The NSA Takes Center Stage on a Microsoft Patch

The U.S. National Security Agency discovered, reported and was publicly credited by Microsoft for a significant vulnerability that is included in the first Patch Tuesday release of the year.

The NSA's public cooperation with Microsoft in defending users of the operating system marks a change from the agency's well-documented past practice of quietly collecting and weaponizing serious OS flaws that are discovered by its researchers.

Microsoft and the NSA offered differing characterizations of the flaw in Windows 10, Windows Server 2016 and Windows Server 2019. While Microsoft encouraged all users to rapidly apply the patch, the structure of Microsoft's extensive vulnerability rating system slightly underplays the severity of the flaw. The NSA, on the other hand, warned that the consequences of not patching would be "severe and widespread."

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) also released an Emergency Directive and Activity Alert regarding the flaw on Tuesday. While CISA's directive only applies to certain federal agencies, the agency's warnings are often heeded by state and local governments and private sector organizations.

In a Cybersecurity Advisory released at the same time as Microsoft's patches, the NSA said:

NSA has discovered a critical vulnerability (CVE-2020-0601) affecting Microsoft Windows cryptographic functionality. The certificate validation vulnerability allows an attacker to undermine how Windows verifies cryptographic trust and can enable remote code execution. The vulnerability affects Windows 10 and Windows Server 2016/2019 as well as applications that rely on Windows for trust functionality. Exploitation of the vulnerability allows attackers to defeat trusted network connections and deliver executable code while appearing as legitimately trusted entities.

Offering examples of ways that validations of trust may be impacted, the NSA cited HTTPS connections, signed files and e-mails, and signed executable code launched as user-mode processes.

"The vulnerability places Windows endpoints at risk to a broad range of exploitation vectors," the NSA statement said in explaining the agency's alarm over the issue. "NSA assesses the vulnerability to be severe and that sophisticated cyber actors will understand the underlying flaw very quickly and, if exploited, would render the previously mentioned platforms as fundamentally vulnerable. The consequences of not patching the vulnerability are severe and widespread. Remote exploitation tools will likely be made quickly and widely available. Rapid adoption of the patch is the only known mitigation at this time and should be the primary focus for all network owners."

On Microsoft's severity scale, however, the vulnerability was rated as being "important" rather than Microsoft's top level of "critical." Microsoft noted that the flaw had not been publicly disclosed, and there were no known public exploits of the flaw currently. Microsoft did give the flaw its "exploitation more likely" rating for both its latest software releases and older software releases. That is the highest level on Microsoft's exploitability index assessment short of flaws for which exploits already exist. Microsoft applies that rating in cases where Microsoft believes exploit code could be created to consistently exploit the vulnerability and when there are past cases where the specific type of vulnerability has been exploited.

Microsoft's technical description of the vulnerability acknowledges the NSA, which is a first. In a separate public statement about CVE-2020-0601, Mechele Gruhn, principal security program manager for the Microsoft Security Research Center, does not name the NSA but does talk about cooperation with security researchers to work on patching newly discovered vulnerabilities.

"This vulnerability is one example of our partnership with the security research community where a vulnerability was privately disclosed and an update released to ensure customers were not put at risk," Gruhn wrote.

Rumblings that a major patch was on the way emerged earlier in the week. The Krebs on Security blog posted an article on Monday with details of the patch collected from sources, and referenced Twitter posts from security industry insiders who indicated something substantial was afoot.

The agency's cooperation reflects a larger debate about the appropriate role of America's digital spy agency. Historically, the organization is known for its offensive capabilities, hiring top researchers to find and exploit vulnerabilities, build them into sophisticated toolsets, and keep those tools secret and productive for as many years as possible. But the recent security/intelligence/public relations disasters involving the EternalBlue tools released by the Shadow Brokers group highlighted a huge self-defeating flaw in the approach. Namely that with the United States being one of the most digitized and Internet-connected countries in the world, when those U.S.-developed tools get into the hands of adversaries of the United States and U.S. businesses, they can do more damage to the U.S. than they could do to their intended targets.

In a statement reported by The Washington Post, a senior NSA official acknowledged the shift in gears represented by the public cooperation on protecting infrastructure versus secretly attacking it.

"This is...a change in NSA of working to share, working to lean forward, and then working to really share the data as part of building trust," the Post quoted Anne Neuberger, director of the NSA's Cybersecurity Directorate, as saying Tuesday. Krebs on Security's Brian Krebs, apparently reporting from the same NSA news conference, added via Twitter that Neuberger also said this wasn't the first time NSA has reported a vulnerability to Microsoft, but it is the first time it has accepted credit or attribution when Microsoft asked.

The NSA dubs the operation "Turn a New Leaf," and it received praise from security researchers. That said, the agency's strategic mission of exploiting enemy networks undoubtedly remains unchanged.

Yes, the NSA has just helped Microsoft and its more attentive customers patch a flaw. At the same time, is it tinfoil hat territory to bet that other teams at NSA are involved in the race to develop exploits based on the same vulnerabilities, or perhaps have already done so given the agency's head start?

What we have here is a complicated dance. The NSA is playing a slightly more transparent -- and from the standpoint of software vendors and their customers, a more constructive -- role in network security than it has in the past. At least it is playing that role in this specific case. We'll take what we can get.

Posted by Scott Bekker on January 14, 2020 at 9:39 AM0 comments

Feds Warn of Potential Iranian Cyberattacks

The U.S. agency in charge of cybersecurity is urging organizations in the United States to prepare for potential attacks from Iran in response to the American drone killing of General Qassim Suleimani.

The Cybersecurity and Infrastructure Security Agency (CISA) issued its warning, "Potential for Iranian Cyber Response to U.S. Military Strike in Baghdad," on Monday afternoon. CISA is a federal agency created in 2018 to coordinate with other government entities and the private sector on cybersecurity and critical infrastructure protection.

The drone attack as Suleimani was visiting Baghdad last week is widely expected to prompt counterattacks of some sort from Iran, with Iranian leaders vowing as much in recent days. One of the most rapid ways that Iran can respond is through attacks on computer systems of U.S. businesses and government agencies.

"Iran has a history of leveraging asymmetric tactics to pursue national interests beyond its conventional capabilities," the CISA alert said. "More recently, its use of offensive cyber operations is an extension of that doctrine. Iran has exercised its increasingly sophisticated capabilities to suppress both social and political perspectives deemed dangerous to Iran and to harm regional and international opponents."

A site defacement already occurred over the weekend, when the Web site for the U.S. Federal Depository Library Program was replaced with an image of a bloodied President Trump being punched in the face. Text in English across the bottom of the page read, "Hacked by Iran Cyber Security Group HackerS ... ;)". A CISA spokesperson told the Washington Post that the attacker used a misconfiguration within the content management system to effect the defacement, and that CISA was unable to provide confirmation that the attack had any actual link to Iran.

In a primer section of its alert, CISA recommended that organizations "adopt a state of heightened awareness," "increase organizational vigilance," "confirm reporting processes" and "exercise organizational incident response plans." The document also details mitigation and detection recommendations for advanced persistent threat techniques that Iranian state-sponsored actors are believed to have used in the past, such as spearphishing, credential dumping and attacks involving PowerShell or scripting.

The full alert is available here.

Posted by Scott Bekker on January 06, 2020 at 11:20 AM0 comments

Top 5 Microsoft Partner Stories of 2019

This year was as eventful for Microsoft partners as any in this decade.

As the year draws to a close, here's a look at some of the biggest stories that happened in 2019.

1. Ransomware Roared Back
At the beginning of this year, it looked like ransomware might have plateaued. Not so. One of the most damaging computer malware incidents to date happened to Baltimore, when a ransomware attack in May took much of the city's infrastructure offline for weeks and other systems down for month. Meanwhile, a trio of attacks on municipal governments in Florida brought record-setting ransom payouts.

The upshot of all this activity is that managed service providers (MSPs) and other types of Microsoft partners spent a lot of time in 2019 educating customers about ransomware, protecting them from attacks and helping them recover from incidents.

2. Microsoft Opens up 'Channel as a Service'
Microsoft launched a significant effort in calendar 2019 to connect its independent software vendor (ISV) partners with its cloud solution provider (CSP) partners through its marketplaces and incentive structures. The results aren't in yet, but the moves have the potential to take the promise of Microsoft's 300,000-partner-strong channel and convert it into more revenues for everyone involved.

One part involves expanding the multibillion-dollar co-sell program beyond Azure to also include Microsoft 365, Dynamics 365 and Power Platform. The other part involves allowing partners to resell ISV solutions through Microsoft's CSP program.

3. Scuttled IUR/Competency Changes
Microsoft faced a full-scale partner mutiny around the time of its annual partner conference, Microsoft Inspire, in July. A plan disclosed shortly before the Las Vegas conference would have had Microsoft revoking partners' ability to use internal use rights (IURs) to run their businesses.

But a substantial partner backlash, which included a very public petition, against the planned IUR revocation and some changes to competencies caused Microsoft to reverse course. In the end, Microsoft apologized for the incident and promised to do a better job consulting with partners earlier in the decision process for program changes that would have a major effect on the way partners do business.

4. Azure Lighthouse
Microsoft took a major step to make Azure a friendlier platform for MSPs in 2019. The effort takes the form of a native toolset called Azure Lighthouse.

Using Azure Lighthouse, partners can manage multiple customers in a secure, multitenant environment with automation. Another way to look at it is as a single control plane for service providers to view and manage Azure across their customers. Azure Lighthouse reached general availability in July.

5. Microsoft Hits $1 Trillion
In the race for a $1 trillion market cap, Microsoft seemed like a dark horse, behind Apple, Amazon and Alphabet. Although Apple and Amazon reached the milestone first, Microsoft cleared that hurdle and impressively remained there more consistently than the others. After years of getting kicked around by Wall Street, Microsoft took its place in 2019 as one of investors' most respected companies.

For the Microsoft channel, the market cap provided some positive buzz around the Microsoft brand for much of the year.

As for what to expect in 2020, several big trends are already clear. Azure migration momentum should continue after being spurred by the Windows Server 2008 support deadline next month. The controversy over Microsoft's winning the Department of Defense JEDI contract, and Amazon's contesting of the decision, will continue to roil as the Amazon Web Services (AWS) lawsuit works its way through the courts. And Microsoft will continue to tinker with its partner program levers to urge partners to help make artificial intelligence an everyday technology for customers.

What else will be big next year? We'll find out as it happens.

Posted by Scott Bekker on December 31, 2019 at 11:17 AM0 comments

Microsoft Gives Wunderlist an End Date

Microsoft set an official date for shutting down Wunderlist -- May 6, 2020.

The announcement presumably brings to a close the drama surrounding the task list app and service, which Microsoft acquired in 2015.

Christian Reber, who as CEO of 6Wunderkinder sold the app to Microsoft, created a stir in September when he Tweeted at Microsoft CEO Satya Nadella and another Microsoft executive about his interest in buying back Wunderlist.

An ax has been hanging over Wunderlist since Microsoft released a preview of the Microsoft To-Do Office 365 application in April 2017. At the time Microsoft said the eventual plan was to retire Wunderlist.

According to a FAQ accompanying the announcement blog on Monday, Wunderlist is not currently accepting new user registrations. After May 6, users will no longer be able to update or edit their lists or tasks. Microsoft provided links in the FAQ to resources for exporting the account or importing lists into Microsoft To Do.

As for why it will discontinue Wunderlist three years after the initial announcement and five years after the acquisition, Microsoft's blog stated that the app is becoming more difficult to maintain as it ages, and that the company is confident that the recent updates to Microsoft To Do make the app a worthy replacement for Wunderlist.

Posted by Scott Bekker on December 10, 2019 at 10:51 AM0 comments

Amazon Formally Challenges Microsoft's JEDI Contract Win

The other shoe has officially dropped in the JEDI cloud contract dispute.

After signaling last month that it would challenge the U.S. Department of Defense's process for awarding the massive contract to Microsoft, Amazon formally filed suit on Monday.

The company filed its protest complaint in the U.S. Court of Federal Claims over the Joint Enterprise Defense Infrastructure contract, which is known as JEDI and which could be worth up to $10 billion over 10 years to supply cloud computing services to the DoD.

Public versions of the 103-page complaint are heavily redacted, but the thrust of Amazon's complaint is that Amazon Web Services (AWS) was technically superior, that Microsoft's Azure cloud services failed key tests for the contract and that President Donald J. Trump steered the contract away from AWS.

The opening paragraphs get right to the heart of Amazon's argument:

A PDF of the redacted version of the filing via the Washington Post is available here.

Posted by Scott Bekker on December 10, 2019 at 10:05 AM0 comments

Microsoft Launches First Rev of Azure Cost Management for Partners (with a Caveat)

Sticker shock is one of the main customer objections to signing up for Microsoft Azure services. The flexibility of the cloud service makes Azure highly scalable but can lead to highly, er, scalable bills, as well.

While Microsoft has been pushing partners hard to sell Azure services to their customers for years, the company is finally also beginning to deliver the specialized tools that partners need to manage those costs across and on behalf of their customers.

In the last few weeks, Microsoft announced the general availability (GA) of Azure Cost Management for partners.

"With this update, partners and their customers can take advantage of Azure Cost Management tools available to manage cloud spend, similar to the cost management capabilities available for pay-as-you-go (PAYG) and enterprise customers today," wrote Aparna Gopalakrishnan, senior program manager for Azure Cost Management at Microsoft, in the blog post announcing GA of the tool.

One caveat of the initial version of the tool is that it is only available for cloud solution providers (CSPs) who have onboarded customers to the new Microsoft Customer Agreement. That agreement, a direct arrangement between Microsoft and the customer, largely sidelines partners in a manner that runs counter to the spirit of CSP, which was originally positioned as a program that allowed partners to control the billing relationship with their customers.

That said, there are still opportunities for partners to supplement customer needs and offer managed services around the Microsoft Customer Agreement, and Azure Cost Management could represent just such an opportunity. It provides a classic example of a partner being able to leverage expertise across dozens, hundreds or thousands of customers to optimize a customer's spending on Azure services and help make the bills predictable.

What the first version of Azure Cost Management provides is tools that allow partners to view, manage and analyze all of their customers' billing through a single pane of glass. Partners will be able to view and analyze costs by customer, subscription, resource group, resource, meter, service and other dimensions.

[Click on image for larger view.] One of the key capabilities of the partner-focused Azure Cost Management tool is the ability to set budgets and create alerts. (Source: Microsoft)

They can also track Partner Earned Credit (PEC) and, critically, set up notifications and automation using programmatic budgets. The tool also lets the partner enable the Azure Resource Manager policy that allows customers to access Cost Management data. Microsoft is making all of the functionality of the native tool available as REST APIs for automating the capabilities.

Microsoft committed to periodic updates of the tool. Among the first updates will be support for exporting data from the tool. The roadmap also calls for cost recommendations, optimization suggestions and showback features that allow partners to charge a markup on consumption costs.

Microsoft also plans to undo the main caveat by launching Azure Cost Management at retail rates for customers who are supported by a CSP partner but who are not on the Microsoft Customer Agreement.

Posted by Scott Bekker on December 03, 2019 at 11:07 AM0 comments

Seismic Week in Acquisitions: Tech Data, Docker Enterprise, Carbonite

It has been a huge week for acquisitions in tech, with announcements of definitive agreements for Tech Data Corp. to go private, Mirantis to pick up Docker's Enterprise Platform business and OpenText to buy Carbonite Inc.

The deal impacting the most channel companies is Tech Data. Loosely speaking, Apollo Global Management Inc. is buying Tech Data for $5.4 billion, a 24.5 percent premium to Tech Data's share price as of mid-October. Technically, the acquisition is being engineered by "an affiliate of funds managed by affiliates of Apollo."

Rumors have been widespread about a coming acquisition for the distribution giant, as acknowledged in the news release Wednesday about the deal, which declared Oct. 15 as "the last trading day prior to published market speculation regarding a potential transaction involving the company."

Assuming no better offers come forward in the go-shop period through Dec. 9, and that the agreement passes regulatory muster, the deal is expected to close in the first half of 2020.

Existing channel partners can probably expect little to change in the short term. Tech Data CEO Rich Hume would stay on and company headquarters would remain in Clearwater, Fla. Executives from Tech Data and Apollo both affirmed the commitment to Tech Data partners and to the business in general. They positioned the deal as a way for Tech Data, free of quarterly financial reporting pressures, to focus on long-term growth.

Container technology pioneer Docker Inc. is selling a part of its business to Mirantis for an undisclosed amount. The deal, also announced Wednesday, involves the Docker Enterprise Platform business, employees and enterprise customers.

Mirantis, known for its Kubernetes K8s-as-a-service, will get the Docker Enterprise Platform technology, including Docker Enterprise Engine, Docker Trusted Registry, Docker Unified Control Plane and the Docker CLI.

In a blog post, Mirantis CEO and co-founder Adrian Ionel said Mirantis will be able to enhance the Docker technologies with its K8s-as-a-Service technology. However, the move leaves out the Docker Swarm container orchestration technology.

Mirantis "currently expects to support Swarm for at least two years, depending on customer input into the roadmap," Ionel said. "Mirantis is also evaluating options for making the transition to Kubernetes easier for Swarm users."

As a company, Docker will now focus on Docker Desktop and Docker Hub.

Earlier in the week, OpenText on announced an agreement to acquire Carbonite Inc. for $1.42 billion in another deal that had been reported publicly as being in the works. The deal amounts to a 78 percent premium on Carbonite's "unaffected closing stock price on September 5, 2019, the last trading day before a media report was published speculating about a potential sale process," the companies said in a statement.

Carbonite specializes in data protection and security, while OpenText is focused on enterprise information management.

OpenText CEO & CTO Mark J. Barrenechea positioned the pending acquisition as strengthening OpenText in cloud platforms and giving the company new routes to markets via Carbonite's "SMB/prosumer channel and products."

The companies expect the transaction to close within 90 days.

Posted by Scott Bekker on November 14, 2019 at 12:05 PM0 comments

ConnectWise-Continuum: Big Merger, Modest Ripple in the MSP Tools Market

There was a gigantic deal in the managed service provider (MSP) tools market this week that changes, well, not that much in the short run.

ConnectWise is acquiring Continuum. Both are major players in the MSP market. ConnectWise has a long legacy in the professional services automation end of the space, which it has been increasingly building into a full-stack MSP solution that includes remote monitoring and management (RMM), quote tools and various other business and technology pieces. Continuum is a younger company, born out of a partial Zenith Infotech acquisition, that focused heavily on providing turnkey MSP technology tools and operations center-provided services to MSPs with fewer technicians on staff.

Both have large bases of MSP customers/partners, making the deal important in terms of the number of partners affected.

Yet, there is more that doesn't change, at least immediately, from this deal than does.

For one thing, both companies are already owned by Thoma Bravo, the private equity behemoth that's been funding much of the M&A activity in the MSP sector. The Thoma Bravo portfolio also includes SolarWinds and Barracuda Networks. Interestingly, ConnectWise was acquired by Thoma Bravo in February and at the time denied rumors that an acquisition was pending for another Thoma Bravo company.

ConnectWise also says it remains committed to keeping its platform open to competitors, so that MSPs can choose on their own best-of-breed combinations of tools. "We believe in an open ecosystem, the power of choice and providing a single pane of glass view," the company said in its statement Wednesday announcing the deal. The announcement came during IT Nation 2019, ConnectWise's annual partner conference, which features more than 100 exhibitors, including direct competitors in several areas. Many of those vendors must keep a close eye on whether that commitment to openness continues, but for now ConnectWise is saying the right things.

The most significant part of the announcement is that the company intends to continue offering both RMMs, meaning little change for existing partners. In the announcement, which also covered the acquisition of ITBoost and a partnership with Webinfinity, ConnectWise emphasized how all the pieces fit together.

"The resulting solution suite redefines business automation. The convergence of ConnectWise's best-in-class platform (PSA, RMM, CPQ), with the service-enabled RMM, security and NOC/SOC and Help Desk from Continuum, IT documentation from ITBoost, and partner relationship management (PRM) from Webinfinity, substantially increases value to [technology service providers]. ConnectWise becomes the only software platform that connects the TSP upstream to its suppliers and downstream to its customers, creating a unified business operating environment to accelerate TSPs success," the statement said.

Specifically about any potential overlap between the ConnectWise/Continuum tools, ConnectWise positioned the RMM approaches as complementary.

Describing the Continuum tools and services, ConnectWise positioned Continuum's model as appropriate for TSPs "preferring to outsource much of their low-level work, whether because they want additional help on nights or weekends, or because they need to access a different skillset than they possess. This complements ConnectWise's current offering, which targets TSPs who take more of a 'do it yourself' approach. As a result, TSPs will have the freedom to adopt either model, or a mixture of both, all while making more data driven decisions and increasing their use of automation."

Competitors are going through the motions of seeding doubts for ConnectWise or Continuum MSPs about potential de-emphasis of their preferred tools in the future.

"Some hiccups are, of course, to be expected for a deal of this size," said Kaseya CEO Fred Voccola in a statement. "For example, both ConnectWise and Continuum are relatively the same size and offer users competing RMMs. And while they, in theory, could continue maintaining two RMMs simultaneously, they'll likely focus instead on investing in just one tool's continued R&D, technical support and customer enablement. This will ultimately force half of its users to migrate to the company's preferred tool -- an often costly and time-consuming effort."

Datto's CTO Bob Petrocelli was less direct, but addressed big questions for MSPs to keep in mind after a merger in a blog that was posted after the merger but that didn't mention ConnectWise or Continuum specifically.

"There are steps you can take to anticipate how consolidation among vendors may affect your business as an MSP. Look for transparent communication from your vendor. Why did they make this decision? How does the tech benefit you? How will your partnership change and improve? These are a few good questions your vendor should provide answers to," Petrocelli wrote.

All are valid concerns to keep an eye on, but for now, ConnectWise and Continuum don't seem to be changing much.

Posted by Scott Bekker on October 31, 2019 at 11:31 AM0 comments

Microsoft Builds Partner Enhancements into IoT Central

Microsoft's Internet of Things (IoT) platform for solution-building partners, known as Azure IoT Central, is being overhauled with a number of major feature updates intended primarily for OEMs, independent software vendors (ISVs) and systems integrators (SIs).

The company released details of the IoT Central changes on Monday as part of a raft of IoT announcements timed to coincide with the IoT Solutions World Congress taking place this week in Barcelona.

Azure IoT Central Features
Microsoft describes IoT Central as an app platform that provides partners with IoT plumbing for connecting devices, managing devices and performance analysis. Partners take their own business and vertical expertise to build an IoT solution on top of the Microsoft framework. They can then white-label the Microsoft parts under their own solutions and either sell directly to customers or sell through the Microsoft AppSource marketplace.

"The value of IoT Central is brought to life when solution builders leverage it to connect and manage their devices, as well as to extend device insights into their line of business applications. This allows solution builders to spend their time and energy in their area of expertise, transforming their businesses through value-adding and brand-differentiating elements," explained Bert Van Hoof, partner group program manager for Azure IoT, in a blog post describing the new features. The blog post provided one of the clearest explanations yet of Microsoft's partner intentions for IoT Central.

Along that theme, several of the coming enhancements address the particular concerns of partners, who need infrastructure that enables them to handle several customers at once and who benefit the most from aspects of Microsoft solutions that allow for repeatable procedures.

One is multitenancy, the ability to have several customers whose individual tenants are separated from one another for security purposes but that can be managed collectively by one partner. "We know that many solution builders need more than just repeatability; they also need manageability to truly scale their investments to customers. Which is why in the coming months, Azure IoT Central will support multitenancy; solution builders can build once and use a multitenancy interface to on-board, configure, and update many customers and organizations globally across regions, offering both device and data sovereignty without sacrificing manageability," Van Hoof said.

Another is public APIs to access features. "Solution builders with extensibility needs beyond device data now have access to Central features through our public APIs. Users can develop robust IoT solutions that leverage IoT Central programmatically as the core for device modelling, provisioning, lifecycle management, operations (updating and commanding), and data querying," he said.

In an effort to jump-start partner practices, Microsoft is also immediately releasing 11 new industry app templates, which are designed to illustrate the types of solutions that partners and customers can build. For retail partners, the templates include Store Analytics Condition Monitoring, Store Analytics Checkout, Digital Distribution Center, Connected Logistics and Smart Inventory Management. For government partners, the templates are Water Quality Monitoring, Water Consumption Monitoring and Connected Waste Management. Microsoft is also providing energy vertical templates of Smart Meter Monitoring and Solar Power Monitoring, and a health care template for Continuous Patient Monitoring.

Other new features for IoT Central include support for IoT Edge, support for IoT plug-and-play, the ability to save and load applications, new data export options, and custom user roles. Microsoft will also roll out a new pricing model sometime next year that is supposed to make the solution's cost more predictable.

Azure Sphere GA Date
Also Monday, Microsoft set a February 2020 general availability date for Azure Sphere. Azure Sphere is Microsoft's ambitious initiative, first announced in April 2018, to put itself at the center of IoT management and security. It consists of a combination of a reference architecture for microcontroller units (MCUs), a Linux-based operating system for the devices themselves, and a cloud-based Azure Sphere Security Service to manage and secure the devices. Earlier this year, Microsoft added a mechanism called "Guardian Modules" to the roadmap, which would serve as a bridge for older IoT devices to be managed under Azure Sphere.

Sam George, corporate vice president of Azure IoT, in a blog post highlighted momentum with the preview versions of Azure Sphere. "Since we first introduced Azure Sphere, we've made tremendous progress delivering on our ambitious product vision, investing in partnerships and capabilities that help us serve customers wherever they are in their IoT journey. This includes our partnerships with silicon leaders to enable heterogeneity at the edge; our longstanding partnership with MediaTek, and our recent partnership announcements with NXP and Qualcomm, which will introduce the first cellular-enabled Azure Sphere-certified chip," George wrote.

Other IoT Enhancements
Microsoft disclosed several other coming enhancements on Monday.

Several new features will reach general availability by the end of November for Azure IoT Hub, the cloud gateway used by IoT Central. The runtime of the Azure Event Grid will be extended to devices with Azure Event Grid on IoT Edge, which allows organizations to publish their own events or connect other modules with built-in event capabilities. Organizations will be able to put their own information into messages with IoT Hub message enrichment. Additionally, IoT Hub will integrate with the regular Azure Event Grid for sending device telemetry events to Azure services.

Azure Maps is already a feature with a lot of usage scenarios for IoT applications that include devices in the field. Now Microsoft is partnering with AccuWeather to add geospatial weather intelligence data into those applications. Common scenarios include "routing, targeted marketing and operations optimization," George said.

Finally, Microsoft is working on a handful of new capabilities for Azure Time Series Insights, which is Microsoft's IoT analytics solution. Those include multilayered storage, flexible cold storage, richer analytic capabilities, scale and performance improvements, and a Power BI connector.

Posted by Scott Bekker on October 28, 2019 at 12:48 PM0 comments

How Permanent Is Microsoft's Shocking JEDI Win?

The conventional wisdom was that the massive Joint Enterprise Defense Infrastructure (JEDI) contract was Amazon Web Services' to lose.

Then Microsoft was named on Friday as the winner of the contract to be the sole cloud contractor for the Pentagon -- a deal valued at up to $10 billion over 10 years if all the options are exercised.

Here's how Adam Mazmanian at Federal Computer Week described what it means for Microsoft in a comprehensive piece on the deal:

The market agreed on Monday morning, with TheStreet reporting:

Victory laps by Microsoft could be premature, however.

Kara Swisher, the New York Times columnist and CNBC contributor who has some of the best sources in Silicon Valley, warned everyone not to expect AWS to take the decision as final. Especially given President Donald Trump's public statements about Amazon CEO Jeff Bezos.

In an appearance Monday on CNBC, Swisher said:

Some of the Trump rumors come from former Defense Secretary James Mattis. Here's a CNBC report on a portion of Mattis' book:

Of Microsoft, Swisher said:

Amazon's public statements so far, out of a spokesperson, are that the company was "surprised" by the decision. No word yet on whether it'll decide to tie it up in litigation or focus on winning some of the many other cloud service deals that are expected to come out of the U.S. federal government over the next few years.

This decision is a big win for Microsoft. As for the challenge aspect, think of it like the replay rule in the NFL. The refs have to overturn the ruling on the field, and the ruling on the field is that the JEDI contract belongs to Microsoft. But as the decision Friday showed, anything can happen, and may yet.

Posted by Scott Bekker on October 28, 2019 at 3:34 PM0 comments

Intelligent Cloud Stands Out in Microsoft Q1 Results

Of Microsoft's three main business units, Intelligent Cloud accounted for slightly less revenue than either of the other two units, but still generated some of the most interesting activity this quarter.

Microsoft on Wednesday reported results for the first quarter (July-September) of its fiscal 2020. The company beat Wall Street expectations on both earnings and revenues, although the stock barely moved. Compared to the year-ago quarter, revenues were up 14% to $33 billion and earnings per share were up 21% to $1.38.

Microsoft's three business units all brought in roughly similar amounts of revenue for the quarter. More Personal Computing saw revenues of $11.1 billion, Productivity and Business Processes also had $11.1 billion, and Intelligent Cloud was $10.8 billion.

By revenue growth, Productivity and Business Processes, which includes Office, LinkedIn and Dynamics, was closest to the top-line growth revenue percentage at 13%. Intelligent Cloud, which includes Azure, server products and services, grew revenue at about twice the rate of the rest of the company -- 27%. More Personal Computing lagged the company's overall revenue growth, with a 4% increase.

In his prepared statement for the earnings release, CEO Satya Nadella highlighted Intelligent Cloud. "The world's leading companies are choosing our cloud to build their digital capability," Nadella said. He also pointed to the continuous rollout of more services and capabilities across Microsoft's cloud services stack.

Azure is the strategic tent pole of the division, and the results for Azure for the quarter were strong. Microsoft does not reveal Azure revenue figures, but the company details Azure growth rates every quarter.

While growth in Azure is slowing as the business gets larger, it remains robust and consistently compares favorably to segment leader Amazon Web Services' growth rates. Microsoft reported a 59% growth rate for Azure in Q1. A year ago that rate was 76%, and it has been slowly dropping in the interim quarters. For the record, Microsoft did say that Azure revenues grew at a 63% rate in the most recent quarter in constant currency.

In a positive note for Microsoft's unique hybrid cloud narrative, the server products, which include on-premises systems, had a surprising surge in the quarter. A year ago, server products grew at a 10 percent rate and had fallen to 5% growth in Q4 of 2019. Yet in Q1 2020, server products were up 12%. Microsoft attributed some of the growth to demand related to SQL Server 2008 and Windows Server 2008 end of support.

Other notable highlights in the quarterly results included:

  • Revenues for the Microsoft Surface line of 2-in-1s and laptops dropped 4%.
  • Dynamics 365 had a strong quarter with revenue growth of 41%.
  • Office 365 Commercial revenue shot up 25%.
  • Windows OEM revenue was up 9% as the January 2020 support deadline for Windows 7 approaches.
  • LinkedIn revenue was up 25%.
  • Enterprise Services revenue was up 7%.
  • The Xbox unit was flat.

Posted by Scott Bekker on October 23, 2019 at 6:16 PM0 comments

SherWeb Urges Partners To Focus on Security in 2020

SherWeb is urging its partners to go after the managed security services opportunity aggressively in 2020.

The Sherbrooke, Quebec-based cloud distributor, one of the indirect providers in Microsoft's Cloud Solution Provider (CSP) program, held its annual partner conference late last week in Montreal. SherWeb has thousands of partners who resell Microsoft and other cloud services through SherWeb as part of their primarily SMB-focused managed service provider (MSP) practices.

"We cannot emphasize enough how important and crucial security will be in our business," said Matthew Cassar, SherWeb's co-founder and co-CEO, in the main keynote at the SherWeb Accelerate Cloud Summit 2019.

"Managed service providers need to evolve into managed security service providers," Cassar said, adding that even MSPs who don't shift gears to security should at least offer holistic security as part of their services. According to SherWeb market research, about 90 percent of SMBs would switch service providers if they were provided a comprehensive security service.

Cassar and other SherWeb executives detailed several ways that they plan to help their MSP partners offer more effective security services to SMB customers, who are finding themselves targeted by attackers more frequently than they used to be when hacks focused more heavily on large multinationals.

For one thing, Cassar said SherWeb will be offering best-of-breed third-party security services that its partners can in turn offer to their customers. As a first component, SherWeb announced at the show that it is offering Bitdefender Antivirus.

"Bitdefender Antivirus is a key security product for any MSP to resell because it will help them detect threats more accurately than any other security product on the market," said Nicolas Roy, product manager for security at SherWeb, in a statement. "As part of our commitment to provide our partners with only the best business software in the world, we're proud to add Bitdefender to our portfolio."

A little further out, Cassar said SherWeb will be providing security operations center (SOC) services for its partners in the coming months.

Another way SherWeb plans to help its partners expand their security capabilities is by enhancing Office Protect, the company's simplicity-focused solution for locking down Office 365 deployments. The company first launched Office Protect at its 2018 conference, and the core purpose of the product remains intact, said Guillaume Boisvert, director of Office Protect for SherWeb. "We know that our value, our positioning is to be simple, to make it easy," Boisvert said. "A lot of security products, if I can send a million alerts, you can see that I'm useful. That is definitely not our approach."

Improvements for Office Protect on the roadmap include advanced reporting to cover compliance workloads. Additionally, plans call for Office Protect to handle more investigation and remediation of potential security incidents. "I don't want to tell you that we'll do the remediation for you. That's just a pipe dream," Boisvert said. "We're not looking to take the decision away from you. We're looking to accompany you through the investigation. We're going to provide you with the playbooks. [For example,] it's a sign-in from an unauthorized country. I got an alert in clear English. What's next?"

That is the type of issue for which Office Protect will recommend to the partner how to handle the customer's situation, he said.

In non-security developments, SherWeb announced that it will offer QuickBooks for its partners to resell. "This has been a high-demand product from our partners," Cassar said. Additionally, Cassar said that over the last year, existing partners had increased their subscription-based revenues by 30 percent and increased their average revenue per user (ARPU) by more than a third to $15.

Posted by Scott Bekker on October 15, 2019 at 12:03 PM0 comments