Grow with Copilot for Microsoft 365 – June 2024

by Contributed | Jun 15, 2024 | Technology

This article is contributed. See the original author and article here.

A banner with the blog series title, “Grow with Copilot for Microsoft 365”

Welcome to Grow with Copilot for Microsoft 365, where we curate key relevant news, insights, and resources to help small and medium organizations harness the power of Copilot. 

In this edition, we take a deep dive into how small and medium-sized businesses are embracing AI in their everyday workflows despite the common hurdles SMB employees often encounter in adopting AI technologies. We also highlight Floww, a FinTech firm that capitalizes on Copilot for Microsoft 365 to boost operational efficiency and communications, discuss how Copilot is tackling the pressing issue of data security and privacy, and lastly, provide resources for the adoption of Copilot and best practices for skill development to help organizations fully leverage Copilot’s capabilities. 

A deeper look at the state of AI in small & medium businesses 

We are witnessing how AI is reshaping work for organizations of all sizes in last month’s 2024 Work Trend Index Annual Report. This month, we dove deeper into the report for findings specific to small and medium businesses.   

Like large businesses, 79% of SMB leaders believe AI adoption is critical for their company to remain competitive with 61% of these leaders saying their company lacks a vision and plan for AI

From the study, leaders believe that the top three benefits being increasing employee productivity, accelerating growth and innovation, and automating and streamlining business. In addition, while 78% of SMB workers have used generative AI at work, even more so (+10 ppts) compared to large businesses, SMB workers face more challenges in AI adoption, either feeling more (+9 ppts) intimidated to learn how to use generative AI tools or (-5 ppts) having received any AI training at work.

As we continue to learn in our work with SMB customers, there is a path forward: identify a business problem and apply AI, integrate AI tools across your business, take a top down and bottoms up approach, and prioritize training. Read more from Brenna Robinson’s blog on Microsoft 365 as well as her interviews in Fortune magazine, Inc. magazine, and Entrepreneur magazine.  

SMB Customer spotlight: Floww 

Speaking of working with customers, we’d like to you to meet Floww, a fast-growing FinTech company with about 100 employees in the United Kingdom that has created a financial infrastructure platform that connects investors and innovators. Floww helps startups and scaleups find funding from angels, VCs, and other private equity investors, and helps investors manage their portfolios and collaborate with each other. 

Floww uses Copilot for Microsoft 365 to improve efficiency and communications: 

Copilot for Microsoft 365 process, analyze, and summarize large amounts of data from various sources, such as financial documents, regulatory compliance, and customer profiles. Copilot also helps Floww create mockups, draft policies, and share information with customers faster and easier. 

Floww trusts Microsoft to ensure data security and compliance: 

Floww works with sensitive data that requires high levels of security and compliance. Floww relies on Microsoft’s security tools and features to protect its data and maintain its ISO certification. Floww also values the trust that Microsoft provides for its customers and partners. 

“Some teams are saving 10 to 20% of their time with Copilot because it’s assisting with meeting notes, generating to-do lists, summarizing complicated documents, and freeing us up so we can concentrate on the bigger tasks.”—Alex Pilsworth, Chief Technology Officer, Floww

Check out the full customer story and other customer stories here.  

How Copilot for Microsoft 365 delivers on data security and privacy 

Like Floww, many customers have data privacy and compliance top of mind. It’s no wonder as research shows 82% of ransomware attacks are targeted at small and medium-sized businesses[1].  

Our customers, when using Microsoft 365 for Business and Copilot for Microsoft 365, get peace of mind with the highest standards of data protection.  Microsoft 365 for Business protects passwords, secure access, keep your business data safe, manage your devices so they stay secure, and defend your business against cyberthreats.  You can learn more about our three subscriptions plans here.  Additionally, as a Microsoft 365 for Business user, your Web-grounded AI chat in the browser, Outlook, M365 apps or Teams come with enterprise data protection to safeguard your business data and devices with integrated identity, security, compliance, device management, and privacy protection. 

Now Copilot for Microsoft 365 also works with work & business data in the Microsoft 365 Graph – your emails, calendars, and documents you have access to. That is how it has the power to become your personal assistant at work, from recapping Teams meetings, to turning a Word document into a stunning PowerPoint. Here’s how Microsoft protects your data and gives you control over it. 

A high level architecture diagram of Copilot for Microsoft 365, depicting service boundary, data flows, and prompt/response orchestration

Tenant Security 

Copilot operates within the Microsoft 365 tenant, inheriting all the existing security, privacy, identity, and compliance requirements. It is built upon a foundation of trust, ensuring that organizational data is distinct and separate from other tenants. Watch this video to learn more about how Copilot is built upon a foundation of trust. 

Data Defense 

Data is considered the customer’s business, and Copilot respects the customer’s control over its collection, use, and distribution. It ensures that data is stored, encrypted, processed, and defended to the highest standards. Further, we don’t use your customer data to train foundation models, and Copilot adheres to existing data permissions and policies, and its responses to you based only on data that you personally can access. Watch the following video to learn how data is stored, encrypted, processed, and defended. 
  

Azure OpenAI Service 

Interactions with Copilot (prompts) are processed using Azure OpenAI services, which prioritize the integrity and protection of your organizational data. Watch this video for a deeper understanding of how Azure OpenAI services power Copilot while prioritizing data integrity. 

For all the latest updates and deep dive information start at Microsoft Copilot for Microsoft 365 documentation | Microsoft Learn and aka.ms/copilotlab to learn more about how to use Copilot. Find adoption and skilling best practices at adoption.microsoft.com 

[1] FBI Releases the Internet Crime Complaint Center 2021 Internet Crime Report, FBI. March 22, 2022. 

More highlights: Build, Mechanics, new Partner resources  

Last month, Microsoft Build 2024 had over 3000 in-person attendees in Seattle and over 200K+ virtual attendees. We announced exciting news across the company, but one not-to-be-missed for SMB is Team Copilot.  Available as preview later in this calendar year, Team Copilot expands Copilot beyond a personal assistant to work on behalf of a team, improving collaboration and project management.  Read Jared Spataro’s blog for how it works as well as other news in Copilot for Microsoft 365.  Watch the 90-Second Recap: Satya Nadella’s Keynote if you want to get all the news announced across Microsoft.  

Not to be missed: the top two Copilot videos in Microsoft Mechanics, the Microsoft official video programming to teach you how to apply Microsoft innovation to the work you do every day, explain how Copilot for Microsoft 365 works and how to get ready for Copilot in three simple set up steps.

If you are one of our CSPs, we recently launched new partner led adoption immersion experience – consisting of new click-through demos for Sales, Marketing HR, Exec personas (with more coming soon), facilitator guide to deliver this in a workshop, and participate guide for end users to follow along.  Check here for the entirety of the content: aka.ms/CopilotImmersionCSPLed .Go here to quickly access the full list of demos: aka.ms/CopilotImmersion/DemosList.  

That’s it for this edition! Thank you for reading. Let us know in the comments how you use Copilot for Microsoft 365 to grow your business! 

Azure VMware Solution using a public IP down to the NSX-T Edge; configure SNAT, No-SNAT & DNAT

by Contributed | Jun 14, 2024 | Technology

This article is contributed. See the original author and article here.

Azure VMware Solution

How To Series: Configuring NSX-T SNAT, No-SNAT & DNAT rules

Overview

Requirements

Lab Environment

NAT Rules

Kusto for NSX-T NAT Rule Logs

Overview

Many Azure VMware Solution customers are new to NSX-T and for a use requiring connecting directly to the internet through and Azure Public IP, then understanding how and when to use NAT functionality is a must have skillset.  This This blog uses an example to walk through the configuration of NSX-T NAT rules to enable access from AVS guest VMs to VMs and services on-premises, in Azure and the Internet.

For this lab, ExpressRoute connections to Azure (vWAN) and to on-premises have been provisioned. 

Requirements

• Internet Connectivity has been set to “Connect using Public IP down to the NSX-T Edge” via the Azure Portal.


• Cloudadmin (or equivalent role) to the Azure VMware Solution NSX-T console.


• Azure VMware Solution diagnostics enabled and  log analytics workspace to store the logs configured.

Figure 1: Log Analytics diagnostics for Azure VMware Solution 

• Check that you have set the ‘Configure the AVS SDDC to connect using Public IP down to the NSX-T Edge’ in the Internet connectivity under the menu item ‘Workload networking/Internet connectivity’ option.


• Create (using the +Add button)  4 Public IPs

Figure 2: Setting up the NSX-T public IP and four Internet IPs.

Lab Environment

There are four routes that will be explored in this lab.  Each route requires specific configuration of the NSX-T NAT rules.  Logs generated by the NAT rules are stored in a log analytics workspace. 

• From AVS guest VM’s to the public Internet


• From AVS guest VM’s to Azure native 


• From AVS guest VM’s to the on-premises environment


• From the public Internet to a specific VM guest server.

This lab does not incorporate NSX-T Firewall settings; the NAT rules are used for routing, not for traffic restrictions or filtering.  Note that AVS workloads are a range of IP addresses in the 192.168.0.0/24 network range, Azure native IP addresses are 10.5.4.0/22, and the on-premise environment is 172.21.86.0/24 and 192.168.87.0/24

Figure 3: NSX-T Public IP NAT rules lab.

NAT Rules

SNAT rules are used to allow access to the Internet from virtual machines and NVAs running in the Azure VMware Solution.

No-SNAT rules are used to allow access to on-premises and Azure native services from VMs running in the Azure VMware Solution.

DNAT rules are used to allow access from the Internet to VM’s running in the Azure VMware Solution.

Create a SNAT rule:

Source Network Address Translation (source-nat or SNAT) allows traffic from a private network to go out to the Internet. First let’s make sure that the DNS service can reach the default DNS server 1.1.1.1.  When first logging into the NSX-T interface, first log into NSX-T, alarms will be present because the DNS service is unable to reach the upstream DNS servers at 1.1.1.1.

Figure 4:  Alarms showing DNS service 1.1.1.1 is unreachable.

In this scenario, we want the application servers AppServer-01 and AppServer-02 to be able to access the Internet.

From the NSX-T console select Networking / NAT / Tier-1 Gateway and click on “ADD NAT RULE”

Figure 4: Create a SNAT rule

Add Name ‘AppServers via HTTP’, select SNAT as the action (default) and enter the two IP addresses of the AppServers (192.168.103.10, 192.168.103.11).  This means the rule only applies to these two IP addresses. Next leave the Destination IP|Port as blank (ie any IP is allowed).  In the translated IP|Port, use the first available public IP (20.95.39.0), or you can fill it in with any of the public IPs created when you configured the portal for NSX-T public IP.  Use a specific IP if you need to enable a partner or customer to add the site/service to a Whitelist.  If you have multiple rules, select a priority to ensure this rule is hit in the correct order.  Note, the lower the number, the higher the priority.  So a rule with priority 10 will be checked before a rule with priority 20.  Enter a description, then click save.

Figure 5:  Filling the the SNAT rule parameters

At this point you will be able to access the Internet from the two AppServers.

Create a No-SNAT rule:

A No-SNAT rule prevents the translation of the internal IP address of packets sent from an AVS SDDC to other networks internal to the organization or otherwise outside of the SDDC environment.  This is important when using the “Connect using Public IP down to the NSX-T Edge” option in the Azure portal because without No-SNAT rules, you will not be able to access Azure or on-premises resources from workloads running in AVS.

In this simple lab environment, the Azure environment contains RFC 1918 addresses 10.X.X.X/8  and the on-premises environment contains 172.21.x.x/16 addresses.   Due to the nature of NAT/SNAT, connectivity from Azure and on-premises network into the 192.168.0.0/22 address exists, however outbound initiated connectivity from AVS workloads  does not.

From the NSX-T console select Networking / NAT / Tier-1 Gateway and click on “ADD NAT RULE”

Figure 6: Creating a No-SNAT rule

This demo configuration is very open, in production you would likely identify specific vNets where you require access, not the entire 10.0.0.0/8 supernet. 

Click on “ADD NAT RULE” and enter the NAT rule Name “Access Azure from AVS”, change the Action to “No-SNAT”.  Set the Source IP to 192.168.96.0/20  (this will cover all of the 192.168.x.x addresses in our lab environment), set the Destination IP|Port to 10.0.0.0/8  and leave the Translated IP|Port empty.   Enter a Description “Enable access from AVS without SNAT. (No-SNAT)”

 Figure 7: No-SNAT rules parameters

Create a DNAT rule:

Destination network address translation (DNAT), it is a technique for transparently changing the destination IP address of a routed packet and performing the inverse function for any replies. In this use case, we will create a DNAT rule that enables access to a virtual machine running in the Azure VMware Solution through a public IP address created when you enable the “Connect using Public IP down to the NSX-T Edge” option in the Azure Portal; here you can see we have configured 4 IP public addresses (20.95.39.0 to 20.95.39.3).

Create a DNAT rule that allows access on port 80 to the web server running in VLAN-2 with IP address 192.168.101.10.

We are going to assign it a public facing IP address of 20.95.39.1 from the pool of IP’s defined in the screenshot above.

From the NSX-T console select Networking / NAT / Tier-1 Gateway and click on “ADD NAT RULE”

Figure 8:  Creating a NAT rule to support DNAT.

Add in the parameters as described, and enable logging.

Figure 9:  Adding the DNAP rule parameters

At this point,  go to a web browser and enter http://publicIPselected  and you will see the web site running on your webserver.

Tips & Tricks

If access is blocked, check that any NSX-T Distributed firewall rules in place are configured to allow traffic from the Internet to the webserver/service.

Microsoft Fabric: A Must-learn Solution for Informed Data Professionals

by Contributed | Jun 13, 2024 | Technology

This article is contributed. See the original author and article here.

As a seasoned data aficionado and SQL expert with three decades of experience, I’ve navigated the Microsoft data product universe from SQL Server to Azure Synapse Analytics to Power BI—and all the data software and solutions in between. I’ve also witnessed the evolution of extract, transform, and load (ETL)/extract, load, and transform (ELT) operations, transforming raw data into actionable business gold to tackle industries’ most time-sensitive and intricate challenges.

Data was good—until it wasn’t. As data volumes exploded, it became very clear that efficient, real-time insights required data sharing and collaboration across organizations’ data silos and data roles (data engineers, scientists, and analysts). However, this proved to be easier said than done. Piecing together disparate services and storage systems is a complex, time-consuming task, further complicated by security and compliance concerns, so it’s a tall order, to say the least.

With the growing need for a centralized, unified, compliant solution for all data-related needs, Microsoft Fabric arrived on the scene, ready to store, secure, scale, collaborate, model, query, update, enrich, analyze, report, and create dashboards, to manage all of our multifaceted data challenges.

What is Microsoft Fabric?

Fabric is a unified analytics solution that delivers an integrated and simplified experience for all analytics workloads and users on an enterprise-grade data foundation with pervasive data governance, greatly simplifying data management. As an integrated software as a service (SaaS) solution, it ingests, stores, processes, and analyzes data in a single environment without the complex and time-consuming need for provisioning. It supports some of the most familiar data languages, like T-SQL, PySpark, Scala, SparkR, and others, and it accommodates all data roles. From streaming data to collaboration, Fabric is your go-to, centralized, end-to-end, AI-powered analytics platform for handling any type of data and efficiently managing your data estate.

OneLake, considered to be the OneDrive for your data, is a single open-format repository in Fabric—a unified, logical data lake for your whole organization. It accepts any data at any speed, whether batch or streaming, and is accessible by all analytics engines on the platform, eliminating the need for data movement or duplication.

Figure 1. Diagram of different experiences all accessing the same OneLake data storage. (Source: What is Microsoft Fabric?)

Microsoft Fabric experiences

• Data Engineering makes the most of the top-tier Spark platform for large-scale data transformation and democratization, integrating with Data Factory for efficient scheduling and orchestration.


• Data Factory merges with Power Query Online, offering over 200 native connectors for diverse data sources, both on premises and in the cloud.


• Data Science enables seamless building, deployment, and operationalization of machine learning models, enriching organizational data with predictive insights.


• Power BI is a leading business intelligence platform, helping to ensure quick and intuitive access to all data in Fabric for better informed data-driven decisions.


• Real-Time Analytics simplifies integration, efficiently handling and analyzing high volumes of data and offering powerful analytical capabilities.


• Synapse Data Warehouse delivers superior SQL performance and scale, separating compute from storage for independent scaling and natively storing data in the open Delta Lake format.

Figure 2. Experiences available in Microsoft Fabric.

Something for everyone

Imagine having the power to create your own data lakehouse or data warehouse in a matter of seconds. (Check out the Microsoft Fabric decision guide: Choose a data store.) That’s what Fabric, a SaaS platform, offers you. It allows you to centralize your data into OneLake by using common data methods, like Dataflow Gen2, data pipelines, Spark Notebooks, or T-SQL. (Explore the Microsoft Fabric decision guide: Copy activity, dataflow, or Spark.)

Data lakehouse

Figure 3. Diagram of a data lakehouse, displaying the folder structure of a data lake and the relational capabilities of a data warehouse. (Source: Explore the Microsoft Fabric lakehouse)

Whether you choose a data lakehouse or a data warehouse, you have easy access to robust querying and transaction capabilities. Fabric is the one-stop shop for all your data tasks across your data estate.

Here’s a snapshot

• OneLake is the single source of truth for your organization’s data.


• Data Warehouse is a traditional data warehouse that supports full transactional T-SQL capabilities like an enterprise data warehouse. It’s especially useful for industries like e-commerce, retail, healthcare, and others that need advanced analytics for large datasets.


• Data lakehouse is a one-size-fits-all solution for storing, managing, and analyzing any type of data. It’s also ideal for real-time data processing with live analysis.


• Copilot in Fabric brings generative AI features with new ways to transform and analyze data, generate insights, and create visualizations and reports:




• Data Engineering and Data Science. Copilot streamlines your workflow with intelligent code completion, code suggestions, automation of routine tasks, and industry-standard code templates.


• Data Factory. Whether you’re a citizen integrator or a professional data wrangler, Copilot is your ally. It offers intelligent code generation and explanations to simplify your data transformation.


• Power BI. Simply describe your data insights needs or queries, and Copilot can analyze and present the relevant data in a visually compelling report, instantly transforming your data into actionable insights.

How to get started with Microsoft Fabric

1. Sign up for a free Microsoft Fabric trial, and test it out.


2. For resources to help you skill up on Microsoft Fabric, check out the Microsoft Fabric Career Hub, where you can find the Microsoft Cloud Skills Challenge | 30 Days to Learn It and become eligible for 50% off a Microsoft Certification exam.


3. Review Course DP-600: Microsoft Fabric Analytics Engineer, and complete the lab exercises for each module. Plus, get more interactive practice with our end-to-end Microsoft Fabric tutorials.


4. To help prepare you for Exam DP-600: Implementing Analytics Solutions Using Microsoft Fabric, watch the recorded Exam Cram for DP-600 sessions, with me as your host.


5. For detailed information on specific topics to be covered on the exam, watch the Exam Readiness Zone DP-600 videos.


6. To hone your test-taking skills and learn the types of questions you can expect on the exam, take the free Practice Assessment for Exam DP-600.


7. Pass the Certification exam, and earn the Microsoft Certified: Fabric Analytics Engineer Associate Certification.

Figure 4. Steps in the Fabric Analytics Engineer Associate Certification journey. (Source: Microsoft Fabric Career Hub)

Consider earning a Microsoft Applied Skills credential

If you’re not quite ready to earn the Fabric Analytics Engineer Associate Certification, why not start with an Applied Skills credential? These are project-based credentials that focus on a specific skill rather than on a broad role. You can complete the online assessment in just two hours, whenever you’re ready.

Two Applied Skills scenarios that validate Microsoft Fabric skills are Implement a data warehouse in Microsoft Fabric and Implement a lakehouse in Microsoft Fabric. Both equip you with foundational Microsoft Fabric skills.

Figure 5. Applied Skills scenarios for Microsoft Fabric.

For more on Applied Skills credentials, read my blog post Real skills for real-time results with Microsoft Applied Skills credentials.

Meet Barbara Andrews, Microsoft Learn expert 

Barbara Andrews began her professional career as an accountant but soon discovered that she loves technology and has a passion for learning and teaching. She has worked with almost every on-premises Microsoft server technology (except Exchange Server) and has worked her way through many Azure services. As a Microsoft Technical Trainer, Barbara specializes in Azure infrastructure, data, and AI. She has a passion for helping working professionals and career changers build skills and pursue their dream careers, and she has upskilled more than 20,000 students, both online and in person.

Learn more about Barbara Andrews.