The Four-Day work week

The challenge of maintaining a work-life balance has become increasingly hard, especially with the last two years of work from home due to the COVID pandemic and a four-day week seems like one way in which to address this challenge. The discussion around a four-day work week has been gaining momentum over the last few years with proponents citing successful trials by companies showing improved employee engagement and happiness, with no discernible loss in productivity.

I foresee several challenges with this, especially in professions that traditionally billed by the hour, such as consulting. If the above claim is to be believed, then that implies that the same amount of value will be created in 32 hours that used to be created in 40. In turn, that would imply that the rate per hour would be increased, to compensate the fact that the four-day week does not imply a reduction in salary for the employee. In essence, we would be passing this cost onto our clients and we’re assuming that the value conversation remains equitable. With independent consultants, this would simply mean that they would continue to work 40+ hours per week and would now justifiably be able to increase their rates by around 20%. It would be very hard in my opinion to convince a client that this is equitable.

Another place where this will be a challenge is in areas such as 24×7 support. In this scenario we would need four six-hour shifts, instead of the previous three eight-hour shifts. To achieve the increased number of shifts, at least one extra person will be required by the company providing the service. This will result in a 25% increase in servicing cost, which will be passed on to the client. Again, I’m not sure this is an equitable approach, and many clients will balk at a 25% increase to their support and servicing costs.

Where productivity is concerned, there are many ways to improve productivity, that does not come from the increased pressure of delivering 40 hours’ worth of work in 32. As per this excellent article discussing this exact topic, https://thriveglobal.com/stories/a-4-day-workweek-doesnt-make-you-more-productive-this-does/, productivity can be increased by removing distractions, managing your time effectively and other means, not associated with the increased pressure.

The conversation about work-life balance is also somewhat of a misnomer. While it is certainly unhealthy to work 60 to 80 hours per week, it is equally unhealthy to be in a profession where the driving ambition is to escape it. I propose an alternative phrase that more closely aligns to my worldview, “Work-life harmony”. It sounds similar, but it differs in this key point, balance implies that for eight hours of work, I must receive eight hours of leisure time. Harmony implies that my work and the rest of my life are intermingled in a way that supports each other. I work to earn the money to spend on leisure. I can choose my way of work, and the location of my work such that it suits my life and my leisure. With the new way of work brought on by the pandemic, we have more freedom than ever to choose where we work, since most of us have been working remotely for at least two years. With this new freedom, you could choose to work from a beach, or a ski-slope. Take a moment between meetings to go for a swim, or to fetch the kids from school and take them for ice-cream before the next Teams call or document is due. We can create harmony in our lives by weaving our work around it, instead of seeing work as being in conflict with our life.

Open post

The Journey to a Remote Team

Azuro’s journey to remote working started in 2015 when we adopted Office 365 for email, document storage and collaboration, with Skype for Business for chat and calling. Thank goodness we’ve moved on from there to Microsoft Teams. The reasons for us adopting these tools are varied, but they were primarily about reducing the internal support burden, disaster mitigation and convenience.

The first objective was to reduce our support burden. We were maintaining our own Exchange Server, a file server, an on-premises SharePoint server, an on-premises TFS (Team Foundation Server), on-premises database servers (SQL) and on-premise CRM server (Dynamics CRM prior to being renamed to Dynamics 365). This meant lots of server hardware, virtual machines and infrastructure overhead. We were experiencing frequent power outages and our hardware was aging, so we had to decide whether to invest in additional hardware to mitigate the power problems and to support newer versions of software, or to make an alternative plan.

We opted to migrate all of our core business services to the cloud as it would reduce the internal support burden with fewer servers to maintain, it would mitigate the power failure risks as the services are no longer hosted in our office and we would not need to upgrade the power mitigation options for our team, as we could work from elsewhere if the office lost power due to a power failure. By adopting Office 365 we replaced the file and SharePoint servers with SharePoint and OneDrive, we replaced our Exchange Server with Exchange Online and our Dynamics CRM server with Dynamics 365. We also migrated our TFS server to Visual Studio Online (now Azure DevOps). This meant we only needed a database server for our accounting package, so we migrated the accounting database to Azure SQL.

Once we were fully deployed to the cloud, the next hurdle was to understand how to better manage a team that is no longer in the same place every day. We realised that we needed better metrics than the old consultant metric of hours logged vs hours billed. Being a delivery-oriented business, we developed a set of KPIs based on story points completed. Since our sprint boards are deployed to the cloud on Azure DevOps, we were able to automate the production of KPIs, and grant our customers access to their projects ensuring greater transparency and collaboration in the delivery process.

Fast forward to 2020. The world is in crisis with a global pandemic that’s ground almost all travel to a halt and confined most people to their homes. For Azuro, this just meant switching off the lights in the office and letting everyone continue from their homes. Of course, there are challenges, but most of them relate to environmental issues such as intermittent connectivity issues and expensive data costs. All in all, the transition to fully remote has been largely uneventful and we mitigate the isolation issues by maintaining an open “chat channel” on our Teams for anyone to dial into and touch base and connect with whomever else is online. We recommend that our team members have their video on during any calls to increase the connection with the rest of the team. All non-delivery members have been invited into the stand-ups to enable them to remain in touch with the daily operations of the business.

We’ve been advocating a shift in consulting behaviours for quite some time and are encouraged by how well our team and customers are adapting to the new normal. The ease of this transition would not have been possible without the adoption of great tools and our preparedness with the processes to support them.

Simplifying Business with Power Automate

Over the last few years, we’ve seen an increase in the number of tools that enable non-developers to build applications and automate business processes. Microsoft has introduced a set of tools collectively referred to as the Power Platform to achieve this goal. From building simple capture forms, user interfaces and apps using PowerApps, to automating processes with Power Automate (formerly called Microsoft Flow). These tools have given rise to the term citizen developers, business users that create applications inside their organizations to solve problems that would traditionally have been sent to IT, with many procedural delays, complexities and other issues.

 

To this end, Azuro investigated mechanisms to streamline the issuing of contracts, work orders and other agreements and documents that were previously taking a long time to produce. After they had been edited to satisfaction, they were manually sent to someone for signature before being printed and signed and scanned and sent back. We decided to make use of Microsoft Flow (now called Power Automate) in conjunction with some partner software, DocFusion and DocuSign to generate the document based on a template and data in a SharePoint list and send it for signature via DocuSign. This cut down the amount of manual document editing, as well as streamlining the process of getting agreements signed. We then took things a step further and introduced approvals into the workflow, to ensure documents were checked prior to being sent to customers for signature. All of this was done without writing any code and by a non-technical person.

 

To get started with Power Automate you will need an Office 365 subscription, and any one of several different license options. Provided you are correctly licensed, you can start creating your Flow. Navigate to https://flow.microsoft.com and sign in with your Office 365 credentials. From here you can choose to start with a template or build your own flow. There are hundreds of connectors and integrations, making it a truly powerful platform for simplifying business.

 

Take a look at this video for a quick overview: https://www.youtube.com/watch?v=hCuxuUaGC6Y&feature=youtu.be

Anatomy of an Office 365 Phishing Attack

We recently had to assist a customer in dealing with a phishing attack against an Office 365 user’s account.

What is Phishing?

Phishing is the fraudulent attempt to obtain sensitive information such as usernames, passwords and credit card details by disguising as a trustworthy entity in an electronic communication. Typically carried out by email spoofing or instant messaging, it often directs users to enter personal information at a fake website, the look and feel of which are identical to the legitimate site.

Phishing is an example of social engineering techniques being used to deceive users. Users are often lured by communications purporting to be from trusted parties such as social web sites, auction sites, banks, online payment processors or IT administrators.

Excerpt from Wikipedia (https://en.wikipedia.org/wiki/Phishing)

What Happened?

The user received an email requesting feedback on an email sent earlier. The user was distressed enough by the email to respond and apologize, whereupon the attackers sent a follow up email directing the user to a file to be downloaded.

Clicking the link loads a login page, requesting the user’s Office 365 credentials, whereupon the user is directed to some documents. At this stage the documents don’t really matter, and if the user does not realise that they’ve entered their credentials into a bogus site, their account is wide open.

The attackers then take their time reviewing the user’s email inbox, to identify a plausible method of extracting a fraudulent invoice for payment.

When they are ready to act, they enable a forwarding rule on the user’s Inbox, directing all emails to an external email address, in order to respond to any queries and send the invoice for processing. It seems they target approximately $5k – $10k, probably to remain under the compliance and authorization radar. They then trigger a mass email from the user’s inbox, to spread their attack to as many contacts in the user’s mail account as possible prior to the Office 365 SPAM rules shutting the mailbox down. Finally, the attackers tend to delete as many emails as is easy to get to, in order to wipe out the traces of their intent. They do a hard delete, which means the email goes straight to jail, and does not first stop in the Deleted Items folder.

How do you know you’ve been caught? The first real indication is the forwarding rule which triggers a “Low-Severity Alert” on Office 365 to Administrators. Other indicators are if the user’s Inbox starts behaving strangely, or access to the Inbox becomes erratic. Also watch out for new rules being created.

What should you do when your email account has been compromised? There are some excellent articles posted by Microsoft, which can be found here (https://docs.microsoft.com/en-us/office365/securitycompliance/responding-to-a-compromised-email-account), on how to respond and what to do next.

How did we respond?

  1. Reset the User’s Password
  2. Block the User’s Account
  3. Remove any Administrative Roles the User may have on Office 365
  4. Disable the mail forwarding rule via Outlook Web Access (the forwarder does not seem to come up in either the Exchange Management Console or the local Outlook client)
  5. Disable any suspicious rules in the Outlook Client (We disabled them to allow us to interrogate them in more detail as part of the post mortem)
  6. Run PowerShell script to check the audit logs, and attempt to create a timeline of events
    1. See here for the PowerShell syntax – https://docs.microsoft.com/en-us/powershell/module/exchange/policy-and-compliance-audit/search-mailboxauditlog?view=exchange-ps
    2. And here for an excellent implementation (Although it’s a bit outdated – based on Exchange 2010/2013) – https://gallery.technet.microsoft.com/scriptcenter/Generate-a-Report-of-a33cde56
  7. If email entries were deleted, restore any recoverable items using the Restore-RecoverableItems PowerShell commandlet
    1. See here: https://www.undocumented-features.com/2018/04/23/using-restore-recoverableitems-or-how-i-saved-my-own-bacon/
  8. Once the emails have been restored and operational control of the mailbox returned to the correct user, you can reset the password and enable the account

What can be done?

To avoid phishing attacks in the future, it is highly recommended enabling Multi-Factor Authentication for all users. Additionally, it would also be useful to customize the Office 365 login page, so that users will more easily identify phony login pages.

In addition to these physical measures, it is important that users are made aware of the dangers of phishing and trained on how to spot phony or suspicious links and pages. Phishing is a social engineering attack and it relies on the resemblance to a credible source to solicit the user’s details.

The instances and successes of Phishing has certainly increased over the last period, with numerous reports received by Azuro, and even reported on in the news. Be alert.

Other helpful links:

  1. Connecting to Exchange Online via PowerShell – https://docs.microsoft.com/en-us/powershell/exchange/exchange-online/connect-to-exchange-online-powershell/connect-to-exchange-online-powershell?view=exchange-ps
  2. Office 365 Security Incident Response – https://docs.microsoft.com/en-us/office365/securitycompliance/office365-security-incident-response-overview
  3. Security best practices for Office 365 – https://docs.microsoft.com/en-us/office365/securitycompliance/security-best-practices?redirectSourcePath=%252farticle%252fSecurity-best-practices-for-Office-365-9295e396-e53d-49b9-ae9b-0b5828cdedc3
  4. Manage mailbox Auditing – https://docs.microsoft.com/en-us/office365/securitycompliance/enable-mailbox-auditing?redirectSourcePath=%252fen-us%252farticle%252fEnable-mailbox-auditing-in-Office-365-aaca8987-5b62-458b-9882-c28476a66918

What is Docker and why should I care?

I have been thinking about use cases for Docker for quite some time. In my opinion, it's an over-hyped technology (like so many new and shiny technologies at the moment). I do however believe that it becomes relevant when you want to run very specific workloads at irregular intervals and need these workloads to be able to scale quickly and cheaply. So, I now have three very interesting use cases, as well as an implementation strategy that leverages Azure.

Scenario 1:
VSTS Build Agents - Being a Dynamics Partner, we still build many plugins and integrations, and these rely heavily on the CRM Context and Generated Entities. As we move towards greater DevOps capability, it seems reasonable to want to ensure that the entities used in an application or plugin are the latest entities and therefore part of the build pipeline should refresh the generated entities. Enter Docker Containers. By using a Docker VSTS Agent Image (https://www.jamessturtevant.com/posts/Using-the-VSTS-Docker-Agent/) the image is quickly invoked, and can execute your funky custom build activities. There will be some additional work involved, deploy CRM SDK, Entity Build configuration, etc., but in principal, this will work.

Scenario 2:
Custom Excel Services Host - One of our (potential) customers sends out monthly reports in Excel format. To generate a report in Excel is generally a mess, as you need the Excel App installed and all kinds of funny things. This will obviously not fly on an Azure App service. But, enter Docker! (Whooshing Superman sounds) So, build your very special custom docker image (probably on a Windows Nano Server) with all your Excel and other Apps and voila, problem solved!

Scenario 3:
SQL Server Reporting Services - Azure SQL does not offer a deployment of SSRS, but thanks to Docker, one could spin up an instance of SSRS, produce any needed reports, and then let it all go again. https://hub.docker.com/r/microsoft/mssql-server-windows-express/ SQL Express with Advanced Services supports SSRS which should be sufficient for most scenarios, and SQL Express is also free, so no licensing risk.

Finally, how to make magic in Azure. One of the things I love most about Azure is the serverless components. Ideally, everything in an Azure deployment should be serverless, and there should simply not be any VMs. This isn't often the case, but if that is the stated goal, then how does one deploy Docker images in Azure, in a serverless manner? The first option for deploying Docker is Azure Container Services (AKS - https://azure.microsoft.com/en-us/services/container-service/ - No idea why the "K", if I remember I'll ask someone – edit – K = Kubernetes). This however deploys a Linux VM to host the Kubernetes infrastructure, so what's the point? I may as well deploy a VM directly. The next option, and by far the sexiest I've found to date, is Azure Container Instances (https://azure.microsoft.com/en-us/services/container-instances/). Enter serverless Docker deployments. Point it at your Docker Image Repository (look at Azure Container Registry - https://docs.microsoft.com/en-us/azure/container-registry/container-registry-intro) and voila. Suddenly it costs you cents to run a docker image. This is what serverless compute is all about!

So, how, why and when to use Docker. I think that about covers it. Mind = Blown!

Inspiration and Aspiration

I’m sitting on the long flight home from Atlanta to Johannesburg, reflecting on the past 3 weeks I spent in the USA, what I got up to, and what I hope to achieve with these visits. I’m visiting the US quite often now, at least 3 times per year, with the intent of creating additional business opportunities for Azuro there. I generally plan the trips to coincide with a Microsoft conference, and this time it was Microsoft Inspire, previously known as Microsoft Worldwide Partner Conference.
This year it was held in Washington DC and I was quite excited to see DC, the capitol of the free world. ? This was my third time attending Inspire/WPC, but it was the first time Waldick attended one. I’ve found them to be a great networking opportunity, and there are always too many sessions, filled with great content on all the latest products, features and trends coming out of Microsoft.

Having previously found myself quite rushed when arriving on the Sunday, I arranged our travel such that we arrived on the Saturday (8 July) instead. We arrived at our Airbnb around midday, and after a quick shower, took a walk down to the convention centre to get a feel for the distances and the city. We had been invited to an Office 365 pre-conference day on the Sunday and a sightseeing excursion with some of the other South Africans. Whilst we were looking forward to seeing the sites of DC, we opted to attend the Office 365 day, which turned out to be an informative and engaging day focused largely on marketing strategy and the future of Office 365 and the CSP (Cloud Solution Provider) program. There were great talks during the day, especially the ones by Sharka Chobot and Mark Stuyt of Neural Impact. We had a choice of parties to attend the Sunday evening, so after a brief walk around the commons area, we set off for some of the nightlife. We again opted for an early night, to make sure we would be fresh for the keynotes.

Monday had finally arrived and it was time for the opening Keynote. The SA Partner team have really made an effort over the last year to improve the cohesion of the South African contingent, and arranged that we all grab a block of seats together. As luck would have the block of seats turned out to be suites, but after a few roundabouts we eventually settled in and found each other. This bit of organisational mayhem earned Danie Gordon from MS the first ever Hulk Award received outside of South Africa. ?

Satya’s keynote was inspiring as always, and set the tone for a week of interactions and learning. My key takeaway from Satya’s keynote, and the subsequent sessions, keynotes and other talks we attended or had with various Microsoft personnel, is that Microsoft is focused on their partner-channel more than ever. The massive shake-up announced to the Partner Program probably gives smaller and niche partners their best chance of breaking into the Microsoft partner ecosystem with more impact. At Azuro we’re certainly taking this opportunity to refocus our efforts, and ensure that Microsoft is aware of our offering and how we go about our business.

The other major focus was on AI, Cognitive Services and the Fourth Industrial Revolution. There’s a lot of talk of Digital Transformation, and I believe the real killer Apps of the next wave will be Intelligent Systems. We will see more and more decision-making capabilities built into applications, enabling workers to spend more time interacting and engaging with customers, while systems power the businesses. Of course, there will also be massive disruptions to many traditional jobs, and I’m certain we don’t yet know the extent to which today’s work-landscaping will be reshaped by these new and emerging technologies.

Sadly, the week ended way too quickly, but we managed to forge some new relationships, strengthen existing ones, and get great insight into the next 12 months with Microsoft.
Following on from Inspire we headed first to Denver, where we spent a quick stint doing some much-needed strategic planning after all the events of Inspire, and then we headed to New York City to meet with a client there. Here Waldick and I parted ways, as he returned home to South Africa, while I returned to Denver to work on some US opportunities.
Having spent quite some time in the US, and attended several of the Microsoft conferences, as well as reading many articles and other sources, I am again inspired by the opportunities to transform businesses, people, and the world, through the application of innovative technologies. More and more, the role of technology is to facilitate better interactions between people, systems and businesses. It’s about telling a human story, by using great technology. That’s what I see us at Azuro striving for every day, and what I hope that my team and I can offer our customers and their customers.

The aspiration then is to take our specialised team and services, and make it available to the world. Through that we will continue to inspire, and be inspired, by our great customers and partners, and their stories.

Scroll to top