Tag Archives: microsoft
🦸🏾♀️Analyze your communications: Superhero to Organization Leader Analysis Prompt evolution
HLS Copilot Snacks are the perfect way to learn how to use Copilot to boost your productivity and reduce your workload.
In this snackable you will learn how you can analyze your emails, meetings, and chats to understand who your superhero, anime character, and leadership style is. This video goes through the evolution of prompting on a fun topic to one that is focused on professional growth.
To see all HLS Copilot Snacks video click here.
Prompts Used within Word
🦸🏾:female_sign:Superhero
Look at the emails and Teams meetings that I have sent in the last two weeks. Use these messages to distill a personal brand voice document that I can use to inform copilot of my personal voice and style. Based on the above analysis, what superhero represents my style of work best? What would my super powers be? Can you format that as a dossier for superheroes — listing my real name, and most similar existing superhero, and include the rest of the information formatted and edited in dossier style?
Anime Character
Look at the emails and Teams meetings that I have sent in the last two weeks. Use these messages to distill a personal brand voice document that I can use to inform copilot of my personal voice and style based on the above analysis, what (Genre: example Magical pretty girl) Anime Character would represents my style of work best and why? What would my abilities and personality flaws be? Listing my real name and most similar existing Anime Character. Also give me a anime character friend group, they should be from different anime, include a table with |Name | Anime| strengths | flaws | why they are my friends | how they help me or make my flaws worst. Also be sure to identify my rival anime character and a short story of how we became enemies but may end up being friends.
Leadership
Style, Strengths, and Goals Look at the emails, teams meetings, documents, teams chats that I’ve sent in the last year. Use these messages to distill a leadership style document that I can use to inform copilot of my personal voice and style based on the above analysis. Give me a breakdown of my top 5 strengths in a Table with the following formation | Strength | description | how it helps me in my role | how it could be misunderstood | 2 ways I can build this strength. In another table give me a breakdown of 3 areas for improvement in the following formation | Improvement area | description | how it impacts my role | how it could be misunderstood | 3 ways I can improve. I would also like 3 OKRs based on the above analysis that I could reach in the next 6-9 months.
Microsoft Tech Community – Latest Blogs –Read More
Loop DDoS Attacks: Understanding the Threat and Azure’s Defense
In the realm of cybersecurity, Distributed Denial-of-Service (DDoS) attacks are a significant concern. The recent holiday season has unveiled a complex and evolving threat landscape, marked by sophisticated tactics and diversification. From botnet delivery via misconfigured Docker API endpoints to the NKAbuse malware’s exploitation of blockchain technology for DDoS attacks, the tactics and scale of these attacks have shown significant sophistication and diversification.
Understanding and staying abreast of recent DDoS trends and attack vectors is crucial for maintaining robust network security and ensuring the availability of services. One such example is the recent HTTP/2 Rapid Reset Attack, where Microsoft promptly provided fixes and recommendations to safeguard web applications. This vulnerability exploits the HTTP/2 protocol, allowing attackers to disrupt server connections by rapidly opening and closing connection streams. This can lead to denial of service (DoS) conditions, severely impacting the availability of critical services and potentially leading to significant downtime and financial losses. Another example we wrote about were reflected TCP attack vectors that recently emerged in ways that were not believed possible before.
By closely monitoring these emerging threats, security professionals can develop and implement timely and effective countermeasures to protect their networks. This proactive approach is essential for anticipating potential vulnerabilities and mitigating risks before they can be exploited by malicious actors. Furthermore, understanding the evolving landscape of DDoS attacks enables the development of more resilient security architectures and the enhancement of existing defense mechanisms, ensuring that networks remain secure against both current and future threats.
In this blog, we focus on the newly revealed Application Loop DDoS attack vector. Microsoft hasn’t witnessed this vulnerability translated to actual DDoS attacks yet. However, we believe it’s important to highlight the threat landscape we see in Azure for UDP reflected attacks, as they present a prevalent attack vector with similar base pattern as Loop attacks. We then discuss what protection strategies Microsoft employs to protect Azure platform, our online services, and customers from newly emerging threats.
The Emergence of Loop DDoS Attacks
The Loop attack vulnerability was disclosed last month by CISPA. The attack exploits application-layer protocols relying on User Datagram Protocol (UDP). CISPA researchers found ~300,000 application servers that may be vulnerable to this attack vector. The published advisory describes Loop attacks as a sophisticated DDoS vector, exploiting the interaction between application servers to create a never-ending (hence the term Loop) cycle of communication that can severely degrade or completely halt their functionality. This attack method uses spoofed attack sources to create a situation where two or more application servers get stuck in a continuous loop of messages, usually error responses, because each server is programmed to react to incoming error messages with an error message.
Amongst the vulnerable applications, TFTP, DNS, NTP as well as legacy protocols, such as Echo, Chargen, QOTD, are at risk. The researchers provided a practical example of this, when two DNS resolvers automatically reply to error messages with their own errors. An attacker can start a loop by sending one fake spoofed DNS error to one resolver. This makes it send an error to the spoofed resolver, which does the same, creating an endless cycle of errors between them. This wastes the DNS servers’ resources and fills up the network links between them, with the potential to cause serious problems in service and network quality. Depending on the exact attack topology, Loop attacks may generate excessive amounts of traffic like other volumetric DDoS floods (e.g. DNS reflected amplified attacks).
How Loop DDoS differs from other volumetric DDoS attacks
The Loop attack is a kind of DDoS attack vector that targets applications and may manifest as a large-scale flood at the network layer as well. The cause is that attackers can set up multiple attack loops among multiple servers in a network or across networks in the peering links, overwhelming the servers and networks with traffic floods.
Like UDP reflected attacks, Loop attacks use a basic UDP weakness – the possibility to fake a source IP address to initiate the attack Loop. One of the most common attack vectors nowadays is the reflected UDP-based floods. It’s similar to Loop attack in that the malicious actor sends spoofed-source packets to an application server that replies to the spoofed IP, i.e. the victim. By generating many of these requests to an application server, the victim gets many of the responses they didn’t ask for. The impact of the reflected attack may be significantly more disastrous if the attacked application generates more traffic in response that it receives in the request. When this happens, it becomes a reflected amplified attack. Amplification is the secret sauce of why these attacks are dangerous. Loop attack is different than reflected amplified attacks in that the response may not necessarily be amplified. That is, for each spoofed packet sent to the application server, there may be a single response. However, Loop attacks are way more dangerous when the victim server who gets the response replies with its own response, which in turn is answered with another response in a loop that never ceases. For the malicious actor, it takes only a single well-crafted packet to create a Loop attack. If the attack is sent between multiple application servers, it is becoming a volumetric DDoS flood that may risk not only the application, but also the underline networks. Another interesting difference between reflected amplified UDP attacks and the Loop attack is that with Loop attack the malicious actor doesn’t control the attack lifecycle. Once the first packet is generated the Loop starts, and there’s no way for the attacker to stop it.
Reflected Amplified Attack Landscape in Azure
Since reflected amplified UDP attacks are similar to Loop attacks in their basic reflection pattern and their volumetric nature, we provide recent reflected attack landscape in Azure. As we see in the figure, UDP reflected amplification attacks account for 7% of all attacks in the first quarter of 2024.
Figure 1 – distribution of main attack vectors in Azure, January-March 2024
Out of the main attack vectors, we see reflected amplified UDP attacks, such as SSDP, DNS, NTP, CLDAP, Memcached and CharGEN as the top attack vectors.
Figure 2 – distribution of reflected amplified UDP attack vectors in Azure, January-March 2024
Azure’s Approach to DDoS Attacks
Azure employs multiple layers of DDoS protection across its network topology and OSI layers. From OSI layers perspective, DDoS attacks can manifest themselves as application and/or network layer attacks. Depending on the attacked application, different countermeasures are employed to protect against web attacks, DNS attacks, and attacks on gaming workloads. The common denominator for all protections is a DDoS network protection layer whose role is to safeguard our platform against volumetric floods, regardless of whether it’s an application attack that presents itself as a network flood, or a volumetric TCP or UDP attack.
Moreover, we apply the best mitigation at different places in the network to mitigate attacks in the most efficient manner and closest to the attack source as possible. Protections are employed at multiple rings in the network. The first ring aims to protect our peering links with other networks. When attacks risk our peering links, we mitigate them outside of our network, typically at the transit network. Multiple countermeasures are utilized to mitigate attacks outside of our network, and we select those that are most valuable for a specific scenario. The second ring is our network edge. We use inline and out-of-path DDoS pipelines to mitigate attacks that enter our network at the edge. We use various L3-L7 countermeasures to protect against network floods, web applications and DNS attacks, be it volumetric or low & slow. The next ring is our WAN network, at which we employ strategies to prevent our WAN network getting saturated by very large network floods. We employ various traffic engineering and machine learning models to detect and to deprioritize attack traffic when we need to throttle it. The last ring is in the region, where we employ an advanced mitigation pipeline who can mitigate attack vectors to protect our data centers’ infrastructure and customers’ workloads. In this ring we employ specific application and network-layer DDoS countermeasures to mitigate advanced attack vectors.
Figure 3 – Azure’s protection rings
Mitigating Loop attacks
CISPA researchers haven’t witnessed an exploited Loop attack in the wild yet. Moreover, the exact vulnerable payloads used to trigger the attacks in their research were not disclosed publicly. Yet, application vendors susceptible to Loop attacks should patch this vulnerability in their applications, and new application designs should account for this potential attack vendor in their development cycle.
As we’ve mentioned, Loop attacks may impact applications in two ways: (1) the endless loop of error messages from one application server to another may overwhelm the CPU and render it unavailable to serve legitimate client requests; (2) depending on the network topology of a Loop attack, it may become volumetric in nature hence saturate networks and network connections. Each of the protection rings described earlier will play an active role to defend against such attacks when they emerge.
We haven’t monitored Loop attacks in Azure up to date. However, we have built-in countermeasures that will mitigate Loop attacks once they become volumetric. Loop attacks are between servers, and our pipeline is able to detect spoofed sources, reflected attacks, and attacks between application servers. Specifically, for UDP-based applications, we can detect and mitigate Loop attacks for vulnerable applications, this includes DNS, Memcached, NTP, SSDP and more. We do it by monitoring communication between application servers and throttling volumetric floods. This ensures that Loop attacks, if happen, will not risk our platform, network and customers’ applications. To prevent Loop attacks from impacting application servers’ due to depleted CPU resources, application owners should patch their servers against this vulnerability.
Recommendations for Azure users
We recommend all customers with resources that are reachable from the Internet to onboard to Azure’s DDoS Protection offering. With this protection they ensure that their resources are protected against volumetric attacks, including Loop attacks. By onboarding to DDoS Protection SKUs, customers get protection tailored to their specific application footprint. This ensures we apply a DDoS policy that adheres to the exact application posture. Since each application is different, it’s crucial to apply a policy that best represents the protection for that application.
Next steps
Enable DDoS protection for your resources.
Simulate DDoS attacks to make sure your resources are protected.
Enable telemetry and logging to monitor attacks.
Utilize Microsoft Sentinel to integrate DDoS in your Security Orchestration and Response (SOAR) strategy and get alerts and recommendations from Microsoft Defender for Cloud.
Microsoft Tech Community – Latest Blogs –Read More
Microsoft Bookings – can we disable the “Add a logo” option?
Is there an Admin Center setting that can disable the “Add a logo” option in Microsoft Bookings? Management does not want end users to use personal images as logos. Can we set a default Company Logo, and prevent users from changing it? If it is possible to disable, can we do so for some users or all users?
Is there an Admin Center setting that can disable the “Add a logo” option in Microsoft Bookings? Management does not want end users to use personal images as logos. Can we set a default Company Logo, and prevent users from changing it? If it is possible to disable, can we do so for some users or all users? Read More
Weird grey square on second monitor upon login
As the tittle says, everytime when I log in to my computer (clean boot or just when signing out and back in) a grey square in the bottom left corner appears on my second monitor. This square stays on the screen until you click something on the screen that is not the square or when something happens on the screen(like a program opening). You can click on the square and the cursor seems to select something but the button has no text or program icon in the taskbar. The problem occured after installing 2024-04 Cumulative Update for Windows 11 Version 23H2 for x64-based Systems (KB5036893).
As some back story of the setup.
2x 3440×1440 ultrawide monitors in a stacked setup(one below main screen and one above second screen)
AMD R9 7900X3D
32gb ram
Nvidia RTX 3080
Troubleshooting steps taken:
disconnecting a monitor (problem not there)
moving the top monitor to a different location(virtually moving within display options in windows)( problem not there)
using selective startup to disable all startup programs( problem occurs)
using selective startup to disable services and startup programs( problem not there)
clean windows install with no programs or anything just windows update. (problem occurs)
As my troubleshooting im assuming its something within windows and not a program thats installed. Has anyone had a simulair problem and possibly a sollution?
As the tittle says, everytime when I log in to my computer (clean boot or just when signing out and back in) a grey square in the bottom left corner appears on my second monitor. This square stays on the screen until you click something on the screen that is not the square or when something happens on the screen(like a program opening). You can click on the square and the cursor seems to select something but the button has no text or program icon in the taskbar. The problem occured after installing 2024-04 Cumulative Update for Windows 11 Version 23H2 for x64-based Systems (KB5036893). As some back story of the setup.2x 3440×1440 ultrawide monitors in a stacked setup(one below main screen and one above second screen)AMD R9 7900X3D32gb ramNvidia RTX 3080Troubleshooting steps taken:disconnecting a monitor (problem not there)moving the top monitor to a different location(virtually moving within display options in windows)( problem not there)using selective startup to disable all startup programs( problem occurs)using selective startup to disable services and startup programs( problem not there)clean windows install with no programs or anything just windows update. (problem occurs)As my troubleshooting im assuming its something within windows and not a program thats installed. Has anyone had a simulair problem and possibly a sollution? Read More
Microsoft Lists UI inserted in default SharePoint List View
Hi!
All the sites, subsites and lists we have in SharePoint Online have been configured for the modern experience and everyone has been using them without any problems.
But I received a call from a specific user who recently, when trying to access a certain list, saw the display in a different way, with the appearance of Microsoft Lists, but inserted in the default list, very strange..
Informations:
Operating System: Windows 10Browser: Microsoft Edge, latest version Unsuccessful attempts: – Completely clear all browser cache
Notes:
The user does not have the Microsoft Lists application installed on their computer or smartphone
All users normally see it like this:
But the user who has the problem sees it like this:
How to solve this problem?
Hi!All the sites, subsites and lists we have in SharePoint Online have been configured for the modern experience and everyone has been using them without any problems.But I received a call from a specific user who recently, when trying to access a certain list, saw the display in a different way, with the appearance of Microsoft Lists, but inserted in the default list, very strange.. Informations:Operating System: Windows 10Browser: Microsoft Edge, latest version Unsuccessful attempts: – Completely clear all browser cacheNotes:The user does not have the Microsoft Lists application installed on their computer or smartphone All users normally see it like this: But the user who has the problem sees it like this: How to solve this problem? Read More
Hide/Unhide Worksheets Based on Name & Password
Greetings,
I found the code below and it gets me moving in the right direction but I would like to have significantly more autonomy over the users and which worksheets they can access within a spreadsheet. Here is the code:
Private Sub Workbook_Open()
Dim pword As String
On Error GoTo endit
pword = InputBox(“Enter logon information to access permitted worksheets”)
Select Case pword
Case Is = “TEST”: Sheets(“NOT MANAGER”).Visible = True
Case Is = “MANAGER”: Call UnHideAllSheets
End Select
Sheets(“Dummy”).Visible = False
Exit Sub
endit:
MsgBox “Incorrect Password”
End Sub
Private Sub Workbook_BeforeClose(Cancel As Boolean)
Dim sht As Worksheet
Application.ScreenUpdating = False
Sheets(“Dummy”).Visible = xlSheetVisible
For Each sht In ActiveWorkbook.Sheets
If sht.Name <> “Dummy” Then
sht.Visible = xlSheetVeryHidden
End If
Next sht
Application.ScreenUpdating = True
End Sub
Sub UnHideAllSheets()
Application.ScreenUpdating = False
Dim n As Single
For n = 1 To Sheets.Count
Sheets(n).Visible = True
Next n
Application.ScreenUpdating = True
End Sub
I like the idea of a dummy worksheet that the spreadsheet uses but I would like to incorporate a username in conjunction with a password to give access to users based on what they need access to. Additionally, rather than having to change usernames and passwords in VBA, I would like to have a hidden worksheet that an administrator can go in to add/delete/modify usernames, passwords and the worksheets each user has access to.
Not sure if this is possible but if so it is definitely beyond me and I would appreciate any assistance.
Thanks,
C
Greetings, I found the code below and it gets me moving in the right direction but I would like to have significantly more autonomy over the users and which worksheets they can access within a spreadsheet. Here is the code: Private Sub Workbook_Open()
Dim pword As String
On Error GoTo endit
pword = InputBox(“Enter logon information to access permitted worksheets”)
Select Case pword
Case Is = “TEST”: Sheets(“NOT MANAGER”).Visible = True
Case Is = “MANAGER”: Call UnHideAllSheets
End Select
Sheets(“Dummy”).Visible = False
Exit Sub
endit:
MsgBox “Incorrect Password”
End Sub
Private Sub Workbook_BeforeClose(Cancel As Boolean)
Dim sht As Worksheet
Application.ScreenUpdating = False
Sheets(“Dummy”).Visible = xlSheetVisible
For Each sht In ActiveWorkbook.Sheets
If sht.Name <> “Dummy” Then
sht.Visible = xlSheetVeryHidden
End If
Next sht
Application.ScreenUpdating = True
End Sub Sub UnHideAllSheets()
Application.ScreenUpdating = False
Dim n As Single
For n = 1 To Sheets.Count
Sheets(n).Visible = True
Next n
Application.ScreenUpdating = True
End Sub I like the idea of a dummy worksheet that the spreadsheet uses but I would like to incorporate a username in conjunction with a password to give access to users based on what they need access to. Additionally, rather than having to change usernames and passwords in VBA, I would like to have a hidden worksheet that an administrator can go in to add/delete/modify usernames, passwords and the worksheets each user has access to. Not sure if this is possible but if so it is definitely beyond me and I would appreciate any assistance. Thanks,C Read More
The process was terminated due to an internal error in the .NET Runtime at IP 00007FFBFBEE2CAD.
Symptoms
=========
In the world of application development, encountering unexpected exceptions can be a common and frustrating experience, especially when these errors lead to the stoppage of the application pool. One particular issue that developers often face is when an application throws an exception and triggers Just-In-Time (JIT) debugging. JIT debugging is a feature that allows Visual Studio to automatically launch and debug an application running outside of the Visual Studio environment whenever it encounters an error or crash. While this can be a powerful tool for diagnosing issues, it can also disrupt the normal operation of the application, causing downtime and hindering productivity. In this blog, we will explore the implications of JIT debugging, understand why this exception occurs, and discuss strategies to manage and prevent application pool interruptions.
While working on a web application, you may encounter the below exception that also stops the application pool.
Troubleshooting Steps:
====================
Review the Application event logs.
Faulting application name: w3wp.exe, version: 10.0.17763.1, time stamp: 0xcfdb13d8
Faulting module name: clr.dll, version: 4.8.4645.0, time stamp: 0x648f6f63
Exception code: 0xc0000005
Fault offset: 0x0000000000002cad
Faulting process id: 0x1914
Faulting application start time: 0x01da79eee4b4c819
Faulting application path: c:windowssystem32inetsrvw3wp.exe
Faulting module path: C:WindowsMicrosoft.NETFramework64v4.0.30319clr.dll
Report Id: a2b6cfb0-72b7-4589-b027-21aa3222a83f
Faulting package full name:
Faulting package-relative application ID:
Review the System event logs.
Application popup: Visual Studio Just-In-Time Debugger : An unhandled Microsoft .NET Framework exception occurred in w3wp.exe [6420]. Just-In-Time debugging this exception failed with the following error: No installed debugger has Just-In-Time debugging enabled. In Visual Studio, Just-In-Time debugging can be enabled from Tools/Options/Debugging/Just-In-Time.
Check the documentation index for ‘Just-in-time debugging, errors’ for more information.
This issue happens when Just-In-Time debugging can launch Visual Studio automatically when an app running outside Visual Studio errors or crashes. With Just-In-Time debugging.
Solution:
=======
remove jit debugging from the registries below.
HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoft.NETFrameworkDbgManagedDebugger
HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftWindows NTCurrentVersionAeDebugDebugger
HKEY_LOCAL_MACHINESOFTWAREMicrosoft.NETFrameworkDbgManagedDebugger
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionAeDebugDebugge
Microsoft Tech Community – Latest Blogs –Read More
Spatial Workflows in Azure Database for PostgreSQL – Flexible Server
How do you benefit from spatial data?
Spatial data is an important component to any data-driven decision. It not only shows the location of a real-world asset, but it also helps to paint the picture of how that asset is impacted by its surroundings. Many everyday questions are answered by analyzing data based on location and proximity to other locations.
Enterprises that own and manage land may want to not only store the correct outline of a property as a polygon but also manage revenue or make risk-based decisions given the location of the property.
A transportation company will want to know the progress of its truck fleet at any given time. Estimating the time of delivery and solving for last mile logistics.
A telecommunications company may want to assess the impact of weathering on its equipment, or the estimated customer reach given the topology of the land on which the tower is located.
Or a tourist visiting a large city may want to choose the location of their lodgings based on proximity to landmarks and transportation.
Analysis involving spatial data impacts any enterprise or organization that owns, maintains, or manages physical assets.
However, working with spatial data can have its challenges. From different types of spatial representations to spatial reference considerations to availability of analytical functionality. Many solutions make it possible to work with spatial data, but they often focus on one aspect, or one set of workflows and it can be daunting to pick the right solution for your workflow.
How do you use PostGIS to work with spatial data?
Over the years, PostgreSQL has been a crucial part of many spatial workflows, primarily because of the extensive set of spatial capabilities available through the PostGIS extension. Created over 20 years ago, the extension kept growing in capabilities as the needs of the spatial market evolved. It allows for representation of data as points, lines and polygons, in two spatial data types.
Beginning with the st_geometry spatial type, which allows for persistence of points, lines and polygons projected to a flat surface such as a map or a monitor screen. It includes the standard set of spatial references and the ability to reproject between them, along with spatial indexes and extensive range of analytical functions.
As spatial workflows encompassed more global data, the st_geography spatial type was introduced, which represents data as points, arcs and polygons referenced to a spheroid.
This data is stored as latitude and longitude, using the WGS 84 datum, to approximate the shape of the globe. It is always persisted with spatial reference (SRID) of 4326. The type comes with its own set of analytical functions.
The PostGIS extension has the distinction of supporting both spatial types, the ability to perform analysis and maintain precision and accuracy of data in each type as well as the ability to cast data from one type to another. So, it can be used to maintain the correctness of projected data such a land parcel, or a road in st_geometry, and it can be used to represent data on a global scale such as ride sharing apps or airplane routes in st_geography.
In time, several other PostGIS extensions were created, each to work with different spatial representations, such as raster, point clouds and 3D data and perform operations such as geocoding or topology modeling.
How do you enable Azure Database for PostgreSQL – Flexible Server to work with spatial data?
Azure Database for PostgreSQL – Flexible Server is a fully managed database-as-a-service based on the community version of PostgreSQL which provides the ability to extend the functionality of the instance using extensions, which once loaded, will function like built-in features.
The following spatial extensions can be installed:
PostGIS – primary spatial extension for PostgreSQL.
PostGIS _Topology – model connectivity between features, such as road networks or land parcels
PostGIS_Raster – store and analyze bands of raster data, from imagery to land use or soil types
PostGIS_Tiger_Geocoder – use spatial data collected as part of the Census Bureau’s census, to create address points.
PostGIS_sfcgal – work with 3D data, such as building heights or surface dimensionality.
You can learn more about Azure Database for PostgreSQL – Flexible Server here.
Try it yourself!
In this example you are going to look for Airbnb rentals in New York City, within walking distance of a subway station. This workflow relies on the PostGIS extension, data publicly available from Airbnb and a backup from Introduction to PostGIS, available under the Creative Commons Attribution-Share-Alike 3.0 license, currently maintained by Paul Ramsey.
For an upcoming trip to New York City, you are looking for a rental within walking distance of many attractions and in close proximity to a subway station. The Broad Street subway station is in the heart of the financial district of Manhattan, and a short distance from the World Trade Center memorial. So, let’s look for rental properties within different distances of this station.
First, let’s prepare the environment!
Create an instance of PostgreSQL – Flexible Server using Portal
Deploy an instance of PostgreSQL – Flexible Server
Quickstart: Create with Azure portal – Azure Database for PostgreSQL – Flexible Server
Enable extensions on the newly created Flex Server
Extension – Azure Database for PostgreSQL – Flexible Server
Create a Blob Storage Account and load the Airbnb data
Quickstart: Upload, download, and list blobs – Azure portal
Create a Blob Container Introduction to Blob Storage – Azure Storage
Load Listings for New York City from Airbnb
Connect to your server using pgAdmin4
Create a database: nyc
create database nyc;
Enable Extensions in the nyc database
create extension azure_storage;
create extension postgis;
SELECT azure_storage.account_add(‘name_of_storage_account’, ‘secret_access_key’);
Restore the backup from the Introduction to PostGIS workshop, which includes a PostgreSQL backup of spatial data layers, gathered as part of the public census by the U.S. Census Bureau.
Backup and restore – Azure Database for PostgreSQL – Flexible Server
Create the table to store nyc_listings_bnb
CREATE TABLE IF NOT EXISTS public.nyc_listings_bnb
(
id bigint,
name character varying(50),
host_id integer,
host_name character varying(50),
neighbourhood_group character varying(50),
neighbourhood character varying(50),
latitude numeric(10,5),
longitude numeric(10,5),
room_type character varying(50),
price money
);
Load the Airbnb listings data from blob storage
INSERT INTO nyc_listings_bnb
SELECT id,name,host_id,host_name,neighbourhood_group,neighbourhood, latitude, longitude, room_type, price
FROM azure_storage.blob_get(‘name_of_storage_account’,’name_of_container’,’name_of_csv.csv’
,options:= azure_storage.options_csv_get(header=>true)) AS res (
id bigint,
name character varying(50),
host_id integer,
host_name character varying(50),
neighbourhood_group character varying(50),
neighbourhood character varying(50),
latitude numeric(10,5),
longitude numeric(10,5),
room_type character varying(50),
price money
);
Construct a PostGIS spatial column for the Airbnb listings table
Alter table nyc_listings_bnb ADD COLUMN listing_geom geometry(point, 4326);
UPDATE nyc_listings_bnb SET listing_geom =ST_SetSRID(ST_Point(longitude, latitude), 4326);
Explore the data
You now have at least 7 layers of spatially enabled data available for exploration and analysis. Let’s take a look at the Broad Street station.
select st_transform(geom, 4326)
from nyc_subway_stations
where name = ‘Broad St’;
PGAdmin4 includes an open-source viewer, Leaflet which will let you visualize a single spatial data layer, using OSM basemaps. The data to be visualized needs to be referenced to SRID 4326 to display against the basemap.
Perform Analysis
You can use the NYC Subway Stations layer to create different geofences around the Broad Street subway station. Using the ST_Buffer function you can create a polygon within a distance of a subway station, each of those polygons will be saved in a table. The distance will need to be given in the units of the data. In this case the data is in SRID 26918, which stores data in meters.
You can use the geofence layers to find available listings from the Airbnb listings data that lie within each polygon.
What if you were looking for an Airbnb listing that was within a hundred feet of a subway station, how many Airbnb listings would I be able to choose from?
create table nyc_geofence_100_Broad as
select st_transform(st_buffer(geom, 100), 4326) as geo_fence
from nyc_subway_stations
where name= ‘Broad St’;
select geo_fence from nyc_geofence_100_broad;
select host_id, host_name, l.listing_geom
from nyc_listings_bnb as l
join nyc_geofence_100_broad as g
on st_contains (g.geo_fence,l.listing_geom)
The analysis found that 13 Airbnb properties are available within 100 meters or 382 feet from the Broad St. subway station.
But what if you were willing to walk a third of a mile to a subway station, how many Airbnb listings would I be able to choose from?
create table nyc_geofence_500_Broad as
select st_transform(st_buffer(geom, 500), 4326) as geo_fence
from nyc_subway_stations
where name= ‘Broad St’;
select geo_fence from nyc_geofence_500_broad;
select host_id, host_name, l.listing_geom
from nyc_listings_bnb as l
join nyc_geofence_500_broad as g
on st_contains (g.geo_fence,l.listing_geom)
The analysis found that 514 Airbnb properties are available within 500 meters or .3 miles from the Broad St. subway station.
Extensibility of Azure Database for PostgreSQL – Flexible Server
Congratulations!
You just learned how to enhance your applications with spatial data by leveraging PostGIS with Azure Database for PostgreSQL – Flexible Server.
Microsoft Tech Community – Latest Blogs –Read More
Skilling snack: Advanced network security
Ready for another dive into network security? By now, you should already be familiar with the basics, courtesy of our previous skilling snack, Network security basics for endpoints. Network security is too broad and important of a topic to cover in a single snack, and it’s always improving! So, we’ve compiled a second serving of more advanced network security skilling to help you give your organization the worry-free environment it deserves.
Time to learn: 106 minutes
READ
Firewall & network protection in Windows Security
Introduce yourself to the Microsoft Defender Firewall, and how it benefits your network security.
(3 mins)
Defender + Firewall
READ
Tutorial: Deploy Always On VPN – Set up infrastructure for Always On VPN
Learn how to set up an Always On VPN connection for remote domain-joined Windows client computers. Then create a sample infrastructure.
(11 mins)
Always On + VPN + Active Directory + NPS
WATCH
Hear all about the guiding principles of Zero Trust, and how it can help secure all of your identities, devices, data, and networks.
(2 mins)
Zero Trust + Networking + IAM + Remote Workforce
WATCH
Detecting and Responding to Threats using Azure Network Security tools and Azure Sentinel
Learn how to effectively use the data collected from Microsoft Entra ID cloud-native security services and further refine your security strategy.
(24 mins)
Azure + Ignite + Log Analytics + Network Watcher + Entra ID
LEARN
Take an eight-unit course to learn the ins and outs of Microsoft Defender.
(22 mins)
Defender + Antivirus + Firewall + Malware
WATCH
Network protection in Microsoft Defender for Endpoint
Discover how to reduce the attack surface of your devices with the help of Microsoft Defender.
(5 mins)
Endpoint Security + Phishing + Malware
WATCH
Microsoft Entra Private Access protections for on-premises & private cloud network resources
Get started with enabling secure access to private on-premises and cloud resources with the help of Microsoft Entra.
(10 mins)
Entra + Security Service Edge + Zero Trust + Global Secure Access
New capabilities to protect on-premises resources with MFA via Microsoft Entra Private Access
Jump into a deep discussion of the many security benefits of Microsoft Entra Private Access, including multifactor identification, single sign-on, SSH support, remote access, and more.
(23 mins)
Entra + Zero Trust + SSO + SSH + Multifactor Identification
READ
5 ways to secure identity and access for 2024
Learn how security is evolving in 2024. Arm yourself with the best practices that you need to secure your network from modern, AI-powered cyberattacks.
(9 mins)
Entra + Microsoft Copilot for Security + AI + ML + MFA
READ
Security above all else—expanding Microsoft’s Secure Future Initiative
Get informed on how Microsoft is making security a priority with the Secure Future Initiative.
(7 mins)
SFI + Threat detection + Cloud security
When you’re ready to delve even deeper into your network security, consider some of our longer videos and learning courses:
Implementing network security in Azure (4 hours, 36 minutes): This four-module course will show you how to configure, protect, and isolate a network in Azure.
Deep Dive on Microsoft Entra Private Access (1 hour, 1 minute): This video will give you a thorough look at the Microsoft Entra private access Zero Trust network.
When it comes to your network, there’s no such thing as being too secure. If you’d like to hear more about network security, leave a comment below with your ideas, and come back later for more biweekly skilling snacks.
Continue the conversation. Find best practices. Bookmark the Windows Tech Community, then follow us @MSWindowsITPro on X/Twitter. Looking for support? Visit Windows on Microsoft Q&A.
Microsoft Tech Community – Latest Blogs –Read More
Grow with Copilot for Microsoft 365 – May 2024
Welcome to Grow with Copilot, a new series where we curate relevant news, insights, and resources to help small and medium organizations harness the power of Copilot. In this edition, we take a look at the round up of recent product enhancements shared during today’s quarterly Microsoft 365 Product Connect for CSPs (on-demand available on May 22), Small and Medium Business (SMB) customer spotlight on Morula Health, SMB insights from the latest Work Trend Index, and resources to help organizations of every size get more out of Copilot.
ICYMI: Spring 2024 round up of product enhancements
Microsoft continues to invest in expanding Copilot for Microsoft 365 availability to more audiences, adding and refining Copilot experiences and how the product leverages data.
Reaching more customers
Expanded language support: we added Tier 2 languages including Arabic, Chinese Traditional, Czech, Danish, Dutch, Finnish, Hebrew, Hungarian, Korean, Norwegian, Polish, Portuguese, Russian, Swedish, Thai, Turkish, Ukrainian, to Copilot bringing the current total to 27 that you can find here.
Expanded SKU eligibility: we added Business Basic as a pre-requisite in April. That means whether you use Business Basic, Standard, or Premium, you can purchase Copilot for Microsoft 365 without a minimum seat requirement.
Increasing your digital efficiency
Copilot in Forms: Simplify creating surveys, polls, and forms with Copilot for Microsoft 365. Copilot will provide relevant questions and suggestions, and then you can refine the draft by adding extra details, editing text, or removing content. Learn more here.
Copilot in Stream: Get information quickly about your video content through Copilot in Stream, and catch up on the latest Teams meeting recordings, town halls, product demos, how-tos, or onsite videos. Learn more here.
Help Me Create: Let Copilot suggest the best format to bring your content to life, whether it’s a white paper, presentation, list, or quiz, and more. Learn more here.
Copilot in OneDrive (web): Get information about files in OneDrive without opening them, Copilot will provide you with smart and intuitive ways to interact with your documents, presentations, spreadsheets, and files. Learn more here.
Improving reasoning over data
Graph-grounding for Copilot in Word, Excel, PowerPoint, and Outlook: Copilot can now ground prompts in Graph content from within Word, Excel, PowerPoint, and Outlook, expanding context for responses and creating a more cohesive experience. Learn more here.
Improved usage reports: The Usage reports in the Microsoft 365 admin center now include usage metrics for Microsoft Copilot with Graph-grounded chat. This allows you to see how Chat usage compares with Copilot usage in other apps like Teams, Outlook, Word, PowerPoint, Excel, OneNote and Loop. Learn more here.
Adv. Data Residency + Multi-Geo: New commitments covering stored content of interactions with Copilot for Microsoft 365 have been added to existing data residency commitments for Microsoft 365, including the Advanced Data Residency and Multi-Geo Capabilities add-ons. Learn more here.
Restricted SharePoint Search: Interim measures to secure your data as you roll out Copilot for Microsoft 365. Admins can protect their most critical data without having to slow down user enablement while getting their tenant ready for Copilot. Learn more here.
Product enhancements are covered in our monthly What’s New in Copilot monthly blog, and you can always refer to the Microsoft roadmap to see what’s coming next.
SMB Customer spotlight: Morula Health
Morula Health, a UK health provider of under 50 employees, provides regulatory and clinical medical writing solutions to global clients in the healthcare sector. We recently sat down with Philip Burridge, Operations & Strategy, and Jayshwini Sanghani, Marketing, about their experience with Copilot.
Why was Copilot the right solution for your company and how does Morula Health use Copilot for Microsoft 365 today?
Jayshwini: Copilot is in the tools like Word, PowerPoint, Outlook that we were already using. So, the fact that Copilot can integrate so well with those kind of platforms, it made it so much easier. I didn’t then have to take all of that content across to a different platform. It was all available there.
Philip: We would in no way ever go near any of these early AI tools that were being released if we weren’t 100% confident that our data and the data that we are using from our customers is kept 100% secure. With Copilot, we know that none of this data is going back to the language models, nor is any of our data even going to leave our environment. We know that when we sign CDAs and NDAs with our clients, that they can be 100% confident that we are adhering to those and that they can trust us with their information.
What are some ways Copilot for Microsoft 365 is helping you be more effective?
Jayshwini: Copilot gives me new fresh ideas that I can then go and work off instead of just, you know, starting at a blank screen. Prior to Copilot, a blog draft would normally take about 3 weeks to write up, to finalize, and then to post. Whereas now with Copilot, I feel like it’s really possible for me to get two blog drafts out in a week.
Philip: I can be completely engaged on calls and focus on how to steer this call in the right direction to get the best out of everyone on that call. I make a few notes on my notepad of the specific topics that were discussed and ask Copilot to recap after. Not only does Copilot transcribe everything perfectly from our calls, but it’s able to pick up highly specific terminology relevant to our particular industry.
How has this ultimately changed the way people work?
Philip: We’ve started actually recognizing what prompts work near enough every time for each different section of a report that we need to write, so we’re building them into our template so our medical writers know immediately here’s a particular prompt that will help you to get started on this particular section. And what that actually does is it frees up our medical writers from the repetitive tasks, so they can focus on understanding what their data is trying to say and enhancing the quality and the strategy of what we’re trying to achieve with that document for our clients.
Check out the full customer story and other customer stories here.
2024 Work Trend Index Survey: Insights from SMBs
In the dynamic landscape of small and medium businesses, the integration of AI is not just an option—it’s a strategic necessity. The 2024 Work Trend Index Survey show that 78% of SMB workers across the world are already employing AI tools. With 71% of SMBs finding daily tasks energetically taxing and 67% finding innovation and strategic thinking burdensome, the pressing need for AI solutions is evident. A substantial number, over 50%, feel overwhelmed by data retrieval tasks and endure a lack of dedicated focus time.
The productivity benefit is huge. Small business productivity is only half that of large companies, raising it to top-quartile levels relative to large companies is equivalent to 5 percent of GDP in advanced economies and 10 percent in emerging economies, according to this month’s McKinsey Global Institute report.
Download the Work Trend Index – SMB executive summary. See how the data compares for small and medium-sized businesses and in US metropolitan areas. Read the full report on WorkLab.
AI for every business
While leveraging AI offers SMBs an advantageous edge, a conspicuous training deficit exists – only one third of SMB AI users have received training. To bridge the training deficit, we continue to publish resources to help every role, in every business, get more out of copilot wherever you are in your journey. Check out these recently published resources:
The Right Way to AI: What we’re learning about successful AI adoption from companies getting it right. A checklist you can follow with your AI rollout. Read more here
Training for every role: We host webinars for Executives, Sales, Marketing, IT Professionals, HR and more. Register for one (or more!) here.
“Prompt Like a Pro”: a new monthly blog series from the Microsoft Teams Tech Community that will teach you how prompts can help you can transform the way you work with AI by taking advantage of Copilot in Microsoft Teams
Copilot Skilling content: Copilot Academy offers self-paced training from familiarizing yourself with Copilot capabilities to learning how to prompt. We recently published the new 4000 series of courses that cover topics across end users, admins, and trainers. Check out MS-4004/5/6/7 courses on AI Learning Hub
Thank you for reading. Let us know in the comments how you use Copilot for Microsoft 365!
Footnotes
1 Copilot for Microsoft 365 may not be available for all markets and languages. Review current eligibility here.
2 We surveyed 31,000 people across 31 countries, identified labor and hiring trends from LinkedIn, analyzed trillions of Microsoft 365 productivity signals and conducted research with Fortune 500 customers. These insights are detailed in the (2024) Work Trend Index.
3McKinsey report (May 2, 2024): McKinsey Global Institute report.
Microsoft Tech Community – Latest Blogs –Read More
Dividing values in two datasets
Hello,
In short, I am trying to divide two values, one in DatasetC and one in DatasetA. I have tried to use Lookup to do it, but to no avail.
I am recreating a report and plugging it into SSRS. I have rewritten the report in SQL and it contains 6 parts, A, B, C, D, E, F and G. I am needing to divide DatasetC by DatasetA in order to get a percentage. I have looked into this and all I can find is to use Lookup, but when I do is produces an error. Below is the formula I am using. They all connect to the same datasource. Any advice would be appreciated.
=Lookup
(
Fields!Outstanding.Value,
Fields!Outstanding.Value,
Fields!Balance.Value,
“PartD”
)
/
Lookup
(
Fields!Outstanding.Value,
Fields!Outstanding.Value,
Fields!Balance.Value,
“PartA”
)
Thank you
Hello, In short, I am trying to divide two values, one in DatasetC and one in DatasetA. I have tried to use Lookup to do it, but to no avail. I am recreating a report and plugging it into SSRS. I have rewritten the report in SQL and it contains 6 parts, A, B, C, D, E, F and G. I am needing to divide DatasetC by DatasetA in order to get a percentage. I have looked into this and all I can find is to use Lookup, but when I do is produces an error. Below is the formula I am using. They all connect to the same datasource. Any advice would be appreciated. =Lookup(Fields!Outstanding.Value,Fields!Outstanding.Value,Fields!Balance.Value,”PartD”)/Lookup(Fields!Outstanding.Value,Fields!Outstanding.Value,Fields!Balance.Value,”PartA”) Thank you Read More
Outlook Deleting Junk Email Automatically
This has happened two times this morning. I had two emails come into my inbox. One of them I marked read and it disappeared. Then another one came in and while I was reading it, it disappeared. I searched through my email and I do not see it. I went to the online email webpage and it is missing from there.
Is Microsoft now deleting emails it thinks are junk/spam? That is not good.
This has happened two times this morning. I had two emails come into my inbox. One of them I marked read and it disappeared. Then another one came in and while I was reading it, it disappeared. I searched through my email and I do not see it. I went to the online email webpage and it is missing from there. Is Microsoft now deleting emails it thinks are junk/spam? That is not good. Read More
Analyse Data button not visible in MS365 Excel
The AI-powered feature Analyse Data button is not visible in the Excel app. I have a yearly subscription. In Powerpoint I can see the AI-powered feature Designer. I can see a new feature Data From Picture in Excel, so why can’t I see the Analyse Data button > Home? pls help.
The AI-powered feature Analyse Data button is not visible in the Excel app. I have a yearly subscription. In Powerpoint I can see the AI-powered feature Designer. I can see a new feature Data From Picture in Excel, so why can’t I see the Analyse Data button > Home? pls help. Read More
A step by step / checklist for all settings / plugins etc. needed to make LDAP functional in hybrid
I would like a checklist for all settings / plugins etc. needed to make LDAP fully functional in an Azure Hybrid environment.
I would like a checklist for all settings / plugins etc. needed to make LDAP fully functional in an Azure Hybrid environment. Read More
Bookings emails not stored in Sent folder
I’ve just recently created my Bookings page at work. When I send a private invitation via email from the Bookings page, the email shows in an Exchange trace, but it doesn’t show up in my Sent folder in Outlook. I need that to happen, because I need to document that the email was sent, and would rather not have to run an Exchange trace each time I use the feature. Is there a setting that can be enabled?
I’ve just recently created my Bookings page at work. When I send a private invitation via email from the Bookings page, the email shows in an Exchange trace, but it doesn’t show up in my Sent folder in Outlook. I need that to happen, because I need to document that the email was sent, and would rather not have to run an Exchange trace each time I use the feature. Is there a setting that can be enabled? Read More
Checking file access permissions on SharePoint Document Library using Power Automate
I looking for a way to check specific group file permissions on a SharePoint document library. The request needs to go through SharePoint HTTP connector in Power Automate.
I have found this page in SharePoint settings which is exactly what I need. But I am struggling to find a proper HTTP request to get this data in Power Automate.
Desired data:
I have tried using the following requests:
_api/web/RoleAssignments/GetByPrincipalId(14)/RoleDefinitionBindings
I looking for a way to check specific group file permissions on a SharePoint document library. The request needs to go through SharePoint HTTP connector in Power Automate. I have found this page in SharePoint settings which is exactly what I need. But I am struggling to find a proper HTTP request to get this data in Power Automate. Desired data:View in SharePoint I have tried using the following requests: _api/web/RoleAssignments/GetByPrincipalId(14)/RoleDefinitionBindings Read More
would like to reset value to 0
Hi,
I have a Powerapps form and one of the columns is where user enters a count of an item
That count should be reset to 0 when the editform is used if a choice column value is selected, otherwise leave the entered value as is.
I am trying to use this formula in the RESET property of the Count column:
Hi,I have a Powerapps form and one of the columns is where user enters a count of an itemThat count should be reset to 0 when the editform is used if a choice column value is selected, otherwise leave the entered value as is. I am trying to use this formula in the RESET property of the Count column: If(FlightInfo.Mode=FormMode.Edit, (DataCardValue4.Selected.Value = “Non-actionable”),ThisItem.’Guest Count’)it is probably not the correct formula or maybe the correct location to reset the value to 0 but powerapps is not returning an error but the formula does not act as expected. Any help is appreciated. Ren Read More
Azure Communication Services at Microsoft Build 2024
Join us in-person in Seattle or virtually for Microsoft Build 2024 from May 21 to 24. We’re excited to share the latest updates from Azure Communication Services with the developer community. Microsoft Build is your opportunity to connect with developers around the world and learn new skills in topics like copilots, generative AI, application security, cloud platforms, low-code, and more.
Don’t miss the chance to register for Microsoft Build 2024.
Below is the lineup of sessions that will showcase the upcoming releases from Azure Communication Services, along with samples, demos, and how-to manuals for building effective and efficient communication experiences. If you are a developer in the communication space, make sure to add these to your Build backpack.
Demo: In-person
Build Generative AI voice bots with line of business data
May 21 11:45 AM – 12:00 PM PST | Shawn Henry
Personalize customer interactions with voice bots that can have natural, real-time conversations. Join us in a step-by-step journey to construct a voice bot for your business that not only talks but draws from your company’s knowledge base. Additionally, learn how to use Azure Communication Services APIs to add advanced customizations including integration with voice, video, chat, SMS, WhatsApp and telephony capabilities into your apps with just a few lines of code.
Breakout: In-person & Virtual
Multimodal, and Multiagent innovation with Azure AI
May 21, 2:15 – 3:00 PM PST | Marco Casalaina and Mark Schoennagel
Join us at Microsoft Build for a showcase on Azure OpenAI Service’s breakthroughs and evolution of Azure AI. Explore GPT-4, multi-modality, and demos integrating sight and language with Dall-E and Whisper. Learn about developer tools, AI assistants, scalable applications, and customization. Focus on responsible AI, data privacy, and security with Azure. Featuring interactive demos and stories from companies like Unity Technologies, this session is perfect for developers and innovators.
Live Talk Show (Interstitial): In-person
Build AI-powered apps on the platform that runs Microsoft Teams and tour the mechanics of Azure Communication Services
May 23, 12:45 – 1:15 PM PST | Jeremy Chapman and Milan Kaur
Milan Kaur, who is an expert on Azure Communication Services, will talk to Microsoft Mechanics’ host Jeremy Chapman about the recent developments in how Teams and Azure Communications can interoperate to create compelling customer service solutions. The Interstitials are not part of the session catalogue on the Build app/website and will take place live in the expert meet up area.
Demo: In-person
Extend Copilot for Microsoft 365 with Azure Communication Services
May 23, 4:15 – 4:30 PM PST | Milan Kaur
Extend Copilot for Microsoft 365 to communicate with external audiences through channels such as email, SMS, and WhatsApp. You can use your line of business data to quickly craft personalized messages from the Copilot interface.
We hope you join us for Microsoft’s flagship developer event next week. Let’s build the future together!
Microsoft Tech Community – Latest Blogs –Read More
Evolving Microsoft Credentials for Dynamics 365
Microsoft Dynamics 365 empowers customers everywhere to drive process efficiency and deliver business success. With the introduction of AI and Microsoft Copilot, career growth opportunities are even greater for professionals with technical skills in Microsoft business applications.
We’re pleased to announce that we’re evolving Microsoft Credentials for Dynamics 365. The changes help ensure that skills related to Microsoft’s AI apps and services, the cloud, and other emerging technologies are validated, helping you build the skills you need to be successful in these job roles. We’re also streamlining the certification journey so that you have a more straightforward path to prove those skills.
Currently, the Dynamics 365 learning journey for customer experience professionals involves earning three role-based certifications—Dynamics 365 Sales Functional Consultant Associate certification, Dynamics 365 Customer Insights (Journeys) Functional Consultant Associate, and Dynamics 365 Customer Insights (Data) Specialty. Our goal is to simplify the path and improve the skills-validation experience with a single role-based Microsoft Certification, combined with multiple scenario-based Microsoft Applied Skills, providing the opportunity for professionals to showcase the depth of their knowledge for the role and for specific, real-world projects.
Coming soon: New Microsoft Credentials for Dynamics 365
The new Microsoft Certified: Dynamics 365 Customer Experience Analyst Associate certification will be released in late September 2024. It can help you prove that you have the skills to elevate the customer experience, strengthen customer relationships, and earn customer loyalty by using Dynamics 365 Sales, Dynamics 365 Customer Insights – Journeys, and Dynamics 365 Customer Insights – Data.
Coming soon, to complement the skills validated by the upcoming certification, we’ll release several Applied Skills scenarios related to Dynamics 365 Customer Insights, like creating and managing journeys with Dynamics 365 and creating and managing segments. Stay tuned for more news.
Some Dynamics 365 Certifications to be retired
The new Certification and Applied Skills will allow you to prove skills that are currently measured by the following certifications. These certifications, their exams, and the related renewal assessments will all be retired on November 30, 2024:
Dynamics 365 Sales Functional Consultant Associate and Exam MB‑210: Microsoft Dynamics 365 Sales Functional Consultant
Dynamics 365 Customer Insights (Journeys) Functional Consultant Associate and Exam MB-220: Microsoft Dynamics 365 Customer Insights (Journeys) Functional Consultant
Dynamics 365 Customer Insights (Data) Specialty and Exam MB-260: Dynamics 365 Customer Insights (Data) Specialty
How might these updates impact you?
The following questions and answers can help you determine how this news could impact your learning journey:
Q. What if I’m studying for Exam MB-210, Exam MB-220, or Exam MB-260?
A. If you’re currently preparing for Exam MB-210, Exam MB-220, or Exam MB-260, we strongly recommend that you take the exam before November 30, 2024. You won’t be able to take these exams or earn the associated certification after that date.
Q. I’ve already earned one of these certifications. What happens now?
A. If you’ve already earned the Microsoft Certified: Dynamics 365 Sales Functional Consultant Associate, Microsoft Certified: Dynamics 365 Customer Insights (Journeys) Functional Consultant Associate, or Microsoft Certified: Dynamics 365 Customer Insights (Data) Specialty certification, it will stay on the transcript in your profile on Microsoft Learn. If you’re eligible to renew your certification before November 30, 2024, we recommend that you consider doing so.
Q. Will this change impact Microsoft Partners?
A. For Microsoft Partners, those who have earned any of the eligible certifications before they retire will continue to earn points or credit toward offering requirements as long as those certifications remain on their transcript, until a year after the certifications are retired. New credentials may be eligible for inclusion in the Microsoft AI Cloud Partner Program (Partner Program) requirements. These changes will be shared with partners when additional details are available.
Partner skill-building for Customer Insights will continue as part of the initiatives from the Partner Program
Microsoft Tech Community – Latest Blogs –Read More
Microsoft Entra Private Access for on-prem users
The emergence of cloud technology and the hybrid work model, along with the rapidly increasing intensity and sophistication of cyber threats, are significantly reshaping the work landscape. As organizational boundaries become increasingly blurred, private applications and resources that were once secure for authenticated users are now vulnerable to intrusion from compromised systems and users. When users connect to a corporate network through a traditional virtual private network (VPN), they’re granted extensive access to the entire network, which potentially poses significant security risks. These challenges have introduced new demands that traditional network security approaches struggle to meet. Even Gartner predicts that by 2025, at least 70% of new remote access deployments will be served predominantly by ZTNA as opposed to VPN services, up from less than 10% at the end of 2021.
Microsoft Entra Private Access, part of Microsoft’s Security Service Edge (SSE) solution, securely connects users to any private resource and application, reducing the operational complexity and risk of legacy VPNs. It enhances the security posture of your organization by eliminating excessive access and preventing lateral movement. As traditional VPN enterprise protections continue to wane, Private Access improves a user’s ability to connect securely to private applications easily from any device and any network—whether they are working at home, remotely, or in their corporate office.
Enable secure access to private apps that use Domain Controller for authentication
With Private Access (Preview), you can now implement granular app segmentation and enforce multifactor authentication (MFA) on any on-premises resource authenticating to domain controller (DC) for on-premises users, across all devices and protocols without granting full network access. You can also protect your DCs from identity threats and prevent unauthorized access by simply enabling privileged access to the DCs by enforcing MFA and Privileged Identity Management (PIM).
To enhance your security posture and minimize the attack surface, it’s crucial to implement robust Conditional Access controls, such as MFA, across all private resources and applications including legacy or proprietary applications that may not support modern auth. By doing so, you can safeguard your DCs—the heart of your network infrastructure.
A closer look at the mechanics of Private Access for on-prem user scenario
Here’s how Private Access helps secure access to on-prem resources and applications and provides a seamless way for employees to access the on-premises resources when they’re locally accessing these resources, while ensuring the security of the company’s critical services. Imagine a scenario where an employee is working on-premises at their company’s headquarters. They need to access the company’s DCs to retrieve some important information for their project or make some changes. However, when they try to access the DC directly, they find that access is blocked. This is because the company has enabled privileged access, which restricts direct access to the DC for security reasons.
Instead of accessing the DC directly, the employee’s traffic is intercepted by the Global Secure Access Client and routed to the Microsoft Entra ID and Private Access Cloud for authentication. This ensures that only authorized users can access the DC and its resources.
When the employee attempts to access the private resources they need, they’re prompted to authenticate using MFA. This additional layer of security ensures that only legitimate users can gain entry to the DC. Private Access also extends MFA to all on-premises resources, even those that lack built-in MFA support. This means that even legacy applications can benefit from the added security of MFA. With Private Access, the company has also enabled granular app segmentation, which allows them to segment access to specific applications or resources within their on-premises environment. This means that the employee can only interact with the services they’re authorized to access, ensuring the security of critical services.
Despite these added security measures, the employee’s user experience remains seamless. Only authentication traffic leaves the corporate network, while application traffic remains local within the corporate network. This minimizes latency and ensures that the employee can access the information they need quickly and efficiently.
Key benefits: Elevate network access security to on-premises resources with Private Access
Organizations seeking to enhance the security of their on-premises resources and protect their critical assets, including DCs, against identity threats can benefit from the key capabilities provided by Private Access—in preview. With Private Access, organizations can enable granular segmented access and extend Conditional Access controls to all their private applications.
Private Access allows for the implementation of MFA for private apps that use DC for authentication, adding an extra layer of security to prevent unauthorized access and reduce identity-related risks. By enabling granular segmented access policies for individual applications or groups, organizations can ensure that only authorized users interact with critical resources and services. Additionally, Private Access extends Conditional Access controls to all private resources, even those relying on legacy protocols, allowing organizations to consider factors such as application sensitivity, user risk, and network compliance when enforcing modern authentication methods across their entire environment.
Conclusion
Private Access provides granular access controls on all private applications for any user- on-premises or remote while bridging the gap between legacy applications and modern security practices. The capabilities of Private Access provide new tools to confidently enable secure access to private apps that use DC for authentication and navigate the complex landscape of modern authentication and access controls.
Explore the future of secure access today by joining Microsoft Entra Private Access in preview and stay ahead of evolving security challenges.
To learn more, watch “Announcing new capabilities to protect on-premises resources with MFA via Microsoft Entra Private Access” for a closer look into how these new capabilities work.
Read more on this topic
Microsoft Entra Private Access: An Identity-Centric Zero Trust Network Access Solution
Learn more about Microsoft Entra
Prevent identity attacks, ensure least privilege access, unify access controls, and improve the experience for users with comprehensive identity and network access solutions across on-premises and clouds.
Microsoft Entra News and Insights | Microsoft Security Blog
Microsoft Entra blog | Tech Community
Microsoft Entra documentation | Microsoft Learn
Microsoft Entra discussions | Microsoft Community
Microsoft Tech Community – Latest Blogs –Read More