Mark Minasi's Tech Forum
Register Calendar Latest Topics
 
 
 


Reply
  Author   Comment  
cspanburgh

Avatar / Picture

Senior Member
Registered:
Posts: 236
Reply with quote  #1 
More than a year ago Microsoft started telling us about their plan to slowly phase out ACS authentication in their cloud apps.  This blog concerts dynamics 365 but anything that has to do with Azure storage my be affected.  There are gray areas.  

Microsoft has sent Dynamics 365 subscribers an email explaining some of the details.

They run scans on the type of traffic coming into the cloud systems and alert the instance owners that the traffic still exist.    Third party product providers may have to rebuild their software using the updated DLLS from the SDK. 

Ok it's pain, but the attackers of the applications are to blame.  Security worked ok until it's hacked.  Then change is needed.   

The blog is at: https://blogs.msdn.microsoft.com/crm/2017/05/29/update-dynamics-crm-client-sdk-version-to-avoid-calls-to-acs/


__________________
Curt Spanburgh
0
cj_berlin

Avatar / Picture

Senior Member
Registered:
Posts: 279
Reply with quote  #2 
I sometimes wish they had started acting this way twenty years ago. Then application developers would be used to rapid change by now.
__________________
Evgenij Smirnov

My personal blog (German): http://www.it-pro-berlin.de/
My stuff on PSGallery: https://www.powershellgallery.com/profiles/it-pro-berlin.de/
0
cspanburgh

Avatar / Picture

Senior Member
Registered:
Posts: 236
Reply with quote  #3 
I think it is more than 15 years ago when Microsoft first seemed to react to the insecurity of their software when Mark had a talk regarding this.

At the time all software companies were focusing on Features instead of security.

It was a good talk.  There was also a very funny Windows Gazette talk done in San Diego regarding this subject.   I wish Mark would do a modified version of that talk now.   

When backpacking in the winter in the mountains, I often functioned as group leader.

That meant always looking for danger and having a plan.

When crossing ice in winter in the mountains, you have to make it a team effort.

The person does not cross with their pack buckled to the waist. 
Two people have a rope on the person crossing the ice at all times.

If there are only two , you still use a rope metal clip to secure it.   Better if you have one on the person and the pack.

Even if only the feet go through the ice, the party members all have a job.  One person sets up a small shelter, while another helps the person who fell through to get the wet clothes off and change while another person starts heating a hot drink to warm the person who got wet.


At 15 degrees , and miles away from the car, you have a plan.     

So what plans have I see in IT departments regarding security?     

For the most part, very little.   Now Microsoft is getting tough.    Emphasis on backward compatibility was a flaw.   Often maintaining backward compatibility was like holding on to something that could sink you.


__________________
Curt Spanburgh
0
donoli

Senior Member
Registered:
Posts: 598
Reply with quote  #4 
All of a sudden MS is concerned about security? If MS no longer wants backward compatibility, it's because they lose money not security.
0
Previous Topic | Next Topic
Print
Reply

Quick Navigation:

Easily create a Forum Website with Website Toolbox.