Beyond Office: Maximizing and Securing your investments with Office 365

Beyond Office: Maximizing and Securing your investments with Office 365

Are you Maximizing your Office 365 Investment? How about Securing Your Corporate Data?

So your business has invested (or is looking to invest) in Office 365, you’ve made sure that every user has a subscription and everyone is fairly happy using all the familiar office apps like Word, Excel and PowerPoint.  This however is only scratching the surface of your investment in Office 365, there is much more to office 365 then the office suite. 

Microsoft Office 365 is a cloud-based subscription service that provides users with access to a suite of Microsoft Office applications, including Word, Excel, PowerPoint, and Outlook, as well as other productivity tools and services such as OneDrive, SharePoint, and Teams.

One of the main benefits of Office 365 for businesses is that it enables remote collaboration and productivity. With the cloud-based platform, employees can work on documents simultaneously from different locations and devices, which improves productivity and teamwork. Additionally, the service allows for easy sharing of files and documents, as well as real-time editing and commenting, which can save time and reduce errors.


Another advantage of Office 365 is that it provides businesses with a flexible and scalable solution. Companies can choose the subscription plan that best fits their needs, and easily add or remove users as their workforce changes. This means that businesses can avoid investing in expensive software licenses and hardware upgrades, and can instead rely on a cost-effective, pay-as-you-go model.


Office 365 also offers enhanced security and compliance features, including data encryption, multi-factor authentication, and compliance with industry regulations such as HIPAA and GDPR. This can provide peace of mind for businesses that handle sensitive data or operate in heavily-regulated industries.
Finally, Office 365 is designed to integrate with other Microsoft tools and services, such as Dynamics 365 and Power Platform, which can further enhance productivity and business processes.

Learn first-hand from our experts from Microsoft on how you can maximize your investment into office 365 as we take a look at some lesser used applications from the suite.  We’ll also be briefly be discussing one of the new security aspects in Office 365, Azure Information Protection (AIP), which will help you complete your DLP requirements in this age of digital transformation.

Get in touch with us at 893-9515 to learn how you and your company can register for this upcoming workshop!

Security Advisory: Microsoft Alerts Customers to Patch BlueKeep Vulnerability ASAP

Security Advisory: Microsoft Alerts Customers to Patch BlueKeep Vulnerability ASAP

In case you didn’t hear, another big vulnerability was reported by Microsoft on May 14, 2019 known as “BlueKeep” which takes advantage vulnerabilities of Remote Desktop Services (RDS), Remote Code Execution (RCE), and Remote Desktop Protocol (RDP).  However, BlueKeep only affects older version of Windows, so users of Windows 10 and 8 can rest easy.  The severity of the vulnerability though has forced the hand of Microsoft and they have actually made and released a security patch for its unsupported versions.  They have classified this vulnerability as a critical level threat.

This is why as of June 4, 2019, Microsoft once again urged its customers to apply the patch as soon as possible as more than 1 million devices are still vulnerable to the attack.  This is to avoid another widescale malware attacks like those of the WannaCry ransomware attack back in 2017.  Many companies were affected by the attack and caused many business operations to stop, more notably hospital operations.

What can you do to avoid being affected?

Microsoft has already provided the solution to BlueKeep, make sure you download the latest security patch for your corresponding OS (you can find the patches here).  You may need to reboot your servers to ensure the patch is running properly.

For those who are Trend Micro users, specifically those who use Deep Security, if you are unable to apply the patch due to other reasons, such as being unable to reboot your servers, please make sure that you apply the correct policy for the virtual patching of Deep Security to ensure the security of your servers.  Below is the Deep Packet Inspection (DPI) rule:

  • 1009749 – Microsoft Windows Remote Desktop Services Remote Code Execution Vulnerability

You can view the official Trend Micro article on it here.

For those who are looking into a longer-term solution, you can consider solutions such as Citrix Gateway and Virtual Apps to secure your remote connections to Windows servers.

To learn more about these solutions, you can contact us at 893-9515 and we will help introduce you to different options that you have to help prevent these kinds of vulnerabilities!

Microsoft Office 365: Taking a look at MyAnalytics

Microsoft Office 365: Taking a look at MyAnalytics

As an Office 365 user, you are given a plethora of apps to help make many day to day tasks simpler and easier.  However, most of us are guilty of not making full use of these applications and this is due to not really knowing what they are or knowing how it could help the organization.  We usually just use familiar apps such as the office products and email since these are the apps that we are familiar with, however there are lesser known apps that come with Office 365 that can be just as helpful.  One of such apps would be the MyAnalytics.

MyAnalytics helps you track the time you spend on activities throughout your work days, meaning you find out which activities are consuming your time the most or even who you usually spend time with during meetings.  If you’re wondering how it gets all this data, MyAnalytics is synched with your calendar and email.  The data is also placed in an easy to read dashboard so there is no worry for you not to be able to make use of the data it provides you.

For a better understanding, below is a few key sections of the app that you will use:

Your Time Overview

Gives you an overview of how much time you are spending on certain activities such as meeting hours, email hours, focus hours, and after hours work.

Network

This section shows you the data of the people you work with such as your top collaborators.  You can even include certain people in your organization to see how well you communicate with them (please not that only you will see this and not the other party).

Meetings

This section shows you how long you spend in meetings and your habits during meetings such as multitasking during meetings (yes emailing during meetings are considered a bad habit).

Email

This section breaks down the time you spend on emails and how you and others interact with the emails, this includes how long it usually takes you to reply to an email.  Take note that there is actually an add-in for MyAnalytics (included in the license) that can help give you more insight into emails directly within Outlook.

Focus Hours

This section shows you how much time you have to “focus”.  These “focus hours” are defined by Microsoft as at least two consecutive hours without a meeting.  However, it can’t really keep track of all the other small distractions that we encounter throughout the day, so you can usually think of this portion instead as how long can I potential do work rather than being focused.

After Hours

This shows you much time you spent working after hours. After hours work includes meetings and emails outside your defined working day. If work/life balance is important to you, this can be a real eye opener about how much you’re actually doing outside the office.


To learn more about Microsoft Office 365 applications or MyAnalytics, you may visit our product page or contact us at 893-9515.

Security Advisory: Vulnerabilities found on DHCP and Microsoft Exchange

Security Advisory: Vulnerabilities found on DHCP and Microsoft Exchange

Microsoft released patches for vulnerabilities that were actively being exploited via their regular security release on the last few months of 2018. They released 49 security patches and two advisories for 2019, seven were vulnerabilities rated as critical while 40 were important.

The highlight of these vulnerabilities is regarding to Windows DHCP Client (CVE-2019-0547), this allows a hacker to send commands on a machine by issuing DHCP responses. Alarmingly, most machines have DHCP client enabled across all windows operating systems, therefore applying this patch is a must. Another notable vulnerability is in the Microsoft Exchange software (CVE-2019-0586), this vulnerability could allow hackers to execute code as the system users and potentially can perform various tasks such as view, change, or delete data and even create new accounts.

Luckily for Trend Micro Customers specifically for Deep Security and Tipping point customers, Trend Micro has released virtual patch rules to protect you on those vulnerabilities immediately. While testing on the security patches released by Microsoft, Trend Micro customers can first apply virtual patch rules to eliminate exposure against possible attacks.  Please see below for the recommended virtual patches:

Trend Micro Deep Security and Vulnerability Protection recommended virtual patch rules are as follows:

  • 1009452-Microsoft Windows COM Elevation Of Privilege Vulnerability (CVE-2018-8550)
  • 1009462-Microsoft Edge Elevation Of Privilege Vulnerability (CVE-2019-0566)
  • 1009463-Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0539)
  • 1009464-Microsoft Internet Explorer Remote Code Execution Vulnerability (CVE-2019-0541)
  • 1009465-Microsoft Edge Memory Corruption Vulnerability (CVE-2019-0565)
  • 1009466-Microsoft Windows Multiple Security Vulnerabilities (Jan-2019) – 2
  • 1009468-Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0567)
  • 1009469-Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0568)

Trend Micro Tipping Point MainlineDV filters to be applied are as follows:

  • 33921: ZDI-CAN-7385: Zero Day Initiative Vulnerability (Microsoft Windows)
  • 33927: HTTP: Microsoft Edge Type Confusion Vulnerability
  • 33928: HTTP: Microsoft Edge Session Boundary Memory Corruption Vulnerability
  • 33929: HTTP: Microsoft Edge Type Confusion Vulnerability
  • 33930: HTTP: Microsoft Edge Use-After-Free Vulnerability
  • 33931: HTTP: Microsoft Windows Kernel Information Disclosure Vulnerability
  • 33948: HTTP: Microsoft Edge Type Confusion Vulnerability
  • 33949: HTTP: Microsoft Internet Explorer ProgId Code Execution Vulnerability

If you have any further inquiries with regards to these vulnerabilities with Trend Micro or as a non-Trend Micro user, contact us at 893-9515 and we would be happy to answer your inquiries!

CT Link Partners with Kaisa for a “Train the Trainer” Program!

CT Link Partners with Kaisa for a “Train the Trainer” Program!

As part of CT Link Systems efforts to give back to the community, we have teamed up with Kaisa Heritage foundation, a non-profit organization advocating Filipino-Chinese cultural and community development, to set up a Corporate Social Responsibility (CSR) program in which computer equipment was donated and sessions are being conducted to help the literacy of computer applications of the attendees.

There were many directions in which the program was headed during inception, however we decided that the best way to give back to the community was through sharing our knowledge that we have gained throughout the years.  The “Train the Trainer” program to expand the trainee’s computer competency, focused mainly on Microsoft Office 365 applications.  Our aim for the training sessions is to help improve the productivity of teachers who more often then not, use the Office 365 in their day to day life.  Another objective of ours was to introduce to them useful collaboration features in Office 365 that they may not be aware of due to the monotonous use of the traditional Microsoft Office suite.

Through the help of Kaisa Foundation, we were able to also partner with different educational organizations such as The Teachers Gallery, a non-profit organization that aims to offer learning opportunities related to inclusive education to both teachers and the broader education community, and AiHu Foundation, a non-profit organization promoting computer education for out-of-school youths.  These organizations provided the program with all of our participating teachers while our employee volunteers acted as the teachers and facilitators for the program.  Sharing the knowledge and skills through this training program has never been more rewarding for our employee volunteers knowing that what they shared will stream down to the teachers’ students.

As part of the CSR program, Kaisa has received 8 units of HP 280MT Desktops with Microsoft Windows 10 OS and HP N223v monitors.  Besides the computer equipment, other necessities were donated to the Angelo King Heritage Center to ensure that the CSR program would be able to be help in Kaisa such as Microsoft Office 365 (Business premium) subscriptions, Cisco Meraki MX64 firewall, Datto AP60 access point devices, 3COM PoE switch, and an internet subscription from Converge.  This was all made possible by the generous help from our vendor partners from HP Inc., Cisco and Microsoft who have helped us through the program.

 

 

Office 365 Update to Help Protect you from Macro Based Malware

Office 365 Update to Help Protect you from Macro Based Malware

We are now in an era where it’s hard not to make use of new technologies such as Cloud Storage.  With your data available anywhere you are through the connection of the internet, this has helped many businesses become more flexible in their operations.  However, we are always skeptical on how safe our data is since our data is stored somewhere we do not know and if these locations are secure from cyber criminals.

Now if you are an Office 365 user, you can rest easy as they have just recently announced that they are now integrating their Antimalware Scan Interface (AMSI) to the app!  AMSI was integrated to Office 365 as a way to help improve security against attacks that make use of malicious macros and scripts that target office documents by detecting them early on or by stopping them from executing.  Below is a quote from the Microsoft Security Team for their reasoning in bulking up security against macro attacks:

“Macro-based threats have always been a prevalent entry point for malware, but we have observed a resurgence in recent years. Continuous improvements in platform and application security have led to the decline of software exploits, and attackers have found a viable alternative infection vector in social engineering attacks that abuse functionalities like VBA macros.”  

If AMSI is familiar to you, it might be because it isn’t something new as it was already being used by Microsoft as early as 2015 when they announced that Powershell adopted it as well for security purposes.  To give a background on AMSI, it is an open interface available on Windows 10 for applications to request, at runtime, a synchronous scan of a memory buffer by an installed antivirus or security solution. Any application can interface with AMSI and request a scan for any data that may be untrusted or suspicious.

If you want a more in depth read on how AMSI is helping protect you from attacks, you can read the original blog post from the security team here or you can contact us at 893 9515 and we will be happy to help you!

Protect Your Critical Data with Known Folder Move!

Protect Your Critical Data with Known Folder Move!

Data is usually rank #1 when asked of users in importance of their endpoints.  So, it is always somewhat strange that when asked if they keep a back up of their files, the answer is usually no.  Data is usually taken for granted by end-users, sometimes event saving them in improper places such as their desktop rather than specific folders.  So, when the time comes that an unforeseen event causes the user to lose their data is when they try all means to retrieve it when all it took was a few clicks to ensure their data was safe.

Knowing this, Microsoft has taken its one drive saving functions event further with Known Folder Move (KFM).  Below is Microsoft’s description of KFM:

Known folders are global pointers in Windows representing a location on the user’s drive. They help users to organize their most important files and access them across different applications. KFM helps you move your docs, desktop, and pictures into OneDrive. Even the Screenshots and Camera Roll folders are included when the Picture folder has opted into KFM.

KFM can help users back up their data by seamlessly integrating into the most commonly used folders (Desktop, Documents, and Pictures) or by using assigned folders set by the end user.  There are now indicators that will tell you whether your folders are in sync with OneDrive or if the data is only in the PC.

Cloud icon represents data is saved on the cloud, while the green check mark means the data can be found on both the PC and OneDrive.

Another feature that will greatly help businesses encourage their users to protect their data with OneDrive would be the feature to “set up protection for important folders”.  With this feature, users will receive a pop-up window reminding them to set up their protected folders which will be synced to OneDrive, if users decide to do it at another time, the pop-up window comes back at a later period but as a smaller window compared to the first one.  This is to ensure that the reminders are not intrusive or distracting to the end user.

To learn more about KFM and OneDrive, you may contact us at 893-9515 and we will be happy to help you with any of your inquiries!

Microsoft To-Do adds New Features Steps and List Sharing

Microsoft To-Do adds New Features Steps and List Sharing

It’s now been over a year since Microsoft has released To-Do, it’s intelligent task management app which was developed by the team behind wunderlist.  With it being integrated with Office 365, the team has been collecting a multitude of feedback from users and have now released them in a couple of updates throughout this year.

One of these updates would be Steps which allows you to create sub-tasks to your main tasks to help break it down to smaller actionable items to help you focus on finishing the said task.  The number of steps will be displayed on the task to help productivity so that you know how far you are in that specific task.

 

Another update which was just recently announced was the feature of List Sharing.  List Sharing allows you to share your To-Do list with others so that collaboration will be easier as others may see your progress on your tasks or update it as tasks or Steps are accomplished.  This can be done through sharing a link to the ones you want to share your list with and once you are finished collaborating with whomever you are working with while still retaining the option to stop sharing it.  Microsoft says that this update will be available for most Office 365 users by mid June.

To learn more about To-Do on Office 365, you may contact us at 893-9515 so we can better help answer your inquiries!

About Office 365
Microsoft Teams is a communication and collaboration platform designed for businesses and organizations. It allows team members to communicate with each other through chat, audio and video calls, and meetings. Microsoft Teams integrates with other Microsoft services, such as Office 365, SharePoint, and OneDrive, providing a seamless experience for team members to share files and work together on projects.

In addition to real-time communication, Microsoft Teams offers a range of tools for project management, task assignments, and file sharing. It also allows users to customize their workspace with third-party apps and bots, making it a versatile platform for teams of all sizes and industries. Microsoft Teams can be accessed through desktop and mobile apps, as well as through a web browser, making it easy for team members to stay connected and productive from anywhere.

HPE Announces SimpliVity Support for Microsoft Hyper-V and SimpliVity Workspaces for Citrix

May 8, 2018 – Hewlett Packard Enterprise (HPE) announced that HPE SimpliVity 380 would now be able to run with Microsoft Hyper-V and they have partnered with Citrix to be a Citrix Workspace Appliance Partner.  With these new offerings, HPE hopes to enhance its ability to provide high-performance virtual applications and desktops ensuring a faster and easier way to deliver secure digital workspaces in today’s hybrid cloud environment while also increasing its customer’s hypervisor options.

HPE SimpliVity 380 with Microsoft Hyper-V offers businesses with an easier IT infrastructure solution which simplifies the data center by converging servers, storage and storage networking into one simple to manage, software-defined platform so that businesses will not be limited by the legacy IT infrastructure which cannot make use of the current IT environment.

This has resulted in an increased business agility and economics in the cloud in an on-premise solution.  With the pre-integrated, all-flash, hyperconverged building block simplifies IT by combining all infrastructure and advanced data services for virtualized workloads – this includes VM-centric management and mobility, data protection and guaranteed data efficiency.

The latest HPE SimpliVity 380 with Microsoft Hyper-V solution offers HPE SimpliVity customers the following core benefits:

Enables VM centric management and mobility

HPE SimpliVity hyperconvergence enables policy-based, VM-centric management abstracted from the underlying hardware to simplify day-to-day operations. VMware customers benefit from this core value with 95% seeing value and IT simplification. Now Microsoft Hyper-V customers can achieve the same benefit.

Data protection

Customers now have access to a hyperconverged solution with full-featured, built-in backup and recovery at no additional cost. These data protection features include the resilience, built-in backup, and bandwidth-efficient replication needed to ensure the highest levels of data integrity and availability, eliminating the need for legacy data protection.

Data efficiency

Efficiency is delivered by powerful built-in data services including in-line deduplication and compression and novel data architecture to speed business continuity and enable workload mobility. Guaranteed data efficiency saves 90 percent capacity across storage and backup combined and the benefits include slashing recovery point objectives (RPOs) and recovery time objectives (RTOs) from days or hours to seconds, with a guaranteed 60-second restore for a 1 TB VM.

Besides the Hyper-V partnership with Microsoft, HPE has also partnered with Citrix with a collaboration between the two on a solution portfolio integration, which includes the new HPE SimpliVity 380 with Microsoft Hyper-V, in the Citrix HCI Workspace Appliance Program.  So that the customers don’t have to create their own solutions to deliver their virtualized application and desktops, the HPE and Citrix solution is already pre-integrated and pre-tested in the SimpliVity appliance.  Customers will also find that the appliance program will make it easier to deliver new workspace solutions while being managed seamlessly with Citrix during the course of its lifecycle.  Thus creating a new standard for customers to easily deploy their digital workspaces with multi hypervisor, multi-cloud flexibility resulting in truly a top-class digital collaboration and borderless, productive workplace.

To learn more about these partnerships, you may find the original article here or you may contact us directly at 893-9515 and we will be happy to answer your inquiries!

Microsoft Azure: an Affordable and Flexible Infrastructure in the Cloud

Microsoft Azure: an Affordable and Flexible Infrastructure in the Cloud

Getting a business started from scratch can be difficult, then adding into the equation of your internal infrastructure?  Now that can be a real challenge for some, even daunting.  Not knowing exactly what specifications you would need at first for servers can be costly, though this can’t be helped as requirements can be grow as you are already in the process of operating.  Due to this reason, many have started to use the services of IaaS (infrastructure as a service) providers such as Microsoft Azure.

Elasticity is one characteristic of cloud computing and its biggest benefits.  This means that you can either stretch or shrink your cloud service usage at any given time to better fit the needs of your IT workloads.  You will be able to seamlessly add or remove virtual servers, storage, network services while paying only for what you use.  This benefit is more prominent when you are heavily using applications where work can be divided among multiple identical applications or services running on different machines.

One of its features, Azure Virtual Machine Scale Sets (scale sets for short), is an identical pool of virtual machines running an application you control.  Azure has tools for you in which you can build or configure the Virtual Machines (VM) the way you want it and also taking control of how many you have at any time.  With scale set, you can have an on-demand fleet of VMs doing whatever work needs to be done but will grow or lessen whenever you need it to or if it reaches a certain parameter you’ve stated.

Scale Set fundamentals

“Cattle versus pets” is a popular metaphor of cloud scaling, which is often credited to a former Microsoft architect Bill Baker.  If servers are like pets, each one is lovingly raised, tended to carefully and even individually named while even being nursed back to health when they are sick.  If they are treated as cattle than they are all interchangeable and do not need to be given names, and when they get sick you get rid of it and get another one.  In a way, scale sets give you a way to clone a herd of “cattle” which you are able to choose its size and breed at any given time at the cost of the herd being identical.

Something important to remember about Azure scale sets is that they are identical VMs.  This means that you can customize the first in the herd, but the rest will be exactly like the first.  There are multiple ways to define your scale set, through the Azure portal, manually via Powershell or the Azure command-line tools, and through an Azure Resource Manager (ARM) template.  From this definition, Azure will know what size VM instance you would like to use, its name, quantity of machines in the set, etc.  You can customize the VM used by the scale set to include your application in three ways: by creating a completely customized VM image and supplying it to Azure, by taking a prebuilt Windows or Linux image and installing your application when the scale set is started, or by customizing the image to include container software and then loading the application container when the scale set is started, each having its benefits.

For a more in-depth read on how Azure Virtual Machine Scale Sets works, you may visit the link or contact us directly at 893-9515!