Upcoming improvements to the Azure AD sign-in experience

I’d like to give you an early heads up on some visual design updates that are coming to the Azure AD sign-in experience. Customers gave us a LOT of feedback last time we updated the sign in. It was clear that you wanted us to provide more notification, earlier in the process with more information. We’ve learned and this time we’re giving you more time and info than ever before.

Since we released the redesign of the sign-in screens a few months ago, we’ve gotten feedback on how we can further improve the new UI. Our next set of changes aims to reduce clutter and make our screens look cleaner. A visually simpler UI helps users focus on the task at hand – signing in.

Originally published by www.microsoft.com

Click here for FULL Article

AC Power Cord Recall for select Microsoft Surface Pro devices

In Ja‍nuary 20‍16, Microsoft initiated a voluntary recall for the original AC power cords (the detachable cord that plugs into an electrical outlet) sold with the original Surface Pro, Surface Pro 2, and any Microsoft Pro 3 devices purchased prior to Ma‍rch 15, 20‍15. This recall was done in cooperation with various government regulatory agencies.

If the original AC power cord is repeatedly wound too tightly, twisted, or pinched over an extended period of time, it may become damaged. Damaged AC power cords can overheat, posing a potential fire or shock hazard.

Originally published by www.microsoft.com

Click here for FULL Article

Defend yourself from cybercrime with new Office 365 capabilities

With the growing presence and sophistication of online threats like viruses, ransomware, and phishing scams, it’s increasingly important to have the right protection and tools to help protect your devices, personal information, and files from being compromised. Microsoft already provides robust security for Office services, including link checking and attachment scanning for known viruses and phishing threats, encryption in transit and at rest, as well as powerful antivirus protection with Windows Defender. Today, we’re announcing new advanced protection capabilities coming to Office 365 Home and Office 365 Personal subscribers to help further protect individuals and families from online threats.

The new protection capabilities offer subscribers additional peace of mind with:

  • File recovery from malicious attacks like ransomware
  • Tools to help keep your information secure and private
  • Advanced protection from viruses and cybercrime


Originally published by www.microsoft.com

Click here for FULL Article

SharePoint news updates in Office 365, including Microsoft Teams integration

Keep your team up to date! And do it in a way that’s easy for anyone to consume and stay engaged. With SharePoint pages and news, you create relevant, content-rich announcements and reports that look great on any device and within other applications, including Microsoft Teams, filled with content from inside and outside Office 365. And news articles are available to all team members even if they join the team weeks or months after publication.

  • Create news from SharePoint home in Office 365
  • Add pages and news as tabs in Microsoft Teams channels
  • Post all your team news into Microsoft Teams automatically
  • Create and send informative email news digests
  • Measure the impact and engagement of your news articles


Originally published by www.microsoft.com

Click here for FULL Article

What’s new in AccountRight 2018.1

Start getting ready for Single Touch Payroll reporting (Australia)

If you have 20 or more employees, you’ll soon need to start reporting payroll and super information to the ATO using Single Touch Payroll. Start getting ready now, so you can hit the ground running. Payroll Reporting button in Payroll command centre.

Click Payroll Reporting in the Payroll command centre, for all things Single Touch Payroll. Here you can check that your employee and company details meet ATO requirements.........

Originally published by www.myob.com

Click here for FULL PDF

HP Inc unveils Healthcare Edition devices for hospitals, including germicide-resistant EliteBook

HP has unveiled a line of devices specifically catering to hygiene requirements in the healthcare sector.

The Healthcare Edition line includes the HP Elitebook 840 G5 notebook, the HP EliteOne 800 G4 all-in-one desktop and the HP HC270cr clinical review display 27-inch monitor.

The Elitebook 850 G5 notebook includes software that disables the keyboard and display, allowing users to clean the device with germicidal wipes while the device stays on without accidentally pressing a button.

All three new devices are integrated with RFID readers giving users single sign-on authentication. HP said they also provide the maximum device and data protection to comply with HIPAA protections, the US legislation that provides data privacy provisions in healthcare.

The vendor said these were the first purpose-build devices for healthcare that address the unique requirements of the sector, including enhanced patient safety, smarter workflows, telemedicine solutions and data security.

"Healthcare is a unique setting, and our customers are looking for a very specific set of technology solutions," said vice president and general manager of commercial PCs Alex Cho.

"The HP Healthcare Edition portfolio was designed from the ground up with the needs of clinicians in mind, resulting in a portfolio of industry-first offerings that include the world’s most secure and manageable devices."

The notebook is expected to release in May, while the other two devices are expected to launch in June.

Originally published by www.crn.com.au

Click here for FULL article

Top 7 ways Office 365 offers more security than on-premises services

It seems logical to think that data you stored in a privately controlled datacenter is safer than data in the cloud. But that’s not necessarily true. In fact, there is a broad range of security features that you benefit from when you put your data in a cloud service like Office 365. And when done right, data is more secure in the cloud than in on-premises servers.

Consider these added security benefits of data in the cloud:

Broader scope of threat intelligence—When a customer’s on-premises servers are attacked by an external actor, the customer can take steps to protect themselves from subsequent attacks from that same actor. But damage has been done. Even if they buy access to threat intelligence feeds, the scope of available intel is constrained and your response is reactive. With Office 365, instead of simply reacting to individual attacks, customers gain the benefit of intelligence gathered from threats against other customers within the service as well. An attack launched against any organization in Office 365 can functionally inoculate everyone else.

Greater automation and decreased human intervention—In the cloud, managing things like hardware, operating systems and patches boils down to a set of tasks that is familiar to any IT administrator. The biggest difference in the cloud is that to provide the service at scale, these tasks must be automated. The benefits of automation are two-fold. First, gaps in the security posture are addressed at scale. Second, with software operating the service instead of humans, there is less risk of falling prey to spear-phishing, offering an additional layer of protection. Manual management activities are minimal and must be approved by multiple people, which can include customers.

Better anomaly detection due to uniformity and simplicity—When cloud services started out, they were mostly based on the same on-premises products that you always used—except they were deployed and managed on servers owned by the provider. In recent years, cloud services have evolved to dramatically simplify configuration options, server roles and management complexity. This simplification gives services the ability to consolidate how they protect, detect and respond to threats. Since software is the main source of interaction, illicit activity by human attackers is easier to identify.

Constant innovation—Cloud security teams face two key pressures when building security capabilities: Every feature breaks at some scale, and every customer brings a particular set of concerns and requirements. We find that a robust set of well-designed and implemented capabilities can address most customer concerns, but the growth of the cloud service constantly challenges the design. A successful cloud security strategy requires us to innovate. One example is our approach to penetration testing. Some cloud services, including Office 365, have a full-time team of penetration testers who look for vulnerabilities. We asked ourselves how we would make sure that once the vulnerability has been fixed, it doesn’t recur, and that detections of illicit activity by penetration testers work for all instances of a given vulnerability. Our answer was to automate penetration testing attacks and then use that signal to verify the quality of our detections.

Smaller breach boundary—A key piece of an effective security strategy is to make your breach boundary is as small and as diverse as possible. Sensitive assets should be isolated from each other, so that it is more difficult for an attacker to move from one asset to another. Most companies draw their breach boundaries at the directory level. If an attacker can acquire domain admin privileges, they can access any information managed in that domain. When you adopt cloud services, it is more difficult for the attacker to breach your domain and gain access to any of the data in the cloud service beyond normal “front-door” access to the services which are audited. The delegation of management to a third party, in a real and impactful way, asserts a new breach boundary.

Cross-application security model—Traditional on-premises security capabilities center on the computer, the operating system and firewalls. In on-premises systems, you parse the logs for multiple applications and must make sense of what those logs mean. In the cloud, we standardize our logging systems to make them more consumable. You can evolve your security capabilities to enable an application-aware security model that adjusts to how attackers work—by breaching accounts, then achieving their goals through front-door interfaces. Cloud application services take your security to a new level by delivering integrated and context-aware security capabilities that cross application boundaries.

Transparency—With Office 365 in particular, there is one other benefit: transparency. With many organizations using Office 365, we are compelled to operate in the full light of day. To earn your business, we must have your trust, and to earn that we must be transparent with you about how we protect your data. To that end, we allow our customers to control how a Microsoft support engineer accesses their data. Our business model relies profoundly on the belief that there are no shortcuts and no excuses when it comes to the security of your data. If you’ve been sitting on the fence about adopting the cloud—based on a set of objections relating to security in the cloud—these security benefits should help ease your concerns. If you want to learn more how we approach security, check out the Office 365 Trust Center.

— Brandon Koeller, principal program manager for the Office security and compliance team

Originally published by www.microsoft.com

Click here for FULL article

Microsoft to test blockchain-based self-sovereign ID system

Microsoft is working to create a blockchain-based, decentralised digital identity management platform that would allow users to own and secure access to their online persona via an encrypted database hub.

Over the past year, Redmond said it has been exploring how to use Blockchain and other distributed ledger technologies to create new types of digital identities designed to enhance personal privacy, security and control.

"This new world needs a new model for digital identity, one that enhances individual privacy and security across the physical and digital world," Ankur Patel, a principal product manager with Microsoft's Identity Division, wrote in a blog post.

"Rather than grant broad consent to countless apps and services, and have their identity data spread across numerous providers, individuals need a secure encrypted digital hub where they can store their identity data and easily control access to it."

Last month, the tech giant joined the ID2020 alliance, a global partnership working to create an open-source, blockchain-based digital identity system for people in the U.S. or nations who lack legal documentation because of their economic or social status.

Originally published by www.arnnet.com.au

Click here for FULL article

Number of ransomware attacks in Australia falls while phishing attacks financial loss increases

ARN provides a weekly wrap of the phishing scams, malware attacks and security breaches impacting organisations across Australia.

This week, the Australian Securities and Investments Commission (ASIC) and Suncorp Bank have fallen victim to brand-jacking. A fake notification, purporting to be sent from the Suncorp Bank was sent on Monday, 29 January.

The email with the subject “the wire transfer can not be processed” was detected by email filtering company, MailGuard. This scam tries to get users to click on link within the body of the message, which says that a requested wire transfer could not be processed. The link points to a malicious JavaScript file. The messages were sent from the address: issupport[at]australiantenders[dot]com, which has no connection to Suncorp Bank.

On 30 January, ASIC issued a scam alert letting customers know of a scam using its name to contact registry customers. With the subject “renewal” the fake email asked recipients in the first line of the message to check information regarding the renewal of “your” company. The fake email had asic.transaction.no-reply[at]mtfaustralia[dot]com[dot]au as the sender address. The message contained what looked like a legit address to ASIC’s “ask a question” page.

Scams using ASIC’s brand usually have the intent to infect recipient’s computers with malware.

According to data collected by the Australian Competition and Consumer Commission’s (ACCC) ScamWatch, 4,397 ransomware and malware scams were reported in 2017 with financial losses of $214,000. The numbers from 2017 were lower than 2016. ACCC received 6,210 reports in 2016, 1,813 less than 2017. The total loss for 2016 amounted to $241,000.

However the numbers were not down for all kinds of scams, with phishing having costed Australians $655,000 in 2017 against $373,000 the year before. A report published this week by security vendor, Sophos, revealed that nearly half of Australian businesses (48 per cent) were targeted by ransomware exploit attempts during 2017. The security vendor surveyed 200 Australian IT decision makers from mid-sized businesses.

Originally published by www.arnnet.com.au

Click here for original article

Microsoft bakes more AI into Office 365

Microsoft is simplifying Excel, demystifying corporate jargon and helping users avoid running late to meetings with the launch of new artificial intelligence and machine learning capabilities in its Office 365 productivity suite.

The software vendor wants to help users avoid the "intimidating" challenge of extracting data from Excel with the preview of Insights, which automatically highlights patterns it detects.

Insights is powered by machine learning and helps users identify trends, outliers, and other useful visualisations. The preview will be opened up to Office insiders this month.

Word is getting a new feature, dubbed Acronyms, which helps users understand shorthand commonly used in their own workplaces.

Acronyms, which will roll out to Word Online for Office 365 commercial subscribers in 2018, leans on the Microsoft Graph to find and reveal the definitions of terms from previous emails and documents.

Microsoft is expanding existing functionality within Outlook that helps users detect trips and deliveries, triage email and schedule meetings.

"Today, we’re expanding this set of AI-powered tools by bringing Cortana to the Outlook mobile app to help users stay on top of their day," Kirk Koenigsbauer, Microsoft's corporate vice president for the Office team, wrote in a company blog post.

"When it is time to leave for appointments, Outlook will now send a notification – with directions for both driving and public transit – taking into account current location, the event location, and real-time traffic information. Time to leave in Outlook is rolling out to iOS users this month in markets where Cortana is available."

Other new features include an AI-powered whiteboard app that can recognise freeform drawings and turn them into standard shapes, and an extension of capability within OneDrive and SharePoint to automatically recognise the content within images and automatically extract searchable text.

Microsoft has been baking AI and machine learning capabilities, from document translation to intelligent threat detection, into Office 365, which now has more than 120 million commercial users.

The Office 365 announcements were part of a bevy of news out of a Microsoft AI event in San Francisco, where it also revealed a partnership with Reddit.

Originally published by www.crn.com.au

Click here for original article

'One sloppy team member' could topple a firm under new laws

The impending Notifiable Data Breaches (NDB) scheme has been labelled the “biggest game changer” for accountants in 2018, with new protocols and notification procedures kicking in next month.

The Privacy Amendment (Notifiable Data Breaches) Bill passed last year and will commence on 22 February this year. It will require agencies, organisations and certain other entities to provide notice to the Office of the Australian Information Commissioner (OAIC) and affected individuals of a data breach.

According to the OAIC, “a data breach occurs when personal information held by an organisation is lost or subjected to unauthorised access or disclosure”.

Individuals and corporations that fail to comply with the notifications rules risk being fined up to $340,000 and $1.7 million respectively.

Change Accountants & Advisors chief executive Timothy Munro believes accountants have to get up-to-date with the scheme and start training and informing staff members on the potential ramifications.

“The biggest game changer for 2018 will easily be the new notifiable data breach laws,” said Mr Munro.

“Accounting businesses that haven’t planned for this and updated their security protocols will be absolutely smashed with fines and potentially lose their tax agent licence after February 2018 when these new laws come into effect.

“One sloppy team member who clicks on a link in an email could bring down an entire accounting business – it’s that serious,” he added.

“My urgent message to all accounting firm owners: Take this seriously, research it to understand the new laws, and get started now with new team policies and team training to ensure you are not at risk.”

Earlier, Smithink director David Smith said accounting firms were a “very attractive target” for cyber criminals and warned that “time is not your friend” in preparing for the new laws.

Kamino Cyber Security and Midwinter managing director Julian Plummer further believes the majority of accountants have yet to spend enough time researching or preparing for the upcoming changes to the Australian Privacy Act.

“This means that if at any point, you experience a data breach – you will automatically be increasing the risk of loss of confidence in your business from a client’s point of view, as you are now obliged to tell them directly when and if a breach occurs,” said Mr Plummer.

“Data published by the Ponemon Institute has revealed that the average cost to an organisation for a data breach notification is $88,000, taking into account necessary actions such as creating a new client database, legal costs for the notification, related communication costs associated with notifying clients etc.

“The cost alone should be enough to convince you to take this seriously.”

Originally published by www.accountantsdaily.com.au

Click here for original article

What is Windows Hello? Microsoft’s biometrics security system explained

Windows Hello is a biometrics-based technology that enables Windows 10 users to authenticate secure access to their devices, apps, online services and networks with just a fingerprint, iris scan or facial recognition.

The sign-in mechanism is essentially an alternative to passwords and is widely considered to be a more user friendly, secure and reliable method to access critical devices, services and data than traditional logins using passwords.

“Windows Hello solves a few problems: security and inconvenience,” said Patrick Moorhead, president and principal analyst at Moor Insights & Strategy.

“Traditional passwords are unsafe as they are hard to remember, and therefore people either choose easy-to-guess passwords or write down their passwords.”

It is not uncommon for people to use the same password (or variations) across multiple sites and applications. Windows Hello and other biometric authentication features like Apple’s Face ID or Touch ID are designed to offer an alternative to passwords that is unique and more secure because it relies on technology that’s harder to break.

Originally published by www.arnnet.com.au

Click here for FULL article

Is your practice ready for the new data breach laws?

Accountants have been urged to give “top priority” to the impending data breach laws, with one cyber security expert warning of significant ramifications such as client loss of confidence, compounding monetary loss. The Notifiable Data Breaches scheme will commence on 22 February 2018, requiring all businesses with an annual turnover of $3 million or higher to notify individuals and the Office of the Australian Information Commissioner (OAIC) when cyber security incidents compromise personal information.

According to the OAIC, “a data breach occurs when personal information held by an organisation is lost or subjected to unauthorised access or disclosure”.

Earlier, Smithink director David Smith said accounting firms were a “very attractive target” for cyber criminals and warned that “time is not your friend” in preparing for the new laws.

Kamino Cyber Security and Midwinter managing director Julian Plummer further believes the majority of accountants have yet to spend enough time researching or preparing for the upcoming changes to the Australian Privacy Act.

“This means that if at any point, you experience a data breach – you will automatically be increasing the risk of loss of confidence in your business from a client’s point of view, as you are now obliged to tell them directly when and if a breach occurs,” said Mr Plummer.

“Data published by the Ponemon Institute has revealed that the average cost to an organisation for a data breach notification is $88,000, taking into account necessary actions such as creating a new client database, legal costs for the notification, related communication costs associated with notifying clients etc.

“The cost alone should be enough to convince you to take this seriously.”

Mr Plummer believes accountants should start by studying the new laws to ensure they have a comprehensive understanding of the scheme.

“Ensure you have an Incidence Response Plan in place to manage cyber security. Make sure your IT policies and procedures are up-to-date, that your staff are thoroughly versed in them and adhere to them. From then on, you can begin to plan and prepare your best line of defence,” added Mr Plummer.

“It also may be a good time to review your cyber insurance policies. Cyber insurance offsets many of the costs of potential IT breaches, however we recommend doing adequate due diligence as one size does not fit all.

“Securing your data, will secure your business.”

Originally published by www.accountantsdaily.com.au

Click here for original article

About us:

Established in 2007 and locally headquartered in Brisbane, Smart Business Systems provides IT Services across Australia. We work closely with our clients to get the most out of their IT investment.

SBS strategically plans, implements, manages and maintains IT environments for hundreds of clients, both national and international.

Address:

Unit 2, 32 Boothby Street, Kedron, QLD 4031

P 1300 798 717

F +61 7 3350 3397

info@sbsystems.com.au