Researchers Identify Suspected North Korean Cyber-Espionage Group

A discrete cyber-espionage group operating on behalf of North Korea is responsible for a years-long series of cyberattacks, security researchers at FireEye said this week.

FireEye dubbed the group APT37 in its report, "APT37 (Reaper): The Overlooked North Korean Actor." The report connects APT37 to other attacks dating back to 2014, including the recent zero-day vulnerability CVE-2018-4878 that was disclosed on Feb. 1. Successful exploitation of that Adobe Flash Player vulnerability could allow an attacker to take control of an affected system.

FireEye's report ties that vulnerability to activities reported by other researchers, including Kaspersky Lab, which identified a group of attackers as ScarCruft, and Cisco's Talos unit, which identified the activities of a Group 123. The FireEye report goes further in pinpointing the group's origin as North Korea.

"We assess with high confidence that this activity is carried out on behalf of the North Korean government given malware development artifacts and targeting that aligns with North Korean state interests," FireEye wrote in the introduction to the report.

"We judge that APT37's primary mission is covert intelligence gathering in support of North Korea's strategic military, political and economic interests. This is based on consistent targeting of South Korean public and private entities and social engineering. APT37's recently expanded targeting scope also appears to have direct relevance to North Korea's strategic interests."

What's interesting about the report is that FireEye views APT37 as separate from the internationally isolated country's main suspected cyber-espionage and operations unit, which researchers call Lazarus. According to FireEye, the capabilities of APT37 are increasing, the unit's international scope of operations is expanding, and the group is likely to become another tool in North Korea's global cyber-operations arsenal.

Posted by Scott Bekker on February 21, 2018 at 11:57 AM0 comments


Huddleston Joins Twilio

Ron Huddleston is joining cloud communications platform company Twilio as chief partners officer, the San Francisco-based company announced Monday.

Huddleston, who ran Microsoft's One Commercial Partner organization from its creation a year ago until going on what Microsoft officially described as an indefinite family leave two months ago, will be tasked with building out an ecosystem for ISVs, systems integrators and resellers at Twilio, a 10-year-old company that went public in June 2016.

"Ron's experience is unparalleled when it comes to building a thriving partner ecosystem and I look forward to him accelerating Twilio's momentum across all partner business models, geographies, and the enterprise opportunity," Twilio COO George Hu said in a statement. Huddleston helped build a developer-focused channel at Salesforce around AppExchange and previously held senior channel roles at Oracle.

"Twilio has the potential to revolutionize the communications industry in the same way cloud computing redefined the software industry. This is a massive opportunity for all types of partners to build new fast-growing businesses and continue to innovate for their customers across every industry," Huddleston said in the announcement.

The partner and developer evangelism role for Huddleston comes at a key time for Twilio, a 900-person company that is eager to show investors it is broadening its base of partners and customers. Twilio makes platform products that give developers APIs to allow them to embed communications technologies like voice, video, messaging and authentication into their own apps.

The company had a rough November, as investors punished the stock for the first full quarter of declining revenues from Uber. The ride-sharing app company decided last May to take more of the communications functionality of its apps either in-house or to use Twilio competitors in other geographies. Twilio's biggest customers are WhatsApp and Uber, which accounted for 6% and 5% of the company's revenues in the third quarter, respectively.

The danger of customer concentration is expected to be reflected in Twilio's fourth quarter results, which the company releases on Tuesday. Uber had accounted for 17 percent of Twilio revenues in Q4 2016, setting up a tough comparison.

At Microsoft, Gavriella Schuster replaced Huddleston as corporate vice president for One Commercial Partner in December, reporting to Judson Althoff, executive vice president for the Microsoft Worldwide Commercial Business.

Through conversations with Althoff, CEO Satya Nadella and former COO Kevin Turner both before and after he joined the Microsoft Dynamics team in the summer of 2016, Huddleston helped define a new structure for Microsoft's massive channel operation. Starting with the creation of OCP in January 2017, Huddleston integrated developer evangelism much more tightly into partner operations and began work on industry maps/solution maps/catalogs, which are regional lists of go-to partners for different solution areas. The OCP structure also included a major realignment of partner-facing job roles within Microsoft in the areas of build-with, sell-with and go-to-market.

Posted by Scott Bekker on February 12, 2018 at 6:11 AM0 comments


Microsoft Reports Growth in MCS

If you think of Microsoft partners as organizations that consult on and implement Microsoft technology solutions, one of the largest organizations in the channel is Microsoft's own Enterprise Services arm, which includes Microsoft Consulting Services (MCS).

Microsoft generally keeps communications vague about Enterprise Services and MCS, due to the sensitive nature of its occasionally testy relationship with enterprise and federal government partners. Still, the company releases some broad outlines of the group's performance in every financial report, and last week's release was no exception.

"Enterprise Services revenue grew 5 percent, and 3 percent in constant currency, as growth in Premier Support Services and Microsoft Consulting Services was partially offset by declines in custom support agreements for Windows Server 2003," said Microsoft CFO Amy Hood during the call with financial analysts.

Details in Microsoft's 10-Q filing (.DOC) with the U.S. Securities and Exchange Commission indicated that the 5 percent amounted to $64 million, suggesting overall Enterprise Services revenues for the quarter were in the neighborhood of $1.3 billion.

What that tells us about actual MCS revenue is a little, but not a lot. We can infer that MCS revenues may be increasing at better than 5 percent to offset the custom support contracts. Meanwhile, it's hard to know how big a chunk of Enterprise Services revenues comes from MCS. Premier Support Services is a big business, and even a declining custom support agreement business is accounting for part of the revenue.

Looking ahead to Q3, Hood told analysts to expect a similar revenue growth rate for all of Enterprise Services in Q3 compared to Q2, with growth in Premier Support offsetting the Windows 2003 custom support agreement decline, and no mention of MCS as a major factor either up or down.

Microsoft's services are generally focused at the highest end, with the company claiming 75 percent of its engagements are with the Fortune 1000, and Microsoft often acts as a prime contractor, pulling partners into deals in various roles.

What are you seeing out there? Is MCS being more or less aggressive in competing with you for customer deals than you've seen in the past? Let me know at sbekker@rcpmag.com.

Posted by Scott Bekker on February 08, 2018 at 9:22 AM0 comments


Connection to Award One-Time Employee Bonuses

Technology solution provider Connection is joining the list of companies offering employee bonuses in the wake of the U.S. Tax Cuts and Jobs Act.

Connection, which was known as PC Connection from 1982 until late 2016, announced this week that it will pay a $1,000 cash bonus to each employee.

"We are pleased to be able to provide this special reward to our valued employees for their hard work and commitment to excellence," Timothy McGrath, CEO and President of the Merrimack, N.H.-based company said in a statement.

While the company's statement didn't say how many employees the company has, its last annual report filing with the U.S. Securities and Exchange Commission a year ago put the count at 2,500 people. Connection's statement also said the company is still evaluating provisions of the legislation, which was signed in December, but that it anticipates a beneficial impact.

Among dozens of companies that have announced one-time bonuses or pay hikes in relation to the tax law are American Airlines, Apple, AT&T, Bank of America, Best Buy, Disney, Walmart and Wells Fargo.

Posted by Scott Bekker on February 08, 2018 at 1:34 PM0 comments


Partner Tidbits in Microsoft's Second Quarter Earnings

Behind Microsoft's latest earnings results, which pleased financial analysts even if they didn't do much for the stock price, were a number of directional hints and other key details for Microsoft partners.

CEO Satya Nadella summarized the big picture for the quarter, which included a 12% increase in revenues to $28.9 billion and a 10% bump in operating income to $8.7 billion, this way: "The intelligent cloud and intelligent edge paradigm is fast becoming a reality. Azure growth accelerated. LinkedIn growth accelerated. Microsoft 365 and Dynamics 365 are driving our growth and transforming the workplace."

The solid results come despite the turmoil in the sales organization related to the massive, layoff-heavy reorganization of the Microsoft field during the last year. The upheaval was severe enough to merit a mention during the call for financial analysts by Microsoft CFO Amy Hood, who partly credited partners for soldiering through the transition.

"Our sales teams and channel partners delivered another quarter of outstanding commercial results even as we continue to work through our sales reorganization from July," Hood told the analysts Wednesday night.

"The intelligent cloud and intelligent edge paradigm is fast becoming a reality. Azure growth accelerated. LinkedIn growth accelerated. Microsoft 365 and Dynamics 365 are driving our growth and transforming the workplace."

Satya Nadella, CEO, Microsoft

For any partner that hasn't heard the cloud message that Microsoft has been delivering since, oh, 2006, Microsoft continued to push that flywheel during the analyst call, as well. Specific to Nadella's overview comment about accelerating Azure growth, Azure revenues were up 98%.

Following up on Nadella's high-profile commitment to reach a $20 billion annual run rate for commercial cloud revenue, which Microsoft hit in its last quarterly earnings period, Microsoft is now blasting past that number. Hood said commercial cloud revenue for the second quarter hit $5.3 billion, which amounted to a 56% year-over-year improvement.

Commercial revenues for Office 365, one of the most important business areas for the Microsoft channel, also continue to surge. Those revenues went up 41% in the quarter, attributable both to installed-base growth and upselling to the E3 and E5 workloads that Microsoft heavily encourages its partners to peddle.

Hood said Office 365 commercial seats were up 30% and, in response to an analyst question, said that Microsoft believes there is still a lot of growth opportunity with Office 365.

Meanwhile, Dynamics partners can expect pipeline check-in calls from their Microsoft partner management teams surrounding Hood's forecast for the next quarter. "We expect double-digit Dynamics revenue growth from the shift to Dynamics 365," she said.

The technical terms that break the surface in the earnings call provide a window into which technologies have strategic emphasis in Redmond. Nadella's technology namechecks this quarter included Microsoft 365, Cosmos DB, LinkedIn Sales Navigator, Dynamics 365 for Sales and Talent, the Profile Card, Resume Assistant, Azure Databricks, SQL Server for Linux, Azure IoT Central, Surface LTE, Teams and Cortana.

Posted by Scott Bekker on February 01, 2018 at 9:31 AM0 comments


5 Hot Security Features on the Office 365 Roadmap

Microsoft is close to delivering a handful of key Office 365 security enhancements, including an attack simulation tool to test end users' behavior, updates to the Office 365 Secure Score and message encryption improvements, according to the official Office 365 Roadmap.

The Attack Simulator for Office 365 Threat Intelligence has the potential to be a very useful proactive defense tool for Microsoft partners and IT administrators. Unveiled at Microsoft Ignite in September and set for an imminent public preview, the simulator is a new feature of Office 365 Threat Intelligence.

That Threat Intelligence service, launched last April, provides real-time security insights on global attack trends culled from what Microsoft describes as billions of data points from its global datacenters, Office clients and other sources.

According to the roadmap, the attack simulator "enables admins to send simulated attacks (10-15 different attack categories including phish, brute force password cracking, etc.) to their end users to determine how they respond to attacks and determine if the right policies are in place to help mitigate real attacks."

[Click on image for larger view.] The Attack Simulator for Office 365 Threat Intelligence will allow administrators to test users' password strength and phishing attack readiness, among other things. (Source: Microsoft)

Also close are some additional features for the Office 365 Secure Score, which was originally came out a year ago to allow organizations to get a base security score from Microsoft based on dozens of factors in Office 365 covering user behaviors and security settings. It's like a credit score for an organization's cloud collaboration security posture.

Now Microsoft is adding an "Industry Average Score," displaying average scores that a company can compare to their own score. Microsoft is also testing an "Active Seat Average Score and Reporting Updates" feature for the Office 365 Secure Score. That will allow customers to compare their score against the average score for organizations with a similar number of Office 365 active seats. The update will also help organizations compare their own score between two different dates and offer the option to search a list of actions.

[Click on image for larger view.] Microsoft's original Office 365 Secure Score (pictured) became available a year ago. Microsoft is adding the ability for customers to compare their scores to like-size companies. (Source: Microsoft)

Microsoft is also fine-tuning the Office 365 Message Encryption capabilities it released in September. The feature was designed to make sharing of encrypted and rights-protected messages more seamless. However, the original release applied additional message restrictions, such as Do Not Forward. With the new version, administrators in the Admin Portal, or users in their Outlook client, can choose "encrypt only," without any other message restrictions.

In another change set to arrive shortly, Microsoft will add malicious link protection for end users sending e-mails within the same organization. Office 365 Advanced Threat Protection Safe Links for internal e-mails will include time-of-click protection and other functionality of Safe Links, Microsoft said. Slightly later in the quarter, Microsoft plans to introduce Office 365 Cloud App Security -- App Permission Alerts. The feature will allow administrators to create policies to be alerted when a user grants permission to an application to access Office 365 information.

All of the security features are currently in the "in development" section of Microsoft's Office 365 Roadmap page. Although many are supposed to be released very soon, the rollout for the Office 365 user base is staged and can take weeks or months.

Posted by Scott Bekker on January 31, 2018 at 12:21 PM0 comments


Microsoft Cloud Partner Community Reaches 68K

Six months after claiming to have more cloud partners than Amazon Web Services, Google and Salesforce combined, Microsoft says partners continue to join on to its cloud effort at a good clip.

Microsoft worldwide channel chief Gavriella Schuster shared some Microsoft Partner Network metrics during a State of the Channel briefing this month.

"Currently, we have more than 68,000 cloud partners, which is a 33% increase year over year," Schuster said during the briefing. That figure is up slightly from the 64,000+ figure that Microsoft cited in July at its Microsoft Inspire conference. It implies the count would have been about 50,000 partners a year ago.

Those partners are selling Microsoft's cloud services, such as Azure, Dynamics 365 and Office 365 through all of Microsoft's sales motions. All of that partner activity helped Microsoft reach a $20 billion annual run rate goal for cloud revenues in its first fiscal quarter of 2018.

Schuster also called attention to even faster growth within the Cloud Solution Provider (CSP) business model for partners. CSP involves almost all of Microsoft's cloud products, but allows partners to bundle Microsoft's products with a partner's own, as well as third-party, services to present a single bill to the customer. In that type of customer engagement, the partner, rather than Microsoft, owns pricing, billing and first-line support.

According to Schuster, the number of partners transacting through CSP in the past 12 months has grown by 83%.

Asked for clarification in an email, a Microsoft spokesperson said the total number of partners transacting in CSP is now 45,000. That's up from 37,500 partners transacting through CSP as of July. An 83% increase suggests Microsoft had just under 25,000 partners transacting through CSP a year ago. That rate of increase, fast at the start of the year, and slower in the last six months, would be consistent with figures shared by Microsoft for U.S. CSP participation this fall of about a 33% increase.

Posted by Scott Bekker on January 29, 2018 at 1:00 PM0 comments


Ex-Microsoft Dynamics Chief Tatarinov Joins Acumatica

Kirill Tatarinov, a longtime Microsoft senior executive and the former CEO of Citrix, is now a part of Acumatica's board of directors.

Bellevue, Wash.-based Acumatica provides cloud ERP solutions. As part of its board, Tatarinov will be advising his former Microsoft colleague, Jon Roskill, who joined Acumatica as CEO in 2014 after capping a long Microsoft career with a stint as Microsoft's channel chief.

"Kirill is a very big proponent of advanced technology," Roskill said in a statement, "and his views align well with our intelligent ERP efforts on machine learning, natural user interfaces, and Blockchain. Having another technology advocate on the Board will continue to inspire our product development."

Tatarinov and Citrix parted ways in July after he held the job for about 18 months. Previously, he worked at Microsoft for 13 years, including a lengthy period running Microsoft Business Solutions/Dynamics, which includes the company's ERP and CRM products.

On the Acumatica board, the Moscow-born Tatarinov joins investor and technologist Serguei Beloussov, the executive chairman and co-founder of Acumatica. Beloussov, a native of St. Petersburg, Russia, is also the co-founder, CEO and chairman of the board of Acronis and executive chairman of the board and chief architect of Parallels.

Posted by Scott Bekker on January 25, 2018 at 4:44 PM0 comments


Partners Jumping Aboard Microsoft Co-Sell Program

The co-selling program that Microsoft publicly unveiled last July is booming, according to Microsoft's worldwide channel chief.

Gavriella Schuster provided details of the program on Wednesday during a State of the Channel briefing with reporters and industry analysts.

Microsoft first discussed the co-selling program at its Inspire 2017 conference. At the time, Microsoft had been doing a pilot version of the program, in which Microsoft and partners jointly took the partner's solution to market as a packaged offering.

"That is about not selling Microsoft solutions but actually selling partner services," Schuster said Wednesday. "[We're] taking the end solution that a partner has built on the Microsoft technology that really meets the customer demand more specifically and bringing that partner in to sell with us to those business decision makers."

The pilot program during Microsoft's 2017 fiscal year, which ended last June 30, involved 500 co-sell partners. By June 2017 there were 1,400 partners, and in December 2017 the full-fledged program reached 9,000 participating partners.

"That is about not selling Microsoft solutions but actually selling partner services."

Gavriella Schuster, Corporate Vice President, One Commercial Partner, Microsoft

Helping drive participation both with partners and internally at Microsoft is a $250 million Microsoft investment in seller incentives. Some of that funding gives Microsoft sales reps payment on up to 10 percent of the annual contract value of the joint solution.

Schuster said the project sizes are on average nearly six times larger when a partner is involved, and she said opportunities are closing faster than with regular deals, as well.

Some partners co-selling with Microsoft through the program are OSIsoft, which has 12 joint wins with Microsoft, and DataStax, which is reporting a 140 percent increase in pipeline through the co-sell opportunities.

Schuster said the co-selling program is a way for Microsoft and partners to align better with the shift in IT decision-making from centralized IT departments to line-of-business leaders.

"In order for us to get them the kind of information and insight [that they need], the right solutions, we said we have to think about the way we sell our technology differently. So instead of the traditional supply chain approach that we've had with our partners where Microsoft produces a product, our partners then sell it, and then our partners will deliver the services and post-sales support to our customers for deployment, we said we have to reimagine that, and the reimagination is something we call co-sell," Schuster said.

There are rigorous criteria for getting involved in the co-selling program, involving proven competency and capability, as well as having the right types of employees in the appropriate geographies. Once those are established, Microsoft will work on building a joint business plan with the partner. "Then what we would do is package up their services and ours together into our catalog," Schuster said.

Posted by Scott Bekker on January 24, 2018 at 2:44 PM0 comments


IT Cloud Solutions Named Microsoft CSP Indirect Provider in Canada

IT Cloud Solutions on Tuesday officially became the seventh Indirect Provider for the Microsoft Cloud Solution Provider (CSP) program in Canada.

CSP is Microsoft's program allowing channel partners to resell Office 365, Azure, Dynamics 365 and other mostly cloud products to customers, with partners able to handle the billing, provisioning and support for the customer. While some generally larger Microsoft partners, called Direct Providers, deal directly with Microsoft on the product subscriptions, about 90 percent of Microsoft's CSPs fall into a category called Indirect Resellers. The Indirect Resellers work with large intermediaries, called Indirect Providers, rather than working directly with Microsoft.

IT Cloud, based in Trois-Rivieres, Quebec, describes itself as a born-in-the-cloud company established in 2005 to provide cloud backup services for managed service providers. The company says it has a network of more than 500 partners/resellers across Canada.

The company has also expanded into infrastructure and security, and has strategic relationships with StorageCraft and Bitdefender. The Microsoft arrangement will allow its partners to begin selling complete bundles of Microsoft cloud subscriptions, backup services and security products to their joint customers.

"The combination of business productivity solutions such as Microsoft Office 365, Microsoft Azure, Microsoft Enterprise Mobility + Security (EMS), Microsoft Intune and Microsoft Dynamics 365, plus our award-winning business continuity cloud solutions, make a compelling proposition for channel partners to take to market," David Latulippe, vice president, Sales & Business Development at IT Cloud, said in a statement.

As an Indirect Provider in Canada, IT Cloud joins Arrow ECS Canada, Ingram Micro, SaaSplaza Inc., SherWeb, Synnex and Tech Data.

Posted by Scott Bekker on January 23, 2018 at 3:47 PM0 comments


SonicWall Tops 21,000 Partners

Continuing its surge in partner signups since going independent from Dell, SonicWall on Tuesday declared a new channel milestone with 21,000 registered partners worldwide.

"The numbers speak for themselves," SonicWall President and CEO Bill Conner said in a statement. "With the diligence of our committed channel community, SonicWall is building one of the most modern, engaging and rewarding partner programs in the industry."

Membership in the SonicWall SecureFirst Partner Program is up about 40 percent from June, when SonicWall reported 15,000 partners. The private network security company launched the SecureFirst Partner Program in November 2016, and since that time says it has added 7,700 net new partners to its program. Presumably the other 13,300 partners had worked with the company in the Dell days or before then.

SonicWall also on Tuesday released data suggesting that the SonicWall University training program it launched last April is boosting revenues for partners that participate. The company says average revenue increases for partners that haven't used the training program are 7 percent, but quarter-over-quarter revenues are up 21 percent for those with staff who have attained SonicWall University achievements.

Posted by Scott Bekker on January 23, 2018 at 11:55 AM0 comments


Kaseya Updates RMM with VSA 9.5

Kaseya's newest version of its remote monitoring and management (RMM) solution for managed service providers hit general availability on Tuesday.

Kaseya VSA 9.5 is primarily focused on user experience enhancements to the RMM platform, which serves as the flagship of the Kaseya IT Complete suite. Other elements of the IT Complete suite for MSPs include Traverse for network management, AuthAnvil for identity and access management, Cloud Backup for backup and disaster recovery, 365 Command for Office 365 management, Unigma for cloud management, BMS for professional services automation and MSP Insights for benchmarking. (VSA stands for Virtual System Administrator and BMS stands for Business Management Solution.)

Key enhancements in VSA 9.5 that Kaseya is highlighting include the Live Connect user interface for technicians, VSA's integration with BMS, backup automation integrations and partner momentum around the API.

Live Connect technicians in VSA 9.5 will be able to perform remote scripting with Microsoft PowerShell and will be able to remotely upload or download multiple files or entire directories from a single interface.

The BMS integrations include automated ticket de-duplication, which aims to link events to a root problem, automated ticket closing once a problem is resolved, and automated ticket re-opening if an issue reappears to prevent duplication of steps.

The backup improvements focus on integrating Kaseya's Cloud Backup product with Kaseya Policy Management to "fingerprint" different machines and automatically apply backup policies for machines and applications.

Meanwhile, Kaseya rolled out a new integration platform and API for VSA 9.5. Vendors working on integrations with VSA 9.5 include Warranty Master, Acronis, Carbonite, Customer Thermometer, Webroot and Bitdefender, according to Kaseya.

The last major update to VSA was the 9.4 release a year ago.

Posted by Scott Bekker on January 23, 2018 at 11:39 AM0 comments