Punycode Causes Big Problems for Office 365 Online Users

/in

Security for online or on-premise infrastructure can never be taken for granted. We have identified a defense against a new attack that’s targeting Office 365 business users. This is a very real threat to any companies using Office 365 email because it is specifically designed to bypass Microsoft Security and obtain corporate ID and passwords from your users. (Read this article from today’s SC Magazine website: http://www.infosecurity-magazine.com/news/office-365-biz-users-targeted-in/).

How it works

This attack is taking advantage of a particular vulnerability in the way that Office 365 Email handles so-called ‘punycode’ web addresses so that the attacker can send a URL that Office 365 deems benign, but will take a user to a look-alike login page for Office 365.

What is Punycode?

Punycode domain names are used to handle web addresses with non-ASCII characters like the ü in bücher.ch. Punycode uses the “xn--” command to tell a browser to translate an address like this to xn--bcher-kva.ch.

This attack has bypassed Microsoft Office 365 Advanced Threat Protection since it uses what’s called Puny encoding, fooling Office 365 into believing that the URL is safe.

What can you do?

The New Puny-Phishing: How it works

To explain this attack, we will use an example from a real attack captured in early December 2016. The attacker sent a fake FedEx email with a benign looking URL that goes to a malicious site.

puncode-image

We can scan your user accounts.

We are offering a scan of your user email accounts to identify which of your users have received this attack so that you can take remediation measures to immediately change their Office 365 and other corporate passwords! Please contact us now at [email protected].

Office 365 Brings Significant New Value to Business Customers Worldwide

/in

Today’s post was written by Kirk Koenigsbauer, corporate vice president for Microsoft Office.

Today, we are excited to announce the availability of several new Office 365 communications services designed to modernize voice, video, and meeting experiences, while saving companies substantial costs in their communication infrastructure. Organizations can now replace their legacy meeting and phone systems with innovative services built on the familiar Skype for Business experience, all naturally integrated within Office 365—the world’s most-used collaboration and productivity platform.

We are also excited to announce significant new security and analytics capabilities aimed at dramatically improving our customers’ ability to protect their organizations and glean insights from data.

Communication-powered Productivity

We believe that the heart of productivity is great teamwork, and the heart of great teams is great communication. Productivity today is centered on conversations—sometimes a quick instant message or call, and sometimes a meeting planned in advance including voice, video and content sharing.

With many different avenues of communication, people need tools that allow them flexibility in how they connect. For years, consumers have embraced new ways of communicating, turning “Skype” into a verb synonymous with video calling. But corporate telephony, including PBX systems, and audio and video conferencing systems, has lagged behind—until now. Having Skype for Business as an integrated part of the work people are already doing in Office means greater continuity as they collaborate and communicate throughout their day.

Built on the familiar Skype user interface, Skype for Business makes connecting with colleagues as easy and intuitive as connecting with friends and family on Skype. With the new services, Skype for Business gets even better, for organizations and their people:

  • PSTN Conferencing provides the flexibility to dial into a meeting from a traditional phone, in addition to the existing ability to join a meeting with a single click on your PC or mobile device.
  • Skype Meeting Broadcast makes it easier than ever to produce large virtual meetings for up to 10,000 meeting attendees, who can join from virtually any browser or device (see it in action). Now Skype for Business truly is a single platform for every type of meeting.
  • Cloud PBX enables companies to eliminate separate PBX systems and transition to the cloud with Office 365 as the central location to manage users for communication and
  • With PSTN Calling, Office 365 customers can also subscribe to Microsoft managed to call plans and phone numbers, starting in the U.S. with more markets coming later.

Watch this video to learn more about how the new Skype for Business capabilities can benefit your organization.

Simplify your infrastructure, lower your costs and empower your people

Microsoft is the only company that has built this combination of capabilities—a cloud business phone system including dial tone, and a complete meetings solution including audio, video, content sharing and messaging service—as a core part of a complete productivity and collaboration suite, available across mobile platforms and at a global scale.

Today, over half of our business customers are currently paying for multiple conferencing solutions, and many are still using legacy PBX phone systems. Now they can simplify their infrastructure with one cloud platform for meetings and voice, ultimately reducing the cost, complexity, and effort of maintaining legacy phone and conferencing systems.

But it’s about more than saving money. People spend nearly a third of their time at work in meetings, yet only 18 percent of information workers actively use conferencing tools that enable rich experiences like video and content sharing. When you consider that nonverbal signals account for nearly 90 percent of the messages we receive during interpersonal communication, it’s clear that moving to modern communication tools can have a dramatic impact on productivity and collaboration.

screenshot1

Desktop sharing during a Skype for the Business meeting.

A Rich Partner Ecosystem

As we release these new capabilities in Office 365, partners will play an integral role in extending the value of our new services. At the forefront are our global systems integrator partners, who have the highest level of experience in delivering communications solutions end-to-end.

We also partner with telco operators who provide secure, high-quality network connectivity and managed services that help customers get the best experience with the new Skype for Business services. These partners include BT Global Services, Orange Business Services, SoftBank, TATA Communications and Telstra.

Key partners like Polycom are delivering innovative new solutions for audio conferencing including the Polycom® RealPresence Trio™ for groups, and Polycom® VVX® desktop phones, which are the first phones qualified for the new Skype for Business services in Office 365.

Application partners like Genesys are also building on our platform to deliver solutions like contact center applications that work with Skype for Business and Office 365.

Deeper value from security and analytics

In addition to the Skype for Business capabilities, we’re releasing new security and data analytics capabilities in Office 365, including:

  • Delve Analytics—Empowers individuals through rich dashboards that provide insights on time and relationships, with the goal of helping individuals get time back and spend it effectively.
  • Power BI—A business analytics service that enables information workers to visualize and analyze data with greater speed, efficiency and understanding through live data dashboards, interactive reports and compelling visualizations.
  • Customer Lockbox—Gives customers new approval rights, transparency, and control over their data in the cloud.
  • Advanced eDiscovery—Integrates Equivio machine learning, predictive coding, and text analytics capabilities, to reduce the costs and challenges that come along with sorting through large quantities of data for eDiscovery purposes.
  • Advanced Threat Protection—Protects against unknown malware and viruses by applying behavioral analysis.

All of the new capabilities are now available and represent significant new value to enterprise customers. We’re excited to see the impact it can have on your organization!

—Kirk Koenigsbauer

Source : https://community.dynamics.com/b/msftdynamicsblog/archive/2015/12/10/licensing-offers-for-microsoft-dynamics-crm-2016

New Features in Office 365 SharePoint Online Public Website

/in ,

The public website available in the new version of Office 365 SharePoint Online is based on SharePoint 2013 platform includes a new design and new features for customizing the website and individual pages. Because the website is built on the SharePoint platform, you now get publishing capabilities, more Web parts, and advanced design options.

More page editing options

The public website in Office 365 now includes more page editing options. You can edit pages and save them as a draft or publish them. You can add and format text and images, embed videos, add Web Parts, and more. It’s easier to change the website title, logo, footer, and other site elements. You can also copy and paste your own cascading style sheet and apply it to the site.

Easily change the look and feel

You can quickly and easily change the look and feel of the entire website by choosing Change the Look. Using this feature, you can browse a catalog of designs, choose the one you like, change the background image and font, and you’re done. The new designs have an entirely new look compared to the previous Office 365 public website.

Customize Website navigation

You can now customize your website navigation directly from the navigation links themselves. A new Edit Links option appears in the navigation. When you click this, you can add a new link, rename a link, drag and drop links to new locations, and so on.

Design Manager for advanced site design

If you want to completely redesign the website from scratch or use a design you already have, you can use the Design Manager. This set of features lets you turn a conventional HTML web page into a SharePoint master page with page layouts, mobile views, cascading style sheets, and more. You can use your own website editor such as Dream Weaver to do the design work before uploading the files to the Design Manager.

Optimize your site for SEO

SharePoint Online now makes it easy to optimize your site for search engines so customers can find you on the web. You can specify the title, keyword, description and other metadata while authoring the page, and adjust these properties later as you analyze search results. You can also specify values to be included in your sitemap, which search engines use to discover new pages in your website. SharePoint Online also now support friendly Page URLs to make them SEO friendly.

Blogs

An active blog on the Website will improve your SEO rankings. SharePoint Online Public Websites are automatically provisioned with a blog feature complete with a blog post summary page and blogging tools.

Social

With SharePoint online public website it has become easy to add social plug-ins—the Like button, newsfeed, and comments—anywhere on your site. You simply add a social integration application from the SharePoint App Store and then add the social plugin to the desired page.

Website usage reports

To see how well your website is performing for your site visitors, you can open site usage reports, or popularity trends, in Microsoft Excel. Use these reports to view the daily or monthly hits and unique users to your website.

Contact us to know how the new features of Office 365 SharePoint online public website can help you improve your digital marketing.

Preparing for the Office 365 SharePoint Online Service Update

/in ,

Microsoft is rolling out an initial phase of service update for Office 365 SharePoint online. As part of this service update existing SharePoint online sites doesn’t get upgraded to SharePoint 2013 and users will not get the new SharePoint 2013 interface or features. The only major enhancement that will be visible is the new office web apps improvements. However, because of the underlying design changes, there are some actions that SharePoint online users need to perform to continue working with SharePoint online sites

  • If you are using SharePoint designer 2010 to customize the site or create workflows then you should download and install SharePoint Designer 2013 as SharePoint designer 2010 will not work with the updated SharePoint online.
  • If you are using InfoPath then apply the hotfix for SharePoint designer 2013
  • If you are using SharePoint workspace 2010 for offline access then apply the hotfix for SharePoint Workspace 2010
  • If you have integrated MS CRM online with SharePoint online then perform the list component fix mentioned in this blog post
  • If you use Internet Explorer 7 or Safari 4.x, you should upgrade to a modern browser

Apart from the above list of items the SharePoint Online Service Update has several other known issues with manual resolution steps which are listed here.

During the update, users will also see minor outages like

  • Some administrative functions such as granting permissions or creating new document libraries will be disabled for a brief period
  • Newly added documents will not be indexed by SharePoint search for a brief period
  • Content will be read-only for a brief period

Contact IOTAP if you want to know about the new features available in SharePoint online 2013 and SharePoint Designer 2013 and how it can help improve your business productivity.

Things to Do After Service Upgrade to Next Version of Office 365

/in ,

Microsoft has now released next version of Office 365 to business and soon will be rolling out the service upgrade to next version for existing Office 365 customers. While the service upgrade is automated and customers don’t have to do anything before or during the upgrade there are some tasks to be done after the service upgrade. This blog explains those tasks

Upgrade SharePoint online sites: If your organization is using SharePoint Online then your sites will look the same after the upgrade. You need to upgrade each of your sites to take advantage of the new features of SharePoint online 2013. This is a mandatory step that has to be performed within 3 months of the service upgrade.

Upgrade Lync desktop client: If your organization is using Lync Online then you need to update the Lync 2010 desktop client on all users’ machines to Lync 2013 client.

Upgrade Office desktop client: If your organization has a subscription to Office 365 Pro Plus then you will have to update Office 2010 client including outlook to Office 2013 client applications.

Contact IOTAP if you want to know about the new features available in SharePoint online 2013  and how it can help in improving your productivity.

What will Happen to Public Websites in Office 365 SharePoint Online after The Upgrade?

/in ,

With the next version of Office 365 is slated to be released for business on February 27, 2013, an upgrade to existing Office 365 customers are expected to follow soon. This upgrade raises concerns to organizations that have a public website developed in SharePoint online in Office 365. In this blog, we try to address the concerns

Will my public website be gone after the Office 365 upgrade?

No the public website that you had created with older version of Office 365 will still be available after the upgrade. Additionally, you will also get a new public website for the new Office 365 platform.

What is the difference between the public website from an earlier version of Office 365 and the upgraded one?

The public website available in the current version of office 365 is limited in functionality. The public website in a new version of Office 365 will provide more flexibility through SharePoint publishing feature. The new website has more features and includes updated design tools and new templates. It’s faster and easier to create the look and feels that you want for your Office 365 public website compared to the earlier website.

Can custom domains be used with the old public website and new public website?

No one public website can be associated with a custom domain.

Should I use the old public website or the new one with the custom domain?

Use the old website if

  • You have already completed the website’s design, and you don’t want to spend time designing another website.
  • You’re almost finished designing your original website and you don’t want to start a new one.

Use the new website if

You haven’t yet started designing a website.

You started designing the earlier website, but you haven’t made significant progress.

IOTAP a Microsoft gold certified partner for Digital Marketing and a cloud accelerate partner can help you build professional looking websites using the Office 365 SharePoint online Public website platform. Contact us if you want to develop a new website for your organization in Office 365 or revamp your existing website.

Prepare for the New Office 365 Upgrade

/in

With the official release date for new version Office 365 set to Feb 27 the upgrade to a new version for existing Office 365 customers is expected to follow soon. Here we have addressed some of the concerns existing Officer 365 customers will have about the upgrade and help them to better prepare.

When will the upgrade happen?

There is no fixed date given for the upgrade although some select Office 365 customers have already had the opportunity to Upgrade. The upgrade timeline depends upon your region. US customers will be upgraded first, followed by the UK, Europe, Africa and then Asia.

When will customers get notified if they are selected for an upgrade?

Office 365 upgrade notifications will be sent about a month in advance to the upgrade date.

What communications will be sent from Microsoft about the upgrade?

You will receive three emails from Microsoft once your upgrade has been scheduled. The first one will be sent after your upgrade has been scheduled. The second email will confirm your upgrade date. The final email will be sent once the upgrade is complete.

Will there be any downtime?

No there will not be a downtime. Mailboxes, Lync or Mobile setup will not be affected.

Will there be pricing changes?

No, the existing service agreements, prices and billing cycle will stay the same.

Do the Users have to reconfigure settings on computers and mobile devices after the upgrade?

During and after the upgrade, email, instant messaging and sites will keep working, and you don’t have to reconfigure computers and mobile devices.  However, if your users are using older versions of browser you will have to upgrade them to the latest version.

Can I do a pilot upgrade for some users?

Yes. Once you’ve received the initial upgrade scheduling email, you can select up to 100 people to have their email, instant messaging and conferencing upgraded immediately to the new version

Can I postpone the upgrade date if the date selected by Microsoft for the upgrade is inconvenient for me?

Yes. Once your service upgrade has been scheduled you will have 3 weeks to postpone the upgrade. You will be able to postpone the upgrade only once.

What things can I do to better prepare for the upgrade?

1.   If you are users are using Internet Explorer 7 or older version of chrome or safari browsers get them upgraded to the latest version of the browsers.
2.  When you receive an upgrade invitation choose the early upgrade option and do a pilot.
3.  Work with Microsoft Cloud Partner like IOTAP to get Office 365 support and advice on upgrade process and options.

New Office 365 Subscriptions Announced

/in

With the unveiling of Office 2013 yesterday Microsoft also announced new Office 365 subscription services that will include the new 2013 editions of the Office.  The new Office 365 editions are currently in preview and below are is a brief description of each of the editions

  • Office 365 Home Premium Preview This offering allows you to install Office on up to five PCs. It includes an additional 20 GB of online storage on SkyDrive (above and beyond the 5 GB included with a free SkyDrive account). Home Premium includes Word, PowerPoint, Excel, Outlook, OneNote, Access, and Publisher.
  • Office 365 Small Business Premium Preview This business edition is intended for companies with up to 10 employees. Each user can install Office on up to five PCs per user. The package includes hosted email, shared documents (with SharePoint), and HD video conferencing using a Microsoft-hosted Lync server. This package includes Word, PowerPoint, Excel, Outlook, OneNote, Access, Publisher, InfoPath, and Lync.
  • Office 365 ProPlus Preview This offering is identical to the Small Business package except that it supports up to 25 user accounts.
  • Office 365 Enterprise Preview For large organizations, this package includes Office 365 ProPlus with Exchange Online, including archiving and legal hold features. It also includes SharePoint Online and Lync Online; the latter allows meetings and extended collaboration scenarios.

Lync to Phone capability coming soon to Microsoft Office 365

/in

Lync to Phone capability will be coming to Microsoft Office 365 this summer. The Lync to Phone capability will enable Microsoft Office 365 users to make and receive phone calls from Lync online though calling services from Microsoft partners. This capability will initially be available for the US and the UK market and will be later rolled out to other markets.

Microsoft Announces Office 365 for Government

/in

Yesterday Microsoft announced the launch of a separate office 365 services called Office 365 for Government. Office 365 for Government is a segregated community cloud where US government data can reside. Government agencies typically have strict data security and privacy requirements. With this new Microsoft Office 365 offering along with the several standards and certifications that Office 365 supports will certainly lure several Government agencies to Microsoft Office 365.