It's hard to believe Microsoft Ignite is already a week behind us! While we missed seeing the full team, friends and colleagues in person, we saw Ignite as a great rallying point. Hearing where our partner, Microsoft, and our customers are going was a great opportunity to hone our focus and redouble our efforts to building capabilities that help our customers achieve amazing things.
A huge growth area for WWT in 2020 has been with Microsoft Modern Workplace. Microsoft 365 and the security suite from Microsoft are best of breed across so many technologies, and our customers are asking us to help them take advantage of those solutions.
After hearing what's new and upcoming in Modern Workplace, we can't wait to dig in and help solve some of the toughest collaboration, productivity and security challenges facing our customers!
Our Modern Work architects were watching very closely and a few common threads emerged. Here are some of the most noteworthy.
- Optimizing the collaboration experience, regardless of the location. Home, office or branch, Microsoft wants your users to stay connected via Teams. Mike Davis, Practice Lead - Microsoft Modern Work, explains his excitement in how Microsoft is easing accessibility of room systems, creating branch durability and more.
- Microsoft 365 is enabling (and securing!) your digital transformation. Dwight Priestley, Practice Lead - Microsoft Modern Work, details some of the biggest announcements across M365 productivity and security.
- Unifying the security landscape with Microsoft Defender. Darren Roback, Cloud Platform Architect - Azure/Modern Work, discusses what these announcements mean to securing your identities, endpoints, applications and cloud infrastructure.
Optimizing the collaboration experience, regardless of the location
Mike Davis, Practice Lead - Microsoft Modern Work
Over twenty years ago, I was introduced to the world of collaboration when my construction background landed me a job installing conference room AV systems. Ever since then, I've always had a soft spot for shared collaboration spaces.
The meeting room is where technology meets the end user, and I am a big fan of any feature that creates an intuitive user experience and drives adoption. Therefore, I am excited about some of the Teams room announcements Microsoft made at Ignite this year.
Moving beyond the soft client, Microsoft announced several updates to enhance the user experience in conference rooms and shared spaces. The Microsoft Team Panel is a new product category from Microsoft, allowing the user to view meeting details and room availability status, as well as reserve conference spaces from a panel mounted outside the room. The nearby rooms feature will permit scheduling of other shared spaces from a single panel, and integration with support, concierge and catering services provide an enriched “white glove” experience.
Focusing on a touch-less experience, Microsoft has continued to develop integrated systems to enhance the way conferences are controlled in a post-COVID world. Voice assistance via Cortana integration with Microsoft Team room devices will allow participants to join, leave and add participants, without having to touch a controller.
Room remote integration with the Teams mobile app will extend room control features to a personal smartphone, providing the ability to control the room without having to touch a shared room controller. Wireless casting support on Team rooms, Collaboration Bars and Surface Hubs will deliver the ability to share content on displays without having to physically touch a cable.
In addition to the touch-less experience, new enhancements to room systems with advanced camera technology will enable organizations to adhere to safety guidelines for social distancing by automatically notifying participants if the room is over capacity.
Perhaps the biggest Teams-related announcement to come out of Ignite 2020 is the development of a new survivable branch appliance (SBA). Offered by Microsoft partners Ribbon and AudioCodes, these appliances will run a VM in “Teams Offline Mode” to provide telephony via PSTN in the event of a WAN outage. Future enhancements will enable P2P calling for Teams users at a local site to continue making VOIP calls to each other.
I’m most excited about the announcement of a Teams SBA, as it solves a large gap our customers have been begging for. It provides a path for customers who have been wanting to migrate from Skype for Business to Teams without losing their local site redundancy and brings feature parity on par with other industry heavyweights.
Microsoft 365 is enabling (and securing!) your digital transformation
Dwight Priestley, Practice Lead - Microsoft Modern Work
One key theme coming out of Ignite 2020 is around resilience and how organizations are adopting technology to drive their digital transformation forward. Catherine Boeger, VP of M365 Apps and Endpoint Team, spoke about Microsoft 365 empowering every person and every organization on the planet to achieve more. Let’s take a look at some of the buzz-worthy announcements coming out of the Modern Work practice.
Microsoft continues to lead the pack! Microsoft remains a leader in 5 Gartner Magic Quadrant reports, including:
- Content Services.
- Enterprise Information Archiving.
- Meeting Solutions.
- Unified Communications as a Service.
- Unified Endpoint Management.
Vasu Jakkal shared an updated strategy and vision in security, compliance, and identity.
Customers are increasingly turning their focus towards an end-to-end security strategy using Zero Trust principles, which are tightly integrated for comprehensive protection and seamless user experience.
- Azure Sentinel with XDR capabilities now includes behavioral analytics capabilities to better detect known threats involving anomalous user behavior.
- Starting in October, customers needing to upgrade to an E5 license will be able to leverage savings of up to $1,500, based on a typical 3,500 seat deployment. More information to come on that.
- XDR will now be included in Microsoft Defender. This includes powerful workflows and AI to heal assets.
- Microsoft Defender for Endpoint will now offer complete support for Android and iOS devices (in preview).
- Azure Defender: Delivers a centralized dashboard to determine what cloud resources are protected. This will include not just virtual machines, but also SQL servers including on-premises servers.
- Microsoft has been working with CyberX and will provide integration with Azure Defender for IoT.
- GitHub is working to secure the GitHub pipeline to help build security into applications, so they are protected when first created.
For additional insight, Darren Roback provided a deeper dive on Microsoft Defender, Azure Defender and XDR in his update below.
Many customers are seeking to apply security principles using DLP-based policies. Being able to apply these policies across Exchange, Teams and SharePoint is instrumental in preventing data loss. Common scenarios include the prevention of confidential files from being shared to users outside of the organization, while other users may want to print a document which can be prohibited with a policy setting.
- Microsoft Compliance Manager - GA: It helps to simplify compliance and reduce risks when addressing global standards and regulations. It maps those standards and regulations to use standard IT controls, giving recommended improvement actions while providing a risk-based score.
- 150+ out of the box assessments and the ability to create custom assessments.
Identity is the backbone of strong security posture, as well as productivity, and Microsoft Azure AD is a key component when developing a Zero Trust strategy and is trusted by over 200,000+ organizations.
- Digital identity (private preview): Anyone can own their digital identity.
- Conditional access & identity protection enhancements.
- Deep app integrations for user lifecycle.
- Header-based authentication in Azure AD Application Proxy.
- New application management:
- Predictable cadence & servicing automation.
- Intelligent insights & controls.
- Proactive Office app health & remediation.
Productivity Score (GA October 2020): The Productivity Score provides visibility and insight while showing how an organization works and how the technology used affects how work gets done. It then compares this experience with other organizations. Scores are based on the region, the licenses assigned to users and the company’s industry. The score provides visibility to understand your organization, insights to identify improvements and action to be taken to update skills and systems. The Score Breakdown provides visibility into the following areas:
- Employee experience: Communications, meetings, teamwork, mobility
- Technology experience: Endpoints, network connectivity and Microsoft apps
Roadmapped features include pre- and post-meeting best practices, including the use of pre-meeting agendas and the sending of notes. User-based statics including last meeting date, country, number of meetings attended and if screensharing or video will are be provided. Concentrating on video and screen-sharing features provides excellent insight into how features are being used.
Unifying the security landscape with Microsoft Defender
Darren Roback, Cloud Platform Architect - Microsoft Azure/Modern Work
There were quite a few announcements in the security space, with this one likely being the largest. Microsoft announced that they are unifying their security solutions under a new product called Microsoft Defender, which is inclusive of Microsoft 365 Defender and Azure Defender. The collective suite of technology backs Microsoft's Extended Detection and Response (XDR) capabilities to detect, prevent and respond to threats across identities, endpoints, applications and cloud infrastructure.
Microsoft Threat Protection has been renamed Microsoft 365 Defender, providing XDR capabilities for end-user environments. Microsoft 365 Defender (itself) had a mass of announcements, including:
- Microsoft Defender Advanced Threat Protection has been rebranded as Microsoft Defender for Endpoint and now provides protection for all popular operating systems, including Windows, macOS, iOS (preview) and Android (GA).
- Office 365 Advanced Threat Protection has been rebranded as Microsoft Defender for Office 365 and now includes support for the protection of priority (user) accounts.
- Azure Advanced Threat Protection has been rebranded as Microsoft Defender for Identity to provide visibility and protection into identity services, whether they exist on-premise (Active Directory) or in the cloud (Azure Active Directory).
In addition to updates to Microsoft 365 Defender, Microsoft also announced some updates affecting Azure Cloud, including:
- Azure Security Center's cloud workload protection capabilities have been rebranded as Azure Defender, providing XDR capabilities across Azure and hybrid resources including IaaS VM workloads, databases, containers and leveraging technology acquired through Cyber-X and IoT devices.
- Azure Defender now also supports Azure Arc, allowing Security teams to unify XDR capabilities across clouds and on-premises environments.
- Azure Defender can now serve as a single cloud posture management tool across Azure, AWS and GCP.
- Azure Defender for Kubernetes functionality has been extended to include policy management and admission control. Azure Defender for Container Registries also now supports continuous scanning of image repositories to further reduce the risk when launching new container images.
- Azure Security Center for IoS has been rebranded as Azure Defender for IoS, providing agent-less security for IoT devices.
Microsoft Defender also now integrates with Azure Sentinel for security posture visibility and protection, regardless of where the workload lives. Security operations personnel can leverage custom automation playbooks in Azure Sentinel to respond to threats, while integrating with third-party data sources using built-in connectors. With this latter point, Microsoft also announced new data correlation and behavioral analytics capabilities in Azure Sentinel through the use of third-party data connectors.
In summary, Microsoft 365 Defender now provides protection for:
- Cloud applications.
While Azure Defender now provides protection for:
- Server (IaaS) VMs.
- Azure App Services.
What we like about these announcements is that it is clear that Microsoft is not only expanding XDR capabilities to support all popular operating systems, but also applications and infrastructure that reside across multiple clouds (public and private). With this, it's clear that Microsoft has responded to customer feedback that they need to be able to secure endpoints and infrastructure that reside outside of the traditional Microsoft ecosystem.
Feel free to comment on your favorite announcement below!