US Department of Defense Commits to Upgrade 4 Million Seats to Windows 10

By Yusuf Mehdi / Corporate Vice President of Microsoft’s Windows and Devices Group as written on blogs.windows.com
One of the largest enterprises anywhere – the US Department of Defense (DoD) – has joined the ranks of enterprise customers planning swift Windows 10 deployments.
With more than 76% of our enterprise and education customers in active pilots of Windows 10 and more than 200 million active devices running Windows 10, we’re seeing accelerated and unprecedented demand for Windows 10 amongst enterprise customers.
The Secretary of Defense has directed all U.S. DoD agencies to begin the rapid deployment of the Microsoft Windows 10 throughout their respective organizations for information systems currently utilizing Microsoft Operating Systems. From laptops to desktops to mobile devices, including Surface devices, the DoD is targeting its Windows 10 upgrade for completion in a year, an unprecedented move for a customer with the size and complexity of the DoD.

The Rising Importance of Security for Government Agencies

Today’s government agencies face new and emerging challenges that range from a constantly shifting threat landscape to managing multiple platforms and devices in the enterprise environment. And the modern threat landscape has never been more challenging – driving tremendous costs and risk to the security of critical information. Security breaches can take 200+ days to detect and industry experts predict there will be over two million new malware apps by the end of the year. Clearly, these are driving factors in President Obama’s action plan announced last week to improve cybersecurity across government systems and devices.
Terry Halvorsen, CIO for the DoD, also shared this fall that more tools were needed for automated cyber defense, highlighting significant security challenges to the DoD networks. Halvorsen singled out software integration as a challenge to his mission and was quoted as saying, “If you have an impending need to survive you will innovate,” adding that DoD networks are “getting shot at” virtually every day. With the DoD spending approximately $44 billion annually on cybersecurity and IT, Halvorsen said the DoD needed to deploy innovation faster to ensure systems are more secure, more efficient and cost-effective, and standardized on one platform.
Because the U.S. Department of Defense is a prime target of cyber criminals and one of the largest and most complex organizations in the world, its leaders know the importance of securing its baseline systems.

Department of Defense Bets on Windows 10

The DoD’s intention to move to Windows 10 began in earnest in November when Halvorsen issued a memo directing all Combatant Commands, Services Agencies and Field Activities to rapidly deploy Windows 10 to improve the Department’s cybersecurity, lower the cost of IT and streamline the IT operating environment.
Further demonstrating a strong vote of confidence for the platform, Windows 10 has been certified as meeting specific government criteria and standards. The National Information Assurance Program, the arm of the US government responsible for evaluating commercial IT products for use in National Security Systems has certified Windows 10 against the Mobile Device Fundamentals Common Criteria protection profile. Additionally, Microsoft’s Surface family of devices have been certified and are available through the Defense Information Systems Agency (DISA) Unified Capabilities Approved Products List and can be easily worked into deployment plans. This means that Surface has met the strict security and interoperability requirements required by the DoD.

As the Department upgrades, it may incorporate some of the following Windows 10 security features:

  • Windows Hello: One of the greatest weaknesses in any security environment is the use of passwords, which can easily be hacked and used to gain access to secure resources and data. With Windows 10, agencies can identify individuals and restrict access through integrated multi-factor authentication using biometric mechanisms like facial recognition or fingerprints using the Windows Hello and Windows Passport features.
  • Enhanced threat resistance and device security. Working from a crypto-processor, Trusted Platform Module (TPM) -approved chip, tools include familiar features like Secure Boot, which helps prevent malware from embedding itself within hardware or starting before the OS, and Trusted Boot which helps maintain the integrity of the rest of the operating system. Device Guard ensures that only signed applications and code can run on these devices. And Credential Guard safeguards credentials inside a hardware-based virtualized environment and breaks the popular “pass the hash” used in many major breaches.
  • Windows Defender, provides anti-malware service, which currently protects almost 300 million Windows devices every day.
  • Enterprise Protection, currently in testing with enterprise customers and available soon, provides separation between both corporate and personal data and prevents corporate data from being copied out of corporate files to non-corporate files and locations, such as public website or social channels. Additionally, when EDP is used with Rights Management Services, it can protect data locally adding another layer of protection even when data roams or is shared.
It is exciting to see adoption of Windows 10 by so many enterprise customers, including those with the highest of security demands, such as the Department of Defense.

Source: https://blogs.windows.com/windowsexperience/2016/02/17/us-department-of-defense-commits-to-upgrade-4-million-seats-to-windows-10/

[vc_row][vc_column][vc_column_text]MISAC presenting managed solution

Today at the Municipal Information Systems Association of California (MISAC) meeting Sean Ferrel presented the latest business insights by Microsoft that are transforming the modern workplace

Managed Solution is the premier provider of IT support services and technology recommendations for the government sector. Founded in 2002, we enjoy a proud tradition of partnering with the IT staff of the many organizations we work with. We can even act as your IT team. For more information on government specific solutions contact Managed Solution at 800-220-4432 or fill out the contact form.


[vc_row][vc_column][vc_column_text]Fujitsu delivers Microsoft’s Skype for Business to NZ Govt

EXCLUSIVE: Fujitsu delivers Microsoft’s Skype for Business to NZ Govt

“Citizens and businesses will now be able to use Skype to message, talk to, and video call Government agencies."

As written by James Henderson (New Zealand Reseller News) on computerworld.co.nz

Fujitsu has served up Microsoft’s Skype for Business unified communications platform to the New Zealand Government, utilizing its place on the Government Telecommunications-as-a-Service panel.

As reported by Computerworld New Zealand, Fujitsu was appointed as one of 12 Government telecommunications providers in November, tasked with provide leading unified communications solutions and services.

As such, the tech company partnered with Microsoft in New Zealand to create a GoCommunicate, a Government unified communications service based on Microsoft’s Skype for Business solution.

Designed to remove costly traditional telephone systems, Fujitsu’s GoCommunicate provides agencies with an integrated service that brings together IT and communications for a monthly fee per user.

“Outside of a beneficial commercial model, GoCommunicate helps connect Government, citizens, and business using a common and familiar tool,” says Stuart Stitt, Managing Director, Fujitsu New Zealand.

“Citizens and businesses will now be able to use Skype to message, talk to, and video call Government agencies.”

Stitt believes the convergence of IT and telecommunications hasn’t always been reflected in the industry commercial models, with traditional telecommunications companies dominating voice calling services, despite the rise of new-world services such as Skype at home.

“GoCommunicate brings the familiarity of Skype into the business world, and enables seamless communications between citizens and agencies using Skype for Business,” he adds.

Under the IT Managed Services (ITMS) panel, many government agencies already use Fujitsu’s Service Aggregation capability for managing ICT vendor environments.

With the launch of TaaS, Mike Bullock - General Manager of Sales, Fujitsu New Zealand, says agencies are now able to use Fujitsu’s mature Service Aggregation capability to manage and coordinate telecommunication providers, enabling agencies to select the best providers in each area.

“This helps to break the stronghold of the major telecommunications providers and promotes greater competition and innovation for the New Zealand market,” Bullock explains.

For Bullock, the recently updated ITMS service, DaaS, and now TaaS enables agencies to receive a full end-to-end ICT service from Fujitsu without the overheads of a lengthy and expensive procurement process.

“This reduces the cost for both the industry and agencies, enabling agencies to focus their efforts on using technology to engage with citizens and businesses, making the public sector more efficient and faster moving,” he adds.

Locally, Fujitsu is a major provider of outsourced ICT services to the New Zealand Government, and globally, a key alliance partner of Microsoft.

[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column][vc_posts_grid grid_style="sliderstyle" as_style="classic" as_thumbsize="yes" as_mouse_parallax="yes" loop="size:5|order_by:date|order:DESC|post_type:post|categories:87"][/vc_column][/vc_row]

thinkstockphotos-468332479-100632493-primary managed solution

Cloud adoption soars in regulated industries

By Kenneth Corbin as written on cio.com
New study from cloud security firm finds that government agencies and businesses are rapidly warming to Google Apps and Microsoft Office 365.
The past year-and-a-half has seen a steep increase in the rate of adoption of cloud computing applications, with some of the biggest movers found in the government and regulated industries.
That's according to a new study by the cloud security firm Bitglass, which analyzed traffic from some 130,000 organizations in North America and reported a 71 percent surge in cloud usage across the board in the verticals it evaluated.
Within the government sector, Bitglass reported a spike of more than 300 percent in the proportion of agencies that have moved to the cloud.
Quantifying the cloud
Rich Campagna, vice president of products at Bitglass, says the study seems to confirm what industry observers have seen anecdotally, quantifying "the sheer rate at which cloud adoption has taken off in the last year-and-a-half."
Importantly, Bitglass' analysis was not looking at all facets of the cloud. The firm evaluated only the use of public cloud applications, and, of that large subset, confined its analysis to the popular productivity suites Google Apps and Microsoft Office 365. Those applications, Campagna explained, are generally deployed on an enterprise-wide scale and are "key indicators" that an organization has committed to a "cloud-first strategy."
"The decision is made at the CIO level to move to Office 365 or to Google," he says. "What we wanted to find is what is the best indicator of an organization-wide adoption of cloud-based applications."
So that approach weeds out firms where a small pocket of employees might have incorporated some niche application into their workflow, but where the enterprise writ large continues to run processes like email and collaboration applications through a traditional, locally housed data center.
Among U.S. government agencies, 47 percent have adopted either Google Apps or Office 365, according to Bitglass' findings. A slightly larger proportion of agencies with more than 1,000 employees have made the move, but Bitglass is still seeing much of the cloud activity happening at the state and local level.
"They have a thin IT shop and this allows them to focus on value-added parts of their business, rather than on having to spend on a headcount on managing and maintaining applications that are not part of their core [mission]," Campagna says.
The most dramatic increase has come in the education sector, where, by Bitglass' estimate, 83 percent of organizations have adopted one of the cloud apps that it evaluated, up from 23 percent a year-and-a-half ago.
"That's easily explained by the incredibly compelling licensing that Microsoft and Google offer," Campagna says, referring to the free distribution those companies have been offering to education customers.
But less dramatic gains can still be observed in other regulated industries, such as healthcare, where 36 percent of the organizations Bitglass reviewed have moved toward an enterprise deployment of a cloud app, up from 8 percent last year.
In the financial sector, adoption increased to 37.5 percent from 9.5 last year, and would likely be higher still with more permissive industry regulations governing the use of IT.
Microsoft and Google cloud offerings promote adoption
Campagna sees a variety of factors at work in the rise in cloud adoption, and credits Microsoft with a successful sales strategy that has aggressively promoted Office 365 while also offering more flexibility in the licensing and renewal terms of its contracts. Google, too, has recently been stepping up its efforts to push its Apps suite in the enterprise, Campagna says.
But there is also a larger shift underway that has seen the security concerns about the cloud at least partially abate. Young companies like Bitglass, which describes itself as a "cloud access security broker," have been popping up with the express purpose of helping enterprises lock down their data in a public-cloud environment. And within IT circles, where CISOs might not have even considered going to a public cloud a few years ago, many have lately been softening their stance on the issue as they aim to reposition security as a driver of the organization's mission.
"Within that risk-averse subset of the IT department, I've seen the attitudes just shift quite a bit over the last couple years," Campagna says. "The mindset of security practitioners in general -- and there are still some holdouts -- has shifted from one of control to one of enablement over the last couple of years."


The future of mobile data management

By Will Kelly as written on gcn.com
Many government agencies have mastered the basics of mobile device management (MDM), but the growing number increasingly powerful devices is changing the mobile threat landscape, and bringing a whole new level of complexity as security concerns shift from apps to data.
GCN spoke with a range of experts about the evolving challenges. The following tools and tactics are worth watching as agencies seek better ways to secure their data:

Data loss prevention

Look for DLP solutions to become location- and destination-aware, said Brian Kenyon, chief strategy officer for cybersecurity firm Blue Coat Systems. “We're starting to realize that data is going to [mobile] devices, so rather than saying we need to prevent it, we need to move to a model [where] is this okay… so we know what data is going, what devices it's going to and if we're comfortable with that or not.”
The federal sector is increasingly interested in extending data loss prevention (DLP) capabilities -- beyond data center and PC controls -- to the mobile world, added Rob Potter, vice president, public sector, Symantec.
Because most agencies need some kind of hybrid cloud environment, he said, they must expect data to become portable from the cloud to an on-premise environment and then to a mobile device. Expecting to secure data through virtualization or having it never leave the data center is a false hope, considering the amount of information sharing that takes place in government and the intra-agency dependencies that go along with that sharing, he said.
Therefore, Potter recommended that government agencies move toward a comprehensive method of DLP, including:
•Know that agency data is going to move
•Put controls around agency data that identify who is try to access it
•Place protections around the data

Derived credentials: CAC and PIV for a mobile workforce

“The part I think that is starting to become more of a challenge these days is around the access control piece,” said Dan Quintas, solutions engineer, AirWatch. “We know that as of a few months ago, the concept of using a username and password to access resources is essentially off the table for any federal agency. What that means is we're looking at alternative forms of authentication.”
It can be expensive to deploy CAC and PIV readers to a mobile workforce, according to Quintas. Nor are they necessarily the right answer for mobile authentication.
“Where people are starting to look now is around the concept of derived credentials,” in which a soft certificate – derived from the user’s CAC or PIV certificate -- is installed on a mobile device, Quintas explained.
However, derived credentials and single sign on are independent of one another, Symantec’s Potter stressed. Having a derived credential infrastructure will simplify the sign-on process, but agencies must drive SSO across applications, multiple devices, and inside their infrastructure.
He acknowledged the hesitation among agency IT managers who say, "I'm never getting derived credentials so I have single sign on,” but pointed out that derived credentials are about trusting multiple components in an enterprise environment. Once you achieve that trust, Potter said, SSO becomes much easier for a federal agency.

Common criteria

Citrix's Rajiv Taori, who vice president for product management in that firm's mobile platforms group, echoed Quintas’s observations about derived credentials and sees Common Criteria security standards as another option for agencies to protect their data on mobile devices. With every agency doing something different for security, he said, standardization is an important next step for improving data security.

Windows 10

Sean Ginevan, MobileIron's senior director for strategy, predicted Windows 10 will change how federal agencies manage their mobile devices. He sees federal customers asking whether to treat Windows 10 devices like desktops, “where the security model is, I'm inside the network, and I join the Windows domain, and I get my security policies and update that way,’ or do I treat them more like mobile devices?"
Ginevan wasn’t the only expert to mention Windows 10's place in the agency toolbox. Chuck Brown, a product manager for FiberLink, an IBM company, said his company is also getting inquiries from some federal customers about the new operating system. Windows apps are in place, and users would require little to no retraining.
Windows 10 could enter the “side door” to mobile device management as agencies change out Windows laptops for Windows 10-based tablets like the Microsoft Surface, according to Brown and others.

Mobile app vetting

Mobilegov President Tom Suder said app vetting will become increasingly important. Mobile app developers don’t necessarily think about how an app’s security affects backend systems, he said, which can open data centers to potential attack. Agencies need to secure and authenticate both the app and the mobile device, he said, to ensure that it’s not doing anything you don’t want it to do.
Adam Salerno, Veris Group's manager for federal programs, agreed, and sees agencies adopting app vetting as another layer of security beyond MDM. He explained that the app vetting process runs mobile apps in a sandbox where security specialists look at the mobile app’s code -- and at the static and dynamic natures of the app.
“We can observe the [app] behavior and notice if contacts or data and other things are being exfiltrated in ways that are not obvious to a user,” Salerno said.

Cloud services

Cloud services are part of the evolving tactics that will take agencies beyond traditional MDM. As more cloud vendors achieve certification through the Federal Risk and Authorization Management Program, Salerno sees more questions for agencies to resolve around VPN access, data flow between the cloud and mobile devices, auditing tools on the cloud service side and the potential requirement for a hybrid cloud with data being synced to a virtual appliance residing behind an agency firewall.
Suder mentioned that mobile backend as a service (MBaaS) could help agencies link their mobile users to legacy backend databases and systems. Because MBaaS provides easy-to-use developer tools including user authentication, he said, it could prove to be an economical option for agencies mobilizing their data.

Containerization (or not)

Agencies' use of secure virtual container technologies beyond MDM seems uneven, based on the interviews conducted for this article. FiberLink’s Brown sees containerization alive and well with agencies making secure containers the next step beyond MDM along with implementing DLP. And Salerno added that agencies can use secure containers, because they apply an additional level of encryption security above and beyond what’s on the device. Containers can work on agency-owned and BYOD devices alike.
Quintas from AirWatch, however, sees containers differently. In his company’s conversations with federal agencies in particular, he said, IT managers report that while the concept of using the email container is a very strong security solution, end users are starting to revolt against it.
“Those mobile IT teams in federal are starting to wrap their arms around [the idea that] maybe the email container's not the answer for everything,” Quintas explained. "Maybe you can achieve security using the native protocols that are there today."
Source: Adam Salerno, Veris Group's manager for federal programs, agreed, and sees agencies adopting app vetting as another layer of security beyond MDM. He explained that the app vetting process runs mobile apps in a sandbox where security specialists look at the mobile app’s code -- and at the static and dynamic natures of the app.

Contact us Today!

Chat with an expert about your business’s technology needs.