Determining the best Microsoft partners in the world is challenging. With a community as large, diverse and global as the Microsoft Partner Network (MPN), there are a thousand ways to look at the question.
Market research firm IDC took a crack at it from the standpoint of global implementation giants in a report released last month. The "IDC Marketscape: Worldwide Microsoft Implementation Services 2019 Vendor Assessment" is an analysis of 10 Microsoft systems integrators.
To be included, a firm had to have at least $125 million of revenue from a Microsoft implementation practice at a worldwide level, a minimum of 1,000 professionals related to Microsoft projects, and at least 10 percent of revenue and 10 percent of headcount in each of IDC's three macroregions.
Summarizing its findings in the form of a chart, IDC was careful not to rank the top 10. Instead, citing 34 evaluation criteria, IDC arranged the companies along a two-axis chart with "Capabilities" on the vertical axis and "Strategies" on the horizontal. Five companies are clustered around the lower edge of a "Leaders" category and the other five are clustered near the top of a "Major Players" category.
According to IDC, the leaders include Accenture and Avanade (grouped as one entity), IBM, Infosys, HCL and TCS. The major players are PwC, DXC, EY, Wipro and Cognizant.
IDC noted that although Leidos is one of the top five systems integrators based on worldwide revenue, the firm was excluded due to the concentration of its revenue. According to IDC, Leidos typically receives more than 80 percent of its revenues from the U.S. government.
IDC also cautioned that its evaluation should not be considered a "final judgment" on firms to consider for a project. "It is conceivable, and in fact the case, that specialty firms can compete with multidisciplinary firms on an equal footing," analyst Ali Zaidi wrote in the report.
In short, the IDC research provides a useful snapshot of the biggest and broadest systems integrators in the Microsoft ecosystem.
An excerpt of the report featuring Accenture and Avanade is available here.
Posted by Scott Bekker on June 17, 2019 at 8:41 AM0 comments
Adam Warby will step down as CEO of Avanade after over 11 years in August and be succeeded from within the company by Pamela Maynard, the company announced this month.
Avanade is a giant in the Microsoft partner community with 36,000 professionals worldwide, a specialized focus on Microsoft technologies and a tight relationship with Microsoft. The company was originally founded in 2000 as a joint venture between Accenture and Microsoft, and the company's board includes Judson Althoff, executive vice president of the Worldwide Commercial Business at Microsoft.
Since Warby became CEO in 2008, Avanade's revenues have tripled from $900 million to $2.5 billion, the company has expanded the number of countries it operates in by seven to 26 total, and it has closed seven acquisitions.
In a statement, Warby called the decision to leave difficult, but said that it was the right time for a transition. "On the eve of our 20th anniversary, I am confident that Pam is the right leader to take Avanade into the next chapter. During the last 11 years, she has driven unparalleled results for Avanade in the key roles that she has held and has been a vocal advocate for inclusion and diversity across the organization," Warby said.
Maynard is currently president of product and innovation at Avanade. She has held the role for two years and responsibilities included overseeing several practices, development of new offerings, advisory services and the delivery organization. Her previous roles within Avanade included running Avanade Europe as president and running Avanade U.K. as general manager. Maynard has also worked for Capgemini, Ernst & Young and Oracle.
Posted by Scott Bekker on June 13, 2019 at 8:46 AM0 comments
Microsoft announced its Partner of the Year awards this month, and like every year, the structure and categories tell a lot about Redmond's priorities.
Microsoft has always used the worldwide partner awards to emphasize partner success in strategic growth areas or key competitive areas, and to reinforce to the channel what business areas will be most important in the coming fiscal year. Microsoft announces its winners in June and formally gives them out at its Inspire partner conference in July, which aligns roughly with the start of the company's fiscal year.
Here are six takeaways from a review of the 41 categories.
How big a deal is this "digital transformation" concept to Microsoft? Pretty big. First of all, there's a Digital Transformation Partner of the Year category. Kudos to Accenture for winning that one, although it's odd that there are no finalists. That suggests Microsoft may be struggling to get partners to join the Digital Transformation parade in a meaningful way.
Meanwhile, the phrase "digital transformation" has attained buzzword status in the winner descriptions. In the 30-page PDF featuring short descriptions of each of the 2019 winners, the phrase "digital transformation" appears 66 times. Compare that against the 52 appearances of the phrase "artificial intelligence" or "AI," and you get a sense of how important this digital transformation idea is to Microsoft.
Microsoft grouped its solution-focused awards this year into four main areas. They are Azure (Intelligent Cloud) Awards, Business Application Awards, Modern Workplace Awards and Other Awards. (Non-solution groupings are Industry Awards and Country Awards.) What's interesting is that those groupings are relatively consistent with the big partner classifications set in the major field and channel shakeup of 2017. At the time, Microsoft created four major buckets for partners: Modern Workplace, Business Applications, Applications & Infrastructure, and Data & Artificial Intelligence. Two of those remain in the awards structure, Modern Workplace and Business Applications. The other two are largely combined into Azure (Intelligent Cloud).
There's not much in the way of on-premises-based awards. The closest are the ones that involve getting customers the heck off on-premises. Two of those awards are in the "Azure (Intelligent Cloud) Awards" area. There is the straight "Datacenter Migration" category, won by Microsoft awards veteran 10th Magnitude, a pioneer in Azure business practices.
Then there's the related "Data Estate Modernization" category, won by Cognizant Technology Solutions. Note also the "Indirect Provider Partner of the Year" winner, Arrow ECS. One of that company's major pushes is datacenter retirements paired with moves to Azure. Expect an ever louder drumbeat about datacenter migration to Azure as end-of-life approaches for Windows Server 2008 R2 on Jan. 14, 2020.
Evident in the business applications categories is the shift away from emphasis on terms like ERP and CRM and toward Dynamics 365 and elements of the platform underlying Dynamics 365. These categories reflect changes going on with the business applications competencies, as well.
The mix of industry verticals Microsoft appears most interested in has evolved slightly, but is still relatively consistent with the verticals Microsoft declared as strategic in the 2017 overhaul. At the time, it was manufacturing, financial services, retail, health, education and government. Those verticals continue to be reflected and rewarded in the current awards list, although the manufacturing category is "Manufacturing and Resources." Additional vertical awards for 2019 are automotive, media & communications and Microsoft CityNext.
SAP on Azure
One other awards category of interest is the SAP on Azure Partner of the Year, won by Capgemini. SAP on Azure is an advanced specialization within the Cloud Platform competency. In addition to the strategic importance to Microsoft of drawing SAP implementations to the Azure cloud, it's also a hint of things coming for partners. In the next fiscal year, Microsoft will be expanding its advanced specializations for partners to include Azure Stack, server migration, security and teamwork.
Trends and priorities aside, congratulations to the 2019 partner winners. See the full list below.
Azure (Intelligent Cloud) Awards
AI and Machine Learning Partner of the Year
- Winner: Crayon Group
- Finalist: AgileThought
- Finalist: eSmart Systems
- Finalist: Modis
Application Innovation Partner of the Year
- Winner: Wapice Ltd.
- Finalist: Infosys Ltd.
- Finalist: Wragby Business Solutions and Technologies Ltd.
- Finalist: Zure
Azure Influencer Partner of the Year
- Winner: Hanu
- Finalist: Navisite
- Finalist: SELA
- Finalist: Sol-Tec Ltd.
Data Analytics Partner of the Year
- Winner: Modis
- Finalist: Cognizant Technology Solutions
- Finalist: Pragmatic Works
Data Estate Modernization Partner of the Year
Datacenter Migration Partner of the Year
DevOps Partner of the Year
- Winner: 10th Magnitude
- Finalist: Dimensional Strategies Inc.
- Finalist: InCycle Software
Internet of Things Partner of the Year
- Winner: Accenture/Avanade
- Finalist: PTC
- Finalist: SoftBank Technology
- Finalist: Telelink Business Services
Mixed Reality Partner of the Year
- Winner: PTC
- Finalist: Bentley Systems
- Finalist: Kognitiv Spark
- Finalist: Meemim Inc.
OSS on Azure Partner of the Year
- Winner: HashiCorp
- Finalist: SNP Technologies Inc.
SAP on Azure Partner of the Year
- Winner: Capgemini
- Finalist: DXC Technology
- Finalist: T-Systems
Business Applications Awards
Dynamics 365 for Business Central Partner of the Year
- Winner: Cooper Parry IT
- Finalist: Bond Consulting Services
- Finalist: NAB Solutions AB
- Finalist: Wiise
Dynamics 365 for Customer Service Partner of the Year
- Winner: PowerObjects, an HCL Technologies Company
- Finalist: Cognizant Technologies
- Finalist: DXC Technology
- Finalist: Hitachi Solutions Philippines Corporation
Dynamics 365 for Field Service Partner of the Year
- Winner: Hitachi Solutions
- Finalist: eCraft Oy Ab
- Finalist: HSO International
- Finalist: Velrada
Dynamics 365 for Finance and Operations Partner of the Year
Dynamics 365 for Sales Partner of the Year
- Winner: SAGlobal
- Finalist: Experlogix
- Finalist: KPMG Advisory
- Finalist: MASAO
Dynamics 365 for Talent Partner of the Year
Power BI Partner of the Year
- Winner: Nihilent
- Finalist: Campus Management
- Finalist: Catapult Systems
- Finalist: Expose Data
PowerApps Partner of the Year
- Winner: Catapult Systems
- Finalist: C Centric Solutions
- Finalist: Mercury xRM Limited
- Finalist: PowerObjects, an HCL Technologies Company
Automotive Partner of the Year
- Winner: Annata
- Finalist: 4ward
- Finalist: Bright Box
- Finalist: Icertis Inc.
Education Partner of the Year
- Winner: Edsby
- Finalist: Blackbaud
- Finalist: Insight
Financial Services Partner of the Year
- Winner: PowerObjects, an HCL Technologies Company
- Finalist: AKA Enterprise Solutions
- Finalist: Finastra
Government Partner of the Year
- Winner: Hitachi Solutions
- Finalist: KPMG
- Finalist: Planet Technologies
- Finalist: RapidDeploy
Health Partner of the Year
- Winner: Health Catalyst
- Finalist: KenSci
- Finalist: Mozzaz Corporation
- Finalist: Quest Software
Manufacturing and Resources Partner of the Year
- Winner: PTC
- Finalist: ABB Asea Brown Boveri Ltd.
- Finalist: Hitachi Solutions
- Finalist: ICONICS
Media & Communications Partner of the Year
- Winner: Aprimo
- Finalist: AdPushup Inc.
- Finalist: SAGlobal
- Finalist: Tech Mahindra
Microsoft CityNext Partner of the Year
- Winner: Bentley Systems
- Finalist: ABB Asea Brown Boveri Ltd.
- Finalist: KPMG Adoxio
- Finalist: Meemim Inc.
Retail Partner of the Year
- Winner: Obase
- Finalist: Brainpad Inc.
- Finalist: HSO
- Finalist: JDA Software
Modern Workplace Awards
Intelligent Communications Partner of the Year
- Winner: Arkadin
- Finalist: CDW LLC
- Finalist: NBConsult
- Finalist: Tata Communications
Modern Desktop Partner of the Year
Modern Workplace Transformation Partner of the Year
- Winner: Phoenix Software
- Finalist: Accenture/Avanade
- Finalist: Content and Code
- Finalist: DXC Technology
Project and Portfolio Management Partner of the Year
- Winner: Wicresoft
- Finalist: Innovative-e
- Finalist: ProActive A/S
- Finalist: Sensei Project Solutions
Security and Compliance Partner of the Year
- Winner: InSpark
- Finalist: Edgile
- Finalist: Maureen Data Systems Inc.
- Finalist: Onevinn
Teamwork Partner of the Year
Digital Transformation Partner of the Year
Learning Partner of the Year
- Winner: Global Knowledge
- Finalist: QA
- Finalist: Shanghai Yungoal Info Tech Co. Ltd.
Partner for Social Impact Partner of the Year
Alliance Global ISV Partner of the Year
- Winner: Finastra
- Finalist: Cloudera
- Finalist: Icertis Inc.
- Finalist: Sitecore
Alliance Global SI Partner of the Year
Customer Experience Partner of the Year
Diveristy and Inclusion Changemaker Partner of the Year
Indirect Provider Partner of the Year
- Winner: Arrow ECS
- Finalist: Crayon Software Experts Spain S.L.
- Finalist: Ingram Micro Mexico
- Finalist: rhipe
Argentina: VU Security
Austria: ITSDONE Holding GmbH
Azerbaijan: SMART business
Bahrain: Almoayyed Computers
Bangladesh: Corporate Projukti Limited
Bermuda: Maureen Data Systems Inc.
Bolivia: SoftwareONE Bolivia
Bosnia and Herzegovina: Logosoft d.o.o.
Brunei: Tech One Solutions Sdn Bhd
Canada: Long View
Cayman Islands: Kirk Office Equipment Ltd.
China: SYSTEX China Ltd.
Colombia: Westcon Group Colombia Limitada
Costa Rica: ITCO
Côte d'Ivoire: INOVA Consulting Services
Croatia: Hrvatski Telekom d.d.
Curaçao: Inova Solutions
Cyprus: Dot.cy Developments Ltd.
Czech Republic: Unicorn Systems
Dominican Republic: C-ven Technologies
Ecuador: BUSINESS IT
Egypt: HITS Technologies
El Salvador: GBM de El Salvador
Estonia: TVG Eesti, OÜ
Georgia: UGT Ltd.
Germany: Joint Entry: PHAT CONSULTING GmbH, Glück & Kanja Consulting AG and GAB Enterprise IT Solutions GmbH
Greece: OFFICE LINE SA
Guatemala: Gensa Group
Hong Kong SAR: KBQuest Hong Kong Limited
Hungary: T-Systems Magyarorszag Zrt.
India: G7 CR Technologies India Pvt. Ltd.
Indonesia: PT Awan Integrasi Sandidata (ViBiCloud)
Ireland: Spanish Point Technologies
Israel: U-BTech Solutions
Italy: Var Group Spa
Jamaica: Inova Solutions
Japan: Fujitsu Ltd.
Kazakhstan: M-SYSTEM LLP
Kenya: Cloud Productivity Solutions Limited
Korea: Zenith & Company Co., Ltd.
Latvia: Tilde Sia
Luxembourg: Devoteam S.A.
Malaysia: Rhipe Malaysia Sdn Bhd
Malta: ICT Solutions
Mexico: Ingram Micro Mexico
Mongolia: Mogul Service and Support LLC
Namibia: Salt Essential IT
Nepal: Tech One Global Nepal Pvt. Ltd.
Netherlands: ICT Automatisering NV
New Zealand: Umbrellar Limited
Oman: BAHWAN IT LLC
Pakistan: Maison Consulting & Solutions
Panama: GBM Dominicana
Paraguay: OLAM S.R.L.
Peru: G&S Gestión y Sistemas SAC
Philippines: Crayon Software Experts Philippines Inc.
Poland: Synerise S.A.
Portugal: InnoWave Technologies S.A.
Puerto Rico: Nagnoi LLC
Qatar: Information & Communication Technology W.L.L
Romania: Asseco SEE
Russia: Awara IT
Saudi Arabia: eSense Software
Serbia: Comtrade System Integration d.o.o.
Singapore: Ingram Micro Asia Ltd.
Slovakia: exe, a.s.
South Africa: Mint Management Technologies
Sri Lanka: Tech One Global
Sweden: Acando AB
Switzerland: isolutions AG
Taiwan: Systex Software & Service Corporation
Thailand: MFEC Public Company Limited
Trinidad and Tobago: Davyn
Uganda: Britehouse/Dimension Data
Ukraine: Infopulse LLC
United Arab Emirates: Netways
United Kingdom: New Signature
United States: Quisitive
Uruguay: Arnaldo C. Castro S.A.
Venezuela: CONSEIN, C.A
Vietnam: Tech Data Advanced Solutions (Vietnam) Company Limited
Posted by Scott Bekker on June 13, 2019 at 11:46 AM0 comments
Significant tweaks are coming to the Microsoft Partner Network (MPN) in the coming months, including more challenging competency requirements, advanced specializations, a new security competency and some additional benefits.
"To prepare you for new opportunities today and into the future, we are making large investments in many aspects of our partner business, with the Microsoft Partner Network as your entry point for partnership with Microsoft and with other partners," said Toby Richards, general manager of Partner Go-to-Market & Programs in Microsoft's One Commercial Partner organization.
Richards outlined the changes in a recent blog post that serves as a preview for topics Microsoft will discuss at the Microsoft Inspire partner conference in Las Vegas in mid-July. The Microsoft 2020 fiscal year begins on July 1, and that's traditionally the time of year when Microsoft makes the biggest adjustments to its partner programs.
The blog post was vague about the changing requirements for competencies, but Richards' comments suggested partners can expect higher bars for both the gold and silver tiers. "As cloud technologies advance, partner capabilities must keep pace," Richards wrote. "With this in mind, we are updating the requirements for several competencies to better reflect the market and more demanding customer expectations."
In a hint of things to come, he pointed to changes announced in April on the business application side. At that time, Microsoft announced the coming retirement of the Cloud CRM competency, as well as big increases in the bar for attaining competencies, including the Cloud Business Applications competency that Microsoft is steering Cloud CRM partners toward. For example, partners going for a silver competency in Cloud Business Applications need five different employees to pass exams; partners reaching for a gold competency need 15 different employees.
The specific requirement changes for other competencies will take effect in July and will be communicated directly to affected partners, Richards said.
Even as the Cloud CRM competency is going away, Microsoft will add a new Security competency, covering a critical area of customer need. The new competency will be available in July and will be designed for partners delivering security-related services on Azure and Microsoft 365.
Microsoft will also be expanding its advanced specializations for partners with certain gold competencies. The recent example is the SAP on Azure advanced specialization for the Cloud Platform competency. In the coming months, Microsoft plans to release more advanced specializations for partners, including Azure Stack, server migration, security and teamwork.
Richards also teased but did not detail additional benefits for competency partners. In addition to the flagship benefit of internal use rights for Microsoft products, competency partners will also have access to enablement and go-to-market benefits within their competencies. Richards also reaffirmed Microsoft's emphasis on the co-sell program, hinting that there may be more integrations between co-sell and competencies.
Microsoft also plans to provide go-to-market services that are tied to specific partner activities, such as creating a business profile in the Microsoft Partner Center for referrals, publishing and transacting an app or service in the marketplace, and attaining a first competency or renewing an existing competency.
Posted by Scott Bekker on June 04, 2019 at 11:46 AM0 comments
IDC's latest update to its 2019 PC market forecast is promising an "interesting year" for PC sales, with Windows 7's end-of-support deadline providing a bright spot in an otherwise gloomy market.
Overall, IDC now expects to see unit shipments drop by 3 percent for the year for a total of 392.5 million units. The main challenge comes on the consumer side of the market, where shipments are expected to decline 6 percent year-over-year, as consumers spend more of their budget on replacing smartphones than PCs.
Yet IDC is projecting that the average selling prices (ASPs) for the entire market are rising 2.6 percent for the year, keeping the dollar value of the market roughly flat at $237 billion.
The ASP increase, according to an IDC statement, is being "driven by new technologies, such as thinner bezels on notebook screens that have increased demand for 2-in-1 form factors, and ongoing demand for gaming PCs. Additionally, shipments into the commercial segment are expected to provide an uplift in ASPs in 2019 as many enterprises move to replace their PCs before Microsoft ends support for Windows 7 in early 2020."
That key date of Jan. 14, 2020, when extended support for Windows 7 ends, and the other ASP-lifting factors are prompting IDC to declare that "2019 is shaping up to be an interesting year."
After 2019, maybe not so much. IDC currently expects unit shipments to decline by an average of 1.6 percent per year, hitting 367.7 million units in 2023.
Posted by Scott Bekker on June 03, 2019 at 9:12 AM0 comments
Veeam is forging ahead with a second generation of its orchestration technology for disaster recovery that could present significant opportunities for the company's partners.
Failing over a complex environment in a disaster recovery situation is a multistep process. Processes and applications must be started in a precise order and spun up on the correct hardware or virtual machines. Orchestration solutions allow organizations to set the order that those automated steps are taken in case of need for a failover.
Veeam Availability Orchestrator v2 hit general availability on Tuesday during the VeeamON 2019 conference in Miami.
Danny Allan, vice president of product strategy for Veeam, said the flagship feature of the new version is that it now allows orchestrated business continuity from backups rather than strictly from replication environments.
"Doing it from backups means you don't have to be running 24x7 in both locations. This now democratizes orchestrated business continuity disaster recovery to the entire customer base, and not only the customer base but the whole industry," Allan said.
Allan described Veeam's vision of the cloud data management journey for customers as about a 10-year process. The first stage are backups protecting all workloads, followed by cloud mobility. Most organizations are in those two stages, Allan said. Because of General Data Protection Regulation (GDPR), companies in Europe are slightly ahead of U.S. companies in a third stage, visibility. Relatively few organizations have reached the fourth stage, orchestration, or the final stage, automation, he said.
One Veeam customer that is very interested in the automation tool is Tom Morley of ABM Industries, a large facilities management company. Morley, director of global technology operations and enterprise engineering, is an intensive user of Veeam technologies, but sees orchestration as a 2020 project after a current modernization overhaul is complete.
"As part of modernizing, our weakest spot is probably orchestration across all of our systems," Morley said. "Next year will be about orchestrating all the way down."
Veeam's v2 includes several other new features. Reporting and compliance capabilities have been enhanced to allow organizations to prove with the orchestrator that service-level agreements are being met. The tool also allows the ability to use the orchestrator for purposes aside from recovery, such as DevOps, testing and analytics. Veeam has also added role-based access control to allow for more fine-grained delegation.
Due to the complexity of orchestration environments, Allan sees Veeam's thousands of channel partners playing a significant role. "When you're doing orchestration, that is the automation of business processes. It takes an expert to do. Someone has to design it, probably partners," Allan said.
Cloud service provider iLand, a longtime Veeam partner with a substantial Disaster Recovery as a Service (DRaaS) practice, already has its own runbooks for orchestration of customer failovers. However, iLand Senior Vice President for Business Development Dante Orsini is very enthusiastic about some of the opportunities unlocked by v2's ability to orchestrate for non-DR purposes, especially security testing.
"One of the big drivers we see is security," said Orsini, referencing the ability to run vulnerability assessments and penetration tests on a copy of a customer's applications and data. "Now you can do this in a nonintrusive fashion, take a look if there are any challenges and make a plan," Orsini said.
Currently for an organization with 100 applications, the partner would need to find the 100 application owners and involve them in the testing process. With the orchestration, more robust tests could be done safely as a first step, making it necessary to track down only the owners of applications that had major security issues.
Posted by Scott Bekker on May 22, 2019 at 10:48 AM0 comments
Veeam is unusual among private software companies in that it regularly and publicly shares financial performance data via press release.
It's not the kind of comprehensive disclosure you'd see from a public company with net income, revenues and business unit results, but it's still a remarkable degree of transparency.
This week, Veeam provided an update at its annual VeeamON conference in Miami and revealed a significant revenue milestone.
"We achieved $1 billion in revenue bookings," said Ratmir Timashev, co-founder and executive vice president for sales and marketing. Timashev said the figure was based on revenues for the trailing 12 months.
The revenue marker trails slightly, but only slightly, behind Timashev's prediction in 2013 that the company would reach $1 billion in five years.
"We can blame [that] a little bit on subscription rights," Timashev said, referring to the shift in revenue models and the marketwide way in which businesses are buying software on a monthly basis rather than paying for licenses upfront.
Veeam also said this week it had 350,000 customers and was adding 4,000 net new customers per month and 50,000 per year.
Veeam sells backup and availability software for cloud data management.
Posted by Scott Bekker on May 22, 2019 at 10:47 AM0 comments
Organizations whose Office 365 environments were set up by third-party partners are at risk of a number of security misconfigurations, a federal computer security watchdog warned on Monday.
In an analysis report titled "Microsoft Office 365 Security Observations," the Cybersecurity and Infrastructure Security Agency (CISA) described four common security misconfigurations found during a multi-month investigation begun last fall. CISA is the new standalone agency within the Department of Homeland Security that functions as the lead national government unit on civilian cybersecurity.
The investigation focused on customers who have used third-party partners to migrate their e-mail services to Office 365. The CISA report did not say how many customer environments it looked at, how large the organizations were in terms of seats or revenues, how widespread the problems were at those sites, or what kinds of third-party partners were involved.
The conclusion, however, was stark. "The organizations that used a third party have had a mix of configurations that lowered their overall security posture (e.g., mailbox auditing disabled, unified audit log disabled, multi-factor authentication disabled on admin accounts)," the report said. "In addition, the majority of these organizations did not have a dedicated IT security team to focus on their security in the cloud. These security oversights have led to user and mailbox compromises and vulnerabilities."
The report details five Office 365 configuration problems, with some of them exposing administrator username/password prompts to attack without multifactor authentication (MFA) protections in place, others involving audit logs being left off, and another allowing attackers who had compromised on-premises accounts to move laterally into the cloud.
The main MFA problem involved organizations that didn't set up MFA for the Azure Active Directory (AD) Global Administrators in an Office 365 environment. Microsoft does not require MFA by default in creating the accounts, and many organizations don't change the setting. The report notes that the Azure AD Global Administrator accounts are the first ones created and are required to configure the tenant and migrate users. "These accounts are exposed to internet access because they are based in the cloud. If not immediately secured, these cloud-based accounts could allow an attacker to maintain persistence as a customer migrates to O365," the report warned.
A related problem flagged by CISA involves legacy protocols that don't support MFA. Those include POP3, IMAP and SMTP. While the report acknowledges that users with older e-mail clients may need these less secure protocols, efforts should be made to limit their use to specific users and to wean the organization off of those protocols as quickly as possible.
Of all the problems highlighted in the report, CISA stressed enabling MFA as a best practice: "This is the best mitigation technique to use to protect against credential theft for O365 users."
Auditing is another commonly discussed problem in Office 365 security circles. Mailbox auditing was disabled by default prior to January 2019, meaning organizations trying to investigate potential breaches often discovered they had no logs to look at if they hadn't enabled the feature. CISA urged organizations whose Office 365 configuration was set up prior to January of this year to ensure that mailbox auditing is enabled.
The analysis report also pointed to another logging feature which is still disabled by default -- the unified audit log. That log records events from several Office 365 services, including Exchange Online, SharePoint Online, OneDrive, Azure AD, Microsoft Teams and Power BI. Administrators can enable the unified audit log in the Security and Compliance Center.
Another configuration choice that can lead to security problems involves password sync using Azure AD Connect, the report states. A useful migration tool designed to create Azure AD identities from on-premises identities or to match previously created Azure AD identities with on-premises AD identities, Azure AD Connect can cause security problems in certain cases.
Posted by Scott Bekker on May 13, 2019 at 10:48 AM0 comments
Buried in Microsoft's slew of Build-related announcements this week was an expansion of the co-sell program that has already incented the Microsoft field to sell billions of dollars worth of partners' solutions.
Begun as a program for Azure ISVs, the Microsoft co-sell program was a way for Microsoft to get its own salesforce selling the partners' cloud infrastructure-based solutions. Under co-sell, the Microsoft field got 10 percent of the total value of the ISV partner solution, paid by Microsoft, for landing a sale.
Microsoft said at the Build show in Redmond on Monday that nearly 3,000 ISVs whose solutions run on Azure have generated more than $5 billion in revenue over the past 12 months with the co-sell program. That figure is roughly in line with previous figures the company has released about the scale of the co-sell program.
Now Microsoft is leveraging its massive channel to expand the program in two ways.
First, Microsoft is expanding co-sell beyond Azure. It will now encompass Microsoft 365, Dynamics 365 and Power Platform. In a statement, Microsoft said the idea is "to create deeper collaboration in selling line-of-business applications." The capabilities are planned for availability at the start of Microsoft's fiscal year on July 1. The roadmap also calls for later expansions to Office 365 and Dynamics 365 add-ins.
Next, Microsoft is expanding sales incentives beyond its own salesforce. Now Microsoft channel partners will be able to resell eligible ISV solutions through the Microsoft Cloud Solution Provider (CSP) program. "For all ISVs, small and large, this effectively offers 'channel as a service' to accelerate customer acquisition through one of the world's largest distribution channels," the statement said. It was not immediately clear if the field sales incentives would be changed for fiscal year 2020 or what those incentives would be for resellers representing other ISVs' solutions through Microsoft's engine.
Helping to power the co-selling opportunities is the introduction of what Microsoft describes as "transactable seat-based SaaS capabilities for AppSource and Azure Marketplace."
The automation and incentives in the expanded co-selling program, especially on the partner-to-partner (P2P) side, represent an important new phase of the Microsoft Partner Network (MPN). With the hundreds of thousands of partners in the MPN worldwide, the ability for those partners to connect through the Microsoft marketplaces they already use with (ideally) little friction could rapidly accelerate P2P revenues.
Posted by Scott Bekker on May 07, 2019 at 10:49 AM0 comments
VMware infrastructure will run on the Microsoft Azure cloud with full support from both companies under a partnership announced Monday.
CEOs of Microsoft, VMware and VMware majority owner Dell Technologies Inc. announced the deal at Dell Technologies World in Las Vegas.
The arrangement follows a controversial recent effort by Microsoft to conduct its own implementation of a VMware technology integration for Azure in a way that was not supported by VMware. It also comes several years after a similar VMware-Amazon Web Services deal.
Other parts of the expansive partnership include support for managing Office 365 across devices via VMware Workspace ONE, integration by VMware of support for Microsoft's forthcoming Windows Virtual Desktop (WVD), and future work on networking and on delivery of Azure services for VMware on-premises customers.
In a statement, Microsoft CEO Satya Nadella positioned the deal as part of Microsoft's recent pattern of working closely with sometimes bitter, or at least partial, competitors to advance common customer interests. "At Microsoft, we're focused on empowering customers in their digital transformation journey, through partnerships that enable them to take advantage of the Microsoft Cloud, using the technologies they already have," Nadella said.
Scott Guthrie, executive vice president for Microsoft's Cloud and Enterprise Group, expanded on the theme in a blog post, putting the VMware deal in a line of agreements that includes SAP, Red Hat, Adobe and Citrix.
Called Azure VMware Solutions, the main element of the deal is technology built on VMware Cloud Foundation to run VMware workloads natively on Azure. "Customers can now seamlessly run, manage and secure applications across VMware environments and Microsoft Azure with a common operating framework," Guthrie wrote in his blog post. "Customers will be able to capitalize on their existing VMware investments, skills and tools, including VMware vSphere, vSAN, NSX and vCenter while leveraging the scale, performance and innovation of Azure."
In addition to giving customers the ability to manage on-premises and Azure clouds from within their current set of VMware tools, the two companies position the integration as a strong solution for application migration and modernization, datacenter resizings and disaster recovery/business continuity.
Azure VMware Solutions is available immediately in two Azure regions -- U.S. East and U.S. West -- with availability in the West Europe region coming shortly, according to a Microsoft FAQ. While it is sold by Microsoft, backed by the Azure service-level agreement and supported by Microsoft and VMware, it was developed in collaboration with VMware-certified partner CloudSimple. Additionally, a second version is being developed for release later this year by Virtustream, a Dell subsidiary.
The other immediate piece of the partnership will allow VMware Workspace ONE customers to manage Office 365 on devices using VMware's toolset. On stage Monday, VMware CEO Pat Gelsinger described the arrangement as ending a dilemma for customers. "We've solved this battle that we've been having -- is it going to be a Workspace ONE device or a Microsoft Intune device? Gone," Gelsinger said. He said Workspace ONE would have best-in-class support for Office 365, Microsoft 365, Windows 10 and Azure Active Directory.
Also getting "first-class citizen" status within VMware infrastructure will be WVD, Gelsinger said. WVD is currently a Microsoft public preview for a service that delivers a multisession Windows 10 experience, optimizations for Office 365 ProPlus and support for Windows Server Remote Desktop Services (RDS) desktops and apps. VMware will extend the capabilities of WVD through VMware Horizon Cloud on Microsoft Azure. A tech preview is expected by the end of this calendar year.
Longer-term, the companies are exploring integrations between VMware NSX with Azure Networking and exploring bringing specific Azure services to VMware on-premises customers. No specific timeframe was immediately available for those efforts.
Posted by Scott Bekker on April 29, 2019 at 10:56 AM0 comments
Microsoft, which has been approaching a $1 trillion market capitalization for about a year, crossed the big business milestone in after-hours trading on Wednesday after outperforming Wall Street expectations with its third quarter earnings.
Microsoft was in a tight race among big tech companies last year with Apple, Amazon and Alphabet to reach the $1 trillion threshold. Apple made it first with Amazon following later, although both fell back below $1 trillion later in the year.
The milestone comes after Microsoft's stock had climbed 34% over the past year and then spiked another 3% after the earnings results Wednesday.
Ongoing strength in its cloud business and a recovery on the Windows side helped power a strong third quarter for Microsoft.
In results released after markets closed Wednesday, Microsoft reported earnings of $30.6 billion, an increase of 14% over the year-ago quarter and well ahead of analysts' expectations. Other headline figures included a 25% gain in operating income to $10.3 billion, a 19% gain in net income to $8.8 billion and a 20% increase in diluted earnings per share to $1.14.
CEO Satya Nadella pointed to the customer demand for Microsoft's constantly evolving cloud services as a key factor for the reporting period, Microsoft's third quarter, which ended March 31. The company pegged commercial cloud revenues at $9.6 billion for the quarter. That's a 41% jump year-over-year on an already large figure.
Inside those cloud revenues, Microsoft's strategic Azure cloud computing platform was a key growth driver. Microsoft reported 73% revenue growth for Azure. Office 365 Commercial revenue also continued to plow ahead, with 30% revenue growth. On the consumer side, Office 365 Consumer subscribers increased to 34.2 million.
One other business growth area for cloud was Dynamics 365, Microsoft's cloud platform for its ERP, CRM and other business applications. Dynamics 365 revenues increased 43% compared to the year-ago quarter.
Last quarter, the Intel chip shortage was a problem for Microsoft, with Chief Financial Officer Amy Hood at the time attributing a smaller overall PC market to the timing of chip supply to Microsoft's OEM partners. While in Q2 Windows OEM Pro revenue dropped by 2% and non-Pro revenue fell 11%, no such problems existed in Q3. Microsoft reported Wednesday that Q3 Windows OEM revenues were up 9% year-over-year. Revenues for Microsoft's own Surface products, meanwhile, were up 21% in the quarter.
In other highlights:
- LinkedIn, which Microsoft purchased in 2016 for $26 billion, continued to perform well in the third quarter, with revenue increasing 27%.
- Enterprise Services revenues increased 4%.
- Gaming revenue was up 4%.
- Search revenue increased 12%, excluding traffic acquisition costs.
Posted by Scott Bekker on April 24, 2019 at 10:56 AM0 comments
The ongoing security and public relations mess at Wipro, a massive IT outsourcing company based in India with many major U.S. customers, provides an object lesson in how not to handle a security incident as a managed service provider (MSP).
The story was broken this week by Brian Krebs at his respected security blog Krebs on Security. Official information from Wipro has been slow to come out and inconsistent, which is part of the problem.
Krebs approached Wipro earlier this month after hearing about a breach from several sources. According to his latest reporting, a first Wipro employee fell victim to a phishing attack on March 11, with another 22 employees falling for a second round of phishing attacks on March 16 to 19. As of Wednesday, the attack was still ongoing with more than 100 Wipro endpoints "seeded with" a ConnectWise product for remote control of client systems, as Krebs phrased it. Using the compromised Wipro systems as a jumping-off point, attacks have been launched against at least 12 clients, Krebs reported.
One Wipro customer source that Krebs spoke to worked at a large retailer and said the attackers used the access for gift card fraud at the retailer's stores.
Yet Wipro at first stonewalled Krebs' requests for comment, then released a non-informative statement before eventually acknowledging the breach to an Indian newspaper after Krebs published his first blog. Additionally, the company contested Krebs' timeline without providing one of its own, and appears to be passing off the forensic work of its customers as its own.
Krebs summarized Wipro's ham-handed public response this way:
- Ignore reporter's questions for days and then pick nits in his story during a public investor conference call.
- Question the stated timing of breach, but refuse to provide an alternative timeline.
- Downplay the severity of the incident and characterize it as handled, even when they've only just hired an outside forensics firm.
- Say the intruders deployed a "zero-day attack," and then refuse to discuss details of said zero-day.
- Claim the [indicators of compromise] you're sharing with affected clients were discovered by you when they weren't.
The PR and communication lessons are important, but the substantive security component is even bigger. A major aspect of the market value of an MSP is the expectation that the MSP will be the strongest link in a customer's security chain and be more aware of security all along the chain than the customer could be. For an MSP to be the weakest link, and have to be alerted to its own security problems by customers, is pretty tough to recover from.
Posted by Scott Bekker on April 18, 2019 at 10:55 AM0 comments