The Four-Day work week

The challenge of maintaining a work-life balance has become increasingly hard, especially with the last two years of work from home due to the COVID pandemic and a four-day week seems like one way in which to address this challenge. The discussion around a four-day work week has been gaining momentum over the last few years with proponents citing successful trials by companies showing improved employee engagement and happiness, with no discernible loss in productivity.

I foresee several challenges with this, especially in professions that traditionally billed by the hour, such as consulting. If the above claim is to be believed, then that implies that the same amount of value will be created in 32 hours that used to be created in 40. In turn, that would imply that the rate per hour would be increased, to compensate the fact that the four-day week does not imply a reduction in salary for the employee. In essence, we would be passing this cost onto our clients and we’re assuming that the value conversation remains equitable. With independent consultants, this would simply mean that they would continue to work 40+ hours per week and would now justifiably be able to increase their rates by around 20%. It would be very hard in my opinion to convince a client that this is equitable.

Another place where this will be a challenge is in areas such as 24×7 support. In this scenario we would need four six-hour shifts, instead of the previous three eight-hour shifts. To achieve the increased number of shifts, at least one extra person will be required by the company providing the service. This will result in a 25% increase in servicing cost, which will be passed on to the client. Again, I’m not sure this is an equitable approach, and many clients will balk at a 25% increase to their support and servicing costs.

Where productivity is concerned, there are many ways to improve productivity, that does not come from the increased pressure of delivering 40 hours’ worth of work in 32. As per this excellent article discussing this exact topic, https://thriveglobal.com/stories/a-4-day-workweek-doesnt-make-you-more-productive-this-does/, productivity can be increased by removing distractions, managing your time effectively and other means, not associated with the increased pressure.

The conversation about work-life balance is also somewhat of a misnomer. While it is certainly unhealthy to work 60 to 80 hours per week, it is equally unhealthy to be in a profession where the driving ambition is to escape it. I propose an alternative phrase that more closely aligns to my worldview, “Work-life harmony”. It sounds similar, but it differs in this key point, balance implies that for eight hours of work, I must receive eight hours of leisure time. Harmony implies that my work and the rest of my life are intermingled in a way that supports each other. I work to earn the money to spend on leisure. I can choose my way of work, and the location of my work such that it suits my life and my leisure. With the new way of work brought on by the pandemic, we have more freedom than ever to choose where we work, since most of us have been working remotely for at least two years. With this new freedom, you could choose to work from a beach, or a ski-slope. Take a moment between meetings to go for a swim, or to fetch the kids from school and take them for ice-cream before the next Teams call or document is due. We can create harmony in our lives by weaving our work around it, instead of seeing work as being in conflict with our life.

1 Year of Lockdown? A few thoughts…

It is amazing to think that today (26th March) marks the 1 year anniversary of “lockdown” in South
Africa. In one way, it seems like only yesterday, yet in another, most of us have never witnessed a world
so fundamentally transformed from one year to the next.

Of course, the transformation has been broad and multi-faceted, affecting all aspects of our lives, both
private and professional. The lockdown thrust the digital economy to center stage and we have always
believed, that technology could solve many contemporary business challenges and optimise business
systems and structures.

Have you ever thought of working from home before COVID? Yet once COVID-19 hit, businesses had no
option but to embrace the digital world. This digital surge, though forced, has produced incredibly
positive results in many areas of business and technology… to the extent that the business landscape
might never return to a 2019 context.

At Azuro, we are proud to reflect on some highlights and how we used the past year to grow and
develop our team, our offerings and ourselves as a management team.

Our biggest highlight would have to be the 10-year anniversary of Azuro in October 2020. To achieve
this milestone during a pandemic still came with mixed feelings but it did truly manifest the immense
gratitude that we have for our customers, partners and of course our team of superheroes who have
been on this journey with us.

Another major highlight for us is the growth of our Coastal unit from 1 to 5 people during the last 12
months. This team has a strong focus on Business Applications, Governance and Dynamics 365.

This team has been running a fully remote setup since its inception and enabled us to make the switch
to taking the entire organisation fully remote during the initial lockdown in a matter of days. This
worked so well that we were in the unique position of enabling a number of our clients to do the same
in a similarly short space of time.

As fortuitous as this was, it had a bittersweet outcome that resulted in us not renewing our lease to our
office at the Oval in Bryanston and we know that our team will always remember this poignant moment
on 30 June 2020, we locked up our home of 6 years for the very last time.

As always, we’re committed to finding innovative solutions and adding value to all our engagements and
we are thrilled at the thought of tackling new challenges with our amazing clients and partners.

If you would like to know more about what we do and how we can help you, please get in touch with us
to set up a free 2-hour consultation around your technology needs.

Open post

The Journey to a Remote Team

Azuro’s journey to remote working started in 2015 when we adopted Office 365 for email, document storage and collaboration, with Skype for Business for chat and calling. Thank goodness we’ve moved on from there to Microsoft Teams. The reasons for us adopting these tools are varied, but they were primarily about reducing the internal support burden, disaster mitigation and convenience.

The first objective was to reduce our support burden. We were maintaining our own Exchange Server, a file server, an on-premises SharePoint server, an on-premises TFS (Team Foundation Server), on-premises database servers (SQL) and on-premise CRM server (Dynamics CRM prior to being renamed to Dynamics 365). This meant lots of server hardware, virtual machines and infrastructure overhead. We were experiencing frequent power outages and our hardware was aging, so we had to decide whether to invest in additional hardware to mitigate the power problems and to support newer versions of software, or to make an alternative plan.

We opted to migrate all of our core business services to the cloud as it would reduce the internal support burden with fewer servers to maintain, it would mitigate the power failure risks as the services are no longer hosted in our office and we would not need to upgrade the power mitigation options for our team, as we could work from elsewhere if the office lost power due to a power failure. By adopting Office 365 we replaced the file and SharePoint servers with SharePoint and OneDrive, we replaced our Exchange Server with Exchange Online and our Dynamics CRM server with Dynamics 365. We also migrated our TFS server to Visual Studio Online (now Azure DevOps). This meant we only needed a database server for our accounting package, so we migrated the accounting database to Azure SQL.

Once we were fully deployed to the cloud, the next hurdle was to understand how to better manage a team that is no longer in the same place every day. We realised that we needed better metrics than the old consultant metric of hours logged vs hours billed. Being a delivery-oriented business, we developed a set of KPIs based on story points completed. Since our sprint boards are deployed to the cloud on Azure DevOps, we were able to automate the production of KPIs, and grant our customers access to their projects ensuring greater transparency and collaboration in the delivery process.

Fast forward to 2020. The world is in crisis with a global pandemic that’s ground almost all travel to a halt and confined most people to their homes. For Azuro, this just meant switching off the lights in the office and letting everyone continue from their homes. Of course, there are challenges, but most of them relate to environmental issues such as intermittent connectivity issues and expensive data costs. All in all, the transition to fully remote has been largely uneventful and we mitigate the isolation issues by maintaining an open “chat channel” on our Teams for anyone to dial into and touch base and connect with whomever else is online. We recommend that our team members have their video on during any calls to increase the connection with the rest of the team. All non-delivery members have been invited into the stand-ups to enable them to remain in touch with the daily operations of the business.

We’ve been advocating a shift in consulting behaviours for quite some time and are encouraged by how well our team and customers are adapting to the new normal. The ease of this transition would not have been possible without the adoption of great tools and our preparedness with the processes to support them.

Simplifying Business with Power Automate

Over the last few years, we’ve seen an increase in the number of tools that enable non-developers to build applications and automate business processes. Microsoft has introduced a set of tools collectively referred to as the Power Platform to achieve this goal. From building simple capture forms, user interfaces and apps using PowerApps, to automating processes with Power Automate (formerly called Microsoft Flow). These tools have given rise to the term citizen developers, business users that create applications inside their organizations to solve problems that would traditionally have been sent to IT, with many procedural delays, complexities and other issues.

 

To this end, Azuro investigated mechanisms to streamline the issuing of contracts, work orders and other agreements and documents that were previously taking a long time to produce. After they had been edited to satisfaction, they were manually sent to someone for signature before being printed and signed and scanned and sent back. We decided to make use of Microsoft Flow (now called Power Automate) in conjunction with some partner software, DocFusion and DocuSign to generate the document based on a template and data in a SharePoint list and send it for signature via DocuSign. This cut down the amount of manual document editing, as well as streamlining the process of getting agreements signed. We then took things a step further and introduced approvals into the workflow, to ensure documents were checked prior to being sent to customers for signature. All of this was done without writing any code and by a non-technical person.

 

To get started with Power Automate you will need an Office 365 subscription, and any one of several different license options. Provided you are correctly licensed, you can start creating your Flow. Navigate to https://flow.microsoft.com and sign in with your Office 365 credentials. From here you can choose to start with a template or build your own flow. There are hundreds of connectors and integrations, making it a truly powerful platform for simplifying business.

 

Take a look at this video for a quick overview: https://www.youtube.com/watch?v=hCuxuUaGC6Y&feature=youtu.be

Anatomy of an Office 365 Phishing Attack

We recently had to assist a customer in dealing with a phishing attack against an Office 365 user’s account.

What is Phishing?

Phishing is the fraudulent attempt to obtain sensitive information such as usernames, passwords and credit card details by disguising as a trustworthy entity in an electronic communication. Typically carried out by email spoofing or instant messaging, it often directs users to enter personal information at a fake website, the look and feel of which are identical to the legitimate site.

Phishing is an example of social engineering techniques being used to deceive users. Users are often lured by communications purporting to be from trusted parties such as social web sites, auction sites, banks, online payment processors or IT administrators.

Excerpt from Wikipedia (https://en.wikipedia.org/wiki/Phishing)

What Happened?

The user received an email requesting feedback on an email sent earlier. The user was distressed enough by the email to respond and apologize, whereupon the attackers sent a follow up email directing the user to a file to be downloaded.

Clicking the link loads a login page, requesting the user’s Office 365 credentials, whereupon the user is directed to some documents. At this stage the documents don’t really matter, and if the user does not realise that they’ve entered their credentials into a bogus site, their account is wide open.

The attackers then take their time reviewing the user’s email inbox, to identify a plausible method of extracting a fraudulent invoice for payment.

When they are ready to act, they enable a forwarding rule on the user’s Inbox, directing all emails to an external email address, in order to respond to any queries and send the invoice for processing. It seems they target approximately $5k – $10k, probably to remain under the compliance and authorization radar. They then trigger a mass email from the user’s inbox, to spread their attack to as many contacts in the user’s mail account as possible prior to the Office 365 SPAM rules shutting the mailbox down. Finally, the attackers tend to delete as many emails as is easy to get to, in order to wipe out the traces of their intent. They do a hard delete, which means the email goes straight to jail, and does not first stop in the Deleted Items folder.

How do you know you’ve been caught? The first real indication is the forwarding rule which triggers a “Low-Severity Alert” on Office 365 to Administrators. Other indicators are if the user’s Inbox starts behaving strangely, or access to the Inbox becomes erratic. Also watch out for new rules being created.

What should you do when your email account has been compromised? There are some excellent articles posted by Microsoft, which can be found here (https://docs.microsoft.com/en-us/office365/securitycompliance/responding-to-a-compromised-email-account), on how to respond and what to do next.

How did we respond?

  1. Reset the User’s Password
  2. Block the User’s Account
  3. Remove any Administrative Roles the User may have on Office 365
  4. Disable the mail forwarding rule via Outlook Web Access (the forwarder does not seem to come up in either the Exchange Management Console or the local Outlook client)
  5. Disable any suspicious rules in the Outlook Client (We disabled them to allow us to interrogate them in more detail as part of the post mortem)
  6. Run PowerShell script to check the audit logs, and attempt to create a timeline of events
    1. See here for the PowerShell syntax – https://docs.microsoft.com/en-us/powershell/module/exchange/policy-and-compliance-audit/search-mailboxauditlog?view=exchange-ps
    2. And here for an excellent implementation (Although it’s a bit outdated – based on Exchange 2010/2013) – https://gallery.technet.microsoft.com/scriptcenter/Generate-a-Report-of-a33cde56
  7. If email entries were deleted, restore any recoverable items using the Restore-RecoverableItems PowerShell commandlet
    1. See here: https://www.undocumented-features.com/2018/04/23/using-restore-recoverableitems-or-how-i-saved-my-own-bacon/
  8. Once the emails have been restored and operational control of the mailbox returned to the correct user, you can reset the password and enable the account

What can be done?

To avoid phishing attacks in the future, it is highly recommended enabling Multi-Factor Authentication for all users. Additionally, it would also be useful to customize the Office 365 login page, so that users will more easily identify phony login pages.

In addition to these physical measures, it is important that users are made aware of the dangers of phishing and trained on how to spot phony or suspicious links and pages. Phishing is a social engineering attack and it relies on the resemblance to a credible source to solicit the user’s details.

The instances and successes of Phishing has certainly increased over the last period, with numerous reports received by Azuro, and even reported on in the news. Be alert.

Other helpful links:

  1. Connecting to Exchange Online via PowerShell – https://docs.microsoft.com/en-us/powershell/exchange/exchange-online/connect-to-exchange-online-powershell/connect-to-exchange-online-powershell?view=exchange-ps
  2. Office 365 Security Incident Response – https://docs.microsoft.com/en-us/office365/securitycompliance/office365-security-incident-response-overview
  3. Security best practices for Office 365 – https://docs.microsoft.com/en-us/office365/securitycompliance/security-best-practices?redirectSourcePath=%252farticle%252fSecurity-best-practices-for-Office-365-9295e396-e53d-49b9-ae9b-0b5828cdedc3
  4. Manage mailbox Auditing – https://docs.microsoft.com/en-us/office365/securitycompliance/enable-mailbox-auditing?redirectSourcePath=%252fen-us%252farticle%252fEnable-mailbox-auditing-in-Office-365-aaca8987-5b62-458b-9882-c28476a66918

What is Docker and why should I care?

I have been thinking about use cases for Docker for quite some time. In my opinion, it's an over-hyped technology (like so many new and shiny technologies at the moment). I do however believe that it becomes relevant when you want to run very specific workloads at irregular intervals and need these workloads to be able to scale quickly and cheaply. So, I now have three very interesting use cases, as well as an implementation strategy that leverages Azure.

Scenario 1:
VSTS Build Agents - Being a Dynamics Partner, we still build many plugins and integrations, and these rely heavily on the CRM Context and Generated Entities. As we move towards greater DevOps capability, it seems reasonable to want to ensure that the entities used in an application or plugin are the latest entities and therefore part of the build pipeline should refresh the generated entities. Enter Docker Containers. By using a Docker VSTS Agent Image (https://www.jamessturtevant.com/posts/Using-the-VSTS-Docker-Agent/) the image is quickly invoked, and can execute your funky custom build activities. There will be some additional work involved, deploy CRM SDK, Entity Build configuration, etc., but in principal, this will work.

Scenario 2:
Custom Excel Services Host - One of our (potential) customers sends out monthly reports in Excel format. To generate a report in Excel is generally a mess, as you need the Excel App installed and all kinds of funny things. This will obviously not fly on an Azure App service. But, enter Docker! (Whooshing Superman sounds) So, build your very special custom docker image (probably on a Windows Nano Server) with all your Excel and other Apps and voila, problem solved!

Scenario 3:
SQL Server Reporting Services - Azure SQL does not offer a deployment of SSRS, but thanks to Docker, one could spin up an instance of SSRS, produce any needed reports, and then let it all go again. https://hub.docker.com/r/microsoft/mssql-server-windows-express/ SQL Express with Advanced Services supports SSRS which should be sufficient for most scenarios, and SQL Express is also free, so no licensing risk.

Finally, how to make magic in Azure. One of the things I love most about Azure is the serverless components. Ideally, everything in an Azure deployment should be serverless, and there should simply not be any VMs. This isn't often the case, but if that is the stated goal, then how does one deploy Docker images in Azure, in a serverless manner? The first option for deploying Docker is Azure Container Services (AKS - https://azure.microsoft.com/en-us/services/container-service/ - No idea why the "K", if I remember I'll ask someone – edit – K = Kubernetes). This however deploys a Linux VM to host the Kubernetes infrastructure, so what's the point? I may as well deploy a VM directly. The next option, and by far the sexiest I've found to date, is Azure Container Instances (https://azure.microsoft.com/en-us/services/container-instances/). Enter serverless Docker deployments. Point it at your Docker Image Repository (look at Azure Container Registry - https://docs.microsoft.com/en-us/azure/container-registry/container-registry-intro) and voila. Suddenly it costs you cents to run a docker image. This is what serverless compute is all about!

So, how, why and when to use Docker. I think that about covers it. Mind = Blown!

Scroll to top