Microsoft Azure Storage Security

I am studying the Microsoft Azure Administrator modules off of the Microsoft “Learn” website. It is a great free resource to learn some of the hottest and most relevant modern Cloud technologies. This one particular area piqued my interest: data storage security. I know that many businesses and various leaders are pessimistic about the protection of their Cloud data. It makes sense. Why would any leader not think about the way in which their organization’s data is stored in the Cloud? To many leaders, the notion of their valuable data being moved to and handled in the Cloud does not necessarily make them feel warm and fuzzy [as we may see in the commercials ;> ]. Instead they have a healthy cynicism of their data handling. I agree with the healthy cynicism.

But Microsoft Azure has many ways in which to secure data. These include, but are not limited to, proper network security rules to block out most or all traffic; access control lists; strict internal roles based access; and good old-fashioned data encryption.

Azure automatically encrypts all data as it is stored or written to the cloud, i.e. is stored “at rest” [meaning, it is sitting on the disk, so to speak]. Any file that is written to Azure storage is encrypted with Storage Service Encryption (SSE). It is 256-bit AES encryption. This is very powerful encryption and is an industry standard. My favorite part of the SSE is that this encryption of the data that gets stored to disk does NOT affect performance. So, there is no degradation whatsoever to services. Encryption involves scrambling of bits and bytes and generally takes some resources, but Microsoft accomplishes this with no hit to resources.

Of course, in addition to the SSE security, the actual virtual disks themselves, if applicable, can be encrypted as well with ‘BitLocker’ for Windows or ‘dm-crypt’ for Linux . But I wanted to focus only on the Storage Security Encryption at this point. And this SSE should help any leader breathe a sigh of relief when thinking about their data security.

Microsoft Learn can be reached here

SonicWall 802.11ac WiFi Access Points

SonicWall SonicWave 802.11ac [Wave 2] access points target multiple market types: retail, hospitality, healthcare, education, transportation, government & financial institutions, construction, and transportation. These versatile APs [access points] go above and beyond the usual offerings, with their security radio scanner, Capture Security Center and WCM or WiFi Cloud Manager capabilities.

SonicWall Stacked Wave 2 AP

Some stand out SonicWall Wave 2 AP feature details:

  • Assist with HIPAA & PCI compliance to protect customer or patient data
  • Can power on IP phones in hotel rooms
  • Monitor networks in real-time, complete with audit logs
  • Mesh technology for easy WiFi expansion
  • Capture ATP-driven “Deep Memory Inspection” of traffic
  • Ruggedized outdoor APs with solid “IP67” ratings for harsh weather

Read all about the SonicWall Wave 2 APs

Microsoft 365 Zero Standing Access with Customer Lockbox

I am studying for one of the Microsoft 365 Certifications. I am using the free “Microsoft Learn”* offerings or paths. They are excellent. I already went through the “Azure Fundamentals” and passed that exam. But now I want to work on some Microsoft 365 or “M365” certification [Office 365, but with EMS – “Enterprise Mobility and Security”].

In Unit 5 of the Compliance Module, Microsoft points out that the most dangerous attack vector is compromised credentials. One way to fight this is with “Zero Standing Access”: it is a “users don’t get permissions by default” approach to data access within their Office 365 space. If they need access, there is a request process available. This needs to be set up accordingly. I absolutely love this.

M365 Zero Standing Access
Zero Standing Access

They also apply this concept to their Data Centers, by way of “Lockbox Workflow”. The point is that not everyone and anyone can simply open a file, or (in the case of a Microsoft Data Center) walk on into a tenant space and ‘look around’. They have safeguards to stop that and help customers get more organized around the matter of access and data security. IT and Auditors especially love this.

M365 Customer Lockbox
Lockbox

* Microsoft Docs, Microsoft Learn

Microsoft Visual Studio 2019

Microsoft Visual Studio 2019 is looking very sharp! The tools cover almost anything or any area of development you can imagine. For starters, per below, you can see the latest edition goes way beyond the standard IDE, and it crosses into all major platforms, goes into Azure DevOps [for teams ]and the App Center, and in their own words, you can:

Develop apps for Android, iOS, Mac, Windows, web, and cloud.”

Switzerland Welcomes Azure Region

“Microsoft Azure available from new cloud regions in Switzerland” – business is booming for Microsoft Azure.

In Switzerland, where we’ve been operating for 30 years, Azure is now available from new cloud datacenter regions located near Zurich and Geneva. More than 30 customer and partner organizations are already using these Azure services. Companies becoming more efficient, innovative, and productive through their usage of Azure in Switzerland include:

  • UBS Group, the world’s largest wealth manager, is using Microsoft Azure cloud technology to modernize many critical business applications, to leverage digital channels, and to rethink how its global workforce collaborates.
  • The Swiss Re Group, one of the world’s leading providers of reinsurance, insurance, and other forms of insurance-based risk transfer, has chosen us as a strategic partner and preferred public cloud provider. Through their use of technology and our partnership, Swiss Re strives to make insurance simpler and more accessible than ever.
  • Swisscom, the national telecommunications provider, is now offering its customers managed public cloud services delivered via our global infrastructure and new Swiss cloud regions. Swisscom will be the first Swiss telecommunications provider to offer ExpressRoute, a secure, highly available, high-performance, and private connection to Azure services.”

https://azure.microsoft.com/en-us/blog/microsoft-azure-available-from-new-cloud-regions-in-switzerland/

Apple iPhone 11 Pro

Not really an Apple person per se, but the new iPhone 11 certainly looks fantastic. It is a sleek, metallic design, no doubt about that. Supposedly the processor [A13 Bionic] is faster and the overall battery life will see an increase.

But the camera / video capabilities seem to be elevated to a new level. I am particularly interested in the seemingly advanced video editing. I think this will lure in more people than we might think, even considering the high price points. Time will tell!

Apple iPhone 11 Pro release.

My First Android App!

Ok, so this is a first for me. I have always had an interest in radio from around the globe. I think it is interesting to be brought to another place via live broadcast or streaming music. So, about 6 months ago, I decided to create a free Android App for radio streaming. I recently, finally finished.

It is called “World Radio” [I know, not too creative]. Although it is clearly new and obviously from a novice Android Studio and Java developer, it DOES work nicely. I try to test the stations often to verify they are operating or have not changed streaming addresses. I also am working to gather quality radio, as opposed to mainly Top 40 / Pop.

I had no idea Google made developers jump through SO MANY hoops before publishing an App! But it has been a great experience.

My first Android App is very small, at 5 Megabytes. Please give it a try if you use Android! I need people to use it on various Droid devices, so even if you do not use these types of Apps, please test it for a day or so, and maybe give me some feedback. I’d really appreciate it. THANK YOU!

Sorry iPhone people – I have simply never gotten into the iOS world, but may do so in the future ;>

My World Radio App is located here:

https://play.google.com/store/apps/details?id=com.riguy.worldradio

Thanks!

FREE Trend Micro House Call

Did you ever get that feeling that your computer was acting “funny” or was “too slow”, in an unusual sort of way? Or maybe you read a recent article about the latest malware or creepy hack attack that got you thinking about hijacked video cameras? Sometimes hacks can bypass your traditional antivirus or endpoint security. Every once in a while, I like to run the Trend Micro awesome free security scan.

There is nothing wrong with double checking your current security software! Two eyes are better than one. Trend Micro has a long track record in the security software world. They are well regarded and this is a very solid offering. Obviously, the fact that it is free makes it even better! It can be downloaded and quickly installed and run right away. Always run a full scan in this case [not the quick scan]- go big or go home, so to speak. If Trend Micro is currently in use, try the McAfee free option.

So far, so good:

Grab the free security scan here