface the most relevant insights for the task at hand. Excel data can be imported into Power BI, while Power BI reports can be analysed in Excel for new perspectives. You can then easily share these dashboards and insights with others in your company.

Built-in extensibility—Like other Office 365 applications, Excel can be customized to meet the specific needs of your company. Excel’s rich ecosystem of add-ins and other tools can help you work with data in more relevant ways. Plus, the Excel platform is flexible enough for IT admins or Microsoft partners to develop custom solutions.

-Office Blogs, Dec 2017

Security Intelligence Report of Microsoft

Microsoft regularly aggregates the latest worldwide security data into the Security Intelligence Report (SIR), unpacking the most pressing issues in cybersecurity.

Here are some highlights:

Cloud Threat Intelligence

The cloud has become the central data hub for any organization, which means it’s also a growing target for attackers.

Compromised Accounts

Definition - Attackers break into the cloud-based account simply by using the stolen sign-in credentials of a user
Analysis - A large majority of these compromises are the result of weak, guessable passwords and poor password management, followed by targeted phishing attacks and breaches of third-party services.

Cloud-based user account attacks have increased 300% from last year, showing that attackers have found a new favorite target.

Drive-by download sites

Definition - A website that hosts malware in its code and can infect a vulnerable computer simply by a web visit
Analysis - Attackers sneak malicious code into legitimate but poorly secured websites. Machines with vulnerable browsers can become infected by malware simply by visiting the site. Bing search constantly monitors sites for malicious elements or behavior, and displays prominent warnings before redirecting to any suspicious site.

Taiwan and Iran have the highest concentration of drive-by download pages

Endpoint threat intelligence

An endpoint is any device remotely connected to a network that can provide an entry point for attackers––such as a laptop or mobile device. Since users interact with an endpoint, it remains a key opportunity for attackers and a security priority for organizations.

Ransomware

Definition - Malware that disables a computer or its files until an amount of money is paid to the attackers
Analysis - Ransomware attacks have been on the rise, disrupting major organizations and grabbing global headlines. Attacks like WannaCry and Petya disabled thousands of machines worldwide in the first half of 2017. Windows 10 includes mitigations that prevent common exploitation techniques by these and other ransomware threats.

Ransomware disproportionately targeted Europe with Czech Republic, Italy, Hungary, Spain, Romania, and Croatia being the top six countries with the highest encounter rates.

Exploit Kits

Definition - A bundle of malicious software that discovers and abuses a computer's vulnerabilities
Analysis - Once installed on a compromised web server, exploit kits can easily reach any computer lacking proper security updates that visits the site.

Many of the more dangerous exploits are used in targeted attacks before appearing in the wild in larger volumes.

Takeaways and Checklist:

  • The threats and risks of cyberattacks are constantly changing and growing. However, there are some practical steps you can take to minimize your exposure.
  • Reduce risk of credential compromise by educating users on why they should avoid simple passwords, enforcing multi-factor authentication and applying alternative authentication methods (e.g., gesture or PIN).
    Enforce security policies that control access to sensitive data and limit corporate network access to appropriate users, locations, devices, and operating systems (OS).
  • Do not work in public Wi-Fi hotspots where attackers could eavesdrop on your
    communications, capture logins and passwords, and access your personal data. Regularly update your OS and other software to ensure the latest patches are installed

India specific report

The statistics presented here are generated by Microsoft security programs and services running on computers in India in March 2017 and previous quarters. This data is provided from administrators or users who choose to opt in to provide data to Microsoft, using IP address geolocation to determine country or region.

Encounter rate trends

15.5 percent of computers in India encountered malware, compared to worldwide encounter rate of 7.8 percent. The most common malicious software category in India was Trojans. The second most common malicious software category was Worms. The third most common malicious software category was Downloaders & Droppers.

The most common unwanted software category was Browser Modifiers. The second most common unwanted software category was Software Bundlers. The third most common unwanted software category was Adware.

The most common malicious software family encountered was Win32/Fuery, Win32/Fuery is a cloud-based detection for files that have been automatically identified as malicious by the cloud-based protection feature of Windows Defender. The second most common malicious software family encountered was Win32/Vigorf. Win32/Vigorf is a generic detection for a variety of threats. The third most common malicious software family encountered was Win32/Skeeyah. Win32/Skeeyah is a generic detection for various threats that display Trojan characteristics. The fourth most common malicious software family encountered was Win32/Dynamer. Win32/Dynamer is a generic detection for a variety of threats.

The most common unwanted software family encountered was Win32/Foxiebro. Win32/Foxiebro is a browser modifier that can inject ads to search results pages, modify web pages to insert ads, and open ads in new tabs. The second most common unwanted software family encountered was Win32/ICLoader. Win32/ICLoader is a software bundler distributed from software crack sites, which installs unwanted software alongside the desired program. It sometimes installs other unwanted software, such as Win32/Neobar. The third most common unwanted software family encountered was MSIL/Wizrem. MSIL/Wizrem is a software bundler that downloads other unwanted software, including Win32/EoRezo and Win32/Sasquor. It might also try to install malicious software such as Win32/Xadupi.

Security software use

Nearly 18% of the computers in India are not running up-to-date real-time security software when compared to the world-wide number of about 12%.

Malicious Websites

Attackers often use websites to conduct phishing attacks or distribute malware. Malicious websites typically appear completely legitimate and often provide no outward indicators of their malicious nature, even to experienced computer users. In many cases, these sites are legitimate websites that have been compromised by malware, SQL injection, or other techniques, in an effort by attackers to take advantage of the trust users have invested in them. To help protect users from malicious webpages, Microsoft and other browser vendors have developed filters that keep track of sites that host malware and phishing attacks and display prominent warnings when users try to navigate to them.

The information presented here has been generated from telemetry data produced by Windows Defender SmartScreen in Microsoft Edge and Internet Explorer.
  • Eight websites per hundred thousand URLs are malicious - drive-by download pages.
  • 420 websites per hundred thousand internet hosts are malicious - Phishing sites.
  • 890 websites per hundred thousand internet hosts are malicious - Malware hosting sites.
- Microsoft Security intelligence report, Volume 22

Ignore these 9 tips to stay safe online at your own risk!

The risk. More and more hours are spent online by us as there is proliferation of devices, availability of internet connectivity and usage of apps for everything – from official work to personal use, social networking and entertainment. These require a login so that we can have a better experience. The devices and apps require creation of an account most of the time to log in so that we can enjoy a better experience – downloading files, accessing premium features or content or moving to higher levels in a game. We need to be doubly careful with our personal information so that none of it is accessed by the device builders, app developers and hackers.

Here are some tips to keep ourselves safe from risks to our information that lie online.

  1. Password. First and the foremost is to have a strong password – a different one for each of our accounts or a single strong password under a single sign-on system that cannot be easily guessed. Avoiding dictionary terms and easily guessable words or a combination of words and figures would be good methods when choosing passwords.
  2. Multifactor Authentication. We might have multiple email accounts – one or more official and many personal too. Most email service providers also provide a second authentication mechanism apart from a login name and a password. Making use of this multi-factor authentication feature will require the user to provide an additional authentication factor in the form of an OTP (One Time Password) received in a mobile device or in an alternate email or a phone call. This available in also most of the social networking apps too.
  3. Apps. We are enticed by a lot of apps that keep asking for permission to access our content – contacts and personal information in our devices. We must be discerning as to whether we need to allow these apps to access such information unless the situations warrant it. If we had not been paying enough attention here, it is high-time we revisited our apps and removed such privileges to the respective apps.
  4. Social Networks. Almost every information we provide when we create our social networking accounts and subsequently post in our name are at risk of being misused by the service providers and sellers interested in pushing their goods and services. Even our likes or comments to others’ posts are at risk of being monitored and accessed for dubious usage like targeted advertisements and offers. There are also recommendations from various sources that we remove our Facebook accounts so that we can protect our privacy. Others would have to go to Ad preferences option in such accounts to minimize risk of being spied by intruders.
  5. Personal devices. We must be careful when we allow others to use our devices in which we not only store a lot of our personal information but also login to access our various accounts. It is better to log off and allow them to login with a different profile / account in the same device. This will keep them from away from our information.
  6. Browsing history. Our browsing history and stored cookies must be deleted as frequently as possible to keep our personal information private. This will delete our search history, passwords and other vital information we provide in web sites and apps - probably for file downloads or registering for events and webinars. It will also be better to use the in-private browsing option in browsers when we know that we might have to provide personal information or search for confidential information.
  7. Temporary files. All files and content of temporary / short term value must be deleted as soon as it loses its relevance so that any private content is inaccessible from these sources. Files of permanent value and longer relevance must be backed up and stored in secondary storage devices or cloud services locked up with strong passwords.
  8. Phishing and Ransomware. Anti-phishing tools and software that will guard us from zero-day attacks and ransomware are essential these days to help us remain protected from hackers and attackers who are after not only our information but also information about others stored in our devices like phone numbers and email addresses.
  9. Wi-Fi. While connecting to Wi-fi networks, we must be very careful as to who is the Wi-fi provider and whether it is a public network. Public networks that allow you to connect without a password or those that are provided in railway stations and airports are risky connections. They come with an added risk of exposing our content to others connecting to that network. Deny permission to make your device visible to others in the network if you are connecting to unknown networks.

Isn't AI a part of your investment today? You might be left behind!

"Harley-Davidson Uses Artificial Intelligence to Increase New York Sales Leads by 2,930%", reads an article in HBR this May. Today’s leading organizations are using machine learning–based tools to automate decision processes, and they’re starting to experiment with more-advanced uses of artificial intelligence (AI) for digital transformation. AI is already transforming web search, advertising, e-commerce, finance, logistics, media, and more.

 

Here was the status of what AI currently could do (as of November 2016) as per a founding Lead of the Google Brain team: 


Input

Response

Application

Picture

Are there human faces?

Photo tagging

Loan Application

Will they repay the loan?

Loan approvals

Ad plus user information

Will user click an ad?

Targeted online ads

Audio clip

Transcript of audio clip

Speech recognition

English sentence

French sentence

Language translation

Sensor from hard disk, plane engine

Is it about to fail?

Preventive maintenance

Car camera and other sensors

Position of other cars

Self-driving cars


Corporate investment in artificial intelligence is predicted to triple in 2017, becoming a $100 billion market by 2025. Last year alone saw $5 billion in machine learning venture investment. In a recent survey, 30% of respondents predicted that AI will be the biggest disruptor to their industry in the next five years. This will no doubt have profound effects on the workplace.


Machine learning is enabling companies to expand their top-line growth and optimize processes while improving employee engagement and increasing customer satisfaction.


Here are some possible applications of AI to Businesses today:


Personalizing customer service. The potential to improve customer service while lowering costs makes this one of the most exciting areas of opportunity. By combining historical customer service data, natural language processing, and algorithms that continuously learn from interactions, customers can ask questions and get high-quality answers. In fact, 44% of U.S. consumers already prefer chatbots to humans for customer relations. Customer service representatives can step in to handle exceptions, with the algorithms looking over their shoulders to learn what to do next time around.


Improving customer loyalty and retention. Companies can mine customer actions, transactions, and social sentiment data to identify customers who are at high risk of leaving. Combined with profitability data, this allows organizations to optimize “next best action” strategies and personalize the end-to-end customer experience. For example, young adults coming off of their parents’ mobile phone plans often move to other carriers. Telcos can use machine learning to anticipate this behavior and make customized offers, based on the individual’s usage patterns, before they defect to competitors.


Hiring the right people. Corporate job openings pull in about 250 résumés apiece, and over half of surveyed recruiters say shortlisting qualified candidates is the most difficult part of their job. Software quickly sifts through thousands of job applications and shortlists candidates who have the credentials that are most likely to achieve success at the company. Care must be taken not to reinforce any human biases implicit in prior hiring. But software can also combat human bias by automatically flagging biased language in job descriptions, detecting highly qualified candidates who might have been overlooked because they didn’t fit traditional expectations.


Automating finance. AI can expedite “exception handling” in many financial processes. For example, when a payment is received without an order number, a person must sort out which order the payment corresponds to, and determine what to do with any excess or shortfall. By monitoring existing processes and learning to recognize different situations, AI significantly increases the number of invoices that can be matched automatically. This lets organizations reduce the amount of work outsourced to service centers and frees up finance staff to focus on strategic tasks.


Measuring brand exposure. Automated programs can recognize products, people, logos, and more. For example, advanced image recognition can be used to track the position of brand logos that appear in video footage of a sporting event, such as a basketball game. Corporate sponsors get to see the return on investment of their sponsorship investment with detailed analyses, including the quantity, duration, and placement of corporate logos.


Detecting fraud. The typical organization loses 5% of revenues each year to fraud. By building models based on historical transactions, social network information, and other external sources of data, machine learning algorithms can use pattern recognition to spot anomalies, exceptions, and outliers. This helps detect and prevent fraudulent transactions in real time, even for previously unknown types of fraud. For example, banks can use historical transaction data to build algorithms that recognize fraudulent behaviour. They can also discover suspicious patterns of payments and transfers between networks of individuals with overlapping corporate connections. This type of “algorithmic security” is applicable to a wide range of situations, such as cybersecurity and tax evasion.


Predictive maintenance. Machine learning makes it possible to detect anomalies in the temperature of a train axel that indicate that it will freeze up in the next few hours. Instead of hundreds of passengers being stranded in the countryside, waiting for an expensive repair, the train can be diverted to maintenance before it fails, and passengers transferred to a different train.


Smoother supply chains. Machine learning enables contextual analysis of logistics data to predict and mitigate supply chain risks. Algorithms can sift through public social data and news feeds in multiple languages to detect, for example, a fire in a remote factory that supplies vital ball bearings that are used in a car transmission.


Other areas where machine intelligence could soon be commonly used include:


Career planning. Recommendations could help employees choose career paths that lead to high performance, satisfaction, and retention. If a person with an engineering degree wishes to run the division someday, what additional education and work experience should they obtain, and in what order?


Drone- and satellite-based asset management. Drones equipped with cameras can perform regular external inspections of commercial structures, like bridges or airplanes, with the images automatically analysed to detect any new cracks or changes to surfaces.


Retail shelf analysis. A sports drink company could use machine intelligence, coupled with machine vision, to see whether its in-store displays are at the promised location, the shelves are properly stocked with products, and the product labels are facing outward.

 

Machine learning enables a company to reimagine end-to-end business processes with digital intelligence. The potential is enormous. That’s why software vendors are investing heavily in adding AI to their existing applications and in creating net-new solutions.


- gleaned from the pages of HBR

How to keeping winning the battle against hackers

Office 365 is the fastest growing SaaS offering globally. It is also the most targeted by hackers today as phishing and Ransomware transform into business models in the Dark Web world. Breaches come from emails and misused identities and the attacks only accelerate by the minute. It is high time that Office 365 admins hack-proof their environments – and it is possible with the tools available from Microsoft – tools for studying, analyzing, warning and preventing attacks and plugging vulnerabilities.

The recent Wannacry ransomware attack has created a sense of panic among enterprises using Office 365; remember other cloud services too, are not immune to hacking attacks. Attackers use Social engineering to gain access to the victim’s identity, data and device. It is a security attack vector that involves tricking someone into breaking normal security procedures.

A social engineer runs what used to be called a "con game." Techniques such as appeal to vanity, appeal to authority and appeal to greed are often used in social engineering attacks. Many social engineering exploits simply rely on people's willingness to be helpful. For example, the attacker might pretend to be a co-worker who has some kind of urgent problem that requires access to additional network resources.  

Popular types of social engineering attacks include:

  • Baiting: Baiting is when an attacker leaves a malware-infected physical device, such as a USB flash drive in a place it is sure to be found. The finder then picks up the device and loads it onto his or her computer, unintentionally installing the malware.
  • Phishing: Phishing is when a malicious party sends a fraudulent email disguised as a legitimate email, often purporting to be from a trusted source. The message is meant to trick the recipient into sharing personal or financial information or clicking on a link that installs malware.
  • Spear phishing: Spear phishing is like phishing, but tailored for a specific individual or organization.
  • Pretexting: Pretexting is when one party lies to another to gain access to privileged data. For example, a pretexting scam could involve an attacker who pretends to need personal or financial data in order to confirm the identity of the recipient.
  • Scareware: Scareware involves tricking the victim into thinking his computer is infected with malware or has inadvertently downloaded illegal content. The attacker then offers the victim a solution that will fix the bogus problem; in reality, the victim is simply tricked into downloading and installing the attacker's malware.

Security experts recommend that IT departments regularly carry out penetration tests that use social engineering techniques. This will help administrators learn which types of users pose the most risk for specific types of attacks while also identifying which employees require additional training. Security awareness training can go a long way towards preventing social engineering attacks. If people know what forms social engineering attacks are likely to take, they will be less likely to become victims.

Fortunately, Microsoft provides enough tools to protect its users and especially Office 365 subscribers from such attacks.

Exchange Online Protection (EOP)

Microsoft Exchange Online Protection (EOP) is a cloud-based email filtering service that helps protect your organization against spam and malware, and includes features to safeguard your organization from messaging-policy violations. EOP can simplify the management of your messaging environment and alleviate many of the burdens that come with maintaining on-premises hardware and software.

As a part of Microsoft Exchange Online   By default, EOP protects Microsoft Exchange Online cloud-hosted mailboxes. Exchange Online Protection provides protection against malicious links by scanning content.

Advanced Threat Protection (ATP)
  • Securing mailboxes - With Exchange Online Advanced Threat Protection, admins can protect mailboxes against new, sophisticated attacks in real time. By protecting against unsafe attachments and expanding protection against malicious links, it complements the security features of Exchange Online Protection to provide better zero-day protection.
  • Protection against Unsafe Attachments - With Safe Attachments, admins can prevent malicious attachments from impacting the messaging environment, even if their signatures are not known. All suspicious content goes through a real-time behavioral malware analysis that uses machine learning techniques to evaluate the content for suspicious activity. 
  • Unsafe attachments are sandboxed in a detonation chamber before being sent to recipients. The advantage is a malware free and cleaner inbox with better zero-day attack protection.
  • Protection of the environment when users click malicious links - Safe Links expands on EOP by protecting the O365 environment when users click a link. While the content is being scanned, the URLs are rewritten to go through Office 365. The URLs are examined in real time, at the time a user clicks them. URL detonation provides deeper protection against malicious URLs. Not only does Microsoft check a list of malicious URLs when a user clicks on a link, but Office 365 will also perform real-time behavioural malware analysis in a sandbox environment to identify malicious attachments. URL reputation checks are part of Advanced Threat Protection. If a link is unsafe, the user is warned not to visit the site or informed that the site has been blocked. Reporting is available, so administrators can track which users clicked a link and when they clicked it.
  • Dynamic delivery— Better performance and lower latency for emails with attachments. Users will see a placeholder while attachments are scanned in a sandbox environment. If deemed safe, attachments are re-inserted into the email.
  • Rich reporting and tracking links in messages — Gaining critical insights into who is being targeted in the organization and the category of attacks the organization is facing. Reporting and message trace allow admins to investigate messages that have been blocked due to unknown viruses or malware, while URL trace capability allows admins to track individual malicious links in the messages that have been clicked. Get better insights to malware activity. Security admins will have a new reporting dashboard to see details of malware that Office 365 Advanced Threat Protection is analyzing.
  • Intelligence sharing with Windows Defender Advanced Threat Protection— Security admins will be able to see malware activity and relationships across Windows 10 and Office 365.
  • Broader protection— Advanced Threat Protection extends to include protection for SharePoint Online, Word, Excel, PowerPoint and OneDrive for Business. 
Threat Intelligence
  • The office 365 Threat Intelligence service provides information on security using data from various sources. The data is harvested via the Microsoft Intelligent security Graph technology. Organizations are being targeted with increasingly sophisticated attacks. 
  • Threat Intelligence, which helps admins proactively uncover and protect against advanced threats by analysing billions of data signals across Office consumer and commercial services.
  • It also provides deep insights from cyber threat hunters to create a comprehensive view of malware trends around the world. In addition, Microsoft is integrating signals from Windows and Azure to help customers realize the full benefit of the Microsoft Cloud.
  • Security admins will see a dashboard with rich insights to do deep investigation of malware and will be able to integrate data with existing security management tools.
  • Threat Intelligence takes it a step further by alerting security admins and proactively creating and suggesting security policies to help protect against malware. For example, if analytics show that attacks are happening in the financial industry, the service will alert customers in finance and related areas to the trend. Threat Intelligence will also dynamically create and suggest additional security policies to help protect you before they get to your network.

 

Advanced Data Governance

Microsoft has also brought Advanced Data Governance to Office 365 to help customers manage the exploding volume and increasing complexity of corporate data. Microsoft applies intelligence to help admins achieve organizational compliance and automate data retention.

Enterprises will be able to classify, set policy and take action on the data that is most relevant for their organization and industry, with recommendations driven by behavioral analysis and machine learning.

 

Advanced Data Governance includes the following capabilities:

  • Import—Intelligently import only the data needed from on-premises and third-party archives using classifications such as age, data type, user or groups, sensitivity or importance.
  • Policies—Policy recommendations are provided, based on machine assisted insights of the data, classifications, tenant, organization, industry, geography and more. Recommendations may include delete, move, encrypt or share.
  • Retention—Intelligently preserve only what’s important to the organization by using classifications such as keywords, age, data type, user or group, sensitivity, importance. Integration with line-of-business systems allows admins to trigger retention based upon events, such as creation of a human resources record.

 Advanced Data Governance will help organizations apply the right actions to preserve high value data and purge redundant or obsolete data.

 

Advanced Security Management (ASM)

 

Microsoft has launched Advanced Security Management to help give organizations visibility and control over security in Office 365.

 

They have added a new feature lately called Productivity App Discovery, which will help IT pros and security operations teams understand their organization’s usage of Office 365 and other productivity cloud services. This will help them to better determine the extent to which shadow IT is occurring in their organization.

 

Productivity App Discovery shows usage of Office 365 and other productivity cloud services. App Permissions will assist in monitoring applications that users are connecting to Office 365.

 

Office 365 Secure Score

The Office 365 Secure Score is available to help organization evaluate their security level in Office 365. Secure Score analyzes an Office 365 organization’s security based on their regular activities and security settings and assigns a score. It is a credit score for security.

Secure Score figures out what Office 365 services an organization is using (like OneDrive, SharePoint, and Exchange) then looks at the settings and activities and compares them to a baseline established by Microsoft. O365 admins get a score based on how aligned they are with best security practices.

Using Secure Score helps increase an organization’s security by encouraging them to use the built-in security features in Office 365 (many of which they have already purchased but might not be aware of). Learning more about these features as they use the tool will help give them piece of mind that they are taking the right steps to protect their organization from threats.

Admins must check secure scores reports weekly. A sample list of reports is presented here:

  • Sign-ins after multiple failure report
  • Sign-ins from unknown sources report
  • Sign-ins from multiple geographies report
  • Mailbox access by non-owners report
  • Malware detections report
  • Sing-in devices report
  • Account provisioning activity report
  • Non-global administrators report
Making use of these features that are made available by Microsoft will help enterprises not only defend themselves  from hackers but also keep winning the battles against them.

 

If you thought managing Financial Capital was difficult, how about Human Capital?

Bain’s Macro Trends Group estimates that global financial capital has more than tripled over the past three decades and now stands at roughly 10 times global GDP.

Indisputably, finding Financial capital is easy these days. It is superabundant. As its supply is far more than the demand, it is cheap. Skillful allocation of financial capital is no longer a source of sustained competitive advantage for enterprises. There is a scarcer resource that business owners don’t focus much on or track in their annual balance sheets but which invariably has a greater impact on the businesses - Human capital.

The assets that are in short supply at most companies are the skills and capabilities required to translate good growth ideas into successful new products, services, and businesses—and the traditional financially driven approach to strategic investment has only compounded this paucity.

“Unemployability is a bigger crisis than unemployment”, said an India Labour Report a decade back and this still continues to be the challenge for the country which has launched into the Make in India mode lately.

A country-wide survey found that only 25% of the Indian professionals are considered “employable” by multinationals and the difficulty of employers in India to fill job vacancies had increased to 67% in 2011. The situation has only worsened ever since.

What exactly are employers looking for? Personal attributes like a positive attitude: a ‘can do’ approach, good work ethic and willingness to learn, good personal presentation, honesty and integrity, reliability, timekeeping and personal organization, team working, collaboration and co-operation, flexibility, commercial awareness and customer focus are considered as essential skills. Other skills include, communication – oral and written, numeracy and computer literacy/IT skills.

While acquiring human capital is a drastic challenge today, there is an urgent need for managing effectively the available human capital if enterprises intend to lead from the front. Unfortunately, unlike Financial capital where metrics like ROA, RONA, ROIC, ROCE, IRR, MVA, APV etc. are available for measurement, there are no significant measureable metrics to gauge the value, growth or decline of Human capital.

Broadly speaking, human capital is the sum total of the time, talent and energy of the workforce in an enterprise.

Technology to the rescue - Office365 MyAnalytics

Microsoft MyAnalytics, can provide detailed reviews of how we use time. 

MyAnalytics is an application that analyzes data gathered from user activities within Office 365 to provide users with an insight into how they use their time dealing with email, attending meetings, and interacting with key contacts. It is an information discovery and knowledge tool to track your time, because that’s the valuable resource you have.

The concept underpinning MyAnalytics is that by observing and understanding how someone interacts with the components of Office 365, you can build up a picture of their day-to-day activities. You can also compare how they spend their time against an anonymized set of data drawn from other tenant users.

Based on data drawn from across Office 365, Microsoft knows that the average office worker spends up to 20 hours per week working with email while senior managers will be glued to their keyboards for between 40 and 70 hours. Your data might vary!

All of the data used by MyAnalytics is available to users if they care to look. For example, it is possible (but tedious) to count the number of messages you create and send. You can also figure out how much time is taken to respond to other people within your company by looking at the timestamps in message headers and calculating the difference between when a message was sent and when a response was generated. The same is true when it comes to analyzing the number of meetings you attend, who also attends, the topics discussed, and the outcomes. You can assess whether meetings were effective, ineffective, or just so-so.

MyAnalytics is included in the Office E5 plan. MyAnalytics is also available as an add-on for the E1 and E3 plans.

- based on some articles in HBR and another article in IT Pro Windows

Convey a Certain Idea or a Concept Stylishly

Need to insert an icon that conveys a certain ideaLightbulbor conceptsThought bubble,Head with Gears, but you don't want to draw it yourself? Microsoft has introduced a very easy and stylish way of doing this in your Word documents Documentor Presentation slidesFlip Calendar.

Check out the Icons button on the Insert tab. Choose a category like people, technology, or sports. Then click the icon that represents the idea or concept you have in mind.

 

You have 25+ categories to choose icons from.

These Icons can be managed and manipulated like any other graphic using the Graphics Tools that will appear as a contextual tab when the icon is clicked.

Now OneDrive for Business in under better control of the Admin

Control provisioning of OneDrive

OneDrive for a user is created when they click on OneDrive tile or access the service first time. Their ability to create OneDrive site is governed by the create personal site permission in SharePoint Online. By default, the permission is assigned to all users.

If your Organization is looking for a phased rollout then you can create specific user groups and assign the create personal site permission to them.

Enable Sync client restrictions

SharePoint Online administrator can use PowerShell cmdlets to enable the OneDrive for Business sync client from only the domains present in the safe recipients list. After that, if the version of sync client on a user’s PC is earlier than 15.0.4693.1000, sync client is considered outdated and user will not be able to sync documents.

Configure restricted Domain sharing

At a tenant level, administrators can configure external sharing by using either the Allow List or Deny List feature. Administrators can limit sharing invitations to a limited number of email domains by listing them in the Allow List or opt to use the Deny List, listing email domains to which users are prohibited to extend invitations.
 
Additional parameters have been added to the PowerShell, to allow configuration of restricted domains using PowerShell.

All external sharing invitation emails will blind copied to set mailboxes using available parameters.

Discourage Org-wide sharing

To discourage users from sharing files from their OneDrive with everyone in the Organization, hide “Everyone”, “All Users” and “Everyone except External Users” groups in the people picker.

Restrict Sync based on file types

When required, block syncing of certain file types using the new sync client. For e.g. sync of .pst and .mp4 can be blocked as all emails should be in EXO mailbox and videos should be in O365 Videos service or, just to conserve bandwidth consumption.

Monitor User activities

Office 365 Audit log search and Management Activity APIs enable monitoring of user activities on OneDrive and also integrate them with existing SIEM tool in your Organization. Refer to the Audit log search section later in this document.

Configure usage or anomaly based alerts

Office 365 Advanced Security Management enables you to set up anomaly detection policies, so you can be alerted to potential breaches of your network. For example, you can be alerted to impossible travel scenarios, such as if a user signs in to the service to check their mail from New York and then two minutes later is downloading a document from OneDrive in Tokyo.

Advanced Security Management also lets you set up that can track specific activities. With out-of-the-box templates like Mass download by a single user, IT can easily create policies that flag when someone is downloading an unusually large amount of data. Alerts can also be for multiple failed sign-in attempts or signs in from a risky IP address.

Configure Mobile App Management (MAM) for mobiles

Intune MAM, part of Enterprise Mobility + Security (EMS) suite, provides ability to manage OneDrive mobile app and disable user’s ability to copy-paste corporate content from their OneDrive to a non-managed/consumer app.

Configure Conditional Access

Azure AD Premium, part of Enterprise Mobility + Security (EMS) suite, provides Risk-based conditional access through an intelligent assessment of granting or blocking access to OneDrive. For e.g. access to OneDrive can be blocked is the user is using non-managed device.

Additional Administrative settings for the sync client

A variety of OneDrive and OneDrive for Business settings can be centrally administered through group policy. The group policy objects are available as part of the OneDrive Deployment Package.

The following User Configuration group policies are available:
• Coauthoring and in-app sharing for Office files
• Configure OneDrive.exe to receive updates after consumer production
• Prevent users from changing the location of their OneDrive folder
• Prevent users from configuring personal OneDrive accounts
• Set the default location for the OneDrive folder
• Users can choose how to handle Office files in conflict
The following Computer Configuration group policies are available:
• Prevent users from using the remote file fetch feature to access files on the computer
• Set the maximum percentage of upload bandwidth that OneDrive.exe uses

- Office 365: Everything You Wanted to Know - Jan 2017 - Microsoft

Secure Your Cloud Users with these Advanced Management Features

The cloud offers many security benefits to organizations, but also raises new security considerations. It can also add to existing ones such as shadow IT, the use of software that is not formally sanctioned by the organization. Office 365 Advanced Security Management, a new set of capabilities powered by Microsoft Cloud App Security gives you greater visibility and control over your Office 365 environment.

Advanced Security Management includes:

  • Threat detection - Helps you identify high-risk and abnormal usage, and security incidents.

  • Enhanced control - Shapes your Office 365 environment leveraging granular controls and security policies.

  • Discovery and insights - Get enhanced visibility into your Office 365 usage and shadow IT without installing an end point agent.

Threat Detection

Advanced Security Management enables you to set up anomaly detection policies, so you can be alerted to potential breaches of your network. Anomaly detection works by scanning user activities and evaluating their risk against over 70 different indicators, including sign-in failures, administrator activity and inactive accounts. For example, you can be alerted to impossible travel scenarios, such as if a user signs in to the service to check their mail from New York and then two minutes later is downloading a document from SharePoint Online in Tokyo.



Advanced Security Management also leverages behavioral analytics as part of its anomaly detection to assess potentially risky user behavior. It does this by understanding how users typically interact with Office 365, spotting anomalies and giving the anomalous activity a risk score to help IT decide whether to take further action.

Enhanced Control

Advanced Security Management lets you set up activity policies that can track specific activities. With out-of-the-box templates, IT can easily create policies that flag when someone is downloading an unusually large amount of data, has multiple failed sign-in attempts or signs in from a risky IP address. Policies can also be customized to your environment. Using activity filters, IT can look for the location of a user, device type, IP address or if someone is granted admin rights. Alerts can be created to notify an IT lead immediately via email or text message.



Default activity policy templates that are included:

  • Administrative activity from a non-administrative IP address Alert when an admin user performs an administrative activity from an IP address that is not included in a specific IP range category.

  • User logon from a non-categorized IP address Alert when a user logs on from an IP address that is not included in a specific IP range category.

  • Mass download by a single user Alert when a single user performs more than 30 downloads within 5 minutes.

  • Multiple failed user log on attempts to an app Alert when a single user attempts to log on to a single app, and fails more than 10 times within 5 minutes.

  • Logon from a risky IP address Alert when a user logs on from a risky IP address to your sanctioned services. The Risky IP category contains, by default, anonymous proxies and TOR exits point.

After reviewing an alert and investigating a user’s activities, IT may deem that the behavior is risky and want to stop the user from doing anything else. This can be done directly from the alert. Some activities may be deemed so risky that IT may want to immediately suspend the account. To help with this, IT can configure the activity policy so that an account is automatically suspended if that risky activity takes place.

Advanced Security Management also shows which apps are connected to Office 365 in their environment, who is using them and the permissions they have. For example, if a user grants a scheduling application access to their Office 365 calendar data, IT will be able to see the details of the connection and revoke that application’s permissions with one click if they deem it a security risk.

Discovery and Insights

Advanced Security Management also provides an app discovery dashboard that allows IT Pros to visualize your organization’s usage of Office 365 and other productivity cloud services, so you can maximize investments in IT-approved solutions. With the ability to discover about 1,000 applications in categories like collaboration, cloud storage, webmail and others, IT can better determine the extent to which shadow IT is occurring in your organization. Advanced Security Management will also give you details about the top apps in each category. For example, you can see how much data is being sent to OneDrive for Business, Box, Dropbox and other cloud storage providers.



You can do all this without installing anything on device end points. To load the data into the dashboard, all you have to do is take the logs from your network devices and upload them via an easy-to-use interface.

Many organizations allow users to connect apps to Office 365 without IT intervention to help them be more productive. The challenge is that it reduces the visibility and control that IT has over what apps are doing with the data. App Permissions as part of Office 365 Advanced Security Management can help mitigate that risk.

App Permissions provides information to IT about which applications in their network have access to Office 365 data, what permissions they have and which users granted these apps access to their Office 365 accounts.



Based on this information, IT admins can choose to approve the app or revoke its access to Office 365. If they choose to revoke permissions to the app, it will no longer be able to access the information for any of the users in the Office 365 tenant. App Permissions also makes it easy for IT admins to notify users who have installed the application that is going to be banned.

- Office 365: Everything You Wanted to Know - Jan 2017 - Microsoft