I think Microsoft surprised a bunch of folks by having an Ignite in March. I know I was surprised, and I was talking to people about it just a day or two before who had only just heard that it was happening, so if you missed it, let me encourage you to stop everything you’re doing and go watch the keynote, because the future looks absolutely incredible. We are on the precipice of augmented reality integrations that will touch every facet of our lives, from medicine to transportation to industrial safety to gaming and everywhere in between. There’s even an AR night club in the works from the creator of Cirque du Soleil, but I think you’ll have to provide your own cocktails.
But with the amazing announcements around Microsoft Mesh for AR came some more practical announcements that, while maybe 1% less exciting, are still pretty cool.
For one, passwordless authentication is now generally available! I’ve been using it in preview for a long time, and I’m super excited to bring the experience to customer environments. Now we can finally deliver on the promise of improved security through eliminating the password vector. And yes: I said “eliminating.” Because in addition to passwordless general authentications, we also got passcode-based account creation. So now we can create users and get them productive without having to ever handle a password! Dare to dream of a close future where “credential theft” is meaningless.
Done dreaming? Don’t let me stop you: take your time and let that sink in.
Next up we got general availability of co-authoring encrypted files. I remember when co-authoring first became available and someone asked me if that was possible. I probably laughed because of the sheer complexity of what encrypted co-authoring would entail, but hey: dare to dream. And though I’d heard rumors that it was coming, I was still bowled over when I heard the news that it’s been solved. But then, I also heard that Microsoft AI passed the Turing Test, so I guess Skynet is imminent.
Speaking of Skynet, no just kidding. AI did get a lot of attention at this conference, including the real-life ability to “force a bot to watch a movie” with expected hilarious results. But Microsoft also demonstrated the ability for that same bot to contextualize what was on the screen and offer a synopsis of the plot so far, along with suggesting alternate endings. It was really impressive, but I don’t think we need to worry about the robot uprising, because the bot did suggest that a certain superhero might get into a battle with space dinosaurs who, in turn, tell her that she is also a space dinosaur. So…there’s work to do.
Back to reality (aw man!), Azure Sentinel got a big shot in the arm with the addition of 30 connectors to popular devices and services, and there were some fantastic sessions around building Playbooks, which leverage Azure Logic Apps to provide customized responses to alerts.
Since we’re on the topic of Logic Apps, the Power Platform (which uses Logic Apps to under-pin Power Automate) got some love, too. Microsoft continues to make huge investments in low-code/no-code development, and Power Virtual Agents comes to Teams as a way to drive user-created chat-driven bots. Write your own interactive FAQ with a development UI that looks a heck of a lot like Power Automate’s. And while you’re at it, download Power Automate for Desktop. Seriously: DO IT. Partially because it’s free (included with your Windows 10 licensing), and partially because it really can help you automate the tedious day-to-day routines. I’m in the process of automating my environment prep for delivering Security Immersion Experiences, including starting Hyper-V 30 minutes before a calendar event, getting the VM’s configured for the demo, and shutting it all back down 30 minutes after the scheduled event time, so my machine isn’t chewing through resources when it isn’t needed. What will you automate?
And then there was a short almost throw-away conversation I caught about the best things you should be doing to secure your environment. Microsoft’s MSTIC Director said you SHOULD be using privileged access workstations, or PAWs, for your admin users. That’s a shift, and a pretty big one. PAWs hadn’t felt relevant in a few…years…honestly, and though we’d had customers ask about them from time to time, Microsoft offered little official guidance. I even asked about it during an Identity Airlift in September 2019 at their “Ask the Experts” table, and they couldn’t agree. But they’re back on the menu, and the timing works pretty well for our upcoming webinar on Remote Provisioning, because I just happen to have an “Admin Workstation” policy set in my demo environment that’s designed for that specific scenario.