Arndt Dibi

Etwa 12.200 Unfälle gab es im Kreis Pinneberg von 2011 bis 2015. Ein Unfall verursacht im Durchschnitt 3068 Euro Kosten.

End users think they are tech savvy or knowledgeable about security issues, but in reality, they aren’t as informed as they think.

Vielleicht haben Sie es schon gesehen: Derzeit erfährt einer der ältesten U-Bahnhöfe Münchens, der Nordfriedhof auf der Linie U6, eine Schönheitsbehandlung. Da wird gemalert und geputzt, poliert und abgeschliffen ...

Ursprünglich war der U-Bahnhof, für den 1965 der erste Stahlträger des Münchner U-Bahnbaus in die Erde gerammt wurde, in Grau und Blau gehalten. Vor 15 Jahren kamen dann die orangefarbenen Flächen dazu – jetzt hat man sich für ein helles Blau entschieden, das dem Bahnhof ein frischeres Gesicht gibt. Die typischen ockerfarbenen Säulen und der gesamte 1970er-Jahre-Look aber blieben erhalten.

Am Abgang zum Bahnsteig sieht man den Unterschied: Das helle Blau überstrahlt die graue Tristesse. Rund 100 Liter Farbe brauchen die Maler aus den hauseigenen Werkstätten, um den U-Bahnhof Nordfriedhof aufzuhübschen. Gleichzeitig werden kleinere Reparaturen durchgeführt, um den optischen Gesamteindruck zu verbessern. Dazu gehören auch Reinigungsarbeiten, die über den Alltagsputz hinausgehen, so etwa die Deckenlamellen.



Ein Maler streicht die Balustrade mit einer wasserabweisenden Farbe - schließlich muss man die Wände auch künftig gut reinigen zu können. Rund fünf Wochen lang arbeiten die Maler am Nordfriedhof. Um an die Decke zu gelangen, müssen auch Gerüste an den Bahnsteigen aufgebaut werden und Rolltreppen teilweise abgeschaltet werden. Auch die Türen im Zwischengeschoss bekommen einen neuen Anstrich:

Hinter der Erneuerung steckt ein Programm: In den vergangenen zwei Jahren bekamen auch die Bahnhöfe Olympiazentrum, Harthof und Am Hart (2014), Westendstraße, Aidenbachstraße, Thalkirchen, Theresienwiese und Alte Heide (2015), Fürstenried West, Partnachplatz, Rotkreuzplatz und Nordfriedhof (2016) eine Rundumerneuerung.  Weitere Bahnhöfe folgen!

Dass auch gilt: "Oldies but Goldies", zeigen wir euch im gleichnamigen Beitrag über die ältesten U-Bahnhöfe Münchens aus den 1970er Jahren.

Our September 2016 release blog included a statement that is causing some confusion with customers. The confusion relates to our support of Windows Server 2016 with Exchange Server 2016. The blog included a statement that read, “Domain Controllers running Windows Server 2016 are supported provided Forest Functional Level is Windows Server 2008R2 or Later.” We would like to provide additional clarity on what this statement means, and more importantly what it doesn’t.

Question #1: If I want to deploy Exchange Server 2016, must my Active Directory environment use Forest Functional Level 2008R2 or later?

Answer: No. Exchange Server 2016 is supported in environments configured to Forest Functional Level 2008 and later.

Question #2: If I want to install Exchange Server on a server running Windows Server 2016, does my Active Directory environment need to advance Forest Functional Level to 2008R2 or later?

Answer: No. Exchange Server 2016 installation on Windows Server 2016 is supported if Active Directory is configured to Forest Functional Level 2008 and later.

Question #3: What is the real requirement you are calling out here?

Answer: If you are running Exchange 2016 anywhere in your environment, and if any of the Domain Controllers used by Exchange are running Windows Server 2016, then the Forest Functional Level must be raised to 2008R2 or later.

In our experience, customers who keep their Domain Controllers deployed at the latest OS revision level, also employ the highest level of reliability, security and functionality and this requirement should not be a deployment blocker.

Question #4: Why is 2008R2 Forest Functional Level or later required?

Answer: Advancing the directory to a higher level of functionality requires DC’s on older operating systems to be retired. Our goal is to make certain that Exchange Server uses the highest level of security settings reasonably possible, including newer cryptographic standards. Windows Server 2008 no longer meets the minimum standard we are requiring and being requested by customers. Customers who are deploying the latest version of Exchange and Windows Server are often doing so to improve the security of their overall ecosystem. Our goal is to make certain that Exchange Server functions correctly under these assumptions and requirements. Limiting the use of old standards allows Exchange Server to meet the requirements of current security standards.

Question #5: Will Exchange Setup block installing Exchange Server 2016 if I am using Windows Server 2016 on a Domain Controller but have not raised the Forest Functional Level?

Answer: At this time, there is no Setup block. This pre-requisite is a soft requirement enforced by policy only. If a customer calls into support and is using Windows Server 2016 Domain Controllers with Exchange Server 2016 and they have not raised the Forest Functional Level to the minimum value, we may ask them to do so as part of root cause elimination.

Question #6: When will Exchange Setup force the use of 2008R2 Forest Functional Level for an Exchange Server installation?

Answer: The minimum supported Forest Functional Level will be raised to 2008R2 in Cumulative Update 7 for all Exchange Server 2016 deployments. We know that customers need time to plan and deploy the necessary migration/decommission of Active Directory Servers. 2008R2 Forest Functional Level will be a hard requirement in Cumulative Update 7, enforced by Exchange Setup. Cumulative Update 7 ships in the 3^rd quarter of 2017, one year after the first announcement.

For a complete list of Exchange requirements please see this TechNet article.

The Exchange Team

It may soon become easier for Internet service providers to anticipate and block certain types of online assaults launched by Web-based attack-for-hire services known as “booter” or “stresser” services, new research released today suggests.

The findings come from researchers in Germany who’ve been studying patterns that emerge when miscreants attempt to mass-scan the entire Internet looking for systems useful for launching these digital sieges — known as “distributed denial-of-service” or DDoS attacks.

To understand the significance of their research, it may help to briefly examine how DDoS attacks have evolved. Not long ago, if one wanted to take down large Web site, one had to build and maintain a large robot network, or “botnet,” of hacked computers — which is a fairly time intensive, risky and technical endeavor.

These days, however, even the least sophisticated Internet user can launch relatively large DDoS attacks just by paying a few bucks for a subscription to one of dozens of booter or stresser services, some of which even accept credit cards and PayPal payments.

These Web-based DDoS-for-hire services don’t run on botnets: They generally employ a handful of powerful servers that are rented from some dodgy “bulletproof” hosting provider. The booter service accepts payment and attack instructions via a front end Web site that is hidden behind Cloudflare (a free DDoS protection service).

But the back end of the booter service is where the really interesting stuff happens. Virtually all of the most powerful and effective attack types used by booter services rely on a technique called traffic amplification and reflection, in which the attacker can reflect or “spoof” his traffic from one or more third-party machines toward the intended target.

In this type of assault, the attacker sends a message to a third party, while spoofing the Internet address of the victim. When the third party replies to the message, the reply is sent to the victim — and the reply is much larger than the original message, thereby amplifying the size of the attack.

To find vulnerable systems that can be leveraged this way, booters employ large-scale Internet scanning services that constantly seek to refresh the list of systems that can be used for amplification and reflection attacks. They do this because, as research has shown (PDF), anywhere from 40-50 percent of the amplifiers vanish or are reassigned new Internet addresses after one week.

Enter researchers from Saarland University in Germany, as well as the Yokohama National University and National Institute of Information and Communications Technology — both in Japan. In a years-long project first detailed in 2015, the researchers looked for scanning that appeared to be kicked off by ne’er-do-wells running booter services.

To accomplish this, the research team built a kind of distributed “honeypot” system — which they dubbed “AmpPot” — designed to mimic services known to be vulnerable to amplification attacks, such as DNS and NTP floods.

“To make them attractive to attackers, our honeypots send back legitimate responses,” the researchers wrote in a 2015 paper (PDF). “Attackers, in turn, will abuse these honeypots as amplifiers, which allows us to observe ongoing attacks, their victims, and the DDoS techniques. To prevent damage caused by our honeypots, we limit the response rate. This way, while attackers can still find these ratelimited honeypots, the honeypots stop replying in the face of attacks.”

In that 2015 paper, the researchers said they deployed 21 globally-distributed AmpPot instances, which observed more than 1.5 million attacks between February and May 2015. Analyzing the attacks more closely, they found that more than 96% of the attacks stem from single sources, such as booter services.

“When focusing on amplification DDoS attacks, we find that almost all of them (>96%) are caused by single sources (e.g. booters), and not botnets,” the team concluded. “However, we sadly do not have the numbers to compare this [to] DoS attacks in general.”

Many large-scale Internet scans like the ones the researchers sought to measure are launched by security firms and other researchers, so the team needed a way to differentiate between scans launched by booter services and those conducted for research or other benign purposes.

“To distinguish between scans performed by researchers and scans performed with malicious intent we relied on a simple assumption: That no attack would be based on the results of a scan performed by (ethical) researchers,” said Johannes Krupp, one of the main authors of the report. “In fact, thanks to our methodology, we do not have to make this distinction upfront, but we can rather look at the results and say: ‘We found attacks linked to this scanner, therefore this scanner must have been malicious.’ If a scan was truly performed by benign parties, we will not find attacks linked to it.”

SECRET IDENTIFIERS

What’s new in the paper being released today by students at Saarland University’s Center for IT-Security, Privacy and Accountability (CISPA) is the method by which the researchers were able to link these mass-scans to the very amplification attacks that follow soon after.

The researchers worked out a way to encode a secret identifier into the set of AmpPot honeypots that any subsequent attack will use, which varies per scan source. They then tested to see if the scan infrastructure was also used to actually launch (and not just to prepare) the attacks.

Their scheme was based in part on the idea that similar traffic sources should have to travel similar Internet distances to reach the globally-distributed AmpPot sensors. To do this, they looked at the number of “hops” or Internet network segments that each scan and attack had to traverse.

Using trilateration –the process of determining absolute or relative locations of points by measurement of distances — the research team was able to link scanners to attack origins based on hop counts.

These methods revealed some 286 scanners that are used by booter services in preparation for launching amplification attacks. Further, they discovered that roughly 75 percent of those scanners are located in the United States.

The researchers say they were able to confirm that many of the same networks that host scanners are also being used to launch the attacks. More significantly, they were able to attribute approximately one-third of the attacks back to their origin.

“This is an impressive result, given that the spoofed source of amplification attacks usually remains hidden,” said Christian Rossow of Saarland University.

Rosso said the team hopes to conduct further research on their methods to more definitively tie scanning and attack activity to specific booter services by name. The group is already offering a service to hosting providers and ISPs to share information about incidents (such as attack start and end times). Providers can then use the attack information to inform their customers or to filter attack traffic.

“We have shared our findings with law enforcement agencies — in particular, Europol and the FBI — and a closed circle of tier-1 network providers that use our insights on an operational basis,” the researchers wrote. “Our output can be used as forensic evidence both in legal complaints and in ways to add social pressure against spoofing sources.”

ANALYSIS

Even if these newly-described discovery methods were broadly deployed today, it’s unlikely that booter services would be going away anytime soon. But this research certainly holds the promise that booter service owners will be able to hide the true location of their operations less successfully going forward. and that perhaps more of them will be held accountable for their crimes.

Efforts by other researchers have made it more difficult for booter and stresser services to accept PayPal payments, forcing more booters to rely more on Bitcoin.

Also, there are a number of initiatives that seek to identify a handful of booter services which resell their infrastructure to other services who brand and market them as their own. Case in point, in September 2016 I published an expose on vDOS, a booter service that earned (conservatively) $600,000 over two years helping to launch more than 150,000 DDoS attacks.

Turns out, vDOS’s infrastructure was used by more than a half-dozen other booter services, and shortly after vDOS was taken offline most of those services went dark or were dismantled as well.

One major shift that could help to lessen the appeal of booter services — both for the profit-seeking booter proprietors and their customers — is a clear sign from law enforcement officials that this activity is in fact illegal and punishable by real jail time. So far, many booter service owners have been operating under the delusion or rationalization that their services are intended solely for Web site owners to test the ability of their sites to withstand data deluges. The recent arrest of two alleged Lizard Squad members who resold vDOS services through their own “PoodleStresser” service is a good start.

Many booter operators apparently believe (or at least hide behind) a wordy “terms of service” agreement that all customers must acknowledge somehow absolves them of any sort of liability for how their customers use the service — regardless of how much hand-holding and technical support they offer those customers.

Indeed, the proprietors of vDOS — who were arrested shortly after my story about them — told the Wall Street Journal through their attorneys that, “If I was to buy a gun and shoot something, is the person that invents the gun guilty?”

The alleged proprietors of vDOS — 18-year-old Israelis Yarden Bidani and Itay Huri — were released from house arrest roughly ten days after their initial arrest. To date, no charges have been filed against either men, but I have reason to believe that may not be the case for long.

Meanwhile, changes may be afoot for booter services advertised at Hackforums[dot]net, probably the biggest open-air online marketplace where booter services are advertised, compared and rated (hat tip to @MalwareTechblog). Earlier this week, Hackforums administrator Jesse “Omniscient” LaBrocca began restricting access to its “stressers” subsection of the sprawling forum, and barring forum members from advertising booter services in their user profiles.

“I can absolutely see a day when it’s removed entirely,” LaBrocca said in a post explaining his actions. “Could be very soon too.”

My worry is that we may soon see a pendulum shift in the way that many booter services operate. For now, the size of attacks launched by booter services is somewhat dependent on the number and power of the back-end servers used to initiate amplification and reflection attacks.

However, I could see a day in the not-too-distant future in which booter service operators start earning most of their money by reselling far more powerful attacks launched by actual botnets made from large networks of hacked Internet of Things (IoT) devices — such as poorly-secured CCTV cameras and digital video recorders (DVRs).

In some ways this has already happened, as I detailed in my January 2015 story, Lizard Stresser Runs on Hacked Home Routers. But with the now public release of the source code for the Mirai botnet — the same malware strain that was used in the record 620 Gbps DDoS on my site last month and in the widespread Internet outage last week caused by an attack against infrastructure provider Dyn — far more powerful and scalable attacks are now available for resale.

A copy of the paper released today at the ACM CSS conference in Vienna is available here (PDF).

Comments

Comments

Comments

Our September 2016 release blog included a statement that is causing some confusion with customers. The confusion relates to our support of Windows Server 2016 with Exchange Server 2016. The blog included a statement that read, “Domain Controllers running Windows Server 2016 are supported provided Forest Functional Level is Windows Server 2008R2 or Later.” We would like to provide additional clarity on what this statement means, and more importantly what it doesn’t.

Question #1: If I want to deploy Exchange Server 2016, must my Active Directory environment use Forest Functional Level 2008R2 or later?

Answer: No. Exchange Server 2016 is supported in environments configured to Forest Functional Level 2008 and later.

Question #2: If I want to install Exchange Server on a server running Windows Server 2016, does my Active Directory environment need to advance Forest Functional Level to 2008R2 or later?

Answer: No. Exchange Server 2016 installation on Windows Server 2016 is supported if Active Directory is configured to Forest Functional Level 2008 and later.

Question #3: What is the real requirement you are calling out here?

Answer: If you are running Exchange 2016 anywhere in your environment, and if any of the Domain Controllers used by Exchange are running Windows Server 2016, then the Forest Functional Level must be raised to 2008R2 or later.

In our experience, customers who keep their Domain Controllers deployed at the latest OS revision level, also employ the highest level of reliability, security and functionality and this requirement should not be a deployment blocker.

Question #4: Why is 2008R2 Forest Functional Level or later required?

Answer: Advancing the directory to a higher level of functionality requires DC’s on older operating systems to be retired. Our goal is to make certain that Exchange Server uses the highest level of security settings reasonably possible, including newer cryptographic standards. Windows Server 2008 no longer meets the minimum standard we are requiring and being requested by customers. Customers who are deploying the latest version of Exchange and Windows Server are often doing so to improve the security of their overall ecosystem. Our goal is to make certain that Exchange Server functions correctly under these assumptions and requirements. Limiting the use of old standards allows Exchange Server to meet the requirements of current security standards.

Question #5: Will Exchange Setup block installing Exchange Server 2016 if I am using Windows Server 2016 on a Domain Controller but have not raised the Forest Functional Level?

Answer: At this time, there is no Setup block. This pre-requisite is a soft requirement enforced by policy only. If a customer calls into support and is using Windows Server 2016 Domain Controllers with Exchange Server 2016 and they have not raised the Forest Functional Level to the minimum value, we may ask them to do so as part of root cause elimination.

Question #6: When will Exchange Setup force the use of 2008R2 Forest Functional Level for an Exchange Server installation?

Answer: The minimum supported Forest Functional Level will be raised to 2008R2 in Cumulative Update 7 for all Exchange Server 2016 deployments. We know that customers need time to plan and deploy the necessary migration/decommission of Active Directory Servers. 2008R2 Forest Functional Level will be a hard requirement in Cumulative Update 7, enforced by Exchange Setup. Cumulative Update 7 ships in the 3^rd quarter of 2017, one year after the first announcement.

For a complete list of Exchange requirements please see this TechNet article.

The Exchange Team

Fangen wir für die Mitarbeiter von Bild.de mal ganz weit vorne an: Der Planet, auf dem wir uns befinden, ist die Erde. Die gibt es, sie existiert bereits.

Nun gehen die Menschen nicht besonders gut mir dieser Erde um. Das zeigt — neben vielen anderen Studien — auch der heute erschienene „Living Planet Report 2016“ des „World Wide Fund For Nature“, kurz „WWF“. In der Zusammenfassung heißt es unter anderem:

Die Ergebnisse des Reports 2016 sind alarmierend: Die Menschheit verbraucht 60 Prozent mehr, als die Erde bereithält. Setzt sich dieser Verbrauch ungebremst fort, sind 2030 zwei komplette Planeten nötig, um den Bedarf an Nahrung, Wasser und Energie zu decken.

Zwei Planeten beziehungsweise Erden bräuchte man 2030 theoretisch also. Eine davon gibt es bereits. Wie viele neue Planeten bräuchte die Menschheit dann also rechnerisch bis 2030, liebe Bild.de-Mathematiker?

Nein.

Mit Dank an @moethe für den Hinweis!

In den USA ist der Amazon Echo bereits seit geraumer Zeit erhältlich. Nun schlägt der vom Sprachassistenten Alexa befeuerte Lautsprecher auch in Deutschland auf. Wir haben pünktlich dazu auch unser Testgerät erhalten. In diesem Video zeigen wir Euch, was alles im Karton steckt und wie die Einrichtung funktioniert. Außerdem seht Ihr unsere ersten Begegnungen mit Alexa.

In diesem Sinne: Viel Spaß mit dem Video.

Für ein endgültiges Fazit brauchen wir natürlich noch viel mehr Zeit mit unserer neuen Mitbewohnerin – einen ausführlichen Testbericht werden wir Euch daher in den nächsten Wochen noch nachliefern.

Kompletter Beitrag

Comments

Comments

Comments

Comments

Der Kurzvideodienst Vine hat seit 2012 ordentlich an Mitgliedern und Beliebtheit gewonnen, war es doch seinerzeit eine neue Idee. Das soziale Netzwerk erlaubte das Hochladen und Teilen von kurzen Videoclips. Nachdem die Apps im Jahr 2013 veröffentlicht wurden war der Nutzerzuwachs nicht zu stoppen. Letztes Jahr hat das Unternehmen, welches seit 2012 zu Twitter gehört, auch eine Anwendung für Windows 10 Mobile veröffentlicht. Damit konnten Nutzer ihre 6-Sekunden-Clips offiziell auf das Netzwerk hochladen und mit Freunden teilen.

In den kommenden Monaten wird der komplette Dienst, den Vine geboten hat, eingestellt, wie Twitter verlauten ließ. Gründe dafür gibt das Unternehmen nicht an. In dem Posting auf Medium bedankt man sich bei den Nutzern und versichert, dass alle Inhalte noch zum Download erhältlich sein werden. Alle Nutzer werden benachrichtigt, sobald Änderungen an der Seite oder den Apps vorgenommen werden. Man wird im Laufe der nächsten Monate alle offenen Fragen beantworten und diesen Schritt, so einfach wie möglich zu gestalten.

Über die Gründe kann derzeit nur spekuliert werden. Das Netzwerk hatte von mehreren Seiten Konkurrenz, darunter auch Instagram und von Twitter selbst. Außerdem fand man bislang nie wirklich eine Möglichkeit, den Service zu monetarisieren, weshalb diese Entscheidung wohl getroffen wurde. Überraschend kommt sie allemal. Möglicherweise wird die Funktionalität von Vine zukünftig komplett von Twitter übernommen, ansonsten war es mit Vine ein kurzes Vergnügen in einer sehr schnelllebigen Tech-Branche.

---

Quelle: Medium

Der Beitrag Twitter stellt Vine in den kommenden Monaten ein erschien zuerst auf WindowsArea.de.

Für den Windows Server 2016 wird der Patchday aufgeteilt, während gleichzeitig die neue Patch-Strategie bei den Altprodukten umgesetzt wird. Fortan sind zwei Dienstage eines jeden Monats im Microsoft-Pflegekalender zu vermerken. (Windows Server 2016, Microsoft)

Today, we are excited to announce general availability of the S3 tier of service! The S3 tier of Azure Search is designed to handle large volumes of documents and heavy traffic. Identically priced and backed by the same high performance CPUs and SSD storage, the S3 tier comes in two configurations: S3 and S3 High Density (HD).

S3

The standard S3 tier of Azure Search is suited for customers with large numbers of documents and can handle many hundreds of queries per second. With each partition supporting 120 million documents (or 200 GB), it is possible to search up to 1.4 billion documents (or 2.4TB) in a single search service while still maintaining low latency for high query volumes.

S3 High Density

The S3 HD tier is targeted at ISVs and SaaS providers who build applications which support a large number of relatively small indexes in a single search service. In fact, Microsoft Dynamics 365 has been using Azure Search’s S3 HD tier to power its search experience for thousands of its online customers:

“Dynamics 365 (online) took a huge leap forward and paved the way for significant future search innovation by leveraging Azure Search. Delivering a high level of performance and functionality, the S3 HD SKU makes it straightforward and cost-effective to manage Azure Search for thousands of Dynamics 365 customers.”

- Mike Carter, Principal Program Manager, Dynamics 365

In a single S3 HD service, there can be up to 3,000 indexes which can each support 1 million documents which makes it an attractive option to support numerous smaller applications with many low-cost indexes. You can read more about multitenant applications and Azure Search.

	Free	Basic	Standard S1	Standard S2	Standard S3	Standard S3 HD
SLA	No	Yes	Yes	Yes	Yes	Yes
Storage	50MB	2GB	25GB/partition	100GB/partition	200GB/partition	200GB/partition (max 600GB/service)
Max Indexes	3	5	50	200	200	1000/partition (max 3000/service)
Documents Hosted	10000	1 million	15 million/partition (max 180 million/service)	60 million/partition (max 720 million/service)	120 million/partition (max 1.4 billion/service)	1 million/index (max 200 million/partition)
Scale-out Limits	n/a	Up to 3 replicas/service	Up to 36 units/service	Up to 36 units/service	Up to 36 units/service	Up to 12 replicas/service and 3 partitions/service

S3 HD does not currently support indexers. Pricing information can be found here.

New Regions: Canada Central and West Central US

With a truly global presence, Azure Search makes it possible to serve applications across the world with minimal latency. Now available in Canada Central and West Central US, Azure Search can be provisioned in 14 regions: East US, West US, North Central US, South Central US, West Central US, North Europe, West Europe, East Asia, Southeast Asia, Japan West, Brazil South, Australia East, Central India, and Canada Central.

Try it out!

For more information on these new Azure Search tiers and pricing, please visit our pricing page or create your own Search service.

Learn more about Azure Search and view documentation.

Today marks the release of Microsoft BizTalk Server 2016. This is an important milestone that not only reinforces strong on-premises application integration capabilities, but also provides flexibility and control to our customers to adopt cloud applications as and when it makes sense for the business. We realize that every company is undergoing digital transformation with the proliferation of applications, data and services. Whether your applications run in the cloud or on-premises, you should have the flexibility to seamlessly connect applications, unlock data and automate business process anywhere.

Earlier this year, I shared our commitment to build a comprehensive hybrid integration platform. Today, Microsoft is the only vendor that provides a truly hybrid integration platform, offering a consistent experience to our customers and partners whether they are looking to connect on-premises or cloud-native applications. This consistent experience is enabled through Microsoft BizTalk Server and Azure Logic Apps forms the foundation of our vision.

Why upgrade to BizTalk Server 2016?

With BizTalk Server 2016, customers can automate mission critical business processes, leverage support for latest first party platforms and gain newer capabilities within the BizTalk Administration console. With this release, customers also have the flexibility to adopt a hybrid approach in their digital transformation journey by choosing to connect to SaaS applications, or running BizTalk Server on Azure leveraging full support in production environments. Below are some key capabilities that I want to highlight:

• Hybrid connectivity: With BizTalk Server 2016, customers can now connect to cloud native applications, web and mobile back end systems, and custom applications through the Azure Logic Apps adapter. This acts as a bridge to rapidly integrate numerous SaaS applications using pre-built, out-of-the box connectors. Azure Logic Apps adapter uses enterprise messaging in the cloud across partners and vendors and leverages the Microsoft Cloud to help you build holistic integration solutions. Customers can now take advantage of Azure Services like Functions, Cognitive Services, Machine Learning and more to gain actionable intelligence on their data and make informed business decisions.
• Integration with the latest Microsoft products such as Windows Server 2016, Visual Studio 2015, SQL Server 2016 and Office 2016. Leverage first-class integration experience with the latest Microsoft products and services to enable seamless integration through BizTalk Server 2016.
• SQL Server 2016 Always On Availability Groups offer a highly available solution in Azure, and on-premises. The traditional log shipping mechanism is now enhanced with an automated, faster and better way to achieve high availability and disaster recovery.

Customers are already reaping the benefits of hybrid cloud with this new release of BizTalk Server. Abid Nasim, CIO, Generalsoft Corporation, which develops custom software noted, “As of date, we’ve migrated all of our integrations and presently running regression tests. We are finding incredible potential for the Logic Apps adapter. This appears to be the best BizTalk release since BizTalk 2006 R2.”

Here is what Steef-Jan Wiggers, principal consultant, Macaw (Unit of Macaw Business Solutions) had to say about BizTalk Server 2016, “BizTalk Server 2016 makes your enterprise communicate with any application, data and business process anywhere. It offers bigger, better, more capabilities, features and connectivity options.”

I want to thank our customers and partners who have participated in this journey with us as we evolve BizTalk server into a product that continues to be the gold standard for enterprise integration in a hybrid cloud world. Learn more about other customers that benefit from the hybrid cloud experience by leveraging Microsoft’s integration products from Mexia, one of Microsoft’s gold partners.

We are committed to help customers in their journey of digital transformation by helping build holistic solutions using our Hybrid Integration platform. Learn more about  the cool new features of BizTalk Server 2016 and be sure to check out this blog post by Codit, another one of our gold partners. As always, we want to hear from you – please share your comments and continue to engage with our teams.

Blog.Telekom zieht um. Das Unternehmensblog der Telekom hat ab Montag eine neue Heimat auf unserer Corporate Website www.telekom.com. Wir werden aber unter dieser Adresse weiterhin zu finden sein. Wir freuen uns riesig auf die tolle neue Nachbarschaft.

Damit beim Umzug nix verloren geht, werden wir hier in den nächsten Tagen in die Pause gehen. Keine neuen Beiträge. Auch der Dialog mit Euch über die Kommentare muss pausieren. Seht es uns nach.

Wir sehen uns dann hoffentlich bald wieder. Machen uns auch extra schick für Euch.

Belgien hat im Streit um das Freihandelsabkommen Ceta ein Zusatzdokument eingereicht. Die EU-Staaten wollen die Kompromissvorschläge billigen – unter Vorbehalt.

Auf der Feier zum 10. Geburtstag von "Deutschland sicher im Netz" warb Innenminister Thomas de Maizière für eine "faire Verantwortungsverteilung". Der "arme Nutzer" müsse nicht immer nur schonend behandelt werden.

Die Eltern sind überzeugte Impfgegner oder verpassen schlicht den Termin: Mehr als 70.000 Kleinkinder in Deutschland haben keinen Masernschutz. Kommt die Impfpflicht?

Workplace mobility has freed employees from their desks. Effective collaboration is no longer dependent on whether coworkers are in the same room, building or even country as their colleagues. The mobile devices, apps and policies that enable mobility have created a new generation of workers. But as the electronic net widens, organizations face increased security risks.

Security breaches are not to be taken lightly. What seems like a small security issue can cost your company big. According to the Ponemon Institute (via IBM) the average total cost of a single data breach is $3.79 million. Make sure you’re taking the necessary steps to protect your organization.

Manage BYOD and minimize Shadow IT

As more employees seek mobility in the workplace, bring-your-own-device (BYOD) policies are becoming commonplace. According to the Aberdeen Group (via SearchSecurity), 77 percent of enterprise respondents have launched mobility initiatives in response to pressure from executives seeking increased productivity. But unauthorized app usage might open the door to cybersecurity threats.

According to SearchSecurity, “The BYOD trend means employees use their personal smartphones and tablets to work from anywhere, and many of them download mobile apps to do so.” Unfortunately, these apps may or may not keep your data secure, creating Shadow IT—the use of apps within an organization without the approval (or even knowledge) of corporate IT—can make organizations vulnerable to threats. Despite proactive organizations’ IT policies outlining BYOD best practices, employee adherence is not guaranteed.

To best protect your information, monitor your network for threats, create a BYOD policy, provide a list of apps that are approved for employee use and continually communicate with and educate employees on the importance of safe mobile strategies.

Invest in mobile app security

In a perfect world, developers are aware of the potential implications of how their applications access data and interact with other apps, and they design them to be secure by default. Unfortunately, in the real world, developers and software companies devote millions of dollars to mobile application development but focus little money on security. Because mobile apps are typically created with very little security oversight, vulnerabilities can open the door to severe threats. According to an IBM report by the Ponemon Institute (via TechTarget), $34 million on average is spent on mobile app development, but only 6 percent of this is for security.

Ensure that the apps your employees use to access company data and information is developed with security in-mind, and avoid finding out the hard way—when a data breach has already happened.

Know where to watch for vulnerabilities and threats

According to Microsoft’s 2016 Trends in Cybersecurity, 44.2 percent of all disclosed vulnerabilities are found in applications other than web browsers and operating system applications (mainly mobile apps).

“Many security teams focus their efforts on patching operating systems and web browsers. But vulnerabilities in those two types of software usually account for a minority of the publicly disclosed vulnerabilities. The majority of vulnerabilities are in applications,” the e-book states. “Security teams need to spend appropriate time on assessing and patching these vulnerabilities. Otherwise, they could be missing the bulk of vulnerabilities in their environments.”

In addition to application-based threats, there are a wide variety of places where a lack of mobile security leaves you vulnerable. From these application-based threats (like malware and spyware), to web-based threats (such as phishing, drive-by downloads and browser exploits), to network threats (from network exploits and Wi-Fi sniffing), to physical threats (when devices are lost or stolen).

True mobile security looks at the big picture and continually monitors your network for threats. Broaden your security approach to include these vulnerable entry points.

Put mobile security first

Mobile access is no longer limited to remote workers and frequent travelers—having access to company information from mobile devices is the standard in today’s workforce. Despite its many benefits, BYOD culture has opened businesses up to additional cyber threats that can’t be ignored. To successfully maintain top-notch security, implement proactive security measures to ensure minimal threats to your business. Consider a solution designed to deliver the enterprise-grade security you require to access the cloud with confidence. When you make mobile security a priority at your organization, you can stop breaches at the source.

Related content

• Want a view of the email security landscape? Check out The current state of email security.
• Read 6 ways Office 365 keeps your email and business secure to learn more about protecting your organization.

The post How to avoid mobile app security scares appeared first on Office Blogs.

Does your legal department often complain about how long it takes to run an analysis for eDiscovery investigations? We released two new features for Office 365 Advanced eDiscovery—Express Analysis and Export with analytics to Excel—to make it easier and faster for organizations to quickly find, analyze and review relevant information related to investigations, legal matters and regulatory requests.

eDiscovery is applicable for a wide variety of scenarios where you need to sort through a set of unstructured data to find the small number of files which may be relevant. The amount of data you need to sort through is dependent upon the breadth and complexity of the case. For large legal matters or regulatory data requests, the amount of data could be tens of millions of files, while internal investigations could only be a few thousand files.

Express Analysis

With a click of a button you can now run Advanced eDiscovery analytics, specifically near-duplicates, email threads and themes and export the results. Express Analysis accelerates the analytics workflow allowing you to quickly minimize and organize your dataset and export to your desired location. There is no additional configuration or multiple steps required—significantly simplifying the process.

Export with analytics and view in Excel

The new export with analytics feature in Advanced eDiscovery allows you to view your analyzed results directly in Excel. Excel’s familiar interface makes manipulating the results easy for anyone to accomplish.

The exported file includes all the metadata associated with the documents—such as Sender, Recipient, Date and other email/file-related information—as well as all the Advanced eDiscovery analytics information, including email threading, near-duplicates and the key themes in the document.

There is also a “For review” column that flags if an email or document needs to be looked at by the reviewer or if it is redundant information and can be defensibly skipped. Finally, a hyperlink is provided for easy access to navigate the actual data so you can quickly determine relevance.

Having all this analytics information conveniently packaged up in a file that can be opened in Excel is great for smaller investigations and legal matters, as you can quickly review and tag the analyzed data without having to use more advanced tools.

Future enhancements

Office 365 has a rich set of in-place eDiscovery capabilities that help organizations investigate and meet the wide variety of information requests directly from the Security & Compliance Center. To further improve your eDiscovery process, in the coming months we will be delivering additional eDiscovery enhancements, such as Unified Case Management, Search and Export Analytics, optical character recognition and new intelligent analytics features in the Security & Compliance Center.

To take advantage of Advanced eDiscovery Express Analysis and Export with analytics to Excel, simply go to the Security & Compliance Center in your tenant.

—The Office 365 team

The post Accelerate your eDiscovery analysis workflow with one click appeared first on Office Blogs.

Excel 2016 includes a powerful new set of features based on the Power Query technology, which provides fast, easy data gathering and shaping capabilities and can be accessed through the Get & Transform section on the Data ribbon.

Today, we are pleased to announce three new data transformation and connectivity features that have been requested by many customers.

These updates are available as part of an Office 365 subscription. If you are an Office 365 subscriber, find out how to get these latest updates. If you have Excel 2010 or Excel 2013, you can also take advantage of these updates by downloading the latest Power Query for Excel add-in.

These updates include the following new or improved data connectivity and transformation features:

• Query Parameters support.
• Improved Web connector—web page previews.
• Query Editor improvements—option to Merge/Append as new query.

Query Parameters support

With this update, users can now create and manage parameters for their queries within the Excel workbook. The new “Manage Parameters” dialog is available on the ribbon under the Home tab within the Query Editor.

The new dialog allows the users to create new parameters, give them a meaningful Name and Description, specify the information about the expected parameter type and values, default value and current value.

Once one or more parameters are available in the current workbook, users can reference those parameters in their queries via Query Editor. Referencing parameters is supported via the Data Source dialogs, Filter Rows, Keep Rows (top/bottom, etc.), Remove Rows (top/bottom, etc.), Replace Values, Add Conditional Columns dialog and more.

In addition, parameters can be loaded to the grid or to the Data Model just like any other query, allowing references from Excel formulas or DAX measures.

The in-depth tutorial on query parameters will be coming on the Excel blogs portal soon. Stay tuned.

Improved Web connector—web page previews

One of the most unique Get & Transform connectors is the Web connector. With the Web connector, users can easily import data from websites that has been formatted as an HTML table or even pull data from Web APIs.

When using the Web connector for “scrapping” data from HTML pages, a very common challenge is that the Navigator view, which is based on a list of tables, is not very helpful in identifying the desired tables. This is particularly hard when dealing with web pages that contain lots of tables, and in many cases, with not very representative table names.

With this update, we’re introducing a new mode in the Navigator dialog that allows users to preview tables on the web pages “in context” and select the desired tables by just clicking on them within the Web View preview. This results in a much more intuitive and seamless user experience for selecting tables from a web page.

To access this mode, click the Web View button at the top of the Navigator dialog. Users can also switch back to the classic data-centric view by selecting the Table View option.

Query Editor improvement—option to Merge/Append as new query

Within the Query Editor, users can easily merge (join) or append (union) multiple tables, allowing them to mash up data from multiple sources into a single table. The Merge/Append operations are on the ribbon under the Home tab inside Query Editor.

In previous versions of the Query Editor, Merge/Append operations were always applied as new steps within the current query. Starting with this update, users can decide whether to apply these operations as a new step in the current query (old behavior) or whether the output of the Merge/Append operation should be created as a new query (new behavior).

How do I get started?

Excel 2016 provides a powerful set of capabilities for fast, easy data gathering and shaping, which is available under the Get & Transform section on the Data ribbon. Updates outlined in this blog are available as part of an Office 365 subscription. If you are an Office 365 subscriber, find out how to get these latest updates. If you have Excel 2010 or Excel 2013, you can also take advantage of these updates by downloading the latest Power Query for Excel add-in.

• Learn more about what’s new in Excel 2016.
• Join our Excel community on Facebook and Twitter, and collaborate with others on Get & Transform data at our new Tech Community forum.
• Send us your ideas for other improvements on our Excel UserVoice page.

—The Excel team

The post October 2016 updates for Get & Transform in Excel 2016 and the Power Query add-in appeared first on Office Blogs.

IT admins need to identify zombie assets, verify idle status and shut off anything that is unused. Here's how to get your infrastructure back in shape.