Eric Kraus


Azure + Chef

Keeping the topic of Open Source going…I thought I’d share a bit of information on Microsoft’s partnership with Chef with Azure.

About 18 months ago, Opscode announced a strategic partnership with Microsoft Azure to support rich Chef integration:

Maximizing the power of public cloud platforms is best accomplished through the use of a dynamic, consistent automation engine. With Windows Azure and Opscode Chef, organizations can now make the most of all Windows Azure offers for Microsoft and Linux-based environments alike, delivering maximum flexibility and ease of use in bringing ideas to market and adapting to business change.

-Christopher Brown, CTO, Opscode


See it in Action

Below is a video of Ross Gardler (Senior Technical Evangelist from Microsoft Open Tech) doing a demo of building cloud resources in Azure with Chef cookbooks. Skip to 7:27




Microsoft and Open Source

Wanted to share some updates on the work Microsoft is doing in the open source space.

Open Compute Project

[dropcap]B[/dropcap]ack in January, we announced a contribution to the Open Compute Project.  Microsoft is sharing what they call their ‘Microsoft cloud server specification‘: the designs for the most advanced server hardware in Microsoft datacenters delivering global cloud services like Windows Azure, Office 365, Bing and others.

We are excited to participate in the OCP community and share our cloud innovation with the industry in order to foster more efficient datacenters and the adoption of cloud computing.

more details on that can be found here.


[dropcap]A[/dropcap]nother interesting set of investments in open source comes from the Microsoft Open Technologies, Inc. team.  It’s a group of people building bridges between Microsoft and non-Microsoft technologies…powering interoperability through open standards and open source.

Here are some of the projects they are working:

Office 365 and DocuSign Partnership

Microsoft and DocuSign recently announced a partnership to bring electronic signatures to Office 365.

Among the features first being delivered:

  • Easy administration
  • Single-Sign On
  • Secure Storage
  • Office Store availability

Both organizations have agreed that this is only the start and they will continue to collaborate on bringing new innovations to the Office 365 offering.

More details:


Multi-Factor Authentication to O365


Microsoft just announced that Multi-factor Authentication will be added to Office 365 Midsize Business, Enterprise, Academic, Nonprofit, and standalone plans: Exchange Online and SharePoint Online.


  • After successfully entering password, users are required to acknowledge a phone call, text message, or an app notification on their smartphone
  • Only after this second authentication factor has been satisfied can a user sign in.


For applications like Office, that don’t current support MFA, the platform will support App Passwords can be generated to leverage the added security. MFA support in Office client is on the roadmap and is schedule for later 2014.

For a technical understanding Multi-factor Authentication for Office 365, please visit the following technet article.

Please visit the Office 365 Trust Center for more information on security in Office 365.

BYOD has nothing to do with devices

Ok, so maybe nothing is a bit of a stretch, but here is a different take on the traditional: “how do we manage devices?” challenge.

[dropcap]L[/dropcap]et’s start with a baseline understanding of what we do. A fairly neutral definition of IT is to provide organizations with access to information and tools to enable employees to make informed and timely decisions in the most efficient way possible – all at a justifiable cost. Fair enough? At the end of the day, employee productivity is about the creation and consumption of and decisions that surround information. In most cases, devices such as phones, tablets, PCs are just tools that give us the ability to create and interact with that information in order to make decisions for better of the business. That information is built from data generated in emails, meeting notes, reports, etc. etc. So, in summary, it should be fair to say, day-to-day business is all about data.

What’s the real problem?

Now to define the problem. How do you define a BYOD (“Bring Your Own Device”) effort? Is it an initiative to eliminate the cost of issuing employee devices? Is it allowing users to bring in any device from home with the premise that it is used for enhancing their productivity (making better/faster decisions)? Is it something ‘we have to do’ to appeal to a new generation of workforce? Or, is it simply, “all of the above” with a subtext, “how do we safely manage those devices?” Here lies the problem with any of those definitions: If the fundamental goal is to figure out how to manage all of today and tomorrow’s devices, it’s a losing proposition. Innovation is too great, and technology changes in a moment’s time. Besides, at the end of the day, how does that device ‘management’ help the business with access to their data?

Rarely in BYOD discussions do I spend a significant amount of time talking about data. Typically conversations are around MDM/MAM/Phone/OS strategy, etc. Rather, I see a need to change the conversation to “Data Management Strategy.” A focus on securing the data first and then offering a tiered approached of device management based on the end-user experience desired (more on this later). In the end, a data strategy first will have lowered the risk of accidental intellectual property loss in a manner that is device agnostic and allows room to scale.

A lesson from the music industry 

Take for example, digital rights managed (DRM) music. As a music lover, you want unlimited access to music. So you enter into a ‘contract’ with a company that licenses music (let’s say Xbox Music). In return for your monthly fee, a certificate is granted to you and the world of music is available to you. All of the music that you download can be played across multiple devices (tablets, phones, etc.) online or offline. The music file is what is managed, not the device, nor album art, or playlists, etc. Upon termination of our agreement, the certificate is removed from my device and access to play the music is revoked. The powerful benefit of this model is that Xbox Music knows very little of my machine therefore ‘wiping’ the device of all music isn’t required…the files just become obsolete.

Is it full proof? Like any system, it’s not 100% full proof. The system is not designed to be perfect, but rather protect against easy ways to exploit the system…mostly accidental loss and some intentional. Anyone seeking to be malicious, will probably succeed.

Build an ‘experience matrix’

In the world of security, user-experience is usually inversely proportional to protection. The more secure you want to make a system, the worse the experience gets for the user (think two-factor authentication). If organizations can protect their data first, managing devices becomes more of an experience discussion and security is determined by the level of experience desired. Microsoft (internally) offers a rich BYOD experience. MSIT has accomplished this by enabling employees with tools to protect the data first. A clear policy and mandatory training ensures employees understand how to secure the data. Then, MSIT publishes a support/management matrix for a wide category of devices. The matrix includes what experiences are enabled and what level of management is required to obtain that experience.

Recommendations for a Data Management (BYOD) Strategy

  • Data classification. Protecting IP is important, but spending a million dollars over a year-long project to protect the holiday party catering menu, is not efficient. One size doesn’t fit all.
  • Develop a matrix of experiences you want to offer with devices you will support. As much of this exercise is deciding what you will/won’t support as it is clearly documenting it for users to rationalize
  • Build change into the strategy. One thing is for certain, by the time you implement a strategy, it will have new requirements. Build the strategy with agility in mind and answer question like:
    • What if iPads were no longer supported tomorrow?
    • What if WiFi is no longer free wherever you go?
    • Is the strategy flexible enough to support these and other situations?

Installing Office 365

Remember the Office Home Use Program (HUP) ? It’s now even better with Office 365.


  • It takes about 5 minutes to install a FULL functioning copy of Office
  • You can install the new Office side-by-side on a computer that has another copy of Office on it (2003, 2007, 2010, etc.)
  • Because it will be connected to your corporate login it will keep all of your settings from other PCs, recent documents etc.
  • You can deploy up to 5 copies of Office, including home computers with both Mac OS and Windows
  • This is only available through the Office 365 service.

How To Install Office Pro Plus with Office 365

1. From a browser on any device type in

2. Put in your corporate credentials/email address.

3. In the upper right, click on the Settings icon that looks like a gear.

4. Click on “Office 365 Settings”

5. Click on “Software” tab.

6. You can see what devices you have it installed on, how many installs you have left and then a one-click install of Office.

7. In about 5 minutes, you will have a fully functioning version of Office 2013 deployed to your machine. Further installation will continue in the background (for approximately 20 minutes), but you can work on documents while that happens.