The recent discovery of a botnet aimed at Office 365 customers puts a spotlight on a commonly overlooked category of system accounts.
Skyhigh Networks this month reported a botnet it dubbed "KnockKnock" that it discovered several weeks ago. Active since at least May, and especially active from June through August, the relatively small botnet seems to have been highly targeted in both the types of accounts it attacked and the types of organizations it went after.
"The reason this is interesting is not that a botnet is trying to get into accounts, but the fact that it is trying to get into system accounts," said Sekhar Sarukkai, chief scientist at Skyhigh Networks, in an interview.
What the attack does, according to Skyhigh's description, is go after the system accounts that are commonly used to connect the Exchange Online e-mail system with marketing and sales automation software. In cases where the system accounts were compromised, KnockKnock exported data from the inbox, created a new inbox rule and began a phishing attack from the account against the rest of the organization.
Skyhigh picked up evidence of the botnet through its Cloud Access Security Broker (CASB) Threat Protection engine when the company's customers were attacked. Skyhigh says the traffic came from 63 networks and 83 IP addresses, with 90 percent of traffic coming from IP addresses in China. In all, the attacks came from 16 countries.
The attacks averaged only five e-mail addresses per customer. Additionally, the organizational targeting was extremely specific -- aimed at infrastructure and Internet of Things (IoT) departments within the manufacturing, financial services, health care and consumer products industries, as well as U.S. public sector agencies.
"It just seems like it's orchestrated in a controlled manner, rather than a free-for-all, get-what-you-can kind of campaign," he said.
Sarukkai said that what is helping the effectiveness of the attack is that non-human system accounts are less likely to be protected by multi-factor authentication or security policies, such as recurring password reset requirements. "Once these accounts have been provisioned, they're really sort of forgotten," he said. "I think these actors have a pretty good understanding of the weakest link in Office 365 and in general the security infrastructure -- almost like the hidden weakness."
Posted by Scott Bekker on October 12, 2017 at 12:28 PM0 comments
The number of U.S. partners participating in the Microsoft Cloud Solution Provider (CSP) program is up by about a third over the last half year.
"We're just over 8,000 partners who are selling in the program," said William Lewallen, who leads the Microsoft CSP program in the United States, in a podcast posted on Wednesday.
The comments on the Vince Menzione podcast series, "The Ultimate Guide to Partnering," are an update from Lewallen's appearance on the same podcast about six months ago, when he said Microsoft had 6,000 U.S.-based CSPs. (See RCP's coverage of that podcast here.)
CSP is Microsoft's sales program that allows partners to resell cloud services -- such as Office 365, Azure, Dynamics 365, Enterprise Mobility + Security (EMS) -- to customers, either directly or indirectly through indirect provider partners like Ingram Micro, Tech Data, SherWeb or others. Partners are encouraged to use the program to package the Microsoft services with their own and third-party services to present a complete solution to customers.
While still the U.S. lead for the program, Lewallen's position has shifted within Microsoft. Amid the major partner and field reorganizations taking place this year, CSP has moved into the new One Commercial Partner (OCP) organization, which is run in the United States by David Willis. OCP is organized into three main teams covering different functions of Microsoft interaction with partners -- build-with, sell-with and go-to-market. CSP is now part of the go-to-market team.
Among other updates, Lewallen said month-over-month revenue growth continues to advance at double-digit rates and mentioned that non-Office 365 products are gradually gaining share in the growing pie. In his previous appearance, Lewallen said Office 365 accounted for over 80 percent of CSP sales, which was down from nearly 100 percent the previous year. In Microsoft's view that non-Office 365 component needs to grow as the company emphasizes other products through the model.
"Our non-Office 365 products have continued to increase their share of the total pie by a few points, which is good. And that's primarily coming in the areas of Azure and Dynamics, and that's what we expect for the course of the year, is to continue that growth of those other products as a share of the total, obviously while continuing to grow the large Office 365 business as well," Lewallen said in the new podcast.
The 30-minute podcast, as well as a complete transcript, are available here.
Posted by Scott Bekker on October 11, 2017 at 10:55 AM0 comments
As the General Data Protection Regulation (GDPR) enforcement date approaches, major IT vendors are continuing to spin up tools and resources to help customers and partners ensure compliance and avoid potentially catastrophic fines.
GDPR is a European Union regulation for protecting the data and privacy of EU citizens. GDPR was approved by the EU Parliament in April 2016, and enforcement begins on May 25, 2018. It requires notifications within 72 hours of a breach, evidence of thorough efforts to protect customer data, and clear consent policies to allow EU citizens to opt out of data collection or have their data deleted.
The regulation is important beyond the 28 member states of the European Union because the EU will pursue fines beyond those borders for any organization anywhere in the world that handles the data of EU subjects. Maximum fines are up to 4 percent of a company's annual revenues or 20 million Euros, whichever is greater.
"This has serious teeth to it," says Mike Puglia, chief product officer at Kaseya and a veteran of many of the IT compliance preparation efforts over the last few decades. "[The fines] would be a material impact if not an operational-ending impact."
Kaseya on Thursday unveiled a GDPR Resource Center and Compliance Pack for helping customers worldwide bring their operations into compliance with GDPR. The core is the Compliance Pack, which is a free plug-in to VSA, Kaseya's remote monitoring and management tool.
"There are a lot of things that our customers do with our product that will help you comply: patching, anti-virus, anti-malware, backup, what user accounts are on those systems, when they have been accessed," Puglia says. "We've taken all those things that we do, and brought them together. I can feel confident that I am taking industry reasonable steps. The product itself can mitigate or remediate any issues, and [it does] reporting for evidence."
Kaseya's efforts this week at Kaseya Connect Europe in Amsterdam follow a related tool unveiled by Microsoft during its Ignite conference last week. That tool, the Compliance Manager, is planned to be a part of the Microsoft 365 Enterprise edition, which is a subscription combination of Office 365, Windows 10 and Enterprise Mobility + Security (EMS).
"Compliance Manager enables you to conduct real-time risk assessment, providing one intelligent score that reflects your compliance performance against data protection regulatory requirements when using Microsoft cloud services," wrote Alym Rayani, director, Office 365 Security, in a blog post about the tool.
A preview program of Compliance Manager is planned to start in November. The scoring tool will join other GDPR readiness tools from Microsoft, such as an online GDPR benchmark assessment tool and a GDPR readiness assessment tool for Microsoft partners to use to help customers.
Posted by Scott Bekker on October 05, 2017 at 12:59 PM0 comments
Microsoft is adding one more big developer event to its calendar for 2017.
The company announced Thursday that it will hold Connect(); 2017 from Nov. 15 to 17 in New York City and live stream portions of the event.
Scott Guthrie, executive vice president for the Microsoft Cloud and Enterprise Group, will keynote and the three-day event will include 75 sessions and hands-on training.
Details on a teaser Web page for the conference are light, but an announcement blog stated that focus areas would include cloud, data, artificial intelligence, Internet of Things and open source technologies.
Posted by Scott Bekker on October 05, 2017 at 9:29 AM0 comments
Hoping to capitalize on an anticipated explosion of cloud opportunities in Europe, channel-focused cloud management software provider SkyKick is opening a European office Thursday in Amsterdam.
The move will double SkyKick's European headcount, although the Seattle-based company did not provide precise employee numbers. SkyKick's European operations were previously concentrated in the United Kingdom, where the company will maintain a presence.
SkyKick is looking to IDC projections that public cloud services in Western Europe will grow at a compound annual rate greater than 25 percent through 2020. "The number of European companies that are moving their business to the cloud continues to skyrocket," said SkyKick EMEA General Manager Kathryn Saducas in a statement.
In an aptly named facility in Amsterdam called "The Cloud," which also houses offices for Amazon and Uber, the new SkyKick office will support partners in Europe with the first SkyKick Support Center outside the United States, as well as providing a base for sales and operations employees.
The new office follows SkyKick's recent addition of support for cloud migrations and backup to Microsoft's German datacenters in Magdeburg and Frankfurt.
SkyKick delivers tools that allow partners to migrate customers from various platforms to Microsoft Office 365, back up customer data to the cloud and manage customer environments.
Posted by Scott Bekker on October 05, 2017 at 1:06 PM0 comments
Tech Data is simplifying its brand.
The sprawling, multi-faceted IT supplier with $16.5 billion in sales in the first half of this year announced on Wednesday a set of branding moves, which primarily serve to fold the Technology Solutions business acquired earlier this year from Avnet into a more cohesive Tech Data story.
Gone is the word Corporation from the company's marketing name -- it's now just Tech Data. Also jettisoned are smaller brands, such as Tech Data Cloud or Tech Data Mobile Solutions. Now the company will refer to Tech Data's cloud solutions, or Tech Data's mobile solutions. The rebrand also incorporates minor changes to the logo color palette and design.
"Our new global brand is centered on the proven strength of the Tech Data name and provides a unified promise of integrity, expertise and excellence," said Bob Dutkowsky, chairman and CEO of Tech Data, said in a statement. "Tech Data serves as a beacon in the IT channel -- central to our customers' and vendors' success. Our teams have highly specialized skills in next-generation technologies, extensive software and services capabilities, and the best logistics engine in the industry, all backed by a global IT system that can do anything from process the sale of a laptop to configure the most complex multi-vendor solution."
Tech Data is now grouping its offerings into two major portfolios, which encompass most of existing Tech Data products, as well as what came to Tech Data with the $2.6 billion Technology Solutions acquisition. An Endpoint Solutions portfolio will include PCs, mobile phones, printers, peripherals, supplies, software and consumer electronics. An Advanced Solutions portfolio will include servers, networking, storage, datacenter software, converged/hyperconverged infrastructure, cloud, Internet of Things, mobility, security and analytics.
A few specialized brands will persist, including Datech Solutions, Maverick AV Solutions and Global Computing Components. A fourth specialized brand, the European datacenter offering called Azlan, will be gradually transitioned into the Advanced Solutions portfolio.
Remaining in place is the high-level executive team unveiled in February with the close of the Technology Solutions business acquisition.
That structure had Dutkowsky's direct reports as Chuck Dannewitz, executive vice president, chief financial officer; Rich Hume, executive vice president, chief operating officer; Beth Simonetti, executive vice president, chief human resources officer; John Tonnison, executive vice president, chief information officer; and David Vetter, executive vice president, chief legal officer.
Reporting to COO Hume were William Chu, president, Asia-Pacific; Jaideep Malhotra, president of Global Computing Components; Joe Quaglia, president, Americas; Patrick Zammit, president, Europe; Els Demeester, corporate vice president of Integration; and Michael Urban, corporate vice president of Strategy, Transformation and Global Vendor Management.
In Quaglia's Americas organization, Marty Bauerlein, senior vice president of Commercial & Retail Solutions, will run the Endpoint Solutions portfolio, and Jeff Bawol, senior vice president of Enterprise Solutions, will run the Advanced Solutions portfolio. In Zammit's Europe organization, Stephen Nolan is senior vice president of Endpoint Solutions and Graeme Watt is senior vice president of Advanced Solutions.
Posted by Scott Bekker on September 27, 2017 at 8:24 AM0 comments
Microsoft's subsidy program to attract partners to the five strategic cloud competencies in the Microsoft Partner Network (MPN) will end later this month.
The move will raise annual U.S. partner fees for gold cloud competencies by $790 and silver cloud competencies by $140.
"Starting October 1, 2017 the cloud competency fees will be the same as all other competencies (US$1,670 for Silver and US$4,730 for Gold)," said Chinmayi Bhavanishankar, partner experience lead and simplification expert on the Microsoft U.S. Partner Team, in a blog post this month.
The lower prices had applied to the five cloud competencies -- Cloud Customer Relationship Management, Cloud Productivity, Cloud Platform, Enterprise Mobility Management and Small Midmarket Cloud Solutions.
Bhavanishankar said the price change will apply to partners at the time of their membership renewal. A different introductory benefit that will continue is the Cloud Enablement Desk, which is a free program for new cloud competency partners to get guidance from a Cloud Program Specialist for up to six months.
The price change on cloud competencies arrives just as some other major changes to the MPN competency structure fully take effect. In April 2016, Microsoft announced an 18-month plan for retiring 12 of the 29 competencies in the MPN. Those competencies will be completely retired on Jan. 31, 2018.
Posted by Scott Bekker on September 19, 2017 at 10:34 AM0 comments
A few years ago, I remember thinking that if Siri, Cortana and their digital voice assistant peers aspired to be more than gimmicks, their corporate parents would need to teach them to play nice with each other.
Few people live their entire digital lives on one platform. As an example, Cortana can be deeply integrated into your Microsoft-based work life, Siri into the iOS part of your personal life, Google Assistant into the Android portion of your personal life and Alexa into your shopping existence. Getting those assistants talking could open a lot of possibilities to simplify and unify things, rather than complicating and compartmentalizing them.
In the interim, I haven't thought about it much, mostly because the whole question seemed less important.
While Alexa has emerged as the humanized AI of the moment, it's obvious that despite her many cool capabilities, she exists in the world for one reason and one reason only -- to move more product from the silo, albeit the massive silo, of Amazon.com's e-commerce operation.
Cortana became steadily less relevant as Microsoft abandoned its once grand smartphone ambitions. Granted, she's on the ubiquitous Windows 10, but the voice interface is much less critical for a PC than a smartphone. It's clearly preferable to talk to a phone rather than to tap away on softkeys with your thumbs in many situations. There are far fewer use cases on a PC where talking is as efficient, let alone more efficient, than using a physical keyboard and mouse. Meanwhile, Microsoft seemed to be pivoting its efforts to concentrate on improving voice recognition services and APIs for developers rather than for Cortana, the personified digital voice assistant.
Siri, meanwhile -- and this is my completely anecdotal experience -- seems to be inexplicably getting less useful over time. When I first started using Siri two years ago, the voice recognition seemed better and the responses seemed more relevant, helpful and often fun. Lately the hit-to-miss ratio has been so low that I've mostly stopped asking Siri anything.
All of which is to say, the digital voice assistants launched as gimmickry, understandably and necessarily, but don't seem to be maturing into highly functional assistants that can make it easier to navigate your 21st-century life.
Then this week, out of the blue, Microsoft and Amazon.com declared that they'll have Cortana and Alexa talking to one another and asking one another for favors by the end of this year.
"This collaboration will allow you to access Alexa via Cortana on Windows 10 PCs, followed by Android and iOS in the future. Conversely, you'll be able to access Cortana on Alexa-enabled devices like the Amazon Echo, Echo Dot and Echo Show," said Andrew Shuman, corporate vice president for Cortana Engineering at Microsoft, in a blog post Wednesday.
Amazon.com's news release on the deal Wednesday extrapolated on the applications: "Alexa customers will be able to access Cortana's unique features like booking a meeting or accessing work calendars, reminding you to pick up flowers on your way home, or reading your work email -- all using just your voice. Similarly, Cortana customers can ask Alexa to control their smart home devices, shop on Amazon.com, interact with many of the more than 20,000 skills built by third-party developers, and much more."
In a New York Times interview, Amazon.com CEO Jeff Bezos said he hoped that similar integrations with Apple and Google could be forthcoming, although both of those companies declined comment. While much focus will be on whether it's in Apple's or Google's interest to cooperate, that misses the point.
For digital voice assistants to have real value, these types of integrations are critical. Let's hope this two-member club becomes a four-member club in short order. A non-gimmicky future for digital voice assistants depends on it.
Posted by Scott Bekker on August 31, 2017 at 9:05 AM0 comments
Vendors and solution providers were poised to help in Hurricane Harvey's wake as the record-rain-producing storm made its third, and what looked like its final, pass at the Texas-Louisiana coast Wednesday.
Harvey first struck the Texas coast on Friday night, and as it lingered the storm dumped more than 50 inches of rain in some places, causing deep flooding over a wide area including Houston.
With public officials and infrastructure experts saying the storm recovery could take years, the process of restoring IT was still a lower priority for many businesses.
"A lot of people are in survival mode still," said Patrick Murray, a senior consultant with Houston-based ERGOS, one of the largest MSPs in South Texas. ERGOS, which didn't lose power or experience outages at its Houston datacenter, has been proactively checking on customer systems, even those that haven't called to check in.
"We've got ways to determine if this customer or that customer is affected and what part of the technology is affected," Murray said. "I would say a good 5 percent to 10 percent of our customers were hit pretty heavy."
One customer that was heavily affected has been spun up and virtualized. For such remote virtual environments, ERGOS uses a mix of its own ERGOS-branded cloud at the Houston datacenter and StorageCraft's cloud.
Other than that, Murray said, "We've had to do some mild file restores here and there where some customer offices are down due to power or due to flooding."
He credits that partly to the extensive backup and recovery checks the company ran before the storm and pre-storm queries that poured in even before the storm was officially upgraded to a hurricane last Thursday.
"The No. 1 question I got two days prior to the storm, since we anticipated things so much, was, 'Hey, are my backups working?' The second question was, 'Are my offsite backups working?'" said Murray. "I probably answered 50 of the same questions from internal colleagues and associates, as well as customers directly."
Some vendors ran special offers to help customers and partners in the affected area to mitigate the situation. While disaster recovery plans are best laid before a major weather event occurs, a slow-motion situation like rivers swelling to flood stage gave some customers and partners time to respond.
Infrascale created a program called "30 days free of Infrascale Cloud Backup to Mitigate the Damage of Harvey." A spokesman described the offer in an e-mail as "a complimentary, no-commitment offer that is valid for up to 30 days or until the impacted business (in SE Texas) is stabilized, whichever is longer. With Infrascale Cloud Backup they can backup their critical data to the cloud for safe keeping."
Other IT companies focused on the relief efforts in the immediate wake of the storm.
SolarWinds on Tuesday committed $75,000 for disaster relief efforts, with the money going to the American Red Cross of Central & South Texas Region, All Hands Volunteers and Feeding Texas. SolarWinds also offered a $2-to-$1 match for anything its U.S. employees donate to those organizations over the next 30 days, and the company is coordinating a volunteer effort by SolarWinds employees of 1,000 hours over the next six months.
"The impact on our neighbors here in Texas has been and continues to be devastating," said CEO Kevin B. Thompson of Austin-based SolarWinds in a statement. "This is a time when we as company -- and all of us as individuals -- need to step up and help as much as we can."
Microsoft on Monday donated money to the Red Cross. "Microsoft provided the American Red Cross with $100,000 as an initial step to help support those in Texas and across the Gulf coast affected by Hurricane Harvey. More help is needed, and the company and its employees pledged to do more," the company said in a statement.
Technology distributor Ingram Micro was also looking for opportunities to help, directly and in conjunction with its partner community, according to a spokesperson. "Ingram Micro and its Southern Star Chapter (part of the Trust X Alliance Community ) are keeping in close and consistent contact with its local members and neighboring members -- many of which relied on each other 12 years ago when the last disaster came in," the spokesperson said. "All have offered support, shelter and scale where needed, including Ingram Micro directly. Trust X Cares and the Southern Star Chapter have literally just set up a GoFundMe page to assist those in need. The goal is $10,000."
Backup service provider Carbonite was directing its philanthropic efforts to Boston Mayor Martin J. Walsh's "Help for Houston" drive, a spokesperson said.
Update 9/1: ConnectWise on Thursday launched an effort specifically to help partners in the affected area regain their footing. "At a time of tragedy, we're here to help our partners survive as entrepreneurs and reestablish their successful businesses, so we're raising $750,000 to meet their needs," CEO Arnie Bellini wrote in a blog post. "You can make a difference for every one of these partners in a time of desperate need. ConnectWise will match all donations to ConnectWise.com/HelpNow. We'll match your donation 2-1 up to $250,000."
Bellini urged partners in need of help to reach out to ConnectWise with their information. "Whether it's now or in the days, weeks, and months to come, our long-term goal is to continue supporting our partners through recovery and rebuilding efforts," he wrote.
Posted by Scott Bekker on August 30, 2017 at 11:38 AM0 comments
Rackspace made a big commitment to its partner program this week with the introduction of the company's first-ever partner incentive.
The initial incentive covers Rackspace's strategic tier of partners who sell between $10,000 and $150,000 in monthly recurring revenue for deals covering dedicated hosting services, such as Rackspace Managed Security or Rackspace Private Cloud Powered by Microsoft, VMware or OpenStack.
"Through the end of this year, we'll match the deals they generate with customers dollar-for-dollar," said Lisa McLin, a 15-year veteran of Rackspace who is the new channel sales and alliances vice president for North America as of late June.
As an example, McLin said a partner working on a digital transformation deal for a customer that wants to put Sitecore on a private cloud platform with VMware, storage, firewall and load balancer and Rackspace Managed Security might be a $20,000 a month contract.
"The partner is going to get their $20,000 incentive, plus their monthly residual" on an ongoing basis, she said.
Rackspace has offered spiffs to partners before but this is the company's first full-fledged, ongoing incentive, McLin said. If it goes as well as she expects, she said the company will be looking to offer more incentives.
"We're going to watch this one and see how it goes. Q4 will be really level-setting, where we ask, 'Are we getting good traction on this?'" McLin said. Expansions could involve other products, as well as broader sections of the Rackspace partner community.
Posted by Scott Bekker on August 29, 2017 at 3:31 PM0 comments
A new version of Chrome OS called Chrome Enterprise aims to make the Google operating system more attractive to business customers in a way that could also make Chrome more of a fit for Microsoft-centric channel partners.
Among many new business management features of Chrome Enterprise, one of the marquee changes is integration with on-premises Active Directory, a first for the 8-year-old Chrome OS, which was primarily designed for cloud-only management solutions.
"Businesses not yet ready for a cloud-only solution have wanted to manage Chrome OS with the on-premise identity and management systems they're already using. To help, Chrome Enterprise is now fully compatible with on-premise infrastructure through Microsoft Active Directory," wrote David Karam, product manager for Chrome Enterprise, in a blog post Tuesday.
Google rolled out Chrome Enterprise via the blog Tuesday and a webcast Wednesday.
"This integration allows employees to use their native credentials to authenticate across devices and Google Cloud Services like Google Play while centralizing management of user and device policies for IT admins," Karam said.
Another enterprise feature of the $50 per device per year Chrome Enterprise license is a partnership with VMware for unified endpoint management. VMware Workspace ONE will be the first third-party solution for managing Chrome devices, Karam said.
Other features exclusive to Chrome Enterprise, as opposed to Chrome OS, include managed Chrome extensions and browser management, printer management, single sign-on support, managed networks and proxies, managed operating system updates and enterprise support.
The comparatively inexpensive Chromebooks have been making market share gains in a generally declining PC market. Gartner estimated that Chromebook shipments increased by 38 percent year over year in 2016 as the overall PC market fell 6 percent. The base is small, however, with Chromebook shipments numbering around 9 million in 2016 against an overall PC market of 270 million units.
One of Google's main markets for Chromebooks has been education, and some Microsoft partners offer Chromebook solutions in that sector. For its part, Microsoft earlier this year launched Microsoft Intune for Education and OEMs rolled out low-cost Windows 10 PCs to better compete against Chromebooks in schools.
In that January announcement, Microsoft made its concerns pretty clear: "New Windows 10 Devices Offer Great Alternatives to Chromebooks."
With Active Directory support in Chrome Enterprise, Microsoft partners will have new reasons to take a harder look at Chromebooks for certain business deployments.
Posted by Scott Bekker on August 23, 2017 at 4:14 PM0 comments
Intel on Monday launched the first of its 8th Gen Intel Core processors, with the initial group of chips intended to power ultrathin notebooks and two-in-ones for small businesses and consumers.
The roadmap calls for 8th Gen processors to arrive for desktop computers in the fall, with enterprise, workstation and enthusiast notebook and desktop systems coming later.
Intel claims healthy performance enhancements over both its 7th Gen chips and against systems that are at least 5 years old, a category consisting of about 450 million computers that Intel and its OEM partners hope to lure to new machines with the new generation of processors.
"This new mobile family sets the bar for outstanding performance, including a boost of up to 40 percent gen over gen, and that jumps to 2x if you compare it with a 5-year-old machine. This is all thanks to the new quad-core configuration, power-efficient microarchitecture, advanced process technology and a huge range of silicon optimizations," said Gregory Bryant, senior vice president and general manager of the Client Computing Group at Intel, in a blog post.
Intel's first wave of 8th Gen processors includes two i5 and two i7 models. Bryant said OEMs will begin releasing notebooks and two-in-ones based on those chips in the beginning of September, and that Intel is expecting more than 145 designs from manufacturers.
Posted by Scott Bekker on August 21, 2017 at 9:59 AM0 comments