Saturday, September 29, 2018

Delivering a new kind of training for high-stakes jobs

The Modern Workplace Means more 

The Microsoft Modern Workplace expands your capabilities to train and innovate by empowering more people to do more innovation and be trained faster and more individually, watch this short video to see how...



After you do, go to http://www.ion-modernworkplace.com to see how we can help you accomplish the same things.


Friday, September 28, 2018

Enterprise Problems solved by a Modern Workplace - COE

Enterprise Problems solved by a Modern Workplace - COE


Introduction

No single project will deliver an extraordinary modern workplace. Instead, the modern workplace is a journey, where capabilities and desires emerge over time. In a smaller organisation, it may be possible to run a series of modern workplace projects, coordinated (and potentially delivered) by a single central team. As technology matures, this is becoming easier.

Problem

In a large, complex or global organisation, a great modern workplace can’t be delivered by a single team. The sheer size of these organisations makes it impractical, let alone the difficulties of understanding and meeting the local needs of hundreds of individual business units, coupled with dispersed teams and departments or even divisions.

Solution

It’s tempting to believe that global intranets and modern workplaces are just bigger versions of ‘typical’ sites and platforms. They’re not.
In complex environments, both global and local needs must be met. The tangled and fluid nature of organisational needs also makes a linear approach difficult.
Global teams will be the owners of some top-down elements, such as the enterprise front door (global intranet homepage). They will also be providers of platforms such as content publishing, search and collaboration.
The most important roles for the global team, however, are as innovators and facilitators.
With these hats on, global teams should consider establishing a modern workplace centre of excellence.
The role of a modern workplace centre of excellence
There are many ways of forming centres of excellence, but all play similar roles:
  • Growing and spreading knowledge to all the distributed contributors to the modern workplace.
  • Fostering a community of modern workplace practitioners across the organisation, improving, coordinating and increasing knowledge sharing.
  • Engaging and informing senior leaders about the modern workplace, and what needs to be done throughout the organisation.
  • Supporting local projects with knowledge, expertise and resources.
  • Establishing new capabilities within the business, by centrally purchasing and deploying new solutions (or building them in-house).
  • Providing services to local business areas, such as content management or collaboration platforms.
  • Uncovering innovations at the edge of the business, and helping them to spread elsewhere.
  • Experimenting with leading-edge ideas, and therefore ‘breaking new ground’ within the business, allowing other areas to follow.
  • Connecting with other organisations, to benefit from the experience of the wider modern workplace industry.
  • Formalising governance around key areas of the digital workplace.

As a practical example, the global firm McKesson has shared how they established an enterprise mobility centre of excellence. This demonstrates how such a body can meaningfully balance structure and innovation, and how a central team can facilitate meeting many different local needs.
Establishing the centre of excellence
A global centre of excellence doesn’t just spring into existence fully formed, except in very rare instances when organisations make a sudden ‘big bet’ on the modern workplace.
Instead, an upward spiral approach should be taken. This uses early successes to build credibility and support, with flow-on benefits to funding and resources.
Global teams should also (gently) press senior leadership to establish robust governance around the modern workplace. The need for a central team to support the rest of the business should then quickly become apparent.
Creating a great modern workplace will be a multi-year, multi-strand journey that involves organisations at all levels. Only with the right knowledge and skills will the full benefits emerge. Having a strong digital workplace centre of excellence is a key element of this.

Conclusion

In a recent engagement with a local unnamed corporation, one of the senior executives said, "We don't want a Center of Excellence because all our people are excellent."  The COE went in anyway and was a success, but it does show that sometimes management needs to understand how things change and people, attitudes and belief systems need to change too.  Many of the largest Technology Companies such as IBM, Microsoft, Oracle, etc. have adopted the COE model as described above with very little differences.  If they have done it, don't you think you should follow their lead?

Thursday, September 27, 2018

Enterprise Problems solved by a Modern Workplace - Shared Culture

Enterprise Problems solved by a Modern Workplace - Shared Culture

Introduction

We like to talk to our customers about the challenges they face. And it’s interesting to learn that organizations of all sizes and in all industries share similar issues. Here are several common business challenges we’ve talked about with our customers and how using Workplace can help them to overcome.

Problem

Deloitte tells us that 69% of C-level executives believe company culture is a critical factor in realizing their company goals. But recognizing the need for a strong culture and actually building it are 2 very different things.

Solution

Organizations need to identify ways to hold company-wide conversations that include everyone. They need new methods to take the pulse of the organization and they need tools that allow two-way communication of shared values and identities. It’s one of the reasons we built Workplace.
“You need tools that allow two-way communication of shared values”
To enable better productivity and closer collaboration, and enhance culture by driving employee engagement and reducing the distance between people.
Microsoft has a paper on Modern Workplace Culture, here are some excerpts.
In ways large and small, our lives are being changed by digital technology. Ever-present mobile devices enable us to work from anywhere and stay in touch with the people we care about and the information we need from everywhere. From precision agriculture and automated manufacturing, to personalized medicine, autonomous vehicles, social media, and augmented reality games, every industry, every economy, and every aspect of how people manage their day-to-day lives is being reshaped.

We’ve never seen anything quite like what is happening right now. According to World Economic Forum, the speed of current breakthroughs has no historical precedent. Driven by the advent first of the steam engine, then electric power and the telephone, and now digital information, previous industrial revolutions gave rise to progress that moved at a linear pace. But transformation today is exponential. By some estimates, change today is happening 10 times faster and at 300 times the scale of the First Industrial Revolution. 
 As always, the real power of technology lies in its ability to enhance and amplify what humans can do.
For the first time in the history of the modern labor market, the workforce spans five generations—from the last of the Silent Generation through Baby Boomers, Generation X, Millennials, and now to Generation Z. Millennials have become the largest generational cohort in the labor force. By 2025, they will constitute 75 percent of the global workforce.iii Meanwhile, Generation Z is beginning to surge into the workforce as well.
Shrinking shelf life of information - While much has been said about information overload, the rate and speed at which new information is created drives an even greater sense of urgency for companies to rethink their information management strategies. 
 Growing impact of artificial intelligence - One of the hallmarks of the current era is how quickly artificial intelligence and machine learning is augmenting every aspect of business. It’s not just in manufacturing where robots are doing physical labor on the factory floor. AI systems are already preparing our taxes, helping doctors diagnose diseases, and enabling lawyers to search vast databases of legal decisions to pinpoint the precedent they need in seconds instead of days or weeks.
Making technology experiences simpler - As companies foster a new culture of work, IT organizations must embrace this culture change as well. Many IT departments today are moving to more agile, modern IT models that enable businesses to adopt new technologies at the speed of technology innovation. 
Expanding the Firstline frontier - These four areas represent exciting opportunities for businesses to foster the new culture of work and empower all workers—not just knowledge workers but also Firstline workers who greet customers in retail shops and hotels, operate machines on factory floors, work on construction sites, labor on farms, and more. The global workforce includes nearly 2 billion Firstline employees, representing about 80 percent of all workers. xxx They are core in almost every industry—the first to engage customers, the face of every brand, and the first to see a company’s products in action.  
 As you can see in the following chart the Modern Workplace as an Enterprise Strategy can yield positive outcomes in many areas.

Much of this is directly attributed to the improve Shared Culture
The new culture of work in action - As the nature of work is changing, the tools workers use in their jobs are evolving to meet new needs and provide new capabilities. At Microsoft, we’re working with customers to empower people and teams with modern solutions designed to help them seamlessly connect with one another, democratize data and analytics capabilities for everyone, and weigh important enterprise considerations like security and compliance. For companies taking advantage of these capabilities, the digital transformation is already having a significant positive impact on productivity, collaboration, innovation, and the bottom line. 

Conclusion

As the organization gets trained and the culture around those tools enable change and collaboration, the organization can and will improve well beyond the simple reduction in time needed to collaborate on a document.

Wednesday, September 26, 2018

Enterprise Problems solved by a Modern Workplace - Connecting disperse teams

Enterprise Problems solved by a Modern Workplace - Connecting disperse teams

Introduction

Joining everyone together is a challenge that resonates with many organizations we talk to. People who work in different locations or countries.

Problem

Employees who work for separate groups or entities within a business. Even those people who don’t have access to a professional email address. What tools can you use to make sure that everyone is part of the conversation wherever they work?

Solution

The answer to this lies in finding new digital platforms that are mobile-first. Mobile allows you to connect everyone across your organization, and give a voice to people who have been beyond the reach of traditional IT.

Azure has many services accessible from anywhere.

An example:
A globally dispersed financial team at Schneider Electric, based in Rueil-Malmaison, France, struggled to collaborate on quarterly business reviews. Team members were unable to coauthor documents and spent unproductive time searching for the latest versions of source files for financial reports. Now, they use Microsoft Teams to discuss, store, and find current files, and update them in real time. Workers save time locating documents, no longer losing up to 30 minutes each time they resume work on a project.
One of our mottos at Schneider is ‘Life is on,’ which refers to being energized, efficient, and connected. Teams enables this vision.

Rodolphe Aubin: Vice President, Financial Planning and Analysis
Schneider Electric 
Julie Issemann found herself sitting at her computer, waiting for a coworker to close a file so she could add the latest revenue figures to it. Issemann, a financial analyst at global energy management giant Schneider Electric, was used to working across time zones and geographies with the rest of her Financial Planning and Analysis (FP&A) team, which has contacts based across the globe. She was also used to feeling far away from the rest of her team.
“I wasn’t always sure I had the most current file—documents could end up in different systems, like email, file storage, or someone’s hard drive. I’d wonder where to find the document I needed, and which version of it I should use,” says Issemann. “When someone was working on a document that I needed to update, I had to call or email to find out when they’d be finished. Or I’d keep hitting refresh to see if the file was closed. After I finally got access, sometimes I’d find out the next day that a colleague had added new data to a previous version of it by mistake. We’d spend long hours before each big deadline waiting, searching, and sometimes redoing work.” 

Conclusion

Any organisation with dispersed teams or offices can benefit greatly from the Modern Workplace such as Microsoft Teams and Azure Cloud with Office 365.

Tuesday, September 25, 2018

Enterprise Problems solved by a Modern Workplace - Scaling Training

Enterprise Problems solved by a Modern Workplace - Scaling Training

Introduction

Every organization is unique—even if we’re in the same industry. We’re in different communities. We’re made up of different people. We have different priorities.
That said, the realities of modern business have introduced a new set of challenges that are often shared across companies and industries. Disruption is a constant. Agility is a requirement. Our employees’ ability to make the right decisions and constantly develop is a considerable differentiator.
As companies grow and roles become more complex, how do we enable our people to be the differentiators we need without radically increasing our training budgets? The answer: adaptive learning. In fact, an adaptive learning strategy can help you overcome 4 of the biggest challenges of the modern workplace.

Problem

Scaling your training

The perfect training strategy would be to provide every employee with a mentor who can personally help them with their development. But you can’t do that in an organization with 30,000 employees and only 30 people in the learning and development department. 

Solution

Adaptive learning helps you maximize your limited training resources by taking advantage of the immense data resources within your company. By pulling together data on what people know, what they’re doing on the job and what they are (or are not) achieving, adaptive learning technology can trigger the right training experiences and resources for every employee. Think of it like a personal digital mentor—at the scale of a global organization.

As with many modern workplace learning topics, a big part of the challenge is the fundamental definition. What is adaptive learning and, subsequently, what practices are required to bring it to life? When people start creating awkward and granular definitions to suit their specific application or product, the level of difficulty for general application rises. Therefore, rather than get bogged down with specific use cases or awkward analogies, I suggest we focus on the employee—the person we’re trying to help as we seek to solve business problems. With this mindset, adaptive learning is:
The purposeful use of data, technology, and content to provide the right support at the right time and help an individual employee improve his/her workplace performance.
You can do this! You can apply this definition to improve the learning experience and ultimate performance for your employees. But first you need to shift how you think about data, technology, and content in the context of workplace learning.
Microsoft Azure makes all training content/courses local anywhere in the world. 
There are many resources in the Microsoft Modern Workplace to be incorporated in your own scalable training system including resources on training for Microsoft Office 365 and more.

Conclusion

The Modern Workplace supports global organizational needs for a scalable system of learning and the current trend to adaptive learning fits perfectly.  The future articles in this series will expand on other complementary capabilities of the Modern Workplace.

Monday, September 24, 2018

Free Enterprise Architecture Governance Assessment for the Modern Workplace


Modern Workplace with Office 365

Modern Workplace with Office 365

Quick overview


As we have said in other posts there are many reasons to go with a single vendor like Microsoft.

Enterprise Problems solved by a Modern Workplace - Cyber Security

Enterprise Problems solved by a Modern Workplace - Cyber Security


Introduction

To say that Cyber Crime is scary is an underrstatement due to the wide array of threats and even the penalties that governments can impose if you do not adequately take actions to prevent and mitigate Cybersecurity or Data Privacy.  In this post we provide some insights and links to external sites and videos to help inform you and reduce your uncertainty.

Problem

Cybersecurity is the practice of protecting systems, networks, and programs from digital attacks. These attacks are usually aimed at accessing, changing, or destroying sensitive information; extorting money from users; or interrupting normal business processes.
Implementing effective cybersecurity measures is particularly challenging today because there are more devices than people, and attackers are becoming more innovative.

Cyber Crime is Global

Watch the Anatomy of an Attack

Current Threats



Resolution

The following Infographic does a great job in showing how Microsoft addresses all types of CyberSecurity elements.


Watch the On Demand Webinars for each element below.

Identity and Access Management

Threat Protection

Information Protection

Security Management


Here is the Microsoft Security Blog...


Across industries, as attack methods have become more sophisticated and complex, organizations have been responding by deploying more security solutions, which in turn has tremendously increased the complexity of security management.
Today, organizations must manage distributed resources across many environments, and given the constantly evolving threats, this means there are more attack surfaces that need to be protected.
In some cases, an organization may end up having multiple point solutions even within a single workload to address specific security concerns. However, managing a growing number of individual security controls becomes a true nightmare. You lose visibility into the security state of that workload, let alone the security of the entire organization.
Managing a high number of point solutions and vendors, coupled with the increasing ‘noise’ caused by diverse datasets with varying levels of fidelity, adds to the complexity of security management. It becomes harder to gain optimal insight into end points and results in even less visibility into the security posture of your entire network.
Often, these point solutions don’t share any information as they are not integrated, which leads to the most dangerous of your challenges: ineffective responses to threats that grow both in number and sophistication.
More solutions to deploy and more vendors to manage, with less insight and ineffective threat response, ultimately manifests in higher costs of security for CISOs as well.

How can CISOs efficiently manage security?

In today’s connected, technology-driven world, where digital transformation is the only way to survive for any organization, an efficient security management practice becomes the cornerstone of any long-term strategy of CISOs, regardless of their industry.
Whether your assets are deployed in the cloud, on-premises, or across a hybrid environment, your organization’s security has 4 core components for you to manage and secure:
  • Identity
  • Devices or end points
  • Apps and data
  • Infrastructure
And across these 4 core components, an effective security management solution should provide 3 key tenets – visibility, control, and guidance:
  • Full visibility that helps you understand the security state and risks across resources
  • Built-in security controls to help you define consistent security policies
  • Effective guidance to help elevate your security through actionable intelligence and recommendations

Vendor consolidation & intelligence is key

An effective security management solution is not about a single console. It is about integration where it counts, but with the freedom of specialized tools for different functions.
Microsoft helps you consolidate from a plethora of specialized functions and tools to just a few. Our offerings provide functionality to ensure specialized security teams have the flexibility and freedom to manage the unique needs of specific areas such as identitydevicesapps or infrastructure. However, the key that makes Microsoft security management consoles much more effective is the vast intelligence that is built into our solutions, which helps your organization maintain a consistent and robust security posture.
Microsoft has a unique perspective as we face the same adversaries our customers do, but because of the scale of technology we build and operate, we capture a massive amount of security related-signal:
  • Nearly 1 billion Windows devices updated worldwide each month, and we operate the largest anti-virus and anti-malware service in the world
  • Over 450 billion authentications processed monthly into our cloud services
  • Over 400 billion emails scanned monthly for spam and malware through Office 365 and Outlook.com
  • More than 18 billion Bing web page scans per month
We build this intelligence into our products and services – harnessing the power of machine learning, processing trillions of pieces of data, from billions of devices, we enable our customers to detect relevant threats faster and prioritize response. Our security management solutions are built to work for you. This shared intelligence is leveraged by management consoles across identity, devices, apps, data, and infrastructure – helping security admins and operation center teams to get important insights optimized for their workloads.
The key for a CISO’s success in managing security is not about a single console across everything, but consolidation wherever it makes sense. This gives CISOs the best of all capabilities and allows them the flexibility when they need it.
With single vendor management, built-in controls that come with Microsoft solutions, and unmatched intelligence, Microsoft becomes your trusted partner in achieving intelligent security management.

Conclusion

While there are many Vendor's offer many options today for Cyber Security, only a few offer all the options from end to end, the Modern Workplace and the associated Cyber Security elements should all be from the same vendor so there are no gaps in capabilities and security.  We at Ion-Management can help you migrate to a safe, secure and productive Modern Workplace.


Tuesday, September 18, 2018

Enterprise Problems solved by a Modern Workplace

Enterprise Problems solved by a Modern Workplace - Document Management


Introduction

This post will show an example problem in the Pre-Modern Workplace in Document Creation and Collaboration that is improved by the Modern Workplace.

Problem

I remember a college class when the teacher had all the students in the class stand in a circle.  The teacher then told one student a message and asked the student to tell each of the students next to them the same story.  Each student then retold the story until the stories met on the opposite side of the circle and then had the last two students retell the story outloud.  The two stories never matched, even when repeating the exercise with everyone knowing what happened the first time.

Consider the following business Scenario, these five team members must produce a document and each has their part to add and were tasked to edit and proof the document along the way.
Sequential Collaboration


In the pre-modern workplace this process might have been on email or a file server. In any case the edits done by Sally or Bill or Amy might never have been seen by Tom or anyone else.  This can lead to errors and delays.

This also carries risk because individuals can make changes in good faith but without full context and those changes might have unintended consequences.

A good example from my past was a press release I made in the USAF and the caption of a photo I wrote said, "The REMOVE BEFORE FLIGHT warning flag is typically attached to the Pitot tube as shown"



  I was required to get the Press Release cleared by the Public Relations Office.  They corrected my sentence as follows, "The REMOVE BEFORE FLIGHT warning flag is typically attached to the Pilot tube as shown."  They changed "Pitot" to "Pilot" because they did not know that it actually was the Pitot tube which measures the airspeed of an airplane....Editing without context or specific knowledge can be very detrimental.

Resolution

Now consider the Modern Workplace where the platform such as Microsoft Office 365 will allow creation and editing of a document stored in OneDrive (cloud) and even allows multiple people to view the document and make edits simultaneously.

The Modern Workplace Collaboration

Now each has access to the current working version all the time.  Edits can be seen and notices sent to all participants all the time.  No missed edits due to sequential processing, no unintended consequences and multiple people constantly proofreading the document will ensure the context is understood.

Conclusion


It should be clear in this example that the Modern Workplace can add significant value through improved document management, collaboration, accuracy, productivity and risk mitigation.

Future posts in this series will address other problems that are benefits to your organization.

Sunday, September 16, 2018

Ion is building Modern Workplaces 6 of 6

Ion is building Modern Workplaces 6 of 6 Execute

Introduction

When you decide it is time to Execute your plan to migrate your organization to the Modern Workplace you should consider some of the elements of this article.  Some are organizational, some more technical.  

Center of Excellence

In a large, complex or global organisation, a great digital workplace can’t be delivered by a single team. The sheer size of these organisations makes it impractical, let alone the difficulties of understanding and meeting the local needs of hundreds of individual business units.
Instead, big organisations should establish a global center of excellence for the modern workplace, enabling and supporting the work of myriad local teams.
It’s tempting to believe that global intranets and modern workplaces are just bigger versions of ‘typical’ sites and platforms. They’re not.
In complex environments, both global and local needs must be met. The tangled and fluid nature of organisational needs also makes a linear approach difficult.
Five hats for global teams for example provides a valuable framework to consider the role of the global team in all this.
Global teams will be the owners of some top-down elements, such as the enterprise front door (global intranet homepage). They will also be providers of platforms such as content publishing, search and collaboration.
The most important roles for the global team, however, are as innovators and facilitators.
With these hats on, global teams should consider establishing a modern workplace center of excellence.

Work Order System

It’s easy to say, “Always fill out a work order,” but it can be harder to put into practice. Companies with the whole work order process nailed down shoot for having every single minute of a tech’s time covered by a work order.
If you’ve got someone at the client site and they change an extra light bulb, they need to fill out a work order. If your ten techs each spend just fifteen minutes a day on non-recorded work, you’d be giving up 50 hours every month to off-the-books work.
In the Modern Workplace this is even more important as everyone in the organization gets used to the instant collaboration any problems will cause exaggerated impact from the change in capabilities an outage can cause.  
This is especially true as the Modern Workplace is rolled out, the work order system can track every step along the way and ensure a smoother roll out which will improve the sense of reliability you want to promote.
This is another place where technology can make things easier for you. If your techs are in the field, they need to have access to the work order system so they can easily fill out orders on the fly. Mobile integration with work order software can make it a breeze to cover all your bases.
The biggest risk with non-recorded time is an unhappy staff. It may seem counter-intuitive, but by doing a little more work, your employees can keep themselves from feeling overworked. When work happens off the map, you can end up over scheduling your team. By keeping precise track of their time, you can make sure everyone is given the time they need, and that more employees are brought in when things get overwhelming.

Operations Support System

OSS includes software, hardware, integration between systems, and business processes. As a collection of integrated applications, OSS supports the design, build and running of both the modern workplace as a whole and the individual services that make use of that system.
OSS encompasses many highly technical network management processes but ultimately its purpose is to ensure the modern workplace is efficient, services are profitable, and customers are happy.
We’ve introduced a lot of concepts there already, so let’s start by looking at the acronym OSS: What does OSS stand for?

OSS stands for either “Operational Support Systems” or “Operations Support Systems”.
“Operational Support Systems” is perhaps more commonly used. But don’t worry, you won’t sound dumb if you use either operations or operational.
Let’s break it down further…

Operational/Operations

Relating to the day-to-day tasks of supplying and supporting communication services. Getting technical and infrastructure jobs done. Running the network and services. As opposed to the business of selling, marketing or billing (which, as we will see later, are tasks that belong to BSS).

Support

Enabling and improving the service provider’s operational activities: Automating operational tasks; executing them faster; making them consistent; and tracking progress/results.

Systems

One or more distinct software applications, that are responsible for doing specific OSS jobs, running on servers, or on devices installed in the network, or executed in the Cloud.

Security Operations Center

Learn How to Fuse People, Process, and Technology to Create a Highly Effective SOC
In a perfect world, your organization would staff a 24x7 SOC—and have no trouble finding the budget or talent to do so. But the truth is, most organizations can’t afford a 24x7 SOC. The cost of having well-trained analysts onsite at all times outweighs the benefits.
If your organization is making do with an informal SOC, you may be facing delays in responding to incidents. You may even fear that incidents are going unnoticed. It’s a dangerous situation.
But there is a solution: building a SOC that automates as much of the SecOps work as possible.
This white paper will illustrate how to fuse people, process, and technology to create a highly effective and efficient SOC—even with limited resources. You’ll learn:
  1. What makes a SOC effective
  2. How to estimate SOC costs and savings
  3. Cost comparisons of various SOC staffing models
  4. Steps for building a SOC with limited resources

Detecting ransomware in the modern workplace

In earlier blogs, we have shared with you the roots of Microsoft 365 threat protection and how Microsoft 365 threat protect helps protect the modern workplace from ransomware. This week, we discuss how Microsoft 365 threat protection helps detect ransomware in the modern workplace. Detection is critical for any best in class security solution especially when the person does not use Microsoft Edge with the benefits of its web protection. In our web-based scenario, the user can access the website through another browser, download the “software update” and infect their machine with ransomware. Microsoft 365 offers detection capabilities across all threat vectors and figure 1 summarizes the services which help to detect threats.
Ransomware Detection with Microsoft 365
Windows Defender Advanced Threat Protection
Azure Advanced Threat Protection
Microsoft Cloud App Security
Azure Security Center
Office 365 Advanced Threat Protection
Office 365 Threat Intelligence
Figure 1. Microsoft 365 threat protection helps detect threats to the modern workplace
For example, with ransomware downloads from the web, Windows Defender ATP’s (WDATP) next-gen antivirus protection does an initial analysis of the file and sends all suspicious files to a detonation chamber. The file verdict is quickly determined. If a malicious verdict is returned, WDATP immediately begins blocking the threat. Today’s most sophisticated ransomware is designed to spread laterally across networks increasing its potential impact. Fortunately, WDATP enables security operations specialists to isolate machines from the network, stopping threats from spreading. Also, WDATP provides granular visibility into the device ecosystem so that a compromised device can be easily identified. Built-in threat intelligence is leveraged to help detect the latest threats and provide real-time threat monitoring. As we alluded to, signal sharing via the intelligent security graph is a powerful differentiator of Microsoft 365, enabling threat detection across any threat vector. Once WDATP determines the downloaded files are malicious, it shares this signal with the Intelligent Security Graph enabling our other platforms to become aware of the threat.
The seamless integration, for example, allows admins to pivot directly from the device analysis in WDATP to user profiles in Azure ATP without losing context allowing a detailed investigation of the incident as shown in Figure 2 below.
Figure 2. Signal sharing and event timeline shared between WDATP and Azure ATP
Often, ransomware uses a brute force password method to move laterally through a network which our Azure ATP service is specifically designed to detect. A brute force password attack may attempt multiple logins until a correct password is used to enter an account. This anomalous behavior would be detected by Azure ATP and with signals shared from WDATP, the anomaly would be quickly assigned to the ransomware and blocked from being downloaded onto any part of the network (device, user, etc). Azure ATP enables security operations analysts to investigate the type of intrusions and methods used by attackers to gain privileged access to user identities and provides a clear attack and event timeline. While Azure ATP detects anomalies at the network level, Microsoft Cloud App Security can detect abnormal file and user behavior within native Microsoft cloud apps such as Office 365, as well as third-party cloud applications. To detect ransomware attacks, Microsoft Cloud App Security identifies behavioral patterns that reflect ransomware activity; for example, a high rate of file uploads or file deletion activities, coupled with threat intelligence capabilities, such as the detection of known ransomware extensions. Microsoft Cloud App Security will alert on these abnormalities using anomaly detection policies that provide out-of-the-box user and entity behavioral analytics (UEBA) and machine learning (ML) capabilities, as well as fully customizable activity policies, enabling SecOps to detect these anomalies instantly. Learn more about how Microsoft Cloud App Security and Azure ATP work in tandem to help detect an actual ransomware attack.
Azure Security Center is also connected with WDATP and provides infrastructure level alerts and even provides an investigation path so admins can fully view the threat propagation details. The service includes threat intelligence which maps the threat source and provides the potential objectives of the threat campaign. What happens if an attacker senses that the web-based attack vector is being blocked and pivots to sending the ransomware via email as an attachment download? Microsoft 365 integration is again crucial as WDATP also shares the signal with Office 365 and once our ransomware is identified by WDATP, Office 365 will begin blocking the threat too. With Office 365 ATP’s real-time reporting and Office 365 threat intelligence, admins gain full visibility into all users who receive ransomware via email. Both Office ATP and Office threat intelligence services also track threats found in SharePoint Online, OneDrive for Business, and Teams so detection extends to the entire Office 365 suite. With Microsoft 365 threat protection, threats can be easily detected no matter how an attack is launched. Figure 3 shows the new Microsoft 365 Security and Compliance Center which is the hub from where admins can access the information from the different services.
Figure 3.  Microsoft 365 Security and Compliance center which connects the Azure, Office 365, and Windows workloads
Next week we conclude our Microsoft 365 threat protection blog series by covering the remediation and education capabilities offered by Microsoft 365 threat protection. We will demonstrate how Microsoft 365 threat protection workloads can help quickly remediate a ransomware attack and also help educate end users on how to behave and react when under attack. 

Requirements

Digitization is merely a term that describes the transition into a global, digital world and the manner in which relevant technologies are restructuring the business world and society.
This means that companies urgently require purposeful alignment with the progressive digitization of all sectors in order to guarantee sustained value added.
The Modern Workplace is a key element in a company's digital transformation. Up-to-date IT equipment enhances the efficiency of your staff and contributes to the success of the company.
The Microsoft Collaboration World now offers extensive interfaces and platforms for efficient and productive, shared environments that place a primary focus on the issue of security. With COMPAREX by your side, the digital transition, alignment and reorientation will become real opportunities for your company.

The Modern Workplace with Ion-Modern Workplace means that you will have an experienced partner by your side to accompany you on the digital journey throughout the entire cloud life cycle:

  Software procurement & license management

  Conception, implementation and support for IT infrastructures & IT solutions

  Courses and training for your staff

 
Ion-Modern Workplace from Ion-Management implements your requirements for a modern workplace, while providing a 360° care package based on its comprehensive portfolio for the time after successful roll-out as well. 

Acquisition

The acquisition of the various components of the Modern Workplace is both simple and complex.

You can simply acquire a Modern Workplace Suite such as Office 365 for all employees and get most of the way there.

The complexity of your organization however might dictate that is neither easy or cost effective and you must consider things like training costs, existing overlapping tools and licenses and so forth.

So the answer of how to acquire the modern workplace is going to be different for any two organizations, how much you already have invested in the component and what if any retraining may be needed.  Also the political impact of an enterprise wide acquisition may have unforeseen consequences.  We at Ion-Management favor an Enterprise Architectural approach that will give you the best return on your investment with minimal impact while improving your own ROI on IT and security, reliability and productivity across your organization.

Deployment

When it comes to deployment of the Modern Workplace it should be obvious that using an integrated suite such as Microsoft Office 365 will make that job easier.  The more pieces you much integrate yourself the harder and more costly the deployment will come.  The complexity of multiple integrations even when considered in light of existing investments may outweigh the cost of overlapping licenses.

Process Improvement Process

What is Process Improvement in Organizational Development?

Process Improvement is the proactive task of identifying, analyzing and improving upon existing business processes within an organization for optimization and to meet new quotas or standards of quality. It often involves a systematic approach which follows a specific methodology but there are different approaches to be considered. Some examples are benchmarking or lean manufacturing, each of which focuses on different areas of improvement and uses different methods to achieve the best results. Processes can either be modified or complemented with sub-processes or even eliminated for the ultimate goal of improvement.

Process Improvement is an ongoing practice and should always be followed up with the analysis of tangible areas of improvement. When implemented successfully, the results can be measured in the enhancement of product quality, customer satisfaction, customer loyalty, increased productivity, development of the skills of employees, efficiency and increased profit resulting in higher and faster return on investment (ROI).

Process improvement is a key feature of many BPM Software products.  These products serve to automate processes that are added into the software suite.  Once the processes are run via the software, process managers and executives can then see where improvements are needed within the process by looking at process completion times etc.

Conclusion

We at Ion-Management hope this series has helped you to adopt the Modern Workplace.  We are poised to help you further if needed.  We will continue to post useful articles in this blog.  In the next series we will address common problems that are solved with the Modern Workplace in detailed articles that address a single problem each.

References

https://www.steptwo.com.au/papers/establish-global-centre-excellence-digital-workplace/

https://blog.capterra.com/best-practices-work-order-management/

http://www.ossline.com/what-is-oss

https://cloudblogs.microsoft.com/microsoftsecure/2018/05/08/securing-the-modern-workplace-with-microsoft-365-threat-protection-part-3/

https://www.comparex-group.com/web/microsites/modern-workplace/en/modern-workplace.htm

https://www.microsoft.com/itshowcase/modern-workplace

https://www.appian.com/bpm/process-improvement-organizational-development/

https://www.citmagazine.com/article/1437875/c2events-acquires-five-hats-international




Wednesday, September 12, 2018

Ion is building Modern Workplaces 5 of 6

Ion is building Modern Workplaces 5 of 6 Cybersecurity


Introduction

By 2021, worldwide cybercrime damage is expected to reach $6 trillion—double what it cost businesses in 2015. As digital transformation sweeps the globe, the imminent threat of cybercrime grows alongside it. As a result, new techniques in cybersecurity must be developed at a growing rate to keep pace.
Digital-first is the new business frontier, and if we want to keep this landscape a safe space to store and share information, we must be able to quickly identify opportunities to bolster security and adapt to evolving threats. Microsoft’s cloud technology offers organizations the tools to advance security, enhance government compliance, improve security education, and enable industry collaboration to shut down new threats. Microsoft is creating a new path toward digital transformation in a secure space.
In this post we discuss the aspect of a Modern Workplace with regards to Cybersecurity.

Cybersecurity

Cybersecurity is the protection of internet-connected systems, including hardware, software and data, from cyber-attacks.

In a computing context, security comprises cybersecurity and physical security -- both are used by enterprises to protect against unauthorized access to data centers and other computerized systems. Information security, which is designed to maintain the confidentiality, integrity and availability of data, is a subset of cybersecurity.  



Elements of Cybersecurity

Ensuring Cybersecurity requires the coordination of efforts throughout an information system, which includes:


One of the most problematic elements of cybersecurity is the constantly evolving nature of security risks. The traditional approach has been to focus resources on crucial system components and protect against the biggest known threats, which meant leaving components undefended and not protecting systems against less dangerous risks.

To deal with the current environment, advisory organizations are promoting a more proactive and adaptive approach. The National Institute of Standards and Technology (NIST), for example, recently issued updated guidelines in its risk assessment framework that recommend a shift toward continuous monitoring and real-time assessments.

Cybersecurity in the Cloud

Through cloud technologies, IT professionals now have advanced tools at their fingertips that provide real-time visibility into cybersecurity and the ability to proactively thwart threats before they become an issue. As more organizations move to the cloud, management of security risks can occur in real time. This real-time action on cyber threats helps create cost efficiency, and allows for frequent and seamless updates without reconfiguration, giving IT leaders the upper hand in staying compliant with regulatory guidelines.
With cloud-based technology come real solutions in data loss prevention. IT professionals are using the cloud to secure employee data in new and highly effective ways. Through improved cloud encryption capabilities, organizations can better help protect sensitive information – in motion and at rest. Even if cybercriminals are able to breach your network and bypass the first lines of cyber defense, encryption helps keep organizational data from falling into unauthorized hands. Additionally, advanced measures like multi-factor authentication (MFA) and Single Sign-On (SSO) provide additional layers of security by ensuring only those with the proper credentials are able to gain access to information and company platforms. These solutions and innovations in tech security are just the beginning.

Cybersecurity and Enterprise Architecture

The most important thing to understand about Cybersecurity in your Enterprise Architecture is that it is not a singular element you can buy and install...Here is a perspective on Cybersecurity...
Overlapping elements of Cybersecurity


There is a well regarded TOGAF Integrated model called the Sherwood Applied Business Security Architecture (https://sabsa.org/) That can serve as a model for your own Enterprise.


Considering multiple vectors of Cyber Threats and the associated systems to protect from those threats is the essence of any Enterprise Architecture that addresses Cybersecurity.

Security Strategy SABASA Matrix

If you consider the TOGAF Architecture Development Method, the SABASA Model fits perfectly and helps you set your own Requirements.


Security Services spans all Enterprise Architecture

The Ion-Modernworkplace is designed to fit into your Enterprise Architecture from Preliminary through all phases A-H and Enterprise Requirements, to ensure you have covered all the Cybersecurity bases.


Cybersecurity Compliance

In a world where data breaches are daily occurrences and regulatory requirements for protecting data are increasing, it's essential for organizations to choose a cloud service provider that makes every effort to protect customer data. Microsoft is committed to the highest levels of trust, transparency, standards conformance, and regulatory compliance. Our broad suite of cloud products and services are all built from the ground up to address the most rigorous security and privacy demands of our customers.

To help organizations comply with national, regional, and industry-specific requirements governing the collection and use of individuals’ data, Microsoft provides the most comprehensive set of compliance offerings (including certifications and attestations) of any cloud service provider.
Simplify compliance with the Microsoft Common Controls Hub

Microsoft is a leading supporter of Cybersecurity Compliance

Cybersecurity Governance

An organisation’s board is responsible (and accountable to shareholders, regulators and customers) for the framework of standards, processes and activities that, together, secure the organisation against cyber risk.
We are the leading provider of information, books, products and services that help boards develop, implement and maintain a cyber security governance framework. In many cases, this involves deploying one or more cyber security management system standards.
All boards should be aware of the Cyber Threat Landscape and should understand what Advanced Persistent Threats are.
Cyber Governance Health Check is a good starting point for identifying areas in which the board should act to improve its cyber risk management.
IT Governance is unique. Across all the key segments and domains of cyber security, we can usually offer a solution and approach that suits your own organisational budget and culture: we can provide cyber security consultancy services, we can deliver cyber security training (either through a public training course or on-site to a number of your staff), and we also have a comprehensive range of books and tools that will enable you to look after yourself. Whatever your preference, our unique mix of products and services means that we can serve you precisely.
Azure Cybersecurity Compliance

Comprehensive is the best word to use to describe Cybersecurity Compliance from Microsoft Azure Cloud Services.


Compliance across All Microsoft Product lines

For the complete list of Compliance standards Microsoft adheres to go to https://www.microsoft.com/en-us/trustcenter/compliance/complianceofferings


Conclusion

It is safe to say that all vendors of IT services and applications are considering their positions with regard to Cybersecurity, your selection of the vendors of your solutions and the managed services provider(s) as well as Subject Matter Experts on Cybersecurity need to be aware of and compliant with all applicable laws, regulations, implementation guidance both local and International.  Ion-Management is such a vendor and we can help you achieve both a cost effective and compliance Modern Workplace.

References