Getting started with Microsoft Passport, Windows Hello and Office 365
In Windows 10, Microsoft introduced “Windows Hello” which – to keep things simple – offers the...
It’s no secret that the IT landscape has changed dramatically over the past 8 months. Due to the pandemic, organizations have had to pivot overnight, and what was hoped to be a short-term problem has turned into the new normal. This applies to the way these organizations deal with their customers, employees, and business partners.
In this article, I’ll talk about the changes I’ve seen, and lessons learned from and by my customers.
One of the most profound changes that most customers deal with is security. Organizations have spent years preventing the very remote access that is now required to keep the business running. Firewalls, DMZs, split DNS, information silos, etc. have been the norm in most organizations. Some of these systems are quite complex – utilizing teams of people with various IT disciplines to carefully craft a secure environment to keep corporate information safe and secure.
These organizations have had to reengineer their IT security systems to allow for remote access in a period of days, sometimes even hours.
On-premises and hybrid organizations jumped to the solutions they know best. Some companies deployed VPN solutions to access internal systems for their remote employees and business partners. By doing this, those with proper VPN clients and rights could remotely connect to the internal LAN to access data. This causes other security challenges, such as how to protect internal data from viruses and malware that may be present on remote computers that the organization can’t manage.
Some other companies deployed Remote Desktop Services (RDS), which provides a virtual desktop that the organization owns and can manage. Admins deploy the software that employees need to the remote desktops, such as the Office suite and line-of-business apps like ERP software. RDS provides a safe and consistent way to access internal systems and can limit exposure to outside threats, like malware.
The minority of customers who have no on-premises systems and work only in the Microsoft 365 cloud were largely unaffected by this. In essence, they are already working remotely since no one works directly from Microsoft data centers.
A huge problem for most organizations has been securing account access. Usernames and passwords are simply not enough to secure access either on-premises or in the cloud. Many customers implemented multi-factor authentication and Conditional Access. MFA is the single most important thing organizations can do to secure their environments. Consequently, many projects I’ve worked on this year revolved around MFA, identity, and zero-trust security.
Before the pandemic, many organizations opposed remote access and a work-from-home culture. They often feared that “if I don’t see my employees in the office, how do I know they’re working?”
Ask anyone who is working from home now, and they’ll probably say they’re working more now than they were pre-pandemic. The lines between personal and work times are blurring. Work is being done before or after the traditional work hours of 9:00-5:00.
This can lead to employee burn-out – especially with the added stress of a restricted home life, kids out of school, and fewer outlets for recreation. While working from home provides more flexibility, people need to establish new boundaries around work and personal time.
Microsoft Teams has enabled remote workers to easily collaborate with their coworkers and Microsoft is making this easier than ever. The amount of investment that Microsoft is making in Teams has been staggering. In my long history with Microsoft, I’ve never seen so much development happening so quickly. Staying on top of all these changes has sometimes been a challenge for both employees and IT.
The costs to IT associated with this pandemic were unexpected. I know of many projects that were in planning for months or even years that were suddenly canceled or postponed indefinitely. New projects, such as deploying remote access solutions, mentioned earlier, took priority.
Some customers who were planning to or in the beginning stages of moving to the cloud accelerated those plans. Smaller businesses were usually able to transition quickly. Larger organizations with more complex business requirements either needed to change those requirements or migrate quickly and try to “shoehorn” those requirements in later (not recommended, if you can help it).
Many companies have seen that the business can indeed run with a work-from-home employee base without the need for very expensive office space and everything that goes along with it. Office equipment, heating, cooling, property insurance, etc. may be things of the past for organizations that embrace the work-from-home idea beyond this current pandemic.
Some organizations have learned to run their on-premises IT like a cloud service, where remote workers connect to on-premises via web services, VPN, or RDS even after the pandemic. Other organizations have moved their on-premises systems to Azure. Doing this may reduce many of the expenses mentioned earlier.
With a remote workforce, it’s sometimes difficult to communicate and document changes that are being made – especially when things break. It’s important for organizations to have a good change management system.
For a lot of informal organizations, that solution might be to use Teams. Teams provides an excellent way for IT admins to communicate and collaborate. A Teams channel can be used to document and record what changes are being made and when. And since the channel is persistent, new members to the team can see all the historical messages in the channel.
The Administrator Audit Log records actions performed by administrators and users who have been assigned administrative privileges. It logs the cmdlets that update configurations run from both the Exchange Admin Center and PowerShell. Note that the admin audit log only reports admin actions taken in Exchange Server 2016/2019 or Exchange Online in Microsoft 365. It doesn’t log changes for other workloads, like AAD, SharePoint, or Teams.
A number of companies have reallocated some of their IT budgets to take advantage of new capabilities in the cloud. For example, by adding the Azure AD Premium 2 subscription to their tenant, organizations can take advantage of Privileged Identity Management (PIM). PIM lets organizations give users just-in-time privileged access to Azure resources and Azure AD, while providing oversight for what those users are doing with their administrator privileges.
IT administrators have always been expected to embrace change. So far, 2020 has been the poster child for that. This pandemic has also forced employees and businesses to make unprecedented changes to the way they work, live their lives, and manage their time.
Organizations need to be flexible enough to pivot, no matter what the challenge is. IT’s job is to let employees work securely from anywhere with any device. And it’s everyone’s responsibility to manage their time and ensure that they are taking care of themselves and staying healthy.
ENow’s Office 365 Monitoring solution is like your own personal outage detector that pertains solely to you environment. ENow’s solution monitors all crucial components including your hybrid servers, the network, and Office 365 from a single pane of glass. Knowing immediately when a problem happens, where the fault lies, and why the issue has occurred, ensures that any outages are detected and solved as quickly as possible.