Security firm discovers outstanding vulnerability in Azure Active Directory

September 29th, 2021

Yesterday, Ax Sharma with Ars Technica revealed security company Secureworks has identified a current vulnerability in Azure Active Directory Seamless Single Sign-On.

A Secureworks threat update published by Ars Technica indicates the Secureworks Counter-Threat Unit “…reported the flaw to Microsoft on June 19…” and “…Microsoft confirmed the behavior on Juy 21…”, but Microsoft concluded the functionality was part of the way Seamless Single Sign-On is designed.

Ars Technica quotes the Secureworks Counter-Threat Unit researchers as saying “This flaw allows threat actors to perform single-factor brute-force attacks against Azure Active Directory without generating sign-in events in the targeted organization’s tenant…” The researchers also explain the vulnerability affects “…any Azure AD or Microsoft 365 organization, including organizations that use Pass-through Authentication (PTA)…” Apparently, however, user accounts without a password for Azure AD are not at risk.

Which cloud-based desktop service might be right for your organization?

September 4th, 2020

Executive Summary:
Cloud desktops, hosted desktops, or desktop-as-a-service (DaaS) from Amazon, Microsoft, VMWare, or Citrix might be good choices if you lead a small- or medium-sized operation. At the enterprise level, economies of scale still give the edge to in-house solutions.

In March of this year, updated their comparison article “The Best Desktop as a Service (DaaS) Providers of 2020”. The entire article, by staff writer Joshua Stowers, is excellent–but for those with too much on their plate, here’s a brief run-down.

No “one-size fits all” solution
Every business is different, with different criteria for how its team-members use their computer desktops. Also, cloud desktop providers have different strengths, so there isn’t a single vendor that will be right for all use-cases. Accordingly, Stowers outlines recommended solutions for different desired outcomes.

How were these picks made?
A team first reviewed what was available in the market, narrowed-down the choices to eight contenders, then did a deep-dive on these eight to select their recommendations.

What are the best options?
Here are the four solutions the team selected, based on four sets of broad criteria:

Uptime/Scalability: VMWare Horizon Cloud
Small Business: Amazon Workspaces
Backup/Failover: Azure
Mobile Workforce: Citrix Virtual Apps and Desktops

Stowers provides a thorough review for each recommended solution, including its strengths, its weaknesses, and why it’s the best choice for the criteria in question.

Other considerations
The article also goes into some depth regarding the various considerations involved in moving to a cloud-based desktop service. It discusses pricing (and why it’s not as simple we would like), what the hosted desktop model brings to the table, and what it leaves to be desired. The best parts here include a breakdown of different pricing scenarios, an explanation of the different types of hosted desktops, and definitions of the key features customers should look for in a hosted solution.

Which customers will benefit the most?
Stowers is straightforward in his assessment that, for the moment at least, cloud-hosted desktops are a play for small- and medium-sized businesses that don’t have the money to stand-up a self-hosted environment, and who don’t necessarily need to hire an in-house IT staff.

For the enterprise, Stowers concludes it’s still more cost-effective to build and support your own desktop-hosting environment in-house, although he implies that may change going forward. He seems convinced hosted desktops are the future, and where the numbers work, it makes sense to consider them for your organization.

Next Steps:
Share With — 
CTO, CIO, IT Director

Action Items — 
• Comprehensively review computer desktop usage in your organization.
• Determine your top candidates for cloud-hosted desktop providers, given your use-case.
• Conduct a free trial (if available) of one or more of your top candidates.
• If you find a candidate that meets your needs, migrate your organization’s desktops to the cloud.

Brian S. Pauls is the founder and vCTO of Cloudessy. He figures if you’re going to go to have a desktop, it might as well be in the cloud where you can get to it from anywhere. Brian blogs about cloud computing and organizational culture at

Who I help…

August 26th, 2020

Azure portal integration for Windows Virtual Desktop released to GA

July 31st, 2020

Enterprises supporting remote workers on Windows Virtual Desktop are getting some new tools, as Microsoft makes several enhancements in public preview–including Azure portal integration–generally available. #Azure #WindowsVirtualDesktop #RemoteWork

Microsoft issues guidance for cloud app development

July 24th, 2020

As the cloud evolves, so do the criteria for effective business application development. To help you keep your in-house apps up-to-speed, Microsoft has released the Azure Well-Architected Framework–“five pillars of architectural best practices.”

Power BI to leverage the data visualization capabilities of Azure Maps

July 17th, 2020

Microsoft is now previewing Azure Maps visual for Power BI. It will allow Power BI users to overlay their maps with bubble visualizations, 3D bar charts, reference data, custom tiles, and real-time traffic info.

Microsoft Azure IoT is enabling smart building advances

July 10th, 2020

Learn how four companies are using Azure IoT to lower costs, save energy, and control environmental factors in their smart building designs.