Tag: Recent News

Posted on by Leave a comment

The power of AI comes with a powerful responsibility

I’m beyond excited to be here in London with my Microsoft colleagues, as well as innovators, researchers, experts and business decision-makers from around the world at Future Decoded. Over the next two days, we will hear inspiring stories about the possibilities that exist for artificial intelligence to transform the future of work in every industry – and how critical it is that businesses foster a culture that includes everyone as we search for ways to incorporate AI responsibly.

This morning’s announcement that Microsoft is collaborating with Novartis to use AI to develop treatments and medications faster has the potential to improve patients’ lives across the globe. A critical component of our work together is the commitment by Novartis to take AI across the entire organization.

This will enable Novartis to bring together previously siloed data sets and research, and to use AI to build upon existing work quickly and efficiently. But it will also do something that might be even more important: It will empower Novartis associates.

Whether they work in research and development, commercial, operations, finance or elsewhere, Novartis associates are being asked to join this AI transformation. Their contributions and voices matter and are vital to the organization’s success.

Advocating a holistic approach

A cultural transformation is required for a company like Novartis to implement an AI strategy successfully throughout the organization. It requires empathetic leadership, collaboration across departments, trust among employees and a willingness to accept change. It’s not an easy feat. We at Microsoft know this because we haven’t always gotten it right the first time out of the gate. We are happy to share our learnings and best practices with our partners and customers, and with business decision-makers at large through our AI Business School, a free online master class series.

We launched AI Business School because we knew AI will be used more and more to help businesses innovate and solve problems, and we wanted to help business leaders be ready to do so with confidence. We recognized that every industry in the private and public sector faces its own challenges, and we wanted to provide concrete examples for each of them through tailored information and real-world case studies. Today, we are excited to roll out a new release of AI Business School, with expanded information for government leaders, new and adapted lessons within our responsible AI module and a new learning path for education industry decision-makers and educators.

Responsible AI: The expanded responsible AI content aims to illustrate how organizations can put principles into practice. As an example, we share a view on design principles for building AI solutions, plus a video on what tools can help you develop responsible AI.  We also have a new video Q&A with Matt Fowler, VP and Head of Machine Learning, Enterprise Data and Analytics at TD Bank Group, who talks about his company’s AI journey. Plus, trusted AI expert Cathy Cobey from EY shares how to make governance both tangible and measurable.

Education: We teamed up with education experts including Michelle Zimmerman, author of “Teaching AI: Exploring New Frontiers for Learning,” to highlight ways AI can transform classrooms as well as the operations and processes of learning institutions. We know that educators and administrators at every level of education are being asked to do more with less, and AI can help.

Government: A new module about identifying governing practices for responsible AI in government draws on the wisdom from experts at EY and Altimeter Group. We share examples from governments around the world to shed light on what government officials should consider and how to take action.

In addition to continually bolstering the online learning experience, we partner with customers around the globe for in-person training and collaboration. For example, UK enterprise customers will soon be able to participate in AI Business School sessions in the Microsoft Store in London!

I believe that helping everyone understand how to better approach AI can be a boon to every industry, and to society at large. I have been overwhelmed by the feedback and engagement with AI Business School, and I am humbled and grateful for the many conversations it has enabled with customers and business leaders!

One such customer is TD Bank, whose leaders have sought to advance an industry-wide dialogue on what responsible AI looks like in financial services. Microsoft works with TD on a variety of fronts as the bank continues to advance its AI capabilities.

People sit in front of a white board. Written on the whiteboard are words inculding fairness, blindspots and explainability
TD hosts an industry roundtable on responsible AI. The organization’s leaders have sought to advance a dialogue on what responsible AI looks like in financial services. Photo by TD Bank.

Adapting to an AI-first world

As AI is adopted across financial services, TD’s leaders believe it’s a critical time to initiate an industry-wide discussion on the unique opportunities and challenges of this technology. TD recently released a report called Responsible AI in Financial Services that brought together perspectives from AI experts and consumers to inform key areas where the financial services industry needs to focus to build best practices for the responsible use of AI. The three areas of focus identified in the report – addressing explainability, controlling for bias and promoting diversity – are informing TD’s work as they develop AI-powered solutions and unlock new and innovative ways to meet customer needs.

Microsoft encourages each of our partners and customers to embed their organizational values into every aspect of their AI strategy. Our own core principles – fairness; reliability and safety; privacy and security; inclusiveness; transparency; and accountability – inform how we develop and design AI.

We continue to invest in the research and creation of tools that can tackle the challenges of bias, privacy, security and interpretability. Just last week we announced a partnership with Harvard University to develop a service for differential privacy that will open new possibilities for groundbreaking research while also protecting sensitive information.

And last month we joined forces with other industry leaders to improve the detection of AI-generated deepfakes. We will continue to make every effort to ensure that this technology we work so hard to advance will be used in ways that will also advance society. Because it is not enough to know that we CAN do something with the help of AI; it is vital that we first ask whether we SHOULD.

As I see it, the biggest potential that AI holds is its ability to help us work together to tackle our toughest problems. I see its possibility to bring people together, to improve lives and to help save our planet. One of our AI for Earth grantees, global nonprofit OceanMind, is doing just this: They are using AI to detect illegal and unregulated fishing, which helps authorities protect ocean life and promote sustainability.

YouTube Video

data-video-id=”naML4cML0ks”>

The responsible creation and use of AI is not the job of any one company, but one that we all share, and it requires the shared responsibility to think about not just what AI can do, but what it should do.  Our overarching goal is to empower everyone to innovate and use AI responsibly so that it reflects their positive goals, good intentions and core values.

Related:

Posted on by Leave a comment

Novartis and Microsoft combine deep bioscience and AI to help patients worldwide

In the world of commercial research and science, there’s probably no undertaking more daunting – or more expensive – than the process of bringing a new medicine to market. For a new compound to make it from initial discovery through development, testing and clinical trials to finally earn regulatory approval can take a decade or more. Nine out of 10 promising drug candidates fail somewhere along the way. As a result, on average, it costs life sciences companies $2.6 billion to introduce a single new prescription drug.

This is much more than just a challenge for life sciences companies. Streamlining drug development is an urgent issue for human health more broadly. From uncovering new ways to treat age-old sicknesses like malaria that still kills hundreds of thousands of people every year, to finding new cancer treatments, or developing new vaccines to prevent highly-contagious diseases from turning into global pandemics, the impact in terms of lives saved worldwide would be enormous if we could make inventing new medicines faster.

As announced today, this is why Novartis and Microsoft are collaborating to explore how to take advantage of advanced Microsoft AI technology combined with Novartis’ deep life sciences expertise to find new ways to address the challenges underlying every phase of drug development – including research, clinical trials, manufacturing, operations and finance. In a recent interview, Novartis CEO Vas Narasimhan spoke about the potential for this alliance to unlock the power of AI to help Novartis accelerate research into new treatments for many of the thousands of diseases for which there is, as yet, no known cure.

[youtube https://www.youtube.com/watch?v=xh7iioCd-yU]

In the biotech industry, there have been amazing scientific advances in recent years that have the potential to revolutionize the discovery of new, life-saving drugs. Because many of these advances are based on the ability to analyze huge amounts of data in new ways, developing new drugs has become as much an AI and data science problem as it is a biology and chemistry problem. This means companies like Novartis need to become data science companies to an extent never seen before. Central to our work together is a focus on empowering Novartis associates at each step of drug development to use AI to unlock the insights hidden in vast amounts of data, even if they aren’t data scientists. That’s because while the exponential increase in digital health information in recent years offers new opportunities to improve human health, making sense of all the data is a huge challenge.

[youtube https://www.youtube.com/watch?v=Oo1Ye2BBh8w]

The issue isn’t just a problem of the overwhelming volume. Much of the information exists in the form of unstructured data, such as research lab notes, medical journal articles, and clinical trial results, all of which is typically stored in disconnected systems. This makes bringing all that data together extremely difficult. Our two companies have a dream. We want all Novartis associates – even those without special expertise in data science – to be able to use Microsoft AI solutions every day, to analyze large amounts of information and discover new correlations and patterns critical to finding new medicines. The goal of this strategic collaboration is to make this dream a reality. This offers the potential to empower everyone from researchers exploring the potential of new compounds and scientists figuring out dosage levels, to clinical trial experts measuring results, operations managers seeking to improve supply chains more efficiently, and even business teams looking to make more effective decisions. And as associates work on new problems and develop new AI models, they will continually build on each other’s work, creating a virtuous cycle of exploration and discovery. The result? Pervasive intelligence that spans the company and reaches across the entire drug discovery process, improving Novartis’ ability to find answers to some of the world’s most pressing health challenges.

As part of our work with Novartis, data scientists from Microsoft Research and research teams from Novartis will also work together to investigate how AI can help unlock transformational new approaches in three specific areas. The first is about personalized treatment for macular degeneration – a leading cause of irreversible blindness. The second will involve exploring ways to use AI to make manufacturing new gene and cell therapies more efficient, with an initial focus on acute lymphoblastic leukemia. And the third area will focus on using AI to shorten the time required to design new medicines, using pioneering neural networks developed by Microsoft to automatically generate, screen and select promising molecules. As our work together moves forward, we expect that the scope of our joint research will grow.

At Microsoft, we’re excited about the potential for this collaboration to transform R&D in life sciences. As Microsoft CEO Satya Nadella explained, putting the power of AI in the hands of Novartis employees will give the company unprecedented opportunities to explore new frontiers of medicine that will yield new life-saving treatments for patients around the world.

[youtube https://www.youtube.com/watch?v=wMfsQE-D2q4]

While we’re just at the beginning of a long process of exploration and discovery, this strategic alliance marks the start of an important collaborative effort that promises to have a profound impact on how breakthrough medicines and treatments are developed and delivered. With the depth and breadth of knowledge that Novartis offers in bioscience and Microsoft’s unmatched expertise in computer science and AI, we have a unique opportunity to reinvent the way new medicines are created. Through this process, we believe we can help lead the way forward toward a world where high-quality treatment and care is significantly more personal, more effective, more affordable and more accessible.

Tags: , , ,

Posted on by Leave a comment

OneDrive Personal Vault and expandable storage now available worldwide

Microsoft OneDrive has long been an innovation leader in cloud storage, and today we’re excited to launch a new feature that gives you greater security for your files in the cloud. This summer, we announced OneDrive Personal Vault, which uses identity verification to protect your most important files. Now we’re happy to share that Personal Vault is available worldwide on all OneDrive consumer accounts. Additionally, we have more OneDrive news to share on expandable storage options, automatic folder backup, and dark mode—read on to learn more.

Meet Personal Vault

Personal Vault is a protected area in OneDrive that can only be accessed with a strong authentication method or a second step of identity verification, such as your fingerprint, face, PIN, or a code sent to you via email or SMS.1 Personal Vault gives you an added layer of protection for your most important files, photos, and videos—for example, copies of documents such as your passport, driver’s license, or insurance information—should someone gain access to your account or device.

Plus, this added security won’t slow you down. You can quickly access your important documents, photos, and files with confidence wherever you are, on your PC, OneDrive.com, or your mobile device.2

Beyond a second layer of identity verification, Personal Vault also includes the following security measures:

  • Scan and shoot—Using the OneDrive app, you can scan documents or shoot photos directly into your Personal Vault, keeping them off less secure areas of your device, like your camera roll.
  • Automatic lockingNo need to worry about whether you left your Personal Vault or your files open—both will close and lock automatically after a period of inactivity.3
  • BitLocker encryptionOn Windows 10 PCs, OneDrive automatically syncs your Personal Vault files to a BitLocker-encrypted area of your local hard drive.4
  • Restricted sharing—To prevent accidental sharing, files in Personal Vault and shared items moved into Personal Vault cannot be shared.

Taken together, these security measures help ensure that Personal Vault files are not stored unprotected on your PC, and your files have additional protection, even if your Windows 10 PC or mobile device is lost, stolen, or someone gains access to it or to your account.

Animated image of a user verifying her identity in OneDrive Personal Vault.

Personal Vault is the latest advancement in OneDrive’s suite of security features, which also includes file encryption at rest and in transit, suspicious sign-in monitoring, ransomware detection and recovery, mass file deletion notification and recovery, virus scanning on downloads for known threats, password protected sharing links, and version history for all file types.

Personal Vault is now available worldwide

To start using Personal Vault, look for the Personal Vault icon Personal Vault icon. in your OneDrive and simply click or tap it. If you’re using OneDrive’s free or standalone 100 GB plan, you can store up to three files in Personal Vault. Office 365 Personal and Office 365 Home subscribers can store as many files as they want in Personal Vault, up to their storage limit.

OneDrive

Don’t have OneDrive? Download the app and get your first 5 GB of storage free.

Get OneDrive

Learn more in this Personal Vault podcast on Intrazone.

Backing up your folders just got easier

We made it easy to back up your important folders to OneDrive—so your files are protected and available even if something happens to your PC. With PC folder backup you can choose to automatically back up files in your Desktop, Documents, or Pictures folders to OneDrive. Now you don’t have to worry about protecting your work—OneDrive will do it for you.

You can also access your backed-up files even when you’re away from your PC—just use the OneDrive mobile app or go to OneDrive.com. Plus, saving your files to OneDrive allows you to view and restore previous versions of your files up to 30 days in the past.

PC folder backup is now more deeply integrated with the newest version of Windows 10, so you can easily enable it during Windows setup or updates. The feature is included with all OneDrive consumer plans and is available on Windows 7, 8, and 10 PCs with the OneDrive sync app. Learn more about PC folder backup.

OneDrive fans rejoice—additional storage is now available!

In June, we announced that we would deliver on one of the most requested OneDrive features of all time—more storage options. Now you can add storage to your existing Office 365 subscription in 200 GB increments, starting at $1.99 per month.5 Learn more about OneDrive additional storage.

Dark mode is now available on OneDrive iOS

We’re also thrilled to announce that the OneDrive mobile app on iOS 13 now supports dark mode. This dramatic new look is both easy on the eyes and lets you take full advantage of an OLED screen to save battery life. To try it out, simply set your iOS 13 device to Dark Appearance in Settings > Display and Brightness and then open the OneDrive app.

Animated image of a phone switching between dark mode and standard, and back again.

Let us know what you think

To let us know what you think or share your thoughts and ideas, visit OneDrive UserVoice. To learn more about all the advanced protection features included in Office 365 Home and Office 365 Personal subscriptions, see our support page.

Notes:
1 Face and fingerprint verification requires specialized hardware including a Windows Hello capable device, fingerprint reader, illuminated IR sensor, or other biometric sensors and capable devices.
2 OneDrive for Android requires Android 6.0 or later; OneDrive for iOS requires iOS 11.3 or later.
3 Automatic locking interval varies by device and can be set by the user.
4 Requires Windows 10 version 1903 or above.
5Additional storage only available to Office 365 Home and Office 365 Personal subscribers. For Office 365 Home subscribers, only the primary subscription holder may purchase additional storage, and only for that user’s account.

Posted on by Leave a comment

Azure customers: New Azure AD support for F5 Networks makes it easier to secure all your applications

Howdy folks,

We often hear from our customers about the complexities around providing seamless and secure user access to their applications—from cloud SaaS applications to legacy on-premises applications. Based on your feedback, we’ve worked to securely connect any app, on any cloud or server—through a variety of methods. And today, I’m thrilled to announce our deep integration with F5 Networks that simplifies secure access to your legacy applications that use protocols like header-based and Kerberos authentication.

By centralizing access to all your applications, you can leverage all the benefits that Azure AD offers. Through the F5 and Azure AD integration, you can now protect your legacy-auth based applications by applying Azure AD Conditional Access policies to leverage our Identity Protection engine to detect user risk and sign-in risk, as well as manage and monitor access through our identity governance capabilities. Your users can also gain single sign-on (SSO) and use passwordless authentication to these legacy-auth based applications.

To help you get started, we made it easier to publish these legacy-auth based applications by making the F5-BIG IP Application Policy Manager available in the Azure AD app gallery. You can learn how to configure your legacy-auth based applications by reviewing our documentation below based on the app type and scenario:

1 Azure AD and F5.png

As always, let us know your feedback, thoughts, and suggestions in the comments below, so we can continue to build capabilities that help you securely connect any app, on any cloud, for every user.

Best regards,

Alex Simons (@Alex_A_Simons)

Corporate VP of Program Management

Microsoft Identity Division

Posted on by Leave a comment

Ori and the Blind Forest: Definitive Edition now available for Nintendo Switch

Finally the wait is over and we’re thrilled to announce that Ori and the Blind Forest: Definitive Edition is available today for Nintendo Switch in the Nintendo eShop! We couldn’t be happier with the reception so far, especially from our fans!

Ori and the Blind Forest: Definitive Edition is a unique action platformer that combines deep Metroidvania style gameplay with emotional storytelling. The forest of Nibel is dying and Ori must find courage to confront Kuru, the dark owl, in order to save the forest. Ori’s journey is a story about love, sacrifice, and the hope that exists in us all.

To our Switch friends, we’re excited for you to enjoy the same Ori and the Blind Forest: Definitive Edition experience that Xbox and PC players know and love. We can’t wait for you to share your stories of your time exploring Nibel!

Stay tuned for the latest game news and updates at orithegame.com.

Posted on by Leave a comment

Pre-orders begin for Xbox One S and Xbox One X ‘Star Wars Jedi: Fallen Order’ bundles coming Nov. 15

May the Force be with you! As unveiled during Disney’s Star Wars Triple Force Friday Global Reveal Livestream, we’re excited to announce the Xbox One X Star Wars Jedi: Fallen Order bundle ($499.99 USD) and the Xbox One S Star Wars Jedi: Fallen Order bundle ($299.99 USD) coming on November 15, both available for pre-order today! Get ready to feel the Force in Star Wars Jedi: Fallen Order, a new third-person action-adventure title from Respawn Entertainment.

This narrative-driven, single-player game puts you in the role of a Jedi Padawan who narrowly escaped the purge of Order 66 following the events of “Star Wars: Episode III – Revenge of the Sith.” On a quest to rebuild the Jedi Order, you must pick up the pieces of your shattered past to complete your training, develop new powerful Force abilities, and master the art of the iconic lightsaber – all while staying one step ahead of the Empire and its deadly Inquisitors.

Along with an Xbox One console, each bundle comes packed with an Xbox Wireless Controller, a digital download of Star Wars Jedi: Fallen Order Deluxe Edition, a 1-month trial of Xbox Game Pass and a 1-month trial of Xbox Live Gold. Additionally, both Star Wars Jedi: Fallen Order bundles give you 1 month of EA Access, which lets you play EA games for a limited time before they’re released and get unlimited access to The Vault, a growing collection of EA’s best Xbox One games.

Xbox One is the only console system that plays the best games of the past, present and future with thousands of games available today – including over 200 exclusives and over 400 Xbox classics. If you’re playing on Xbox One X or Xbox One S, you can also enjoy the ultimate 4K entertainment experience with a built-in 4K UHD Blu-ray player, premium audio with Dolby Atmos support and the fastest, most reliable gaming network with Xbox Live.

Both the Xbox One X Star Wars Jedi: Fallen Order bundle and Xbox One S Star Wars Jedi: Fallen Order bundle are available for pre-order today. For more information on Xbox One or Star Wars Jedi: Fallen Order, visit xbox.com or a Microsoft Store near you or online, and be sure to keep up with the latest Star Wars Jedi: Fallen Order news right here on Xbox Wire.

The galaxy awaits, young Padawan!

Posted on by Leave a comment

CyberPeace Institute fills a critical need for cyberattack victims

Today, with the launch of the CyberPeace Institute, the world will gain an important new ally in understanding the impact of cyberattacks, in working to develop rules for proper conduct in cyberspace and in helping the most vulnerable victims of cyberattacks become more resilient.

Today’s news is important because cybersecurity is one of the more critical issues of our time. The escalating attacks we’ve seen in recent years are not just about computers attacking computers – these attacks threaten and often harm the lives and livelihoods of real people, including their ability to access basic services like heath care, banking and electricity. In May 2017 it took the WannaCry attack just hours to impact more than 300,000 computers in 150 countries including systems that supported the National Health Service in Great Britain. Six weeks later, NotPetya disabled an estimated 10 percent of all computers in Ukraine, crippling businesses, transit systems and banks there before halting the systems of multinational corporations around the world and suspending operations of one of the world’s leading shipping companies. At Microsoft we track cyberattacks by dozens of nation-state actors, and activity continues to increase.

It will take a multi-stakeholder effort to address these issues. The internet is the creation of the private sector, which is primarily responsible for its operation, evolution and security. But governments have an important role to play in observing and enforcing norms for conduct in cyberspace and in deterring damaging attacks by other nations. Governments, the private sector, civil society and academia must be part of discussing solutions and taking concrete steps to protect people. Badly needed in the fight against cyberattacks is a credible source of research and analysis about the impact of cyberattacks around the globe on world citizens. Another important gap is the need for immediate help and advocacy for the most vulnerable victims of these attacks. For years, nongovernmental organizations around the world have provided on-the-ground help and vocal advocacy for victims of wars and natural disasters, and have convened important discussions about protecting the victims they serve. It’s become clear that victims of attacks originating on the internet deserve similar assistance, and the CyberPeace Institute will do just that.

For these reasons, Microsoft has joined the Hewlett Foundation, Mastercard and other leading organizations as initial funders of the institute. The institute will be independent, and we anticipate it will have significant impact in the three core areas where it will function:

  • Assistance: Coordinating recovery efforts for the most vulnerable victims of cyberattacks and helping vulnerable communities and organizations become more resilient to attacks.
  • Accountability: Facilitating the collective analysis, research and investigation of cyberattacks, including by assessing their harm, and bringing greater transparency to the problem so everyone has better information to inform action.
  • Advancement: Promoting responsible behavior in cyberspace and advancing international laws and rules.

While the institute will fill an important unmet need, it joins a range of other critical work underway to help secure the internet. The Cybersecurity Tech Accord, a global voice for the tech community, now includes more than 100 companies committed to principles like protecting all customers around the world and opposing cyberattacks on civilians. The Paris Peace Call for Trust & Security in Cyberspace has signatories from 67 countries, 139 international and civil society organizations, and 358 private companies and entities committed to preventing cyber activity that threatens the availability of the internet, stopping internet-enabled interference in elections and guarding against supply chain attacks. And the United Nations has important processes underway to build consensus on new rules that have the potential of protecting billions.

We’re encouraged by all of these efforts and by the potential the CyberPeace Institute has to improve people’s lives, and we believe that as other companies, nonprofits and individuals see the institute’s progress in the coming months, they will join the effort to back its important work.

Tags: ,

Posted on by Leave a comment

Skype-a-Thon gets a new name and new tools for connecting students around the world

One of my favorite moments each year is when I get to connect with students all around the world as part of our annual Skype-a-Thon. Since our inaugural event in 2014, Skype-a-Thon has engaged with hundreds of thousands of students, classrooms and volunteer guest speakers who’ve embraced it and are connecting every year to help teach empathy and compassion.

With new tools now available for educators to better connect students with each other, like Microsoft Teams and Flipgrid, in addition to Skype, I am excited to announce that Skype-a-Thon is now called the Microsoft Global Learning Connection—a celebration for students around the world to open hearts and minds to connect, become global citizens and change the world.

Save the date—November 5-6, 2019!

The Microsoft Global Learning Connection will happen on November 5-6, 2019. An estimated half-a-million students from over 110 countries will connect and travel “virtual miles” to speak with guest speakers, experience a new culture, sing a song, go on virtual field trips and learn from other students, educators and experts from around the world. It’s the same great event but with more opportunities to make connections. Our goal is to travel over 17 million virtual miles—together we’ll achieve this via Skype, Teams and Flipgrid:

  • Skype—Skype remains a popular tool for educators to connect their classrooms to the world. Through the Skype in the Classroom community, educators can find other classrooms, invite experts or take live virtual field trips.
  • Microsoft Teams—as many schools transition from Skype for Business (Skype and Skype for Business are two different tools) to Teams, they are now able to leverage the power of Teams to connect and collaborate. Find more details here.
  • Flipgrid—With Flipgrid, students are empowered to share their voice via short videos on “grids,” enabling them to reflect, discuss and showcase what they are learning. Learn how you can defy time zones and connect asynchronously via Flipgrid during the event!

This year’s event will also encourage the use of these tools in concert, such as making a call over Skype or Teams, then engaging students on Flipgrid to record their reflections of the call.

So, join me and get ready for the Microsoft Global Learning Connection 2019!

  1. Bookmark the new event page msftglobalconnect.com.
  2. Start to plan out your class adventure by downloading a Step-by-step Activity Plan: aka.ms/MSFTGlobalConnectPlan
  3. Schedule calls with experts and classrooms for Nov. 5-6 and connect via Skype, Teams and Flipgrid. Find more details here.
  4. Share your plans and favorite photos with us @SkypeClassroom with #MSFTGlobalConnect #MicrosoftEDU

Click here for free STEM resourcesExplore tools for student-centered learning

Posted on by Leave a comment

Phishing attacks can wreak havoc on your customers and your revenues; here’s how to prevent them

You already know that email is the number one attack vector for cybercriminals. But what you might not know is that without a standard email security protocol called Domain Message Authentication, Reporting, and Conformance (DMARC), your organization is open to the phishing attacks that target your customers, crater your email deliverability rates, and crush your email-based revenue streams.

For all the utility of email, which remains the ultimate app for business collaboration and communication, it does have a serious flaw: the ability for a bad actor to pretend to be someone else in an email message. This can be done through one of two attack techniques, spoofing and impersonation. Spoofing is when the sender is attempting to send mail from, or on behalf of, the exact target domain. Impersonation is when the sender if attempting to send mail that is a lookalike, or visually similar, to a targeted domain, targeted user, or targeted brand. When cybercriminals hijack your brand identity, especially your legitimate domains, the phishing attacks they launch against your customers, marketing prospects, and other businesses and consumers can be catastrophic for them—and your business.

Email-based brand spoofing and impersonations surged 250 percent in 2018, with consumers now losing $172 billion to these and other internet scams on an annual basis. More than 90 percent of businesses have been hit by such impersonations, with average losses from successful attacks now standing at $2 million—with an additional $7.9 million in costs when they result in a data breach.

DMARC can help you take control of who can send email messages on your behalf, eliminating the ability for cybercriminals to use your domain to send their illegitimate messages. In addition to blocking fake messages from reaching customers, it helps prevent your business-to-business customers from partner invoice scams like the kind that recently defrauded one large, publicly traded business that lost $45 million. Not a good look for your brand, and a sure way to lose your customers, partners, and brand reputation.

But to protect your corporate domains and prevent executive spoofing of your employees, DMARC must be implemented properly across all your domains and subdomains. And you’ll want your supply chain to do the same to protect your company and partners from such scams. Today, 50 percent of attacks involve “island hopping,” spoofing or impersonating one trusted organization to attack another within the same business ecosystem.

Great, but what exactly is DMARC?

For those not yet familiar with the term, DMARC acts as the policy layer for email authentication technologies already widely in use—including Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM).

At its most essential, DMARC gives organizations control over who is allowed to send emails on their behalf. It allows email receiver systems to recognize when an email is not coming from a specific brand’s approved domains—and gives guidance to the receiver about what to do with those unauthenticated email messages. DMARC with a p=quarantine or p=reject policy is required to block those illegitimate email messages from ever reaching their targets.

Today, 57 percent of consumer email in industries such as healthcare and retail are now fraudulent. Consumer-focused brand impersonations are up 11 times in the last five years, 80 percent involving email. In 2018, the IC3 received 20,373 BEC/E-mail Account Compromise (EAC) complaints with adjusted losses of over $1.2 billion. Those attacks target your accounting, payroll, and HR departments, so your outbound marketing programs can become toxic to recipients, obliterating your outbound email programs and the revenue they generate.

Microsoft support for email authentication and DMARC

As the vast majority of businesses continue to migrate to capable and robust cloud platforms such as Office 365, a new generation of cybercriminal organizations is rapidly innovating its methods to find nefarious new ways to circumvent the considerable security controls built into these platforms. Unfortunately, some organizations may not realize that they should fully implement DMARC to augment the security benefit of Office 365 email authentication.

Microsoft has implemented support for DMARC across all of its email platforms. This means that when someone sends an email to a Microsoft mailbox on a domain that has published a DMARC record with the reject policy, it will only deliver authenticated email to the mailbox, eliminating spoofing of email domains.

If you use Office 365 but aren’t utilizing custom domains, i.e. you use onmicrosoft.com, you don’t need to do anything else to configure or implement DMARC for your organization. But if you have custom domains, or you’re using on-premises Exchange servers, in addition to Office 365, you’ll need to implement DMARC for outbound mail. All of which is straightforward but implementing it across your entire email ecosystem requires some strategy. To ensure your corporate domains are protected, you’ll need to first publish a DMARC record in DNS with a policy of reject. Microsoft uses Agari’s DMARC reporting tool to enhance protection of Microsoft domains from being used in phishing attacks.

Read more about how Microsoft uses Agari to protect its domain and how that is used to validate email in Office 365 in this Microsoft documentation.

The rise of automated, hosted email authentication

The truth is, properly implementing DMARC means you need to identify every single one of your domains and subdomains, across all business units and outside partners—not just the ones you know to send email. That’s because any domain can be spoofed or impersonated, which means every domain should be DMARC-protected to make sure email receiver infrastructures can assess whether incoming messages purporting to come from any of your domains are legit. Brand protection that only covers some domains isn’t really brand protection at all.

The task of identifying and onboarding thousands of domains controlled by multiple business units, outside agencies, and other external partners, both on Office 365 and off, can be daunting. As a result, many organizations may discover that working with a DMARC provider that can fully automate the implementation process across all these parties plus supply channel partners is their best chance for success. This is especially true for those that offer fully hosted email authentication (DMARC, SPF, and DKIM) to simplify the otherwise tedious and time-consuming process involved with preventing brand impersonations—including ones that leverage domain spoofing.

3 steps to get started with DMARC

The good news is that DMARC is supported by 2.5 billion email inboxes worldwide, and more are joining these ranks every day. But unfortunately, even among organizations with DMARC records assigned to their domains, few have them set to p=reject enforcement. As it stands now, nearly 90 percent of Fortune 500 businesses remain unprotected against email-based spoofing attacks, putting their customers, partners, and other businesses at risk for phishing.

When DMARC is implemented using email ecosystem management solutions, organizations have seen phishing emails sent by fraudsters seeking to spoof them drop to near zero. According to Forrester Research, organizations have also seen email conversion rates climb on average 10 percent, leading to an average $4 million boost in revenues thanks to increased email engagement.

While it’s no small task, there are three steps that will help you move forward with DMARC and get started:

  1. Create a new DMARC record with specific policies to protect your organization from spoofing attacks targeting your employees, customers, prospects, and more. Note that the policy must be a p=reject to prevent unauthorized mail from being received.
  2. Download Getting Started with DMARC, a special guide designed to provide an overview of DMARC and best practice resources.
  3. Request a free trial to see how Agari can help implement DMARC on Office 365 at your organization. As a member of the Microsoft Intelligent Security Association (MISA), and provider of DMARC implementation for more domains than any other provider, Agari offers a free trial to Office 365 users looking to protect their customers, employees, and partners from phishing-based brand spoofing attacks. Given the threat from impersonation scams, and the benefits that come from employing the right approaches to reducing it, don’t be surprised if DMARC-based email authentication jumps to the top of the to-do list for a growing number of businesses. With luck, brand imposters will never know what hit them.

Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us at @MSFTSecurity for the latest news and updates on cybersecurity.

Posted on by Leave a comment

All the news from ID@Xbox Game Pass Fall 2019 Showcase

Our ID@Xbox Game Pass Fall 2019 showcase has concluded! If you didn’t have a chance to watch yet, you can find the video above. For those who are into the TLDR, we have you covered with the below recap!

Today, we announced more ID@Xbox games coming to Xbox Game Pass and shared some footage and gameplay of these great games from independent developers. We also sat down with some excited publishers that shared more about their games, which will be day one premieres.

13 ID@Xbox Games Announced for Xbox Game Pass Across Console and PC

We strive to bring a diverse, great set of games to Xbox Game Pass so that we can help you discover your next favorite game. Today, we’re excited to highlight these amazing independent developers and celebrate their creativity with even more players.

Xbox Game Pass for Console and Xbox Game Pass for PC (Beta)

  • Munchkin: In this digital adaptation of the popular board game, level up, kill monsters, and loot! Play with your friends (or enemies) in fun four-player action. Choose from four different races and classes, each with unique abilities.
  • Lonely Mountains: Downhill: Race, jump, and slide down unspoiled mountain landscapes on your bike, through lush forests, narrow trails, and rivers. With the game’s custom physics, you’ll experience fun and responsive controls as you find your line down the mountain. Take the relaxing path or go cross country, it’s your choice!
  • Demon’s Tilt: In this gorgeous tribute to ‘90s video pinball games, Demon’s Tilt brings many features that are sure to please both gamers and pinball enthusiasts. With an art style and effects reminiscent of classic bullet hell games, expect turbo-charged pinball action with shoot ‘em up elements as you defeat enemies and bosses and score huge jackpots.
  • Genesis Noir: Set before, during, and after The Big Bang, Genesis Noir is an adventure game with a focus on exploration, simple interactions, and generative art. Stop the expansion of the universe and save your love. The game features beautiful, hand-drawn animations that blend visual storytelling and interaction.
  • Minit: An adventure game played 60 seconds at a time. On your journey, help unusual folks, uncover secrets, defeat dangerous foes to end an unfortunate curse that ends each day after just one minute.
  • The Talos Principle: You are tasked by your creator to solve complex puzzles as you explore a story of humanity, technology, and civilization. Choose your path in a non-linear world. And remember: your choices have consequences.
  • Vambrace: Cold Soul: Immerse yourself in a story-driven, roguelike adventure. Journey with a memorable party of characters with unique powers to survive deadly encounters in a frozen landscape. Defeat the King of Shades, who has cursed the city of Icenaire and amassed an army of undead.

Xbox Game Pass for Console

  • Yooka Laylee: As buddy do Yooka and Laylee, embark in an open-world platforming adventure. Equipped with special moves, overcome puzzles, enemies, and challenges, you must defeat Capital B and thwart his scheme to absorb the world’s books and convert them to profit.
  • The Escapists 2: Escape from different prisons set in different environments, craft tools from everyday items, and train to fight in prison brawls. In this ultimate prison sandbox, you are in control of building your escape crew and how you organize your escape!

Xbox Game Pass for PC (Beta)

  • Cities: Skyline (Windows 10 Edition): Design, build, and manage the city of your dreams. In this award-winning and best-selling city management game, you’re in charge of everything from public services to civic policies.
  • Dead by Daylight: Death is not an escape. Dead by Daylight is a 4 vs 1 multiplayer horror game, where one player takes on the role of the savage Killer, and the other four players are Survivors, who must escape the Killer without getting caught.
  • The Red Strings Club: In this cyberpunk narrative experience, take on the role as a bartender and hacker to collect information and uncover secrets of a corporate program. Pull out all the stops and thwart a corporate conspiracy.
  • State of Mind: Play as Richard Nolan, a journalist, and five other characters as you explore a deep, thrilling sci-fi story where dystopian reality and digital utopia are intertwined. Research and collect information to piece back together your past.

Interviews with Independent Developers

And thanks again to the teams behind these games. We had a chance to sit down with a few people who were excited to share more about their game.

  • Lonely Mountains: Downhill
    • Andrew Stevens, Thunderful Games
  • Demon’s Tilt
    • Ralph Barbagallo, FLARB
  • Genesis Noir
    • Ashley Nicollette, Fellow Traveler

And don’t fret! These announces are just some of the great games coming. We’re always adding to the Xbox Game Pass game library so expect many more to come. As you wait for these games to become available, there are great games to play today with Xbox Game Pass for Console and Xbox Game Pass for PC (Beta)! And if you haven’t yet joined, but are interested, find the right plan for you.

Thank you for tuning in today and we hoped you enjoyed the showcase! For all the latest and greatest ID@Xbox and Xbox Game Pass news, make sure to stay tuned to Xbox Wire and the below channels!

@XboxGamePass: Twitter / Instagram / Mobile App
@XboxGamePassPC: Twitter
@ID_Xbox: Twitter / YouTube