// archives

Microsoft

This category contains 30 posts

Future Visions – Free download

I like Science Fiction and enjoy reading well thought out future scenarios. If you have similar tastes check out the new website “Future Visions” where you find a link to dowload original science fiction stories inspired by Microsoft. The stories explore prediction science,  quantum computing, real-time translation, machine learning, and more. The contributing authors were inspired by inside access to leading-edge work, including in-person visits to Microsoft’s research labs, to craft new works that predict the near-future of technology and examine its complex relationship to our core humanity.

Best of all – the stories are free to download on Amazon, iBooks and Kobo. Check out the details at

http://news.microsoft.com/futurevisions/

future_visions_machine_learning_web

New choices on cloud data location and welcome Secure Islands!

This week is pretty packed with security relevant Microsoft announcements and here a quick summary.

Satya Nadella was in the UK yesterday and in Germany today where he announced that Microsoft is expanding the cloud strategy in Europe with two new interesting offerings.

Firstly he disclosed yesterday November 10 the plans to offer commercial cloud services from the UK where Azure and Office 365 will be generally available from local UK-based data centers in late 2016 and Dynamics CRM following shortly thereafter. These services will offer customers data residency in the UK. You can read the blog post with more information here.

Secondly, and maybe more interesting from a Swiss perspective, he announced today November 11 plans to offer cloud services from German datacenters. The main difference between the UK announcement and the German one is that the second is using a trustee model. The services offered will comply with the Microsoft trusted cloud principles on security, privacy, control, compliance and transparency but is combined with a German data trustee model. That means concretely that access to customer data stored in the two new datacenters will be under the control of T-Systems which acts as a data trustee and Microsoft will have no access to this data independently. Cloud services will be made available to customers in the EU and the EFTA and roll-out is planned to begin in 2016. With this Microsoft has a new and unique solution for cuttomers in Germany and the wider Europe that want local control of their data. In my view an important next step in the discussion on data location. You can read more on today’s announcement here.

Independently from the two cloud announcements came the confirmation on Monday November 9 that Microsoft is acquiring Secure Islands. There were lately a few security acquisitions but I am especially excited about this one. I was working often with Secure Islands as their technology to protect customer data using Rights Management technology is second to none and widely adopted especially in the Swiss Financial Services Sector but also with other large customers. Microsoft will now integrate Secure Islands’ technology into Azure Rights Management Service to provide a flexible architecture to meet protetion and compliance requirements. Many of you know that I am a great supporter of Rights Management and this will give new possibilities on-premises, hybrid and cloud. Congratulations to Akie and Yuval Eldar who are the founders of Secure Islands and welcome to the Microsoft Family! You can read the announcement with more information here.

 

This weeks top of the news in Cybersecurity (week 42)

Information on Cybersecurity is becoming almost overwhelming. The series on “this weeks top of the news in Cybersecurity” is a collection of a few articles that I found noteworthy throughout the week. Perfect weekend reading to catch up on events if you have missed them!

A Second Snowden Has Leaked a Mother Lode of Drone Docs
Wired

Another leak of classified documents on the use of America’s unmanned vehicles. It is not the first release of sensitive documents (remember Snowden and Chelsea Manning of course) and most likely it will not be the last. Everybody involved in sensitive topics should have a very hard look into their Cybersecurity investments and also put Information Rights Management on the list.

 

CyberAttack Warning After Millions Stolen from UK Bank Accounts  
The Guardian

Law enforcement in the UK, U.S., as well as Interpol, are searching for cyberattackers who have stolen at least £20 million from British bank accounts through the Dridex malware. On the good news side is that with most security products (including Microsoft’s) the malware is detected now and removed.

Additional Information: The United States Computer Emergency Readiness Team (US-CERT) has released an alert to provide further information about the Dridex botnet.

 

Consumer Alert: Debit Card Fraud at Walmart Discovered in 16 States
CSO

There has been an increase in fraudulent purchases made at Walmart, most of which include charges that are US$50 and under. While this is US centric it serves as a warning to check your credit card statement diligently to detect such fraud activities. No credit card is safe today any more.

 

FBI Takes Down Alert on Chip Credit Cards After Bankers Complain
Network World

Wrong priorities in my view for the financial services institutions. A warning from the US Federal Bureau of Investigation (FBI) on October 8, 2015, was removed the next day. The announcement warned that chip-enabled credit cards should only be used with a PIN (personal identification number). The message was removed after there were complaints from banks that issue the credit cards. I know that many banks are very hesitant to talk about fraud and cyberrisks but if we want to make progress in this we need to be more open for information exchange.

 

87% of Android Devices Are Exposed to at Least One Critical Vulnerability
Sophos

The University of Cambridge reports that 87 percent of Android devices are exposed to at least one known critical vulnerability. I know that it is not always easy or even possible to update Android devices but it is crucial to do it as quickly as possible once an update is available. The latest Android version is called Marshmallow right in time for making smores – yumm!

 

Amazon, Google Boost Cloud Security Efforts
eSecurity Planet

Kudos to Amazon and Google as they have announced new features to provide security safeguards on their cloud services. One of the areas where Microsoft’s cloud services are heavily investing and in my view market leaders. It is good to see Amazon and Google investing here too significantly.

This weeks top of the news

Information on Cybersecurity is becoming almost overwhelming. Here you will find a few articles that I found noteworthy during last week. Happy reading!

Microsoft Renews InformationSharing Partnership with NATO
PCWorld

A bit on what we are doing providing transparency to our customers and partners. Microsoft and NATO (North Atlantic Treaty Organization) have agreed to renew their partnership where NATO receives access to source code for key Microsoft products including Windows and Office, information about Microsoft’s cloud services, and intelligence about cybersecurity threats.

 

China Tries to Extract Pledge of Compliance from U.S. Tech Firms
The New York Times

A worrysome but not really surprising push. The Chinese government is asking some tech firms to pledge their commitment to policies that could require them to turn over user data and intellectual property.

 

White House Urged to Support Encryption
SC Magazine

I believe encryption is one of the main ways to keep our data secured also in the future. Unfortunately many governments see it more as a threat. US President Obama reportedly is being urged to support encryption and shun legislation that would force companies to unlock customers’ smartphones and apps when presented with a court order. This raises the question what they then do if they actually don’t hold the encryption keys and cannot unlock them?

Related reading: Obama Advisors: Encryption Backdoors Would Hurt Cybersecurity, Net Infrastructure Vendors.

 

Vodafone Australia Admits to Hacking Journalist’s Phone in Public Statement
Neowin

This was a disapointing article. Vodafone has admitted that it improperly accessed the phone of a reporter — who was writing an article about the online accessibility of personal information of millions of Vodafone customers — in an effort to find the reporter’s source.

 

GM Took 5 Years to Fix a FullTakeover Hack in Millions of OnStar Cars
Wired

As you can see I like Wired a lot. University researchers in 2010 privately disclosed their ability to hack into a car to the US National Highway Traffic and Safety Administration and also shared their exploit code with General Motors. However, the vulnerability was not patched until 2015. Vulnerabilities will continue existing but the key is to address them swiftly once they are discovered. 5 years is NOT swiftly! Google 90 days disclosure policywith exceptions if it is highly complicated.

Related reading: Automakers Asked to Explain CyberSecurity Protections, Your ‘Check Security’ Light Is on, and Intel Sets Up Talking Shop to Improve Automotive Security.

RSA 2015 – Microsoft Key Announcements in Security

 

The US RSA conference is probably the world’s leading security conference with about 30’000 participants and took place last week in San Francisco. Scott Charney, Microsoft’s CVP Trustworthy Computing, gave a noteworthy keynote on Enhancing Cloud Trust that can be watched here. It is well worth the time.

The announcements made by us and the presence that Microsoft had at the conference was impressive. The main theme was very clearly that we truly live in a mobile first, cloud first world and that with the explosion of devices and apps come new challenges. Security has been a top priority for Microsoft for a long time already and Microsoft is committed to providing customers with transparency and control over their data in the cloud. Here are the highlights that we announced:

  • New Security & Compliance signals and activity log APIs so that customers can access enhanced activity logs of user, admin and policy related actions through the new Office365 Management Activity API.
  • New customer Lockbox for O365 that brings the customer into the approval workflow if one of our service engineers would have to troubleshoot an issue that requires elevated access. With the customer lockbox the customer has the control to approve or reject that request.
  • Device guard is the evolution of our malware protection offering for Windows 10 and brings a new capability to completely lock down the Windows desktop such that it is incapable of running anything other than trusted apps on the machine.
  • Increasing levels of encryption where O365 will implement content level encryption for e-mail in addition to the BitLocker encryption we offer today (similar to OneDrive for Business’ per-file encryption). In addition we expect enabling the ability for customers to require Microsoft to use customer generated and controlled encryption keys to encrypt their content at rest.
  • Microsoft Passport is a new two factor authentication designed to help consumers and businesses securely log-in to applications, enterprise content and online experiences without a password.
  • Windows Hello which will provide that Microsoft Passport can be unlocked using biometric sensors on devices that support that (most notably iris and face unlock feature in addition to fingerprint).
  • Azure Key Vault which helps customers safeguard and control keys and secrets using FIPS 140-2 Level 2 certified Hardware Security Modules in the cloud with ease and at cloud scale and provides enhanced data protection and compliance and control.
  • New Virtual appliances in Azure where we work with industry leaders to enable a variety of appliances so that customers have greater flexibility in building applications and enabling among others network security appliances in Azure.
  • Enterprise Mobility where we have the Enterprise Mobility Suite (EMS) bringing customers enterprise grade cloud identity and access management, mobile device management and mobile app management and data protection (Reto’s comment: not new but worthy to call out having grown our install base by 6x just in the last year)

More information can be found on Scott Charney’s blog on “Enabling greater transparency and control” that also has further links to more in-detail information on the individual technologies mentioned above.

Security Webinars on Cloud Resilience and Addressing Modern Cyberthreats

Security Webinar I recently gave two live webinars as part of a security webinar series of Microsoft Switzerland where I covered aspects of cloud resilience and achieving resilience against modern cyberthreats. The webinars are in German and if you are interested you can get access to the recording below.

 

 

 

Webinar 1: Schutz vor Gefahren aus dem Cyberspace
Die heutigen Gefahren aus dem Cyberspace sind immer grösser, Angriffe werden immer ausgefeilter, die Hacker selbst immer professioneller. Traditionelle Schutzmechanismen, wie beispielsweise Virenschutzprogramme und Firewalls, sind angesichts der neuen Entwicklungen nicht mehr ausreichend. Erfahren Sie in diesem Webinar alles über die Vorteile eines dynamischen Sicherheitskonzepts, das Ihre IT-Landschaft basierend auf den Prinzipien Protect – Detect – Respond effektiv vor modernen Cybergefahren schützen kann und für hohe Resilienz sorgt. Das Webinar ist hier verfügbar.

Webinar 2: Resilienz und Cloud Computing
Cloud Computing verändert und beschleunigt die Arbeitswelt; standardisierte Services aus der «Rechenzentrumswolke» entlasten Unternehmen von Investitionen in eigene, teure Server-Infrastrukturen. Dennoch bestehen grosse Vorbehalte hinsichtlich Verfügbarkeit, Sicherheit und Datenschutz – speziell in einem Umfeld, in dem Gefahren durch kriminelle Aktivitäten lauern und NSA-/PRISM-Aktivitäten für Rechtsunsicherheit sorgen. In diesem Webinar dreht sich daher alles um Fragen wie Resilienz mit der Cloud, Resilienz in der Cloud oder Resilienz trotz der Cloud. Das Webinar ist hier verfügbar

Productivity Future Vision

 

I believe strongly that today we only see a fraction of the possibilities how we will be working in the future. New technologies are becoming more personal, bring people together, enable us to live smarter and help us expressing our creativity better.

With the productivity future vision Microsoft looks 5-10 years into the future and puts together a fascinating picture on how we learn, work and collaborate all focused around productivity. It might look far fetched but if you see what Hololens and Surface Hub already enable (and they are just around the corner) then it might in fact not be the so distant future.

or a even nicer way to look at it is on the website with additional information. Enjoy the inspiration!

On Lenovo’s “Superfish” and how to remove it

I am quite a fan of Lenovo devices mostly still from the time where they were IBM ThinkPads. However, when the discussion started on the “Superfish” adware they put onto some Lenovo devices I took a mental step back and asked myself how a company that develops and sells plenty of business devices could make such a bad decision.

There are some good descriptions on what “Superfish” does so I will not repeat that in detail. In the end it seems that the adware hijacks encrypted web sessions and it seems that it may make users vulnerable to https man -in-the-middle attacks that are simple for attackers to exploit. If you are interested in knowing more I recommend that you read the Arstechnica article on that topic.

Lenovo was slow to pick-up on this topic although by now they reacted and the Lenovo CTO said in an interview with the Wall Street Journal that  “we didn’t do enough” due diligence before installing Superfish, but that the company doesn’t believe laptop owners were harmed by the app”. You can read here the full article on the WSJ blog.

Another interesting question on why Lenovo pre-loads any software and here is his response: Hortensius: In general, we get pretty good feedback from users on what software we pre-install on computers. What we’re going to do in the next few weeks is dig deeper, and work with users, industry experts and others to see how we can improve what we do around software that comes installed on consumers’ computers. The outcome could be a clearer description of what software is on a user’s machine, and why it’s there.” It seems that I am clearly not their targeted audience if they say such things. When I get a new computer the first thing I do is to newly install Windows from scratch and with that get rid of any bloatware and adware that might be on there. Then install the necessary drivers (not many any more – Windows 8.1 or 10 is in the majority of cases (if not all) taking care of that) and apply all updates and the computer is running faster, more stable and the disk has quite some more space in most cases than before.

So what to do now if you have a Lenovo computer and are not sure if Superfish runs on there or you know and want to remove it? One way to address this is to run Microsoft’s security software which will detect and remove the Superfish software from the Lenovo device. If you have Windowws 8 or 8.1 on your computer Windows Defender is installed by default so you only need to let it update itself. If you have an older version of Windows you might already have the Security Essentials installed where the same applies to. And if you are not sure check out the website on our free security software that you can download and that will take care of Superfish.

Security Snippets: February Reading Nr. 1

 

The security snippets series highlights some articles that I read recently. I hope they help in keeping up with the raise of security incidents and trends which becomes more and more difficult with the increasing professionalism of cyber attacks.

 

Bank Hackers Steal Millions via Malware
as read in the New York Times

The New York Times writes based on Kaperski information that a group of attackers impersonated bank officers and took over cash machines and transferred millions of dollars from more than 100 banks in Russia, Japan, Switzerland, the United States, and the Netherlands into fake accounts set up in other countries. This brings a new scale to Cybercrime.

 

Evolution and Adaptation in the Security Jungle
as read in Threatpost

 Enterprise security teams need to catch up on understanding the methods that modern attackers use. The article on Threatpost does a good job at giving an overview. Active defense is crucial in that aspect and I described that with the protect, detect, response framework also in my whitepaper on achieving resilience against modern cyberthreats.

 

Visa Wants to Track Your Smartphone to Prevent Credit Card Fraud
as read in the Hacker News

It seems that Visa plans to release a new location-based feature that will help cardholders update their location via smartphone. With credit card fraud still on the raise that could be a good way to fight that. I just hope that it will be clear to the user that another service performs location tracking.

 

PlugX Is RAT of Choice for Nation States 
as read in eSecurity Planet

The “2014 CrowdStrike Global Threat Intel” report finds that the PlugX Remote Access Tool (RAT) is the most observed malware variant used by nation-state backed threat adversaries. I don’t think that this is necessarily so clear as in my view many nation states have more customized and elaborate capabilities but it shows how far such tools have come.

 

One Billion Data Records Compromised in 2014 Worldwide
as read in Softpedia

The article writes about a report from the Breach Level Index (BLI) which finds a 49 percent increase in data breaches and a 78 percent increase in number of records that were stolen or lost in 2014. While the absolute number might be even higher the massive increase is something that we observe as well.

 

Microsoft Achieves Globally Recognized ISO/IEC 27018 Privacy Standard
as read in the Microsoft Cyber Trust Blog

This more on privacy and trust than security although that also plays an important aspect. Microsoft on February 16, 2015, obtained the ISO/IEC 27018 privacy standard for Microsoft Azure, Office 365, and Dynamics CRM Online. Brad Smith’s blog has more information on that and is worthwhile reading in my view.

 

How to Keep Your Webcam Safe from Hackers [Video]
as read in We Live Security

If you follow the link you will see a video that covers five tips to prevent someone from spying on you through your webcam. Something becoming more important after an anonymous website began posting live streams of the world’s unprotected webcams.

 

 

Whitepaper: Achieving resilience against modern cyberthreats

Whitepaper

Whitepaper

I have written the whitepaper “Achieving resilience against modern cyberthreats” and looking at how the intensity of cyberattacks is again on the raise it is getting more important to implement a dynamic security framework.

As our use of mobile computing and social media technologies grows, so does our exposure to risk. On the one hand, the widespread adoption of new mobile, social media, cloud services and big data technologies creates unprecedented opportunities for productivity and flexibility. Yet without the right defenses in place, they can also open us to new kinds of vulnerabilities, as attacks that target devices operating outside the enterprise perimeter are quickly growing in volume and sophistication.

Passive protection is no longer sufficient for ensuring the security of information and IT infrastructures. My new Microsoft white paper, Achieving resilience against modern cyberthreats, explores the ways that governments and enterprises can protect their valuable information by creating a holistic security strategy, built on risk management, to achieve resilience against in an era of constant targeted attacks and determined adversaries.

The paper explores Microsoft’s holistic “Protect, Detect and Respond” approach to security strategy, including key principles for organizations, the importance of trustworthy cloud services, and the steps to take for securing an IT infrastructure in today’s threat landscape. This proactive strategy requires that an organization understand its assets and its exposure, and apply appropriate protection throughout the entire IT ecosystem in a continuous process. It also recognizes that enterprises must manage their inevitable risk – absolute security is not possible, so organizations must go beyond just protecting resources and also establish processes for detecting, responding and recovering from incidents when they occur.

If you are interested see my complet blog post, Achieving resilience against modern cyberthreats at Microsoft on Safety and Defense.

About the Author

Reto is partner at PwC Switzerland. He is leading the Cybersecurity practice and is member of PwC Digital Services leadership Team. He has over 15 years work experience in an information security and risk focused IT environment. Prior to working at PwC he was Microsoft's Chief Security Officer for Western Europe and also has work experience as group CIO, Chief Risk Officer, Technical Director and Program Manager.

more about me and contact info

Translate

Chinese (Simplified)EnglishFrenchGermanItalianPortugueseRussianSpanish

replica Rolex