IT security predictions are a dime a dozen nowadays, but, for Windows and Office 365 professionals, what you really want is a glimpse into the future for ALL aspects of your role: security, scripting, reporting, provisioning, auditing, migrating and finding time in there to explore Microsoft Teams.
Your Holiday wish has come early! I weeded out all the obvious topics you’ll see on every other predictions list, like there will be more side-channel attacks (thanks, Intel) or AI will have a security setback this year (I predict everyone else will make that prediction). Instead, I focus on predictions for your everyday projects and tasks.
1. Your PowerShell person will leave
When I look into my crystal ball, the first thing I see is your PowerShell person — yeah, just the one you have on staff — will leave, or at least change roles. Demand is up for PowerShell experts because it’s an essential hybrid cloud administration skill for Microsoft environments, a transferable skill set for anyone looking to help fill the ranks for the cybersecurity professional shortage and someone you just really depend on (whether you know it or not). Scripting adds complexity to your environment as well as other unknown dependencies and security misconfigurations. This year you’ll need to have your team brush up on their PowerShell game and put policies and auditing in place to manage and safeguard your environment from scripts gone wild and employee attrition. Learn more in this detailed post.
2. You say IoT; he says edge computing; we say keep it away from your internal AD
2019 will continue the outward expansion of your data center, and as you invest more in an open, distributed IT architecture where you’re gathering and processing data at the source, you’ll also need to work through how those devices or local computers and servers are authenticating. Current practices for securing and patching the devices outside your data center are still inadequate and lack the maturity of your internal management stack, thus creating an opportunity for cybercriminals to steal your data or your computing power. You’ll want to keep your distributed computing authentication up in the cloud with Microsoft Azure Active Directory (AD) and away from your valuable internal stuff, but you’ll also want to monitor it just as you would your internal AD. Learn more in this detailed post.
3. Humans will still be a thing in 2019 and AD will get the attention it deserves
One constant since the first year of the Holocene geological epoch is humans. And humans — er, users, in this case — within your organization have AD and Azure AD accounts that can be exploited, stolen or abused. Microsoft’s chief information security officer Brett Arsenault said it best: “Users are both my first line and my last line of defense.” Historically, network and physical infrastructure layers have received all the security attention while the focus on AD security has lagged. Organizations are now starting to prioritize and invest in AD security, like they do with perimeter security. You’ll be spending time on AD to understand that it needs to be more secure compared to what is offered as the default in AD.
4. The first major Office 365 or Azure AD multi-tenancy breach will hit the news
Just as no one would have predicted at the start of last year that nearly every computer produced in the last 20 years would be vulnerable to data loss due to design flaws in the microprocessor, we shouldn’t write off multi-tenant security as a sure thing. In fact, we’ll hear of such a breach hitting the news either because of:
- An exploitation of an unknown vulnerability
- Someone provisions Office 365 or Azure AD in the wrong place (think commercial vs. government clouds)
- Someone punches holes between their tenants for easier management and unwittingly creates attack avenues for disgruntled users or hackers
One of the best ways to ensure misconfiguration doesn’t compromise your system is to define and apply strict security and monitoring policies across your environment.
5. Blah, blah, ransomware, blah, blah — wait, my stock took a hit?
Ransomware has gone the way of natural disasters and shuttle launches in the news — no one is paying a whole lot of attention anymore, but it's still out there and getting more sophisticated. Cybercriminals aren’t going for the masses; they are targeting corporate victims and bypassing users with stolen credentials (e.g., SamSam), and they are even pairing their attacks with Mimikatz to increase their reach. This targeted approach is wreaking more havoc, so 2019 will see at least one publicly traded company’s stock taking a hit as a direct result of this kind of breach. You’ll be spending your time ensuring a least privilege principle is followed for all users, getting your AD groups under control and finding ways to monitor for suspicious activity that looks like ransomware (for example, rapid-file modification by a single user).
6. Resiliency — Why you’ll finally back up your domain controllers
Devastating attacks, like NotPetya trashing whole data centers in a scorched earth scenario, are making admins rethink how they build resiliency into their security response plans. Like Maersk, they built resiliency in the event that one, or even a few, domain controllers (DCs) go down; but no one ever imagines all their DCs will go down and require a full-scale backup. Most organizations would have to rely on ten different departments to get their AD back online and their users back to work in this scenario — this is simply unacceptable anymore. This year, you’ll be tasked with building out a backup and recovery process for AD bare metal recovery in the case of a Maersk-style take down.
7. GDPR will start throwing some punches, but so will competing financial and national security regulations
Since GDPR came into effect May 2018, the ICO has only used fighting words — “notices” — with companies like AggregateIQ, but 2019 (or late 2018) will bring out the punches and the fines. You’ll want to save your drama-watching popcorn for the real battle between GDPR and competing regulations, like the U.S. Government’s CLOUD Act or FFIEC, UK’s FCA requirements, the EU’s MiFID II. Financial firms or U.S.-based cloud providers may find themselves in the unfortunate bind of conflicting obligations with regards to “right to be forgotten,” data transfers and regulatory records retention. Organizations need to be absolutely certain of the data they store, where it’s stored and who has access to it to begin to even make sense of their legal obligations.
8. HIPAA hall passes have run out
When HIPAA came out, the Department of Health and Human Services (HHS) would slap you on the wrist with little to no fines; but violation fines have dramatically increased since 2016 with seven-figure penalties the norm rather than the exception. HHS has given organizations plenty of time to get this right and prove that they are protecting our personal data continuously. Anyone can pass one of these audits if they have the processes in place, but the rest of the audit is showing you are following those processes (i.e., the technical audits). I predict you’ll be working to put systems in place — not modifiable scripts — to prove ongoing compliance.
9. You’ll be neck deep in AD and Office 365 migrations
2018 was a banner year for larger, more complex mergers and acquisitions, which means AD and Office 365 migration projects will ramp up in 2019. Furthermore, 2019 looks like it will continue the M&A spree started in 2018. And given Wall Street’s comfort with the midterm elections and the Trump tax reform that allows US firms to repatriate overseas cash for business growth (i.e., acquisitions), even more migrations will surely take place. So not only are you dealing with the mandate to get everything to Office 365, you’re also dealing with a mountain of ongoing migration work. I predict you’ll be looking to conquer your mountain of Microsoft migrations and consolidations with a repeatable and automated approach that makes it a non-event for end users.
10. 3 out of 10 of you will finally know what Teams is — and you can thank SharePoint
First, SharePoint is a thing again, and it is this way because Microsoft is giving you a modern experience in SharePoint Online and SharePoint 2019. (Goodbye 2003 look and feel, hello, beautiful!) Second, the new experience is mobile friendly, easier to use, better performing and it sets you up for the inevitable convergence into Microsoft Teams. Every Team has a SharePoint team site, and every Team can be added to a SharePoint team site, making it easier to adopt Team channels and tabs, let alone share and collaborate on documents. As you start to explore Teams this year, make sure you also consider management and auditing, including discovering and reporting on applications, channels, files and folders, members, owners and settings.
As you can see, 2019 is going to be a busy year. With so much development and growth in the IT world, you need a partner on your side every step of the way — and that’s where we can help.