Author Archive

Low code app development will be available in Microsoft Teams meetings

Microsoft Teams users will now have access to low code tools through the new Power Apps and Power Virtual Agents apps, the company has said. The coronavirus pandemic has created a situation where individuals are no longer asking, “What is Teams?” and are instead continually looking for the platform to deliver new features.

The added functionality comes with more people working remotely and, as a result, requiring easy access to resources natively within the Teams app.

Businesses will soon be able to collaborate on app development and instantly share their creations with the rest of their organization through the Teams app store.

“The new Power Apps app for Teams allows users to build and deploy custom apps without leaving Teams,” a Microsoft blog explained. “With the simple, embedded graphical app studio, it’s never been easier to build low code apps for teams. You can also harness immediate value from built-in teams app templates like the great ideas or inspections apps, which can be deployed in one click and customized easily.”

I’ve got the power

Using the Power Platform, Microsoft wants customers to build Teams apps that are specific to their business. With the new platform, anyone can build apps, workflows and chatbots regardless of their coding experience.

In addition to Power Apps and Power Virtual Agents, Microsoft has also launched Dataverse for Teams, a new relational datastore that will provide the key business data that organizations need to build new low code apps.

Microsoft knows that it has a battle on its hands to come out on top in the video conference space. Although Teams has seen its user figures rise dramatically since the start of the coronavirus pandemic, so too have its rivals. The addition of native low code app development could provide a key differentiating factor.

With the COVID-19 pandemic showing no signs of abating, migration to the cloud is expected to accelerate as enterprises choose to let someone else worry about their server gear.

In its global IT outlook for 2021 and beyond, IDC predicts the continued migration of enterprise IT equipment out of on-premises data centers and into data centers operated by cloud service providers (such as AWS and Microsoft) and colocation specialists (such as Equinix and Digital Realty).

The research firm expects that by the end of 2021, 80% of enterprises will put a mechanism in place to shift to cloud-centric infrastructure and applications twice as fast as before the pandemic. CIOs must accelerate the transition to a cloud-centric IT model to maintain competitive parity and to make the organization more digitally resilient, the firm said.

“The COVID-19 pandemic highlighted that the ability to rapidly adapt and respond to unplanned/foreseen business disruptions will be a clearer determiner of success in our increasingly digitalized economy,” said Rick Villars, IDC group vice president for worldwide research, in a statement. “A large percentage of a future enterprise’s revenue depends upon the responsiveness, scalability, and resiliency of its infrastructure, applications, and data resources.”

In this new normal, the most important thing enterprises can do is seek opportunities to leverage new technologies to take advantage of competitive/industry disruptions and extend capabilities for business acceleration.

Additional IDC predictions include:

• Edge becomes a top priority: Reactions to changing workforce and operations practices during the pandemic will be the dominant accelerators for 80% of edge-driven investments and business model changes in most industries through 2023.
• The intelligent digital workspace: By 2023, 75% of global 2000 companies will commit to providing technical parity to a workforce that is hybrid by design rather than by circumstance, enabling them to work together separately and in real-time.
• The pandemic’s IT legacy: Through 2023, coping with technical debt accumulated during the pandemic will shadow 70% of CIOs, causing financial stress, inertial drag on IT agility, and “forced march” migrations to the cloud.
• Resiliency is central to the next normal: In 2022, enterprises focused on digital resiliency will adapt to disruption and extend services to respond to new conditions 50% faster than ones fixated on restoring existing business/IT resiliency levels.
• A shift towards autonomous IT operations: Thanks to AI/ML advances in analytics, and emerging cloud ecosystem will be the underlying platform for all IT and business automation initiatives by 2023.
• Opportunistic AI expansion: By 2023, one-quarter of global 2000 companies will acquire at least one AI software start-up to ensure ownership of differentiated skills and IP out of competitive necessity.
• Relationships are under review: By 2024, 80% of enterprises will overhaul relationships with suppliers, providers, and partners to better execute digital strategies.
• Sustainability becomes a factor: By 2025, 90% of global 2000 companies will mandate reusable materials in IT hardware supply chains, carbon neutrality targets for providers’ facilities, and lower energy use as prerequisites for doing business.
• People still matter: Through 2023, half of the enterprises’ hybrid workforce and business automation efforts will be delayed or will fail outright due to underinvestment in building IT/Sec/DevOps teams with the right tools/skills. Enterprises will turn to new ways to find the talent they need

Today we announced that Microsoft Teams reached 115 million daily active users (DAU).* This growth reflects the continued demand for Teams as the lifeline for remote and hybrid work and learning during the pandemic, helping people and organizations in every industry stay agile and resilient in this new era.

A new way to work and learn for a new digital age

When the pandemic first instigated a global shift to remote work, videoconferencing emerged as an immediate solution to work-from-home restrictions. But as the initial era of “remote everything” has given way to durable, hybrid models of work and learning, we’ve entered a new digital age that is completely transforming how we work and learn—today and for the next decade.

To connect, collaborate, and create in this new world of work—whether that be at home or school, in the office or in firstline industries like healthcare and manufacturing—we need an experience that goes so far beyond video meetings or chat alone.

The key to productivity is to move beyond transactional meetings and focus on the flow of work. People don’t just open Teams to join a meeting and then close it when the meeting is over; they work in Teams all day.  It’s a place to exchange ideas, share information, and create human connections. It’s where people work before, during, and after a meeting, and it supports all the different ways people engage and collaborate together. 

Teams brings together meetings, chat, calls, collaboration, third-party apps, and business processes into a single experience, and we are seeing increased usage intensity in Teams as people communicate, collaborate, and co-author content across work, life, and learning.

Powered by Microsoft 365

As much as Teams has transformed work for our customers, it’s really the tip of the iceberg. Because as people work all day in Teams, they also get the full breadth and depth of Microsoft 365, the integrated suite of graph-connected productivity apps and experiences behind the familiar tools we all rely on every day to connect, collaborate, and get work done.

For that reason, daily active usage only tells a portion of the collaboration story; a broader collaboration metric is needed to understand the changing ways in which we work and collaborate. What’s needed now is a metric that demonstrates the breadth of services people use and the new rich and varied ways in which collaboration happens across hybrid work environments. The true measure of collaboration transcends simple videoconferencing or chat-based communications. Our more holistic view takes into account the many ways people and teams engage in the flow of work. In Teams we see meetings, but also small group huddles, chats, calls, document collab, and individual work. And enabling all of it digitally is our vision for collaboration in the new digital age.

So today we’re also sharing a new Microsoft 365 daily collaboration minutes (DCM) metric** defined as the sum of all minute’s people spent in Microsoft 365 apps like Teams, Word, Excel, PowerPoint, Outlook, OneNote, SharePoint, OneDrive, and more. This quarter, Microsoft 365 users around the world generated more than 30 billion collaboration minutes in a single day as people communicated, collaborated, and co-authored content across work, life, and learning. This new metric combines both synchronous and asynchronous collaboration and reflects the changing nature of work. With Teams as a hub, Microsoft 365 brings the power of the cloud to every person, providing them with a secure, integrated experience designed for a new world of work. 

Here’s what some of our customers have to say about Teams and Microsoft 365:

“Everybody was depending on Microsoft Teams as our way of continuing business—both in the classroom and throughout the university community. A product that is responsive to our current and our future needs.”- Dr. Cynthia DeLuca, Associate VP for Innovative Education, University of South Florida (Read more here.) 

“Microsoft technology has been an integral part of NFL operations for several years,” says Michelle McKenna, CIO, NFL. “And with the new challenges ahead of us this season, Microsoft will be instrumental in helping us innovate the best possible experiences for our players, coaches, officials, and fans, through activation like the Fan Mosaic and the Bud Light Showtime cam.” (Read more here.)

“When you move everybody home and you’ve built your network to handle 300 global offices and now you’ve got 20,000 home offices, that broke a lot of stuff—but what it also did was make Microsoft Teams shine.” – Bruce Kurkiewicz, Advanced Technology Account Executive, CDW + Rockwell Automation (Read more here.)

“Understanding where our customers are headed is a big part of how we’re shaping our future. We couldn’t do that without a corresponding digital, agile, and mobile workplace built on Microsoft 365.” – Tom McKee, Chief Information Officer, Kennametal (Read more here.)

“No matter what part of the business we support or where we are located, we use Teams and the rest of the Microsoft 365 platform to best communicate with customers and engage with our associates.” –  Denise Owens, Senior Director of Information Technology for End User Computing at Office Depot (Read more here.)

It’s clear the people need rich tools for all the ways they want to collaborate and communicate in the new world of work—tools that transcend siloed videoconferencing or chat and enable people to stay in the flow of work. Microsoft provides a platform for work, life, and learning that delivers the best collaboration experience to our customers over the long term.

And we are committed to using this unique ability to help unlock human potential for people and organizations everywhere. There’s no doubt that we live in challenging times, and that more challenges lie ahead. But when we provide people with the ability to connect, collaborate, and create from anywhere, there’s no limit to what they can achieve together. 

The events of 2020 have turned most predictions for 2021 on their head. Top trends such as artificial intelligence (AI) and the internet of things (IoT) will still define the ways in which tech reshapes our lives in the next year. However, the most significant use cases now involve helping us to adapt and survive in the changing times we are living through.

No trend is more relevant to this than cloud computing. Cloud is the backbone of the data-driven, app-based tech ecosystem that has been vital in helping us manage this change. Everything from contact tracing to home delivery services, remote medicine, and working (and playing) from home has been revolutionized by cloud services.

Throughout 2021, we can expect to see the rate of this change accelerate as more businesses get to grips with adopting cloud models, and delivery of data from the cloud to our devices becomes more integral to our daily lives. Here are some of the ways in which I can see this playing out over the course of 2021:

1. Multi-cloud approaches will lead to a breakdown of barriers between providers

Currently, the big public cloud providers – Amazon, Microsoft, Google, and so on – take something of a walled garden approach to the services they provide. And why not? Their business model has involved promoting their platforms as one-stop-shops, covering all of an organization’s cloud, data, and compute requirements. In practice, however, industry is increasingly turning to hybrid or multi-cloud environments (see below), with requirements for infrastructure to be deployed across multiple models.

What this means is that there are growing calls for the big providers to create bridges between their platforms. This runs contrary to their business models, which are reliant on an ability to upsell greater cloud capacity as well as additional services as their customers scale. Adopting a more collaborative approach doesn’t just enable customers to take greater advantage of the fast-growing multi-cloud trend, though. It will also benefit organizations needing to share data and access with partners in their supply chain, which may all be working across diverse applications and data standards. This is also a space where we are likely to see growing levels of innovation from startups, creating services that simplify the process of operating between different public cloud platforms.

2. AI will improve the efficiency and speed of cloud computing

As far as cloud goes, AI is a key enabler of several ways in which we can expect technology to adapt to our needs throughout 2021. Cloud-based as-a-service platforms enable users on just about any budget and with any level of skill to access machine learning functions such as image recognition tools, language processing, and recommendation engines. Cloud will continue to allow these revolutionary toolsets to become more widely deployed by enterprises of all sizes and in all fields, leading to increased productivity and efficiency.

Autonomous vehicles, smart city infrastructure, and pandemic response planning are all fields of research where the effects of smarter algorithms delivered through cloud services will be felt. Machine learning also plays a big part in the logistics processes that keep cloud data centers up and running. Cooling systems, networks of hardware, and power usage in these delicate and expensive environments can all be monitored and managed by AI algorithms in order to optimize running efficiency and minimize their impact on the environment. Research and development in this field are likely to continue to lead to new breakthroughs in data center speed and efficiency.

3. Gaming will be increasingly delivered from the cloud, just like music and movies 

Amazon most recently joined the ranks of tech giants and startups offering their own platform for cloud gaming. Just as with music and video streaming before it, cloud gaming promises to revolutionize the way we consume entertainment media by offering instant access to vast libraries of games that can be played for a monthly subscription. During 2020, services were launched by Google, Microsoft, and Nvidia, while Sony’s has been available for several years now. Even though new Xbox and Playstation consoles are being developed, costing around $500, industry experts are predicting that the days when we need to spend hundreds on new hardware every few years to stay at the cutting edge of gaming may be drawing to a close, thanks to the coming-of-age of cloud gaming.

4. Hybrid and on-premise cloud solutions grow in popularity

Choosing between a public, private, or hybrid cloud environment has proved challenging for some organizations. Each route offers advantages and disadvantages when it comes to flexibility, performance, security, and compliance. But as cloud ecosystems have matured, many have found there’s no magic one-size-fits-all solution on the shelves. Hybrid or multi-cloud environments, where users pick and choose the individual elements of service providers’ offerings that suit their needs, have grown in popularity, leading to a situation where those providers have begun to reassess their models of delivery.

Amazon and Google, for example, have traditionally been market leaders that relied on selling their customers space on their public cloud platforms, whereas Microsoft and IBM have been more flexible with enabling users to deploy their cloud tools and technologies across their existing, on-premises networks. Now it seems that these providers have woken up to the need for different platforms and approaches within organizations – perhaps utilizing public cloud to provide content delivery while storing and processing customer data and other controlled information via private or on-premise solutions. There will also be a growing demand for “bare metal” cloud space – raw storage and compute power where businesses can simply “lift and shift” their existing systems into the cloud without having to adapt them to run on pre-installed software or services. The need to consolidate these user requirements will be a driving force behind the direction in which cloud services evolve throughout 2021.

5. More of us will be working on Virtual Cloud Desktops

This is basically where the entire environment of our workstation is delivered as a managed cloud service to our laptop or desktop screen where we work. This means that organizations can take advantage of by-the-hour subscriptions for the time their employees spend working at their machines, eliminating the cost of hardware updates and the need to dispose of redundant technology.

Sometimes known as desktop-as-a-service, this model of computing is offered by Amazon via the Workspaces platform and Microsoft with Windows Virtual Desktop. Google also offers functionality through its Chromebook devices. In practice, this can increase efficiency across a workforce by ensuring everyone is using up-to-date, synchronized technology. It also benefits security as all devices can be managed in a centralized way, rather than having to make sure everyone on the network is following best practice. When people join or leave a company, the cost simply scales up as the number of hours spent using the platform increases or decreases. This flexible functionality means virtual desktop services are likely to become increasingly popular in the coming years.

A hotel software provider has exposed the personal data of millions of guests around the world after misconfiguring an AWS bucket, according to a new report from Website Planet.

The tech site’s security team discovered an exposed cloud database belonging to Spanish developer Prestige Software, whose platform enables hotels to automate their availability on booking websites like Expedia.

The misconfigured S3 bucket contained over 10 million individual log files, dating back to 2013. Website Planet researcher, Mark Holden, warned that the total number of affected individuals could be even greater than this, as some logs contained personally identifiable information (PII) for multiple members of a single booking.

Among the leaked data were full names, email addresses, national ID numbers and the phone numbers of hotel guests. For hundreds of thousands of individuals card booking details including card number, cardholder’s name, CVV and expiration date were also exposed.

Prestige’s Cloud Hospitality platform appears to be used by many of the top online travel agent (OTA) sites out there including Agoda, Expedia, Booking.com and Hotels.com.

Website Planet reached out to AWS directly to disclose the incident, which was fixed the day after. Prestige Software also confirmed to it that it is the owner of the data.

The leaked information could have offered malicious third parties a trove of data to commit identity fraud, launch follow-on phishing attacks and even hijack and change booking details.

As a result, the Spanish developer may face questions from GDPR and PCI DSS investigators over the incident.

“Millions of people were potentially exposed in the data breach, from all over the world. We can’t guarantee that somebody hasn’t already accessed the S3 bucket and stolen the data before we found it,” argued Holden.

“So far, there is no evidence of this happening. However, if it did, there would be enormous implications for the privacy, security and financial wellbeing of those exposed.”

The number of publicly reported data breaches fell in the third quarter of 2020, but billions more records were exposed globally to bring the total this year to 36 billion, according to Risk Based Security.

The security vendor’s 2020 Q3 Data Breach QuickView Report was compiled from human and automated analysis of publicly available reports, FOI requests and news reports.

It claimed 2020 was already the worst year ever recorded, even before the extra 8.3 billion records that were exposed in Q3. However, these figures include not only stolen data but also cloud-based misconfigurations that may imperil information but not result in a malicious actor getting hold of it.

The number of data breach reports in the first three quarters of the year dropped 51% year-on-year to 2953.

The vendor’s executive vice-president, Inga Goddijn, argued that this could be explained by the rise in ransomware attacks. Although these accounted for 21% of reported breaches in the first three quarters, it may be that many more are not being recorded.

“While many of these attacks are now clearly breach events, the nature of the data compromised can give some victim organizations a reprieve from reporting the incident to regulators and the public,” she argued.

“After all, while the compromised data may be sensitive to the target organization, unless it contains a sufficient amount of personal data to trigger a notification obligation, the event can go unreported.”

Elsewhere in the report, healthcare was the sector most affected by breach incidents, accounting for 11.5% of events.

Interestingly, two breaches in Q3 exposed over one billion records each and four breaches exposed over 100 million records. So these six breaches cumulatively accounted for around eight billion exposed records, or over 22% of the total.

The findings chime somewhat with those of the Identity Theft Resource Center, which records publicly reported breaches in the US. It said recently that the volume of those incidents is on track for its lowest figure since 2015.

The US government has been forced to issue an alert to healthcare providers of a major new ransomware campaign that may impair their ability to treat COVID-19 patients.

The joint alert, issued by the FBI and Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Health and Human Services (HHS), claimed that attackers using the Ryuk variant were targeting the sector with TrickBot malware.

Originally designed as a banking Trojan, TrickBot is now one of the most prolific pieces of malware around, offering a suite of functionality for various use cases including crypto-mining and POS data harvesting.

The alert warned of a relatively new Anchor_DNS module added by its authors which helps attackers use DNS tunnelling to keep C&C comms hidden and exfiltrate data seamlessly from high-profile targets. Anchor has already been used by North Korea’s Lazarus Group to steal data from victims.

The Ryuk variant has been around since 2018 and often threat actors deploy off-the-shelf tools such as Cobalt Strike and PowerShell Empire to steal credentials and maintain persistence. They also deploy “living off the land” techniques such as use of PowerShell, Windows Management Instrumentation (WMI), Windows Remote Management, and Remote Desktop Protocol (RDP) to move laterally, the CISA warned.

According to reports, an Eastern European cybercrime gang known as “Wizard Spider” is likely behind this latest campaign, which hit six hospitals in the same day including incidents in Oregon, New York and California. Some patients are apparently being forced to divert to other facilities as a result.

Mandiant CTO, Charles Carmakal, branded the gang, also known as UNC1878, “one of the most brazen, heartless, and disruptive threat actors” he’s ever seen.

“Ransomware attacks on our healthcare system may be the most dangerous cyber security threat we’ve ever seen in the United States. Patients may experience prolonged wait time to receive critical care,” he added.

“Multiple hospitals have already been significantly impacted by Ryuk ransomware and their networks have been taken offline. As hospital capacity becomes more strained by COVID-19, the danger posed by this actor will only increase.”

New data from SonicWall released today claimed that Ryuk now represents a third of all ransomware attacks so far this year, with detections soaring from around 5000 up to Q3 2019 to over 67 million over the past year.

The threat to healthcare is nothing new: Microsoft warned of an uptick in targeted APT-style ransomware attacks during the early days of the COVID-19 crisis.