Microsoft invests billions each year in its cloud infrastructure including physical and logical security.   Below are two tours that describe how over a billion people each year utilize Microsoft’s state-of-the-art cloud data centers. Call Legal Computer Consultants for more information on deploying your firm’s operations to the world leading Micrsoft Azure Cloud.  (800) 646-9199.

 

 

Legal Computer Consultants can help you manage your Azure costs in several ways. In this post we will discuss how snapshots of your servers can unexpectedly cause an unanticipated increase in your storage costs.

Best practices dictate that you manage snapshots carefully to avoid extra charges. Microsoft recommends that you manage snapshots in the following manner:
Delete and re-create snapshots associated with a blob whenever you update the blob, even if you are updating with identical data, unless your application design requires that you maintain snapshots. By deleting and re-creating the blob’s snapshots, you can ensure that the blob and snapshots do not diverge.
If you are maintaining snapshots for a blob, avoid calling UploadFile, UploadText, UploadStream, or UploadByteArray to update the blob, as those methods replace all of the blocks in the blob. Instead, update the fewest possible number of blocks by using the PutBlock and PutBlockList methods.

 

 

For more information see this Microsoft support article:   Understanding How Snapshots Accrue Charges.

Call Legal Computer Consultants at (800) 646-9199 to speak to an Azure engineer to help your firm reduce costs on Microsoft Azure.

 

 

Microsoft will roll out Windows 10 version 1903 beginning this month (May, 2019) with enhanced deployment options for IT administrators as well as security improvements. Microsoft plans to release a new “health dashboard” for Windows 10 users. It will show “near real-time” information on the Windows 10 rollout status and known issues across both feature and monthly updates.

See full article in Redmond Magazine at Windows 10 Version 1903 Arriving in May with Enhanced Controls. 

Properly implemented, Office 365 Advanced Threat Protection (ATP) helps protect against sophisticated threats hidden in email attachments and links, and it provides cutting-edge defenses against zero-day threats, ransomware, and other advanced malware attempts.

 

Call Legal Computer Consultants today to learn how Advanced Threat Protection can help your firm protect itself from advanced threats.

(800) 646-9199

If your firm needs to comply with regulatory standards for retaining your data, the Office 365 Security & Compliance Center provides features to manage the lifecycle of your data in Exchange Online. This includes the ability to retain, audit, search, and export your data. These capabilities are sufficient to meet the needs of most firms.

However, some firms in highly regulated industries are subject to more stringent regulatory requirements. For example, firms that deal with financial institutions such as banks or broker dealers may be subject to Rule 17a-4 issued by the Securities and Exchange Commission (SEC). Rule 17a-4 has specific requirements for electronic data storage, including many aspects of record management, such as the duration, format, quality, availability, and accountability of records retention.

To help these firms better understand how the Security & Compliance Center can be leveraged to meet their regulatory obligations for Exchange Online, specifically in relation to Rule 17a-4 requirements, Microsoft has released an assessment in partnership with Cohasset Associates.

Cohasset validated that when Exchange Online and the Security & Compliance Center are configured as recommended, they meet the relevant storage requirements of CFTC Rule 1.31(c)-(d), FINRA Rule 4511, and SEC Rule 17a-4.

Click below to download the report by Cohasset.

Office 365 Exchange Online Cohasset SEC 17a-4(f) Assessment

Highly regulated industries are often required to store electronic communications to meet the WORM (write once, read many) requirement. The WORM requirement dictates a storage solution in which a record must be:

  • Retained for a required retention period that cannot be shortened, only increased.
  • Immutable, meaning that the record cannot be overwritten, erased, or altered during the required retention period.

In Exchange Online, when a retention policy is applied to a user’s mailbox, all of the user’s content will be retained based on the criteria of the policy. In fact, if a user attempts to delete or modify an email, a copy of the email before the change is made will be preserved in a secure, hidden location in the user’s mailbox. Retention polices can ensure that an organization retains electronic communications, but those policies can be modified.

By placing a Preservation Lock on a retention policy, an organization ensures that the policy cannot be modified. In fact, after a Preservation Lock is applied to a retention policy, the following actions are restricted:

  • The retention period of the policy can only be increased, not shortened.
  • Users can be added to the policy, but no user can be removed.
  • The retention policy cannot be deleted by an administrator.

For more information on how the Security & Compliance Center can be leveraged to meet your regulatory obligations for email with Office 365 Exchange Online, Contact Legal Computer Consultants at (800) 646-9199.

Microsoft announced the public preview of Windows Virtual Desktop on Microsoft Azure. Windows Virtual Desktop is a desktop and app virtualization service that runs on the cloud rather than on your Windows 7 or Windows 10 computer. Law firms can migrate case management, time and billing, accounting and other software to any type of device while maintaining the look and feel of a Windows desktop.  Firms can leverage the built in security, compliance and Windows desktop functionality configured directly by Microsoft.

This is a dramatic change for Microsoft which previously did not license Windows desktops on any public cloud, including Amazon Web Services and its own Azure Cloud.

For Windows 7, Microsoft is extending support for 3 additional years after the current January, 2020 end of support date.

Public preview is a precursor to general availability which is expected to be in the latter half of 2019.

 

Azure Sentinel is a cloud-based security information and event management (SIEM) service.  SIEMs normally require a substantial upfront investment in hardware, software and infrastructure costs.  With Azure Sentinel there are no upfront costs, you only pay for what you use.  Azure Sentinel uses the power of artificial intelligence to ensure you are identifying real threats quickly and eliminates the need to spend time on setting up, maintaining, and scaling infrastructure.  

Azure Sentinel provides intelligent security analytics at cloud scale for your entire Law Firm. Azure Sentinel makes it easy to collect security data across your entire firm from devices, to users, to apps, to servers on any cloud.  For more information see video below .  

 

 

Law firms that utilize Microsoft SQL Server 2008 must prepare now for end of support on July 9, 2019.  SQL server is the backend of popular case management software such as Lexis Nexis Timematters and PCLaw, Aderant Total Office and others.  See announcement by Microsoft:  Announcement regarding SQL Server 2008 end of support.

That means that known security holes will no longer be updated by Microsoft free of charge and networks that contain Microsoft SQL 2008 servers will be vulnerable to hacking, malware and viruses if not updated.  Two options for upgrading are  Microsoft Azure SQL Database service or Microsoft SQL Server 2017 software. (SQL Server 2019 has not been publicly released as of this writing).   Azure Database is a fully managed relational cloud database service on the Microsoft Azure Cloud.

Both options improve security by instituting encryption by default, both at rest and in transit, what Microsoft calls “Always Encrypted”.  For more information on this feature see:  Always Encrypted. 

Planning and preparation are key to a smooth transition.  This should include an evaluation of front end applications, such as case management software, to ensure compatibility with the latest platforms.

After January 14, 2020, Microsoft will no longer provide free security updates or support for PCs running Windows 7. That means that known security holes will no longer be updated by Microsoft free of charge and networks that contain Windows 7 PC’s will be vulnerable to hacking, malware and viruses if not updated. 

The time to start planning these upgrades should begin now to phase in new PC’s running Windows 10 or begin an upgrade of existing PC’s to Windows 10.  LCC recommends any new systems utilize Windows 10 Enterprise to maximize the built in security features. 

Here are some noteworthy configurable security upgrades in Windows 10 (some, as noted, only in Windows 10 Enterprise):
Windows Defender SmartScreen helps prevent malicious applications from being downloaded.

Credential Guard helps keep attackers from gaining access through Pass-the-Hash or Pass-the-Ticket attack so that only privileged system software can access the systems.  Credential Guard is included in Windows 10 Enterprise and Windows Server 2016.

Enterprise certificate pinning helps prevent man-in-the-middle attacks. This enables you to protect your internal domain names. 

Device Guard helps keep a device from running malware or other untrusted apps.
Device Guard: allows you to create a whitelist of trusted apps—the only apps allowed to run in your organization. Device Guard is included in Windows 10 Enterprise and Windows Server 2016.

Windows Defender Antivirus, which helps keep devices free of viruses and other malware.
Windows 10 includes Windows Defender Antivirus, a robust inbox antimalware solution. Windows Defender Antivirus has been significantly improved since it was introduced in Windows 8.

Blocking of untrusted fonts helps prevent fonts utilized in certain “elevation-of-privilege” attacks.
Block Untrusted Fonts is a setting that allows you to prevent users from loading fonts that are “untrusted” onto your network, which can mitigate these types of attacks. 

Memory protections help prevent malware from using memory manipulation attacks. This feature helps to protect against memory-based attacks, where malware or other code manipulates memory to gain control of a system. 

UEFI Secure Boot helps protect the platform from bootkits and rootkits malware . Unified Extensible Firmware Interface (UEFI) Secure Boot is a security standard for firmware built in to PCs by manufacturers beginning with Windows 8. It helps to protect the boot process and firmware against tampering, such as from a physically present attacker or from forms of malware that run early in the boot process or in kernel after startup.

Early Launch Antimalware (ELAM) helps protect the platform from rootkit malware disguised as drivers.

Device Health Attestation (DHA) helps prevent compromised devices from accessing an organization’s assets. Device Health Attestation (DHA) provides a way to confirm that devices attempting to connect to an organization’s network are in a healthy state, not compromised with malware. When DHA has been configured, a device’s actual boot data measurements can be checked against the expected “healthy” boot data. If the check indicates a device is unhealthy, the device can be prevented from accessing the network.

 

 

Extended support will cost between $50 to $100 per OS.
Is it time to consider moving your firm to the Microsoft Azure cloud?