When Microsoft announced its plan to build an underwater datacenter, Lathish Kumar Chaparala was excited.

“During the initial rollout of Project Natick, I used to log on to their website and watch the live feed of the underwater camera that was mounted on the datacenter,” says Chaparala, a senior program manager on the networking team in Microsoft Digital, the engineering organization at Microsoft that builds and manages the products, processes, and services that Microsoft runs on.

Little did he know that he and his team would later be brought in to extend the network connectivity of this underwater datacenter so it could be safely fished out of the sea.

But the story begins much earlier than that.

We saw the potential benefit [of developing an underwater datacenter] to the industry and Microsoft. People responded to our work as if we were going to the moon. In our eyes, we were just fulfilling our charter—taking on challenging problems and coming up with solutions.

– Mike Shepperd, senior research and development engineer on the Microsoft Research team

The idea of an underwater datacenter came out of ThinkWeek, a Microsoft event where employees shared out-of-the-box ideas that they thought the company should pursue. One creative idea was put forth by employees Sean James and Todd Rawlings, who proposed building an underwater datacenter powered by renewable ocean energy that would provide super-fast cloud services to crowded coastal populations.

Their idea appealed to Norm Whitaker, who led special projects for Microsoft Research at the time.

Out of this, Project Natick was born.

“Norm’s team was responsible for making the impossible possible, so he started exploring the viability of an underwater datacenter that could be powered by renewable energy,” says Mike Shepperd, a senior research and development engineer on the Microsoft Research team who was brought on to support research on the feasibility of underwater datacenters.

It quickly became a Microsoft-wide effort that spanned engineering, research, and IT.

“We saw the potential benefit to the industry and Microsoft,” Shepperd says. “People responded to our work as if we were going to the moon. In our eyes, we were just fulfilling our charter—taking on challenging problems and coming up with solutions.”

Researchers on the project hypothesized that having a sealed container on the ocean floor with a low-humidity nitrogen environment and cold, stable temperatures would better protect the servers and increase reliability.

“Once you’re down 20 to 30 meters into the water, you’re out of the weather,” Shepperd says. “You could have a hurricane raging above you, and an underwater datacenter will be none the wiser.”

[Read about how Microsoft is reducing its carbon footprint by tracking its internal Microsoft Azure usage. Find out how Microsoft Digital is using a modern network infrastructure to drive transformation at Microsoft.]

Internal engineering team steps up

The Project Natick team partnered with networking and security teams in Microsoft Digital and Arista to create a secure wide-area network (WAN) connection from the underwater datacenter to the corporate network.

“We needed the connectivity that they provided to finish off our project in the right way,” Shepperd says. “We also needed that connectivity to support the actual decommissioning process, which was very challenging because we had deployed the datacenter in such a remote location.”

In the spring of 2018, they deployed a fully connected and secure datacenter 117 feet below sea level in the Orkney Islands, just off the coast of Scotland. After it was designed, set up, and gently lowered onto the seabed, the goal was to leave it untouched for two years. Chakri Thammineni, a network engineer in Microsoft Digital, supported these efforts.

“Project Natick was my first engagement after I joined Microsoft, and it was a great opportunity to collaborate with many folks to come up with a network solution,” Thammineni says.

Earlier this year, the experiment concluded without interruption. And yes, the team learned that placing a datacenter underwater is indeed a more sustainable and efficient way to bring the cloud to coastal areas, providing better datacenter responsiveness.

With the experiment ending, the team needed to recover the datacenter so it could analyze all the data collected during its time underwater.

That’s where Microsoft’s internal engineering teams came in.

“To make sure we didn’t lose any data, we needed to keep the datacenter connected to Microsoft’s corporate network during our extraction,” Shepperd says. “We accomplished this with a leased line dedicated to our use, one that we used to connect the datacenter with our Microsoft facility in London.”

The extraction also had to be timed just right for the same reasons.

“The seas in Orkney throw up waves that can be as much as 9 to 10 meters high for most of the year,” he says. “The team chose this location because of the extreme conditions, reasoning it was a good place to demonstrate the ability to deploy Natick datacenters just about anywhere.”

And then, like it has for so many other projects, COVID-19 forced the team to change its plans. In the process of coming up with a new datacenter recovery plan, the team realized that the corporate connectivity was being shut down at the end of May 2020 and couldn’t be extended.

“Ordering the gear would’ve taken two to three months, and we were on a much shorter timeline,” Chaparala says.

Shepperd called on the team in Platform Engineering, a division of Microsoft Digital, to quickly remodel the corporate connectivity from the Microsoft London facility to the Natick shore area, all while ensuring that the connection was secured.

The mission?

Ensure that servers were online until the datacenter could be retrieved from the water, all without additional hardware.

“My role was to make sure I understood the criticality of the request in terms of timeline, and to pull in the teams and expertise needed to keep the datacenter online until it was safely pulled out of the water,” Chaparala says.

The stakes were high, especially with the research that was on the line.

“If we lost connectivity and shut down the datacenter, it could have compromised the viability of the research we had done up until that point,” Shepperd says.

A seamless collaboration across Microsoft Research and IT

To solve this problem, the teams in Core Platform Engineering and Microsoft Research had to align their vision and workflows.

“Teams in IT might plan their work out for months or years in advance,” Shepperd says. “Our research is on a different timeline because we don’t know where technology will take us, so we needed to work together, and fast.”

Because they couldn’t bring any hardware to the datacenter site, Chaparala, Thammineni, and the Microsoft Research team needed to come up with a network redesign. This led to the implementation of software-based encryption using a virtual network operating system on Windows virtual machines.

It’s exciting to play a role in bringing the right engineers and program managers together for a common goal, especially so quickly. Once we had the right team, we knew there was nothing we couldn’t handle.

– Chakri Thammineni, a network engineer in Microsoft Digital

With this solution in tow, the team could extend the network connectivity from the Microsoft Docklands facility in London to the Natick datacenter off the coast of Scotland.

“Chakri and Lathish have consistently engaged with us to fill the gaps between what our research team knew and what these networking experts at Microsoft needed in order to take action on the needs of this project,” Shepperd says. “Without help from their teams, we would not have been able to deliver on our research goals as quickly and efficiently as we did.”

Lessons learned from the world’s second underwater datacenter

The research on Project Natick pays dividends in Microsoft’s future work, particularly around running more sustainable datacenters that could power Microsoft Azure cloud services.

“Whether a datacenter is on land or in water, the size and scale of Project Natick is a viable blueprint for datacenters of the future,” Shepperd says. “Instead of putting down acres of land for datacenters, our customers and competitors are all looking for ways to power their compute and to house storage in a more sustainable way.”

This experience taught Chaparala to assess the needs of his partner teams.

“We work with customers to understand their requirements and come up with objectives and key results that align,” Chaparala says.

Ultimately, Project Natick’s story is one of cross-disciplinary collaboration – and just in the nick of time.

“It’s exciting to play a role in bringing the right engineers and program managers together for a common goal, especially so quickly,” Chaparala says. “Once we had the right team, we knew there was nothing we couldn’t handle.”

• Watch this video about Microsoft’s findings from Project Natick, the experimental undersea datacenter.
• Learn how Microsoft rebuilt its VPN infrastructure.
• Find out how Microsoft Digital is using a modern network infrastructure to drive transformation at Microsoft.

The post How Microsoft kept its underwater datacenter connected while retrieving it from the ocean appeared first on Inside Track Blog.

Being successful at this important work hinges on getting feedback from people with disabilities ranging from mobility and cognitive disabilities to temporary disabilities due to an injury or short-term condition.

Joanna Briggs, a senior technical program manager in Microsoft Digital, says that creating inclusive experiences starts with creating products and services for Microsoft employees, who are often the first and best customers at the company.

“We’re trying to innovate and provide our employees and customers with the best user experiences,” says Briggs, who works with partner teams in Microsoft Digital, the organization that powers, protects, and transforms the company, to ensure that internal applications and services meet accessibility standards and guidelines. “To do that, we have to take into account the lived experiences of every employee, regardless of ability.”

This was the approach that Briggs, Faris Mango, a software engineering manager in Microsoft Digital, and their teams used to improve the portal that Microsoft guests can use to register their devices and connect to the internet when they visit one of the company’s buildings.

“We didn’t want to just guess what certain employees would want or face,” Mango says. “Instead, we wanted to have our employees use the portal so we could get feedback straight from them.”

This is why Briggs set up inclusive usability studies to get feedback from people with disabilities, where she would observe them going through a series of tasks using the portal. To do this, she worked with employees who volunteered to share their lived experience and test out the portal. Their lived experience and feedback were vital to building out this technology and ensuring that it is usable for employees and customers with a range of lived experiences.

In the research findings, Briggs summarized that some participants wanted more consistency around the semantics of the color palette in the user interface and simpler language that wasn’t specific to software engineers. Others advocated for a version of the user guide video with American Sign Language (ASL).

“All of the feedback made sense to me,” Mango says, explaining Microsoft Digital’s accessibility team made it easy for him to find and hire an ASL interpreter. “We were able to quickly record a version of the video with an ASL interpreter, and that made a huge impact.”

Ensure that you’re getting feedback from customers outside of your own team, discipline, or organization. Bring in a diverse user base from the beginning, and really listen to what they need.

—Joanna Briggs, senior technical program manager, Microsoft Digital

Conducting the inclusive usability studies with people with disabilities has also reinforced the importance of creating intuitive user experiences. What’s more important is that these learnings have shifted the mindset of his team. Mango also worked with Briggs to apply principles of Microsoft’s inclusive design methodology to the technology and tools they’re developing. One of the core principles is “solve for one, extend to many.” In other words, technology created with people with disabilities in mind, like video captions or a push bar on a door, can benefit people in a range of situations and ability levels.

“We’re taking the lessons we learned in the inclusive usability studies, applying them when developing new products and services, and prioritizing accessibility at Microsoft,” Mango says.

For teams that want to take a page out of Mango and Briggs’ book by prioritizing accessibility, it’s important to think about inclusion from the beginning of the product-making process.

“Ensure that you’re getting feedback from customers outside of your own team, discipline, or organization,” Briggs says. “Bring in a diverse user base from the beginning, and really listen to what they need.”

You can even leverage free tools, like a plug-in for accessibility insights that can be added to any webpage, or do your own research.

This conversation is especially important as companies continue to embrace remote and hybrid work, and ensure that every employee is invited to participate regardless of where they’re working or what technology they’re using.

“Put yourself in customers’ shoes and get feedback from them directly about what they need,” Mango says. “This gives you a better sense of what to invest in.”

• Think about inclusion and accessibility from the beginning of the product-making process.
• Get feedback from folks outside of your own team, discipline, or collaborators.
• Run usability tests with people who have a range of disabilities.

• Find out how building inclusive, accessible experiences at Microsoft is a catalyst for digital transformation.
• Read about how Microsoft is enabling remote work with Zero Trust networking, Microsoft Teams meetings, and employee engagement.
• Watch this video about how to design Microsoft products and services with accessibility in mind.

Want more information? Email us and include a link to this story and we’ll get back to you.

Please share your feedback with us—take our survey and let us know what kind of content is most useful to you.

The post Prioritizing accessibility at Microsoft with feedback from people with disabilities appeared first on Inside Track Blog.

Microsoft’s cloud-first strategy enables most Microsoft employees to directly access applications and services via the internet, but remote workers still use the company’s virtual private network (VPN) to access some corporate resources and applications when they’re outside of the office.

This became increasingly apparent when Microsoft prepared for its employees to work remotely in response to the global pandemic. VPN usage increased by 70 percent, which coincides with the significant spike in users working from home daily.

So then, how is Microsoft ensuring that its employees can securely access the applications they need?

With split tunneling and a Zero Trust security strategy.

As part of the company’s Zero Trust security strategy, employees in Microsoft Digital Employee Experience (MDEE) redesigned the VPN infrastructure by adopting a split-tunneled configuration that further enables the company’s workloads moving to the cloud.

“Adopting split tunneling has ensured that Microsoft employees can access core applications over the internet using Microsoft Azure and Microsoft Office 365,” says Steve Means, a principal cloud network engineering manager in MDEE. “This takes pressure off the VPN and gives employees more bandwidth to do their job securely.”

Eighty percent of remote working traffic flows to cloud endpoints where split tunneling is enabled, but the rest of the work that employees do remotely—which needs to be locked down on the corporate network—still goes through the company’s VPN.

“We need to make sure our VPN infrastructure has the same level of corporate network security as applications in the cloud,” says Carmichael Patton, a principal security architect on Microsoft’s Digital Security and Resilience team. “We’re applying the same Zero Trust principles to our VPN traffic, by applying conditional access to each connection.”

[Learn how Microsoft rebuilt its VPN infrastructure. Learn how Microsoft transitioned to modern access architecture with Zero Trust. Read how Microsoft is approaching Zero Trust Networking.]
For a transcript, please view the video on YouTube: https://www.youtube.com/watch?v=bleFoL0NkVM, select the “More actions” button (three dots icon) below the video, and then select “Show transcript.”

Securing remote workers with device management and conditional access

Moving most of the work that employees require to the cloud only became possible after the company adopted modern security controls that focus on securing devices.

“We no longer rely solely on the network to manage firewalls,” Patton says. “Instead, each application that an employee uses enforces its own security management—this means employees can only use an app after it verifies the health of their device.”

To support this transformed approach to security, Microsoft adopted a Zero Trust security model, which manages risk and secures working remotely by managing the device an employee uses.

“Before an employee can access an application, they must enroll their device, have relevant security policies, and have their device health validated,” Patton says. “This ensures that only registered devices that comply with company security policies can access corporate resources, which reduces the risk of malware and intruders.”

The team also recommends using a dynamic and scalable authentication mechanism, like Azure Active Directory, to avoid the trouble of certificates.

While most employees rely on our standard VPN infrastructure, Microsoft has specific scenarios that call for additional security when accessing company infrastructure or sensitive data. This is the case for MDEE employees in owner and contributor roles that are configured on a Microsoft Azure subscription as well as employees who make changes to customer-facing production services and systems like firewalls and network gear. To access corporate resources, these employees use Privileged Access Workstations, a dedicated operating system for sensitive tasks, to access a highly secure VPN infrastructure.

Phil Suver, a principal PM manager in MDEE, says working remotely during the global pandemic gives employees a sense of what the Zero Trust experience will be like when they return to the office.

“Hardened local area networks that previously accessed internal applications are a model of the past,” Suver says. “We see split tunneling as a gateway to prepare our workforce for our Zero Trust Networking posture, where user devices are highly protected from vulnerability and employees use the internet for their predominant workload.”

It’s also important to review your VPN structure for updates.

“When evaluating your VPN configuration, identify the highest compliance risks to your organization and make them the priority for controls, policies, and procedures,” Patton says. “Understand the security controls you give up by not flowing the connections through your internal infrastructure. Then, look at the controls you’re able to extend to the clients themselves, and find the right balance of risk and productivity that fits your organization.”

Keeping your devices up-to-date with split tunneling

Enterprises can also optimize patching and manage update compliance using services like Microsoft Endpoint Manager, Microsoft Intune, and Windows Update for Business. At Microsoft, a split-tunneled VPN configuration allows these services to keep devices current without requiring a VPN tunnel to do it.

“With a split-tunneled configuration, update traffic comes through the internet,” says Mike Carlson, a principal service engineering manager in MDEE. “This improves the user experience for employees by freeing up VPN bandwidth during patch and release cycles.”

At Microsoft, device updates fall into two categories: feature updates and quality updates. Feature updates occur every six months and encompass new operating system features, functionality, and major bug fixes. In contrast, monthly quality updates include security and reliability updates as well as small bug fixes. To balance both user experience and security, Microsoft’s current configuration of Windows Update for Business prompts Microsoft employees to update within 48 hours for quality updates and 7 days for feature updates.

“Not only can Windows Update for Business isolate update traffic from the VPN connection, but it can also provide better compliance management by using the deadline feature to adjust the timing of quality and feature updates,” Carlson says. “We can quickly drive compliance and have more time to focus on employees that may need additional support.”

Evaluating your VPN configuration

When your enterprise evaluates which VPN configuration works best for your company and users, you must evaluate their workflows.

“Some companies may need a full tunnel configuration, and others might want something cloud-based,” Means says. “If you’re a Microsoft customer, you can work with your sales team to request a customer engagement with a Microsoft expert to better understand our implementation and whether it would work for your enterprise.”

Means also said that it’s important to assess the legal requirements of the countries you operate in, which is done at Microsoft using Azure Traffic Manager. For example, split tunneling may not be the right configuration for countries with tighter controls over how traffic flows within and beyond their borders.

Suver also emphasized the importance of understanding the persona of your workforce, suggesting you should assess the workloads they may need to use remotely and their bandwidth capacity. You should also consider the maximum number of concurrent connections your VPN infrastructure supports and think through potential seasonal disruptions.

“Ensure that you’ve built for a snow day or a pandemic of a global nature,” Suver says. “We’ve had to send thousands of customer support agents to work from home. Typically, they didn’t use VPN to have voice conversations with customers. Because we sized and distributed our infrastructure for a global workforce, we were able to quickly adapt to the dramatic shift in workloads that have come from our employees working from home during the pandemic. Anticipate some of the changes in workflow that might occur, and test for those conditions.”

It’s also important to collect user connection and traffic data in a central location for your VPN infrastructure, to use modern visualization services like Microsoft Power BI to identify hot spots before they happen, and to plan for growth.

Means’s biggest piece of advice?

Focus on what your enterprise needs and go from there.

“Identify what you want to access and what you want to protect,” he says. “Then build to that model.”

Tips for retooling VPN at your company

Azure offers a native, highly-scalable VPN gateway, and the most common third-party VPN and Software-Defined Wide Area Network virtual appliances in the Azure Marketplace.

For more information on these and other Azure and Office network optimizing practices, please see:

• Office Connectivity Principles
• Network considerations for Teams
• Azure OpenVPN client
• Azure VPN Gateways
• Azure Point-to-site VPN
• VPN Network Virtual Appliances in the Azure Marketplace
• Publishing web applications using Azure Active Directory’s Application Proxy
• VPN split tunneling for Office 365
• How-to guides for common VPN platforms
• Updates for improving work-from-home employee access

• Here are some alternative ways for security professionals and IT to achieve modern security controls in remote work scenarios.
• Check our best practices and guidelines for security professionals on how to work remotely and stay secure.

Here are additional resources to learn more about how Microsoft applies networking best practices and supports a Zero Trust security strategy:

• Learn how Microsoft rebuilt its VPN infrastructure.
• Learn how Microsoft transitioned to modern access architecture with Zero Trust.
• Read how Microsoft is approaching Zero Trust Networking.

The post Using a Zero Trust strategy to secure Microsoft’s network during remote work appeared first on Inside Track Blog.

The episodes cover how security leaders are adjusting to the new normal of hybrid work. In each episode, Arsenault and his guest share practical tips and strategies such as using a Zero Trust approach, that enterprises can start using today to make sure employees are productive, secure, and healthy no matter if they’re at the office, at home or anywhere in-between.

Episode 1: Securing the Cloud with Mark Russinovich

To kick off the podcast, Arsenault chats with Mark Russinovich, chief technology officer of Microsoft Azure, about the power of cloud technology and how it’s used to advance technology in the world of remote and hybrid work.

Listen to Episode 1 of Security Unlocked here.

Episode 2: Securing Hybrid Work with Venki Krishnababu

Arsenault sits down with Venki Krishnababu, senior vice president of Global Technology Services at Lululemon, to discuss the tools, practices, and technology to help the company seamlessly shift to remote work at their companies and beyond.

Listen to Episode 2 of Security Unlocked here.

Episode 3: The Human Side of Hybrid Work with Amy Coleman

With over 175,000 employees around the world across 100 countries and regions, Arsenault knows that it’s no small feat to shift to remote work. Microsoft Corporate Vice President Amy Coleman talks with him about the company’s plan to support hybrid work, and how managers can support this transition.

Listen to Episode 3 of Security Unlocked here.

Episode 4: Leading an Inclusive Workforce with Vodafone Global Cybersecurity Director Emma Smith

Teamwork makes the dream work, but so does support from managers, supervisors, and global security directors. Arsenault chats with Emma Smith, Director of Global Cybersecurity for Vodafone, about returning to in-person work after over a year of being remote, and some of the challenges that come with this transition. You’ll leave with key points for security practitioners and tips for securing your hybrid workspace and hybrid workforce.

Listen to Episode 4 of Security Unlocked here.

Episode 5: Building a Stronger Security Team with LinkedIn CISO Geoff Belknap

Arsenault talks with Geoff Belknap, colleague and fellow CISO at LinkedIn, about what it means to build a team, not of experts, but of intrepid thinkers willing to learn something new and invest in themselves to grow. Learn more about how to address the cybersecurity gender gap, the interdisciplinary nature of security, and the importance of investing in your team’s growth.

Listen to Episode 5 of Security Unlocked here.

Episode 6: Developing Influential Security Leaders with TikTok CSO Roland Cloutier

Success can be measured in a lot of different ways, whether it’s productivity, department growth, increased team morale, and more. In the case of TikTok CSO Roland Cloutier, he focuses on how many people under his leadership have eventually worked their way up to become CISOs. In this episode, he shares how the military granted him the discipline to excel in the world of cybersecurity, and the leadership skills to provide opportunities for those around him to find just as much success.

• Listen to Episode 6 of Security Unlocked here.
• Watch this video to learn best practices for implementing Zero Trust at Microsoft.
• Read about how Microsoft is implementing a Zero Trust security model.
• Find out more about how Microsoft secures its network with a Zero Trust model.

The post Microsoft CISO Bret Arsenault provides practical advice to secure your hybrid workspace appeared first on Inside Track Blog.

Sphoorti Patil is using Microsoft Azure indoor mapping and IoT technology that helps Microsoft employees find their way around the company’s campuses—and she hasn’t been in a Microsoft building yet.

She’s not alone in this experience—Microsoft has hired a number of new employees since the COVID-19 pandemic started, and most of them started and are continuing to work remotely (as are most of Microsoft’s approximately 190,000 employees globally).

“I went through my whole interview process virtually and never met my colleagues in person,” says Patil, a senior program manager in Microsoft Digital, the organization that powers, protects, and transforms the company. “Since employees like me don’t have onboarding buddies to show them around, we’re building software that can be their guide and help them locate things.”

We want to create employee experiences that adapt to meet the needs of this changing workforce. Employees can still build relationships and get coffee, but if they have a quick question, they have the option of using Microsoft Teams or meeting room software to sync and collaborate from anywhere.

—Michael Tiopan, app manager, Global Workplace Services

Flexibility is the name of the game as Microsoft, like other companies, considers when to have its employees start working in physical offices in some form in this new hybrid world of work that is emerging across the planet. To support this hybrid work model, the Global Workplace Services team at Microsoft is partnering with Microsoft Digital to transform the company’s employee experience from the inside out using Microsoft Azure Digital Twins and Microsoft Azure Maps.

Together, they’re designing employee experiences with ease and productivity in mind.

“We want to create employee experiences that adapt to meet the needs of this changing workforce,” says Michael Tiopan, an app manager in Global Workplace Services who works with employees in Microsoft Digital to support workplace management. “Employees can still build relationships and get coffee, but if they have a quick question, they have the option of using Microsoft Teams or meeting room software to sync and collaborate from anywhere.”

For a transcript, please view the video on YouTube: https://www.youtube.com/watch?v=Hx6BJNMx2bQ, select the “More actions” button (three dots icon) below the video, and then select “Show transcript.”

That’s why it’s vital to rethink the workplace, which, at Microsoft, includes both buildings and the tools the company’s employees use on a day-to-day basis.

“Microsoft wants to improve space and occupancy planning to ensure that we offer our employees flexible experiences using indoor mapping and IoT technology,” Patil says.

This means employees can use kiosks to find offices, supply rooms, or cafés, or to log into a mobile application to do common tasks like submit time off or book focus rooms.

[Learn more about how Microsoft is creating a world-class, integrated experience for every employee. Watch this video to find out how Microsoft is using Azure Digital Twins and Internet of Things technology to optimize employee usage and facilities management of company buildings.]

Tracking real-time data and building visualizations

Tiopan says having most employees work remotely has enabled the company to speed up an already underway transformation of its large global building footprint using indoor mapping and IoT technology.

Having a channel for data ingestion is foundational to building out connected experiences for employees and optimizing space planning.

—Balaji Radhakrishnan, senior software engineer, Space Management team, Microsoft Digital

To understand space usage during the pandemic and beyond, the company accelerated the installation of IoT technology sensors in all its buildings. These sensors use anonymized data to track occupancy, temperatures, and more. This continuous supply of real-time data is ingested, tracked, and used by Microsoft Azure Digital Twins, which uses IoT data to create digital models of physical environments like Microsoft buildings.

“Having a channel for data ingestion is foundational to building out connected experiences for employees and optimizing space planning,” says Balaji Radhakrishnan, a senior software engineer on Microsoft Digital’s Space Management team.

“One of the biggest challenges to digital transformation is that data usually exists in siloes,” Patil says, “The IoT sensor data, which captures insights about current occupancy and building conditions, is funneled to Azure Digital Twins, which informs space planning at Microsoft.”

Radhakrishnan and Patil’s teams use Microsoft Azure Maps to transform computer-aided design (CAD) drawings into digital visualizations of rooms, hallways, and buildings, which are added into the digital replica created in Microsoft Azure Digital Twins.

This information is then displayed on kiosks that have a map of campus buildings. At Microsoft, this information is shown to employees as an interactive map that’s available through the company’s MyHub app and digital kiosks in Microsoft buildings. Available spaces are shown as green, which makes it easy for employees to find an open spot.

Tiopan says that Microsoft employees can reference this data to track usage and capacity, which enables real estate experts in Global Workplace Services to have proactive conversations with Microsoft leadership about occupancy planning, space utilization, and flexible hybrid workspaces based on activity patterns in the space usage data. Additionally, the data is useful in planning employee services and building maintenance.

Identify opportunities to leverage real-time data to automate any of your processes, and make sure that you’re addressing a customer need in the process.

—Sphoorti Patil, senior program manager, Microsoft Digital

One key use case is hot desking, which employees can use as a temporary workspace in a Microsoft building if they’re working remotely most of the time. An employee can go into MyHub, the mobile app for employee experiences, and look for available spaces they can reserve for their use. This feature uses space occupancy data that’s fed into Azure Digital Twins, which is used to create digital replicas of campus buildings that are displayed in physical kiosks and the company’s mobile app.

Standardization and optimization

Customers can use Microsoft Azure Digital Twins and Azure Maps to create real-time visualizations of physical spaces ranging from an employee office to a retail store. Before investing in building out the infrastructure to support IoT technology sensors, Patil suggests assessing your digital maturity by tracking what percentage of your business has manual versus automated processes.

“Identify opportunities to leverage real-time data to automate any of your processes, and make sure that you’re addressing a customer need in the process,” Patil says.

From there, ensure that you have a continuous supply of data that can be ingested by Microsoft Azure Digital Twins, as this is the foundation for digital transformation.

“Evaluate what technical infrastructure you need to support the real-time ingestion of data,” Patil says. “Once you have that, you can create virtual representations of physical buildings or simulations of supply chain management.”

The most important consideration is to assess what your end users want and build IoT technology solutions with those scenarios in mind.

“Focus on the needs of your end users before thinking about how to use IoT technology and Azure Digital Twins for space management and smart building services,” Patil says.

• Check out how Microsoft Azure Maps, Microsoft Azure Digital Twins and IoT technology sensors combine to provide real-time occupancy data and visualizations that are powerful planning tools for companies navigating the new hybrid workplace.
• Use Microsoft Azure Maps to create web and mobile applications that are powered by real-time location intelligence.
• Use research about your customers or end users to identify the IoT technology solutions you want to develop.
• Envisioning your end-to-end scenario can help companies create an architecture that provides a continuous supply of data that can be ingested by Microsoft Azure Digital Twins, which can be leveraged to power real-time indoor mapping experiences.

• Learn more about how Microsoft is creating a world-class, integrated experience for every employee.
• Watch this video to find out how Microsoft is using Azure Digital Twins and Internet of Things technology to optimize employee usage and facilities management of company buildings.

The post Transforming Microsoft buildings with IoT technology and indoor mapping appeared first on Inside Track Blog.

It was a task made even more crucial in the wake of the global pandemic and the company’s transition to a hybrid working model. With the flexibility for employees to choose between on-campus and remote work, Sims saw an opportunity to enhance meeting experiences by taking advantage of the latest features in Microsoft Teams.

“We rely on meetings to build and maintain relationships, but we’ve had to adapt our workflows to support remote work and back-to-back meetings,” Sims says. “I want to make sure that everyone’s voices are heard.”

As part of efforts at Microsoft to empower hybrid work, Sara Bush, a principal PM manager on the Seamless Teamwork team within Microsoft Digital, led a research-driven initiative to develop guidance for running inclusive meetings. The aim was to provide employees with the tools and knowledge to fully participate and contribute, regardless of their work location.

“Inclusive meetings are the cornerstone of an effective hybrid work culture,” Bush says. “We want every employee to feel valued and empowered to engage from anywhere.”

We’ve learned a lot by listening to our employees—it’s been important to hear directly from them.

“Teams Meeting Recap plays a pivotal role in asynchronous inclusion by providing insights to all the meeting content and relevant documents both before and after a meeting. Along with AI generated notes from the meeting recording” says Sims.

Our research-based guide outlines key elements of an inclusive and effective meeting, emphasizing access to relevant documents, content, and participants before, during, and after the session. To make it easier for teams to follow these principles, Microsoft Teams now offers pre-made templates that can be customized to fit various meeting types, ensuring a consistent and inclusive experience for all attendees.

A significant aspect of inclusivity in meetings is ensuring that everyone can engage with the content effectively. Microsoft Teams addresses this by introducing live captions and translations of the captions during meetings, making it more accessible for all attendees and easier for everyone to participate and contribute meaningfully.

The Microsoft Teams live captions translation feature opens the doors for employees from every corner of the world to actively take part in meetings using the language they’re most comfortable with, allowing everyone to contribute and engage fully, no matter what language they prefer.

“Inclusion is defined by the ability to feel comfortable contributing their ideas and perspectives,” Bush says.

Chanda Jensen, senior product manager in Microsoft Digital who worked with Bush to compile a research-based guide to running inclusive and effective meetings, saw a lot of value in putting these best practices in one place. “We don’t need to reinvent the wheel on guidance for running effective meetings,” Jensen says. “We want people to go back to the basics, so we created a dynamic resource that we’ll update as features or guidance changes.”

The impact of inclusive meetings extends beyond the virtual meeting room. With the adoption of these best practices, teams across Microsoft have experienced increased collaboration and improved productivity. Employees now readily share their insights and suggestions, fostering a culture of active participation and mutual support.

“The response from employees has been great,” says Laura Oxford, a senior content program manager who works with Bush and Jensen. “When we share the latest features or guidance on Viva Engage, we hear from people who are using these best practices to successfully support asynchronous collaboration, which is more and more important for our global workforce.”

Sims, inspired by the meeting guide and the innovative features in Microsoft Teams, has seen tremendous success in creating a positive and inclusive meeting experience for her team. She ensures live transcripts and captions are available and encourages team members to express themselves through avatars, strengthening the sense of unity and engagement within her team.

“The meeting guide helped me get the basics right and take small steps to ensure that meetings are inclusive for everyone,” Sims says. “For example, one of the suggestions is to start meetings five minutes past the hour to reduce meeting fatigue and give people a break from back-to-back meetings. And if you’re in a meeting with someone who needs guidance, you can invite people to check out the meeting guide and incorporate some of the tips.”

One small change that Sims is making?

She’s been scheduling virtual coffee chats with new employees on her team, which Microsoft Teams has been a core part of.

“I recognize how challenging it is to build an inclusive team when we can’t sit down and meet face to face to build trust,” Sims says. “That’s why we’ve been using Microsoft Teams as a tool to connect regularly.”

Find out how Microsoft enables its employees to work remotely with Microsoft Teams.

Microsoft Teams features support inclusive meetings

It’s easy to think of a meeting as just the time of the call itself. In reality, meetings aren’t just a point in time—there’s a before, during, and after, and Sims sets expectations for each call, manages roles and access, and follows up with decisions and outcomes.

“If I own the agenda for a meeting, I always try to clarify the purpose of the call,” Sims says. “The reality is that we’re in so many back-to-back meetings, so we need to remind people at the beginning of the goal and intent of the meeting.”

Bush says that there are crucial steps everyone can take to make meetings more inclusive. For example, it’s important to drop an agenda into every meeting invitation.

“Using an agenda can help attendees identify if they need to attend or join asynchronously by watching the recording or reviewing outcomes later, freeing them up from back-to-back meetings so they can focus on the highest impact work,” Bush says.

[Teams] features like hand-raising or reactions with emojis ensure that employees can communicate their ideas and emotions with others.

—Chanda Jensen, senior product manager in Microsoft Digital

Bush defined six meeting categories, or archetypes, that are common at Microsoft: status, strategic, tactical, informative, ideation, and social. For each meeting type, the meeting guide outlines a recommended duration, number of attendees, and guidance on how to keep attendees engaged using interactive features in Teams.

Bush says that the team landed on these archetypes based on industry research and data on meetings at Microsoft, and new Teams features that can help make the meeting experience more engaging. For example, the addition of the raise your hand feature enables any attendee to signal that they have a thought or question.

“Features like hand-raising or reactions with emojis or their avatars ensure that employees can communicate their ideas and emotions with others,” Jensen says. “We also encourage meeting organizers to establish norms at the beginning for how to engage in the meeting, and even assign a moderator to watch for raised hands and chat messages and invite people to chime in.”

For a transcript, please view the video on YouTube: https://www.youtube.com/watch?v=eTCUALH6PtU, select the “More actions” button (three dots icon) below the video, and then select “Show transcript.”

Microsoft Teams Avatars have emerged as an innovative and inclusive feature within Microsoft Teams. These customizable digital representations allow individuals to express themselves visually, making meetings more engaging and fostering a sense of belonging, particularly for remote team members. Additionally, avatars are designed to be accessible to users with diverse abilities, promoting a truly inclusive experience for everyone.

“It also helps to pick whichever meeting view keeps you focused, whether it’s together mode, large gallery, or side-by-side view of a presentation and the presenter,” Bush says. “You can also turn on live transcriptions and record the meeting for people who can’t attend or want to review the content later.”

Meetings don’t have to look alike. Pick the meeting type and approach that feels authentic to your leadership style, while working these best practices in.

—Susan Sims, senior program manager on the Portfolio Integration team

Transitioning to a digital workplace

As Microsoft embraces a hybrid workplace with flexible working styles, Bush is committed to ensuring that all employees can fully engage in meetings, regardless of their physical location—be it at the office, on the road, or working from home.

“Meeting organizers can make small changes to ensure that employees who are located in or out of a meeting room will feel included,” Bush says. “A crucial best practice for hybrid meetings is to embrace asynchronous or flexible work styles. This allows participants to join the Teams meeting when it best suits their schedule and availability. By providing meeting recap, live transcriptions, and collaboration tools, we empower employees to contribute and engage in discussions, regardless of whether they attend the meeting in real-time or catch up later. ”

Embracing the transformative nature of hybrid work, Bush is passionate about her daily efforts to ensure that every individual feels valued and included in the meeting process, regardless of their preferred work style. Given the shift to a hybrid work model at Microsoft, the research-driven approach has enabled the company to identify precisely what employees need to thrive in these collaborative settings.

“Meetings don’t need to conform to a one-size-fits-all model,” Sims emphasizes. “Leaders should feel empowered to select meeting types and approaches that align with their authentic leadership styles while incorporating these valuable best practices. By embracing asynchronous or flexible work styles, we create an inclusive environment that fosters creativity, productivity, and work-life balance for all team members.”

As Microsoft continues to champion flexible work in the hybrid workplace, the focus remains on empowering employees to work seamlessly from any location. By providing the right tools, guidance, and features like pre-made templates, live transcripts, and avatars, Microsoft Teams is revolutionizing the way teams collaborate, ushering in a new era of inclusive and efficient meetings in the hybrid workplace.

• Embrace Asynchronous Collaboration: Support your team to adopt asynchronous work styles and take advantage of the Microsoft Teams collaboration tools. Provide meeting recordings, transcriptions, and share relevant documents in advance so that participants can contribute and engage at their convenience, regardless of their location or time zone.
• Utilize Inclusive Teams Features: Prioritize inclusivity in meetings by making the most of inclusive features provided by Microsoft Teams. Enable captions in the Teams settings and live transcripts during meetings to accommodate all participants and encourage the use of avatars to foster a sense of belonging and self-expression among team members.
• Customize Meeting Formats: Empower meeting organizers to tailor meeting formats to suit their team’s preferred collaboration style. Utilize pre-made templates in Microsoft Teams to ensure consistency and inclusivity across various meeting types, while adapting the approach to align with your leadership style and team dynamics.

• Read this guide from Microsoft Research about how to intentionally run remote meetings.
• Find out how Microsoft enables its employees to work remotely with Microsoft Teams.
• Explore how Microsoft employees are using Avatars for Meetings.
• Discover teaching Microsoft employees healthy hybrid meeting habits with Minecraft.

The post Driving inclusive and effective meetings at Microsoft with Microsoft Teams appeared first on Inside Track Blog.

But how is it getting employees to analyze their data and build their own visualizations?

They’re teaching them. As the saying goes: if you teach someone to fish, you’ll feed them for a lifetime.

That’s exactly what the Enterprise 360 Data Intelligence team in Microsoft Digital had in mind when it created trainings to help teams that are analyzing data with Microsoft Power BI.

“We wanted to empower our partner teams with the skills, tools, and resources to generate and maintain their own Microsoft Power BI reports and gain access to data in a timely manner,” says Sunil Venugopal, a senior program manager on the Data Intelligence team that helped develop the Microsoft Power BI training. “This also aligns with the expectations of Enterprise 360 Data Intelligence leadership, who wanted to empower partner teams to make data-driven decisions. Once you put data into Microsoft Power BI, it tells a story for itself.”

Using Microsoft Power BI’s easily adaptable features, business users can quickly self-serve the datasets they need and build their own reports … They feel in complete control because they own and invest in it.

– Srinivas Kanamarlapudi, senior software engineer on the Data Intelligence team at Microsoft

This training was a powerful tool, especially for partner teams who wanted to gain data-driven insights that relied on the Data Intelligence team’s data visualizations and reports.

Take Tim Karel, a senior program manager who uses data visualizations to respond to system-generated issues or process changes. Karel submitted many of the dozens of requests from partner teams that were fielded by the Data Intelligence team. The Data Intelligence team would evaluate each request for feasibility, identify core metrics, find a data source, and build a data ingestion pipeline and visualization.

As a result, employees on partner teams, like Karel, could wait several weeks before receiving a data visualization or report.

“By the time I received a report, the business needs or data might have changed,” Karel says. “Our team wanted to be more proactive and use data to create a better customer experience up front.”

Now, thanks to the training developed by the Data Intelligence team, Karel is analyzing data with Microsoft Power BI. During the training, Karel and other employees on partner teams learned the basics of Microsoft Power BI and used the data team’s standard template to create their own visualizations.

“Using Microsoft Power BI’s easily adaptable features, business users can quickly self-serve the datasets they need and build their own reports,” says Srinivas Kanamarlapudi, a senior software engineer on the Data Intelligence team who was involved in creating the Microsoft Power BI training for partner teams. “This also improves their skillset, and they feel in complete control because they own and invest in it,” Kanamarlapudi says.

The initial training session drew in 80 participants, including Microsoft network engineers, software engineers, program managers, and even members of leadership who had beginner skills using Microsoft Power BI.

“Through these trainings, employees learn the best practices for analyzing data and building out reports, which creates consistency across how these reports are built and enables other teams to easily grasp the visualizations in the reports,” Kanamarlapudi says.

In addition to offering data science trainings, the Data Intelligence team encourages the employees they work with to build Microsoft Power BI reports that source data from the Microsoft Digital’s central Enterprise Data Lake, which offers a single source of trusted, connected enterprise data.

“By leveraging the shared infrastructure, we’re able to prevent duplication across multiple teams,” Venugopal says.

For employees like Karel, the training is already paying off. Data continues to be a core part of decision-making on their team and using data visualizations to track trends has become a central part of that.

“There were many philosophies about what constitutes a good customer experience, so we need data to drive impact and changes,” Karel says. “Data tells us how customers interact with agents or get support, and we’re able to make the best decisions possible for customers.”

By analyzing data with Microsoft Power BI, Karel has been able to create visualizations that identify customers who make repeat support calls and track agent utilization across product areas to see if the team needs to have more support agents during busier times of day.

“I had a fundamental understanding of my team’s data, but the training taught me how to use a reliable data source to build data reports using Microsoft Power BI, and automate it,” Karel says. “It saves me a lot of time, and it enables us to improve the customer experience.”

It’s also making a difference for the Data Intelligence team, who now have more bandwidth to support partner teams by answering questions and helping them get the most out of their data.

Colin Tang, a software engineer on the Data Intelligence team who primarily creates datasets, data reports, and dashboards for network infrastructure teams, says that it’s exciting to see teams taking the training and running with it. Tang recently worked with a partner team that manages the inventory for network parts.

“Our partner took the dataset and went ahead to build the dashboard for network device vendors, and it helps him drive conversations with vendors about cost savings,” Tang says. “It would normally take our team two to three sprints, but he built his own and they can have conversations with vendors in half the time.”

[Check out how Microsoft designed a modern data catalog to enable business insights. Learn how Microsoft enhanced its VPN performance.]

Building visualizations using Microsoft Power BI

Training has always been around, so what was different this time?

The team brought a relevant, easy-to-follow Microsoft Power BI training directly to partner teams, each with their own data needs. This made it much easier for teams analyzing data with Microsoft Power BI to scrub their data and then build appropriate visualizations.

“A lot of trainings are complicated and don’t focus on real-world scenarios that show up in the work of partner teams like mine,” Karel says. “This is one of the best trainings I’ve taken at Microsoft, and I appreciate that it’s accessible to everyone without relying on a background in engineering and software development.”

To build a community, the Data Intelligence team continues to offer office hours, where employees could ask questions or refine their visualizations. The Data Intelligence team also created a Microsoft Teams channel where employees could ask questions and share their experiences and resources. They’ve also found more success with offering trainings on the organization’s meeting-free Fridays, which are specific days set aside for employees to catch up on email or dedicate time to learning.

“We build on existing trainings and content about how to analyze data with Microsoft Power BI, which ensured that we didn’t reinvent the wheel,” Venugopal says. “Even if someone has attended trainings in the past and built dashboards, they can still learn something.”

To get the most engagement and support on a training like this one, Tang says it was helpful to take a top-down approach and get leadership buy-in from the very beginning. At the time, Tang had been conducting dozens of one-on-one sessions with partners to go over their data needs and wanted to offer something at scale.

“We went back to our leadership team and asked if we could offer Microsoft Power BI training that could reach more people at once and help them take advantage of all of its features,” Tang says.

There were many philosophies about what constitutes a good customer experience, so we need data to drive impact and changes. Data tells us how customers interact with agents or get support, and we’re able to make the best decisions possible for customers

– Tim Karel, senior program manager at Microsoft

It also helped that the team had leadership buy-in and resources to create this training which has ensured that teams have consistency in the way they construct reports and dashboards. This has improved the user experience for partner teams and the Data Intelligence team alike, and they can focus on supporting partner teams and democratizing data instead of building reports.

If you’re on the fence about building your own data visualizations using Microsoft Power BI, or creating a team-wide training, here’s Karel’s advice:

“Embrace Microsoft Power BI and other tools for building your own visualizations. And if you’re creating a data training, start by teaching the basic components and build on that.”

• Find out how Microsoft powers digital transformation with modern data foundations.
• Check out how Microsoft designed a modern data catalog to enable business insights.
• Learn how Microsoft enhanced its VPN performance.

The post Powering decision making at Microsoft by analyzing data with Microsoft Power BI appeared first on Inside Track Blog.

Emeric and launch leadership had to do exactly that when they set out to transform the way Microsoft launches products, something that would require acceptance from product groups that build drastically different products and services.

“Initially, there was resistance to change because people were familiar with the processes in their own silos,” Emeric says. “We encouraged employees to have a growth mindset and recognize the value for the entire company.”

Teams across Microsoft used 600 different launch types, each with their own vision, roadmap, and revenue forecast. Emeric and Brandon Ruby, a director of operations in MBO responsible for launch process, infrastructure, and analytics, knew that transforming the launch process would require a change in the people, process, and technology. But the most crucial part was adding value to the work of launch managers.

“We saw a gap in experience and productivity, and we wanted to make sure that the launch managers felt like they were a part of the process,” Ruby says.

This transformation aligned with MBO’s vision to run state-of-the-art operations.

“Our culture of innovation in Operations empowers employees to lead improvement for our customers and partners through end-to-end business process improvement and tool optimization,” says Mary Ellen Smith, the corporate vice president of MBO. “Modernizing our launch processes enables us to compliantly launch products, services, and capabilities with agility at scale.”

[Learn how Microsoft is optimizing launch management to deliver innovation to market with speed and compliance. Check out how citizen developers at Microsoft used Microsoft Power Apps to build an intelligent launch assistant.]

The previously siloed launch process didn’t align with Microsoft’s integrated selling model that bundles products, devices, and cloud services.

“We knew putting together end-to-end solutions would be challenging if we didn’t change the way we sell,” Emeric says. “Bundled solutions are especially important for commercial and industrial scenarios where you have a range of devices, cloud services, and AI on top of what you’re trying to build.”

Additionally, compliance was also done manually in silos using spreadsheets, Microsoft PowerPoint decks, and Microsoft Word documents. Each launch manager would be responsible for knowing the latest launch rules or working with experts who could flag finance and anti-corruption risks.

This led Microsoft to create a single launch delivery process that runs on Microsoft Dynamics 365 and the Microsoft Power Platform to deliver innovation with speed and compliance.  This ensures that over 200 launch managers at Microsoft have a consistent way to conduct compliance assessments of their product, service, and program launches at scale.

“Before, there was a perception that our launch process was slowing people down,” Emeric says. “In reality, offering a standardized launch process enables Microsoft to do highly complex launches and assess risks with minimal risk to the company.”

The new launch process requires a dynamic digital compliance assessment, which asks a list of questions that change as risk domain owners continuously evaluate risk categories. This is critical to consistently assess risk across the launch ecosystem. The launch team’s responses are used to determine the risk of the launch, and launch managers consult relevant risk domain owners on key risks involving finance, trade, and anti-corruption. Launch managers are then responsible for mitigating or closing risks before launching their product or service.

“Through a centralized risk management process and consultation with risk domain owners, we are much more confident that 100 percent of critical launches are managed, maintained, and meet compliance requirements before they go out the door,” Ruby says.

Built by the launch community, for the launch community

Initially, Ruby’s team focused on the process, data fields, and controls of the transformed launch process. Halfway through their journey, it was evident that the team was putting the process and digital requirements ahead of experience and productivity. Launch managers needed to be more involved in shaping the launch process that was a part of their day-to-day work.

“We found that communities, citizen development, and incubation are a great combination for creating experiences that empower the productivity of launch managers,” Ruby says.

In the summer of 2019, a team of people from MBO and Microsoft Digital participated in the Microsoft Hackathon with the goal of transforming the company’s launch process.

“This led to the creation of a citizen development program where we create rapid prototypes of value with the community,” Ruby says. “We continue to have conversations where we identify top priorities before making major investments on the platform.”

Ruby is referring to the Launch Management Excellence team, a forum among launch managers and citizen developers across the company who bring perspective from their launch portfolios. They share pain points that they’ve heard from their teammates, advise on best practices for the launch process, and provide information about upcoming trainings and events. Based on these conversations, Emeric and Ruby can return to their leadership team and share what the launch community is passionate about addressing.

“Our launch managers drive the conversation,” Emeric says. “We prioritize the needs we get in this feedback loop and address the top pain points first.”

Leading with a vision and intentional investment in your employees

Transforming the launch process with compliance by design is already paying off. It’s been exciting for Emeric to see the vision come to life.

“When it comes to transforming your launch process, it’s vital to have a clear vision about what you want your transformation to look like and have buy-in from leadership,” she says.

As this vision has come to fruition, Emeric has found that teams see MBO as a leader in launch.

“Business groups come to us for launch resources or oversight so they can ensure that they’re compliant,” Emeric says. “They’re also using our launch platform for portfolio, launch, and external risk management.”

Transforming the launch process requires intentional investment in the experience and productivity of employees. At Microsoft, the launch community and citizen development community have been central in deciding what features to add to the new process.

“You have to invest in people just as much as the process and technology,” Emeric says. “Our leadership team understood that they could have the biggest impact by empowering people with the tools they need to be productive.”

Ruby and Emeric also emphasized the importance of prioritizing progress over perfection. The team is always iterating on the launch process, and they’re willing to repivot if necessary.

“It’s a journey, and you have to start somewhere,” Ruby says. “If you anchor it in making an investment and having a shared vision, you’ll see progress.”

Emeric and Ruby recognize that the launch platform and community have grown significantly since this journey began two and a half years ago, and they hope to empower customers and partners to transform their launch processes too.

“The goal for Microsoft is to be the industry leader in how enterprises launch products and services,” Emeric says. “Our launch process is designed to uphold our commitment to trust and compliance, all while ensuring that our customers and partners have a great experience.”

• Learn how Microsoft is optimizing launch management to deliver innovation to market with speed and compliance.
• Check out how citizen developers at Microsoft used Microsoft Power Apps to build an intelligent launch assistant.

The post Rethinking how Microsoft launches its products and services appeared first on Inside Track Blog.

When Dang recognized the manual process used by the Microsoft employees who access 1,300 company bank accounts in 191 countries, she wanted to streamline this largely manual process.

Not an engineer, she looked around for a non-technical solution and discovered Microsoft Power Automate, a cloud-based workflow solution for automating workflows across applications and services.

“We were empowered to do it ourselves, and do it efficiently,” says Dang, a senior treasury manager on Microsoft Treasury’s Global Cash Management team.

Best of all, no coding was required.

Dang worked with Brandon Diersch, a treasury group manager in Global Cash Management, to create a tool that would centralize online banking portals and track access requests.

“We didn’t need to work with engineering teams or have a coding background to create a tool,” Dang says. “We just needed some business logic and approval workflows. Once we had that designed and mapped out, we were able to implement the solution using Power Automate.”

[Learn how Microsoft builds connected business solutions with Power Automate. Learn how Microsoft transformed payroll processes with Power Automate. Learn how citizen developers at Microsoft used Power Apps to build an intelligent launch assistant.]

Empowering citizen developers to solve problems on their teams

The Global Cash Management team began to learn how to use Power Automate through trial and error and used online courses and tutorials.

“We started by building simple flows before we made the business logic more complicated,” Dang says. “The major learning was that we needed to manually plan our logic before we built it out on Power Automate. This enabled us to identify the gaps in our processes before we started implementation.”

To develop this solution, Diersch’s team took advantage of Power Automate’s drag-and-drop technology.

“If you’ve ever created a slide in a PowerPoint deck and made simple animations to make the deck more polished, you can create a Power App,” says Pat Dunn, a principal program manager in Microsoft Digital who designs, builds, and supports Power Apps. “You don’t need to know a programming language to begin, but you’re able to use the power of the platform to create low-code or even high-code solutions.”

Using Power Automate, Dang and Diersch created a centralized tool to evaluate whether an employee was active, manage access requests, and create a clear audit trail of who accesses a bank account and why.

“Due to the low-code, no-code capability of Power Automate, the life cycle was completed in a few weeks with no dependency on the IT team,” Dang says.

Using Power Automate made it easy for the team to scale the solution, integrate new business logic as the company expands, and receive error messages in a timely manner.

“Now, we not only have a clear audit trail of who has access, but also an approval workflow that’s been automated with this application,” Dang says. “This ensures that everyone who gets access to Microsoft accounts has an appropriate business justification.”

Prioritizing governance and security

The team also consulted the Microsoft Privacy team to ensure that their hand-built tool was certified.

“In conversations with compliance or audit groups, it became apparent that this tool offered a reliable, systematic way of logging changes and activity, especially when compared to a more manual tracking system,” Diersch says.

Diersch says that the team was able to iterate on the application in an agile way. For Dang and Diersch, the most rewarding part was building an improved experience for end users.

“We used Power Automate to pull in hierarchy information in an intelligent way and route them to the right people,” Diersch says. “This is how we used it specifically, but it can also be applied for any approval process.”

With this tool, the Treasury team receives tickets with all the information associated with an approval request, which has increased efficiency by 75 percent. If an employee leaves the company or switches teams, the Treasury team can also change the logic on the back end to add additional employees or restrict access.

“We’re seeing huge gains in the quality of the data,” Diersch says. “Our processing team receives clean and validated information, and it’s more efficient than receiving this data over email.”

Dang agreed, remarking on how fast the tool responds.

“If a treasurer has a question about who has access to Microsoft bank accounts, we can pull this data in seconds,” Dang says.

For teams who want to automate processes in their organization, Diersch recommends leveraging existing Power Automate templates and experimenting with different connectors.

“There’s such a big library, so there’s probably an existing flow that could be modified to address some of your business needs, or just provide a place to start,” Diersch says. “You can customize the rest.”

Power Automate is part of a larger suite of Power Platform apps that can be used to build end-to-end business solutions. To support the development of apps and flows, Power Platform users in small to medium-sized businesses can also take advantage of the Power Apps Center of Excellence starter kit.

“It connects users with the community and empowers them to be citizen developers with guardrails,” Dunn says.

Ultimately, Power Platform users like Dang and Diersch are embracing the power to meet their personal and team productivity needs, which benefits both IT and the company as a whole.

“From the IT professional side, make sure you have governance strategy, processes, and tooling so you can govern citizen development in your tenant,” Dunn says. “This enables you to build a thriving community where people are empowered to build productivity tools and make the organization more efficient.”

• Learn how Microsoft builds connected business solutions with Power Automate.
• Learn how Microsoft transformed payroll processes with Power Automate.
• Learn how citizen developers at Microsoft used Power Apps to build an intelligent launch assistant.

The post How Microsoft used Power Automate to create its new centralized banking portal appeared first on Inside Track Blog.

Bret Arsenault, corporate vice president and chief information security officer at Microsoft, and security experts from his DSR team at Microsoft attended RSAC 2020 to share how they are responding to security challenges, lessons learned, and proven practices that you can use in your organization.

[Learn how Microsoft transitioned to modern access architecture with Zero Trust. Learn how Microsoft implemented a Zero Trust security model.]

Zero Trust for the real world

There are seven billion devices connected to the internet, and 60 percent of organizations have a formal bring-your-own-device (BYOD) program in place.

“The way we work has also changed,” says Nupur Goyal, a Zero Trust product marketing lead at Microsoft. “With the emergence of a mobile workforce, cloud technology, and ubiquitous access to information, it has become more and more challenging to protect corporate data.”

Coined by the security industry, Zero Trust is a modern approach to security that Microsoft and other enterprises are adopting—don’t assume trust, verify it. The Zero Trust security model treats all requests and every access attempt as though they originate from an untrusted network. However, employees should still have a seamless experience when accessing the resources they need without impeding productivity.

“We have to validate an employee’s identity and device health before giving them access to the files they need,” says Carmichael Patton, a principal program manager in DSR. “As threats evolve, we have to pivot to protect customer data.”

Goyal and Patton shared Microsoft’s implementation strategy, which is geared to ensure that data and application access is specific to an employee’s job function. Organization policy is automatically enforced at the time of access and continuously throughout the session when possible. All devices are enrolled and managed in a device management system, and the network access is routed based on the user’s role. Finally, all controls and policies are backed by rich data insights that reduce the risk of unauthorized lateral movement across the corporate network.

[Check out the slide deck from this RSA session about Zero Trust for the real world.]

Cloud-powered compromise blast analysis

Hackers don’t break in—they log in. To combat this, the security operations center (SOC) at Microsoft operates on a massive scale to support 250,000 active users with even more active devices and Azure user accounts.

“When it comes to protecting identity, our people are our biggest asset and our biggest liability based on how they act,” says Sarah Handler, a program manager at Microsoft. “Our goal is to take the systems and tools we have and use them to nudge user behavior in a way that won’t compromise our systems.”

Kristina Laidler, the senior director of Security Operations and Incident Response at Microsoft, has worked with the SOC to protect Microsoft from adversaries. One challenge is the high volume of data and signals. To address this, the SOC team filters billions of events using machine learning and behavioral analytics to approximately 100 cases a day that the SOC team can triage, investigate, and remediate.

“We have to make sure that the SOC team isn’t looking at false positives, and the things getting through are high fidelity,” Laidler says. “We want to work at the speed of attack. We know attackers are moving fast, and we have to work faster.”

Laidler and Handler have also implemented new analysis methods for identity compromise using cloud logs, security information and event management tools, and advanced telemetry. To prevent future identity threats, Laidler also discussed some technical controls for identity protection such as filters to prevent users from creating predictable passwords with seasons, years, or regional sports teams.

“Using user entity behavioral analytics, we have developed a lot of contextual knowledge about how our users and adversaries act, and we’ve built detections based on those patterns,” Laidler says.

Laidler and Handler also shared their lessons learned. A salient piece of advice is to ask for more from your cloud provider.

“We have such a huge focus on making sure we’re getting feedback and the story from the trenches,” Handler says. “That’s how we build better solutions.”

[Check out the full RSA session on how Microsoft’s Identity Security and Protection team collaborated with Microsoft Digital to implement new blast analysis methods for identity compromise.]

Breaking password dependencies: Challenges in the final mile at Microsoft

Director of Identity Security Alex Weinert and Lee Walker, a principal program manager in DSR Identity and Access, shared the lessons learned of Microsoft’s journey to eliminate passwords and practical guidance to help with yours.

Weinert’s team worked with Walker’s team to eliminate legacy authentication at Microsoft, and they’re currently blocking 1.5 million legacy authorization attempts per day. Getting to this point didn’t happen overnight. The company has been using multi-factor authentication (MFA) using smartcards, phone authorization, Windows Hello for Business, and FIDO2. In 2019, Microsoft required MFA for all employees, but some employees still used legacy authentication. Disabling legacy authentication was a process, and Walker’s team needed to talk to the owners of applications that used legacy authorization, keep 90 days of history to track where owners signed in with legacy authorization, and simulate policies to predict breaking scenarios.

Weinert advised attendees to capture logs of when users sign in, find legacy traffic, and talk to business owners in those organizations.

“You have to figure out what application is behind that sign-in, understand how and why it’s used, and work to replace it or contain it,“ Weinert says. “Recognize that your plan will evolve based on these conversations.”

Weinert also encouraged attendees to decide not if, but when to start, especially because Microsoft Exchange is removing support for basic authorization in October 2020.

“You don’t need to be faster than the bear, but you don’t want to be the slowest runner either,” Weinert says. “Learn from our painful mistakes. You can flip the switches, but the hard part is the humans.”

[Check out the slide deck from this RSA session on Microsoft’s journey to move away from passwords.]

Microsoft’s security team changes the employee training playbook

All Microsoft employees are accountable for keeping the company’s data and customers safe. Ken Sexsmith, director of Security Education and Awareness in DSR, and his team are changing the way that Microsoft approaches training by making it approachable and fun for employees through enterprise-wide training, behavioral campaigns, and phishing simulations.

“We are on the frontlines of driving digital transformation through behavior and culture change,” Sexsmith says. “We saw an opportunity to take an innovative approach to security training, and we had full support from leadership.”

The team takes a multi-pronged approach to change employee behavior by motivating, reinforcing, and applying behavior changes. Sexsmith’s team does this through awareness campaigns and security training, which strengthen security and privacy best practices.

“Within an hour, you lose 50 percent of the information that you were just told,” Sexsmith says. “Within 24 hours, 70 percent of that information has escaped. As adult learners, we have to continue to reinforce that knowledge.”

For companies or teams who are trying to change their approach to security education, Sexsmith suggests that attendees start by identifying listening systems to understand the biggest risks at the company, and finding engaging ways to communicate them to employees. The team has also been sharing the impact of their training and continue to solicit feedback that informs future versions.

• Learn how Microsoft transitioned to modern access architecture with Zero Trust.
• Learn how Microsoft implemented a Zero Trust security model.

The post How Microsoft is transforming the way it fights security threats appeared first on Inside Track Blog.

“Specialists are solution sellers,” says Schlegel, a data and AI specialist for Microsoft Digital Sales. “We help customers solve problems with an eye toward helping them move down the path of digital transformation. To do this, we also must develop high-quality relationships with them.”

Schlegel introduces customers to Microsoft technologies that can help them efficiently address their business needs. He says that he and other solution seller specialists can identify opportunities for sales based on customer purchase history, Microsoft Azure consumption levels, and workload usage.

However, it can be challenging for Microsoft sellers to holistically understand their customers because of the company’s scale and the broad set of rich products it offers to customers.

“I could do this manually, but it would consume most of my time,” Schlegel says. “If a tool gives me recommendations, I could spend more time with the customer.”

Enter Daily Recommender, an internal AI solution that uses Microsoft Dynamics 365, Azure, and an AI interface to provide data-driven recommendations to sellers based on over 1,000 data points per customer, including past purchases, marketing engagement, and digital and local event attendance.

“A lot of companies invest in AI solutions,” says Praveen Kumar, a principal program manager in Microsoft Digital. “The primary differentiator is that Daily Recommender presents specialists and account executives with meaningful data, insights, and artifacts so they can make the right decisions.”

[Learn more about how Microsoft Digital developed Daily Recommender. Learn how Microsoft Digital modernized the toolset Microsoft sellers use.]

Scoping customer conversations based on past engagements

Daily Recommender uses internal and external data points such as current consumption levels, licenses, customer interactions with marketing material, and machine learning techniques such as collaborative filtering and natural language processing to identify the next logical product recommendation for the customer.

“We help customers achieve the solutions they intend to build in the most efficient way using Microsoft technologies,” says Siddharth Kumar, a principal machine learning scientist manager who works on the team that provides machine learning solutions to Daily Recommender. “With these curated recommendations, sellers can spend less time creating sales pitches and focus on having meaningful and useful discussions with customers.”

These recommendations and insights are presented in a curated dashboard, which is available to the entire Digital Sales team.

“Let’s say a Microsoft account team is responsible for over 100 customers,” says Salman Mukhtar, the director of business programs for the Digital Sales team. “Daily Recommender gives you access to product recommendations for the accounts across your solution areas. The app also provides a rationale for the recommendation, what material you can use, and a suggested action date. It takes the AI to the last mile.”

Using Daily Recommender, account executives and specialists work together to understand what may be top of mind for the customer, review product recommendations, identify the right customer contacts, and provide customer-centric recommendations based on the customer’s needs and interests.

For example, say a customer downloaded a piece of Microsoft content showcasing how to move legacy SQL servers to the cloud. Daily Recommender could prompt a specialist to provide that customer with resources for cloud migration and suggest that they unlock the advanced capabilities of the cloud by investing in a business intelligence tool like Microsoft Power BI.

“Within minutes, I have a clear picture of what’s currently driving the customer and how I can structure my conversations based on their current consumption and interest in Microsoft products,” says Alexander Mildner, an account executive for Microsoft Digital Sales. “If I had this two and a half years ago, my life would have been easier.”

Equipped with this data, sellers and account executives can collaborate and connect customers with Microsoft resources, products, and specialists to achieve their projects’ goals. Specialists can work with customers to create execution plans or discuss the technical details of implementation, often within their area of expertise.

“Collaboration is an essential part of an account team,” Mildner says. “The more insights you can use as a specialist or account executive, the better.”

Committing to continuous improvement over time

With Daily Recommender, one out of every three recommendations qualifies as a sales opportunity. This is almost four times higher than the industry average of 6 to 10 percent. The app becomes more intelligent over time as it continues to learn from seller actions and sales outcomes. The team also takes a hands-on approach to improving Daily Recommender by analyzing clickthrough and seller action data and soliciting feedback through in-person roadshows, emails, and community calls.

“I think we will look back in a year or two, and we won’t be able to imagine a time before this tool,” Mildner says. “I’ve already seen the progress that the tool has made in the past two years, which tells you how strong its AI is.”

Daily Recommender was built for the Microsoft Sales team by Microsoft Digital as part of an ongoing effort to transform the tools and processes that the company provides for its sales force.

“For a sales model that requires sellers to do active prospecting at scale, we needed a robust and AI enabled solution that would help sellers quickly identify and actively engage with the customers to make faster buying decisions,” says Hyma Davuluri, a principal program manager in Microsoft Digital. “This led to the development of Daily Recommender, which enabled sellers to identify and act on sales opportunities.”

The journey to create and improve Daily Recommender has been educational for Mukhtar and the team. They have learned that the best way to improve the experience is to create synergy across business groups, sellers, and AI experts.

The result?

The Digital Sales team was able to transform the sales process with AI.

Mukhtar says that supporting this collaboration took time, but it started with bringing people together to invest in changing the way the Microsoft sales teams organized and approached their customers for prospecting new business.

“Changing people’s behavior isn’t easy,” Mukhtar says. “We focused on bringing together different stakeholders to invest in changing our processes. We found that value is really unlocked by how well you bring together AI and the sales process, seller behavior, and customer needs and integrate into a modern app.”

• Learn more about how we developed Daily Recommender.
• Learn how we modernized our seller’s toolset.

The post Transforming sales at Microsoft with AI-infused recommendations and customer insights appeared first on Inside Track Blog.

Ken Sexsmith recalls waiting quietly outside a conference room for a meeting about a new approach for promoting the annual security training at Microsoft. Earlier that day, his team, which is responsible for enterprise-wide digital security education, training, and awareness, was running a company-wide phishing simulation. While waiting for his meeting, Sexsmith overheard some employees questioning the validity of the phishing email.

One of them recalled a recent training and said, “Maybe we need to report it?”

“It was a lightbulb moment,” says Sexsmith, director of Security Education and Awareness in Microsoft Digital. “It was so encouraging to see how employees started talking about the email and knew precisely what to do. It was a highlight of our year.”

Getting to the point where employees recognize phishing emails did not occur overnight. Although Microsoft’s sophisticated anti-phishing technology helps protect customers and employees from targeted phishing campaigns, Microsoft employees still need to stay one step ahead of evolving security threats. To help them get there, Sexsmith set out to change how employees think and learn about security.

“We are on the frontlines of driving digital transformation through behavior and culture change,” says Sexsmith, who says lessons Microsoft learns internally are shared externally with the company’s customers.

[Learn how Microsoft implemented a Zero Trust security model.]

Sexsmith’s team wants to start a movement where everyone wants to be a part of the company’s security story; their goal is to make security personal and change ingrained behaviors.

“We had to win over the hearts and minds of employees,” Sexsmith says. “We had to flip traditional compliance training on its head to make security more engaging, relatable, and fun, but also emphasize the importance of employees using best practices and being responsible for security.”

Employees seeking out new security training

Sexsmith’s team created an engaging, interactive Security Foundations training that uses real-life examples of security threats that have affected Microsoft employees and teams. The training also features a local well-known actor and podcast host that employees can relate to. In its first year, nearly 63 percent of employees across the company took the training. Some employees thought the training was so great that they asked if they could share it with their family and friends.

“A lot of effort and energy was put into making training a more enjoyable experience while helping people not only build the proper skills, but retain the skills they learned,” says Erin Csonaki, an education and awareness program manager in Microsoft Digital who runs enterprise-wide training.

Coupled with phishing simulations and ongoing digital campaigns that highlight the digital security team’s strategy to keep the company and its data safe, the training helps employees learn about security risks and build skills that they can apply on a day-to-day basis.

Proof that it’s working? The once-optional Security Foundations training is now required for all Microsoft employees. The revamped training received an extremely positive response from employees and even won an external Telly Award.

“Because we had favorable feedback, we’ve gained credibility and can continue to push the envelope around the way we launch training this year,” Csonaki says.

Whether the team is running a highly technical training for engineers or an awareness campaign for Cybersecurity Awareness Month, Csonaki says that it’s important to communicate the relevance of this training in their day-to-day work. For example, the Security Foundations training emphasizes never letting your guard down when handling email, posting on social media, or connecting to a public wireless network.

“A key for us is making it personal,” Sexsmith says. “The same things you do at home to secure your family are the same things you do at Microsoft. Your technology is vulnerable, and it only takes one minute for someone to take control of your device.”

Reinforcing learning year-round

Along with trainings, the team creates employee awareness about what phishing and other security threats could look like and provides guidance on how employees should respond. For example, Sexsmith’s team creates phishing simulations that are based on real, previously reported incidents.

Blythe Price, an education and awareness program manager on Sexsmith’s team, is responsible for the Phishing Education and Awareness program, which exposes employees to the experience of being phished and provides prevention education and reporting guidance.

“If an employee falls for the simulation and enters data or opens an attachment, an education moment is served up,” Price says. “This reinforces the best practices for spotting phishing, which is discussed in the Security Foundations training.”

The phishing scenario also teaches employees how to respond to security risks using the “Report Message” button in Outlook or in Microsoft’s internal security reporting channel.

“If it’s not quick and easy to report, a user may decide it’s not worth their time and abandon ship,” Price says. “You also have to make sure that the reporting mechanisms are where they are meant to be, whether it’s on a desktop or mobile browser.”

Learning moments from simulations and trainings are reinforced through ongoing awareness campaigns that align with events like National Cybersecurity Awareness Month or certain holidays. This ensures that the conversation about security is front and center for employees.

“You don’t have to know everything,” Sexsmith says. “You just have to know when to pause before entering your credentials and ask, ‘Am I moving too fast?’ That’s the change that we’re driving.”

Understanding the culture of an organization

For other teams or organizations interested in changing the way they approach security training, Price suggests evaluating what resonates with employees and adjusting accordingly. Price also attributes her team’s success to their emphasis on the “why” behind each training or awareness campaign. This has helped employees understand the importance of their participation.

“Instead of snapping to a model, it’s important to know the culture,” Price says. “Don’t be afraid to take chances if something isn’t working.”

Regardless of how you educate employees about security, it should be a two-way dialogue.

“It can be challenging, but it’s also a good opportunity to listen to what’s resonating with employees, and balance it with what’s needed from a security perspective,” Price says.

Sexsmith knows that his team’s approach to security training and awareness can’t rest on its laurels.

“I have a vision of continued evolution,” Sexsmith says. “I often challenge people to think differently, and that’s what got us here.”

• Check out the agenda for RSA, which includes Sexsmith’s session on how Microsoft is taking a different approach to security training.
• Listen to Sexsmith’s Ignite 2019 session about how Microsoft trains employees to be data stewards.
• Learn how Microsoft implemented a Zero Trust security model.

The post How Microsoft is transforming its approach to security training appeared first on Inside Track Blog.