by Scott Muniz | Jun 29, 2020 | Uncategorized
This article is contributed. See the original author and article here.
MK Illumination specializes in custom, end-to-end lighting solutions for seasonal celebrations and themed attractions. The company manufactures commercial lighting products and offers a range of lighting design services, helping cities and retail spaces turn everyday spaces into extraordinary experiences. Headquartered in Innsbruck, Austria, the company is active across the world, crafting ideas and delivering projects through its subsidiaries in various countries.
In 2019, employees at MK Illumination were using Microsoft Exchange Online with local copies of Office applications. They stored company documents on third-party cloud file-sharing services and on-premises file servers. Often, there were multiple versions of the same file stored on local file servers, personal hard drives, and in cloud folders. To overcome these challenges, the company began looking for a versioning and workflow automation solution to keep its specialized sales cycle and other business-process information current and accurate.
The company’s IT partner, Swedish company WeSafe, suggested a unified, efficient, agile, and scalable option: upgrade licenses to Microsoft 365 Business Premium. This would give remote employees such as sales representatives access to the most current documents regardless of where they work—and the ability to create custom Microsoft Teams workflows for project management.
Automated project workflows
Today, MK Illumination employees store all relevant project information in one place with Teams, and find the data they need quickly, without needing to search in multiple folders and apps. Workers automatically back up and share files with Microsoft Teams, and they also chat, call, and hold video conferences with others through this application.
WeSafe, a 2017 Microsoft Partner of the Year, went a step further in enhancing collaboration by creating new efficiencies using Microsoft 365 automation and integration tools. In a week, the partner used Power Apps to build a new app within Teams that integrates tools such as Planner and To Do to define and automate project workflows.
Each step in a project is validated and routed to the next person in the workflow using Power Automate, which automates manual processes with UI flows. Now when employees start a project, they click a button to automatically set up Planner and a Teams channel. Everything from sending invites and task reminders and assigning tasks to archiving projects is now done from this new app. Employees attach documents to project tasks and edit the files together online without leaving the Teams environment.
MK Illumination employees have embraced this new way of working to be more efficient, collaborating seamlessly in one place with all the necessary tools.
Integrated identity and data security
The partner also created a chatbot for Teams using Microsoft Power Virtual Agents. The chatbot manages workflow notifications based on employee identity information from Azure AD. The WeSafe solution also offers single sign-on and multifactor authentication powered by Azure AD and draws on that identity data to automatically prepopulate information in Teams workflows and perform tasks like validating project budgets. Employees can now look up colleagues’ job titles, org chart information, and contact details with the Teams chatbot.
Security, like collaboration, is now integrated at MK Illumination. After upgrading to Microsoft 365 Business Premium, the customer deployed Office 365 Advanced Threat Protection for email security to protect against malware and phishing as employees work with customers and partners from across the world. MK Illumination is focused on strengthening security—the company is undertaking planning to activate the mobile device management capabilities in Microsoft Intune next.
Work in a new reality
When the worldwide pandemic raised health and safety concerns in early 2020, MK Illumination used its agile new work solution from Microsoft 365 to quickly, seamlessly, and securely transition office staff to work from home. Employees access everything using the cloud, so the company no longer needs to maintain or secure a third-party virtual private network (VPN) solution or local file servers. Project management tools and documents are all accessible in Teams, so employees can work together from anywhere using any type of internet connection. And MK Illumination continues to get the most out of its data using low-code, customizable, automated workflows built by its IT partner WeSafe.
Even in this new reality, MK Illumination is excited to use more of the cloud tools and security features included with Microsoft 365 to break down collaboration silos as it creates stunning lighting experiences that bring a sense of wonder to special events and holidays.
by Scott Muniz | Jun 29, 2020 | Azure, Microsoft, Technology, Uncategorized
This article is contributed. See the original author and article here.
As Microsoft Azure technology evolves, so does the Azure Solutions Architect Expert certification. In keeping with that evolution, we’re excited to announce new versions of the exams required for this certification: AZ-303: Microsoft Azure Architect Technologies (beta) and AZ-304: Microsoft Azure Architect Design (beta).
Is this the right certification for you?
As a candidate for the Azure Solutions Architect Expert certification, you should have subject matter expertise designing and implementing solutions that run on Azure. Your responsibilities include advising stakeholders and translating business requirements into secure, scalable, and reliable cloud solutions.
You’re on the right certification path if you have advanced experience and knowledge of IT operations, including networking, virtualization, identity, security, business continuity, disaster recovery, data platform, budgeting, and governance. You should also have expert-level skills in Azure administration and experience with Azure development and DevOps processes.
Ready to prove your skills on Azure architecture?
Be sure to take advantage of the discounted beta exam offers. The first 300 people who register for and take one of these exams on or before August 10, 2020, can get 80% off market price! This applies to both exam AZ-303 (beta) exam and exam AZ-304 (beta), for a total of 600 discounted exams. Remember that you can take Microsoft Certification exams online.
To receive the discount, register now. When you’re prompted for payment, use the associated code. This is not a private access code. The seats are offered on a first-come, first-served basis. Please note that neither of the beta exams is available in Turkey, Pakistan, India, or China.
|
Schedule your exam
|
Use this promo code
|
Deadline to take the exam
|
|
AZ-303: Microsoft Azure Architect Technologies (beta)
|
AZ303DonSuperStar
|
On or before August 10, 2020
|
|
AZ-304: Microsoft Azure Architect Design (beta)
|
AZ304LMsmart
|
On or before August10, 2020
|
Already on the journey to Azure Solutions Architect Expert certification? Mix and match your exams
If you’re ready to take AZ-300 or AZ-301 now, go for it. These two exams remain in market until September 30, 2020, at the regular price. To compare them with the new versions (AZ-303 and AZ-304), check out the skills outline document on each exam page.
If you just started the preparation journey, consider refocusing your studying efforts on the new exams—AZ-303 and AZ-304.
If you already passed either AZ-300 or AZ-301, you could take the new version of the complementary exam. The following exam combinations are valid for earning Azure Solutions Architect Expert certification: AZ-300 and AZ-301; AZ-300 and AZ-304; AZ-301 and AZ-303; or AZ-303 and AZ-304. (To see which exams you passed, check your transcript.)
Regardless of which of these exam combinations you take, when you pass, you’ll have earned your Azure Solutions Architect Expert certification and it will be valid for two years.
If you already hold the Azure Solutions Architect Expert certification, please note that we’re extending—by six months—all certifications that expire through December 31, 2020. If you want to prove that your skills are up to date right now, you can use the discounted beta exam as an opportunity to extend your certification’s expiration by two years.
Beta exam conditions
Want help preparing? Check out my blog post on preparing for beta exams. Remember that beta exams are scored once the exam is live, so you won’t know if you’ve passed for a few weeks. For updates on when the rescore is complete, follow me on Twitter (@libertymunson). For questions about the timing of beta exam scoring and live exam release, check out The path from beta to live.
Related announcements
Understanding Azure certifications
An important update on Microsoft training and certification
by Scott Muniz | Jun 29, 2020 | Uncategorized
This article is contributed. See the original author and article here.
In times of rapid change, developers and IT decision-makers must quickly adjust to a drastically evolving landscape. Successful organizations use managed cloud services to reduce operating costs by increasing developer efficiency and seize new business opportunities by accelerating delivery of innovation. App Service is a proven, high-productivity Platform-as-a-Service for hosting web apps and mobile backends. The service provides deployment APIs, networking integration, and built-in monitoring.
This is the first article in a multi-part series on moving applications to App Service. The series will cover how to continuously deploy your applications, register your site with a custom domain and certificate, securely access other cloud services, and how to properly scale and configure your site. Following this guide will help you get started with App Service and put you on excellent foundation for more advanced uses in the future.
Prerequisites
You will need an Azure subscription to complete this guide. You can create a subscription for free. Some parts of this blog series will use the Azure CLI. You can install the CLI locally by following this guide, or you can use the Azure Cloud Shell. The Cloud Shell is a virtual terminal associated with your Azure Subscription, allowing you to run Bash or PowerShell commands to create and update Azure resources.
You will also need to create a GitHub account if you do not have one already. Once you have a GitHub account, fork one of the repositories below and clone it to your local computer. Make sure you fork the repository. The next article will show how to set up Continuous Integration and Delivery with GitHub Actions.
New to Git and GitHub? Click here.
Create the resources
Now that you have an Azure Subscription, the CLI, and the repository, it’s time to create the cloud resources we need. First, open the Azure Portal and click Create a Resource in the top-left dropdown. In the menu, select Web App. This will open the blade to create a web app.
Choose the name and runtime for your web app.
The form will ask for the following inputs:
- Resource Group: This is a group for all the resources for your project. Create a new resource group and name it zero_to_hero.
- Name: The name used for the web app. This name will also be used for the default domain name, so it must be globally unique. Try using your own name and some combination of numbers. For example, john-doe-1.
- Publish: Leave this as code, since we are deploying application code. App Service also supports deploying Docker containers, which is not covered in this guide.
- Runtime stack: Choose the runtime based on the repo you cloned earlier. If you chose the .NET Core repo, then you should choose .NET Core 2.1. For Node.js, select Node 12 LTS. For Spring, select Java 8 SE. (If you are following this guide using your own application, choose an appropriate runtime and version for your app.)
- Region: Select a region close to you or leave this as the default.
When you’re ready, click Review + create, and complete the creation after reviewing your inputs.
The Azure CLI has commands to create and configure your web apps. For more information, see this guide.
The App Service Plan
The App Service Plan represents the underlying Virtual Machine and can host multiple App Services. As you might expect, the higher hardware tiers have more compute resources and features. The plan is also responsible for scaling, which will be covered in a future article. You can always change the hardware tier after creation.
Wrapping Up
Congratulations! You have created an App Service Plan and a web app. You are one step closer to cloud hero status. In the next article you will set up a Continuous Integration and Delivery pipeline to build and deploy your code onto the web app. If you ran into any issues, please comment on this article.
Helpful Resources
- App Service Plan tiers and pricing information
- How many sites can I put in an App Service Plan?
- App Service Documentation
- App Service Team Blog
by Scott Muniz | Jun 29, 2020 | Uncategorized
This article is contributed. See the original author and article here.
As mobile usage becomes more prevalent, so does the need to protect your work or school data on those devices. One method used to protect that data is through device enrollment. Device enrollment enables organizations to deploy compliance policies (PIN strength, /root validation, etc.), as well as configuration policies (WIFI, certificates, VPN, etc.). Device enrollment also enables organizations to manage app lifecycle.
With Android 5.0, Google introduced a new management profile with the introduction of managed device (device owner) and work profile (profile owner) modes (what is collectively known as Android Enterprise now).
Android Enterprise supports several enrollment scenarios, two of which are covered as part of this framework:
- Android Enterprise work profile – this enrollment model is typically used for personally-owned devices, where IT wants to provide a clear separation boundary between work and personal data. Policies controlled by IT ensure that the work data cannot be transferred into the personal profile.
- Android Enterprise fully managed devices – these devices are corporate-owned, associated with a single user, and used exclusively for work and not personal use.
When configuring device compliance and configuration policies, the number of various settings and options enable organizations to tailor the protection to their specific needs. Due to this flexibility, it may not be obvious which permutation of policy settings are required to implement a complete scenario. To help organizations prioritize client endpoint hardening, Microsoft has introduced a new taxonomy for security configurations in Windows 10, and Intune is leveraging a similar taxonomy for its Android Enterprise security configuration framework.
The Android Enterprise security configuration framework is organized into several distinct configuration scenarios, providing guidance for work profile and fully managed scenarios.
For Android Enterprise work profile devices:
- Work profile basic security (Level 1) – Microsoft recommends this configuration as the minimum security configuration for personal devices where users access work or school data. This configuration introduces password requirements, separates work and personal data, and validates Android device attestation.
- Work profile high security (Level 3) – Microsoft recommends this configuration for devices used by specific users or groups who are uniquely high risk (users who handle highly sensitive data where unauthorized disclosure causes considerable material loss to the organization). This configuration introduces mobile threat defense or Microsoft Defender ATP, sets the minimum Android version to 8.0, enacts stronger password policies, and further restricts work and personal separation.
Note: Due to the settings available in Android Enterprise work profile, there is no enhanced security (Level 2) offering. The available settings did not justify a difference between Level 1 and Level 2 and there is a need to maintain consistency with the configuration framework nomenclature across platforms.
For Android Enterprise fully managed devices:
- Fully managed basic security (Level 1) – Microsoft recommends this configuration as the minimum security configuration for an enterprise device. This configuration is applicable to most mobile users accessing work or school data. This configuration introduces password requirements, sets the minimum Android version to 8.0, and enacts certain device restrictions.
- Fully managed enhanced security (Level 2) – Microsoft recommends this configuration for devices where users access sensitive or confidential information. This configuration enacts stronger password policies and disables user/account capabilities.
- Fully managed high security (Level 3) – Microsoft recommends this configuration for devices used by specific users or groups who are uniquely high risk (users who handle highly sensitive data where unauthorized disclosure causes considerable material loss to the organization). This configuration increases the minimum Android version to 10.0, introduces mobile threat defense or Microsoft Defender ATP, and enforces additional device restrictions.
Note: The framework is designed with the understanding that organizations own the Android Enterprise fully managed devices.
To see the specific recommendations for each configuration level, review Android Enterprise Security Configuration Framework.
As with any framework, settings within a corresponding level may need to be adjusted based on the needs of the organization as security must evaluate the threat environment, risk appetite, and impact to usability.
We hope this framework helps you when evaluating what Android Enterprise settings to deploy in your environment, or if you are transitioning away from Android device administrator. As always, if you have questions, please let us know.
Ross Smith IV
Principal Program Manager
Customer Experience Engineering
by Scott Muniz | Jun 29, 2020 | Uncategorized
This article is contributed. See the original author and article here.
Hello everyone, here is part 5 of a series focusing on Application Deployment in Configuration Manager. This series is recorded by @Steve Rachui, a Microsoft principal premier field engineer. These tutorials are from our library and uses Configuration Manager 2012 in the demos, however the concepts are still relevant for Configuration Manager current branch.
This session continues to focus on the client and works through examples of using maintenance windows (both server and user defined), applications configured for distribute on demand. It also walks through the various roaming scenarios a client might experience.
Next in the series Steve moves back to the server side to detail package creation and back end processing.
Posts in the series
Go straight to the playlist
Recent Comments