Windows Virtual Desktop is a service hosted on Azure which allows clients to consolidate their workflow like a traditional RDS server, but with a Windows 10 VM instead which is more intuitive to most users. This is a powerful technology for MSP’s which can cut both you and your client’s costs, reduce technical overhead, and increase security. It works out to a large win for everyone involved for most workflows.

Azure has become one of the biggest virtualization and cloud platforms with a medley of offerings and services which meld together into a Windows administrator’s sweetest dream. Let’s see exactly what Windows Virtual Desktop is, what it does well, how to get the most out of the platform if you’re not used to the cloud, and the security and backup features you get as well.

What Is Windows Virtual Desktop?

Windows Virtual Desktop boils down to a solution which allows you to manage a cloud Windows environment without having to manage the tedious parts of infrastructure, maintenance, or the pain of licensing. It is the natural evolution of RDP. We previously wrote about the more technical aspects of what makes a Virtual Desktop Infrastructure work. Let’s look at the features Windows Virtual Desktop offers to get a taste for what it does in practice rather than theory. Microsoft lays their Windows Virtual Desktop offering out with the following features:

Set up a multi-session Windows 10 deployment that delivers a full Windows 10 with scalability

Virtualize Microsoft 365 Apps for enterprise and optimize it to run in multi-user virtual scenarios

Provide Windows 7 virtual desktops with free Extended Security Updates

Bring your existing Remote Desktop Services (RDS) and Windows Server desktops and apps to any computer

Virtualize both desktops and apps

Manage Windows 10, Windows Server, and Windows 7 desktops and apps with a unified management experience

You get the ability to use a multi-user, multi-session version of Windows 10 which means a more simplified changeover and an easier licensing situation. You also have the option for Windows Server or an up-to-date version of Windows 7. Desktops and apps alone can be virtualized with this solution.

Windows Virtual Desktop makes it easy to get users virtualized cheaper and more efficiently than other solutions. You handle the setup, they handle the infrastructure (Azure AD) and maintenance (mostly). Microsoft also makes it easier than RDP, you don’t need a gateway server and RDP setups deployed to each desktop, your users just use a simple native app or an HTML5 webapp.

What Makes Windows Virtual Desktop Amazing?

This solution basically provides you a way to make virtual desktops for clients to work off of (which are especially important with work from home), but that isn’t all it does. It also allows support for Windows 7 which is compliant (i.e. it is patched and up to date from the vendor), and it allows porting over existing RDP setups. You get everything a traditional Windows virtualization solution could provide, plus an easier way to administer it and use it. It offers an easy line for clients to move over as well.

If you have clients with old Windows 7 desktops or Windows Server 2008 R2 boxes, you know how painful they can be to manage. The extended support on its own is far too expensive for most companies to realistically consider, so they take their chances with VM’s or trying to isolate the machine from the rest of the network. No matter how it’s done, it’s either expensive or painful for everyone involved.

The Azure setup streamlines maintaining a domain environment. Domain costs can become especially costly per user in smaller traditional setups. Ease of use is a general feature across the board for Azure. That being said, Azure can be hard to get going with since there are just so many features and options.

Augmenting Azure

We offer project services for migrations to help our partners focus on business while we focus on the boring parts. We partnered with both Crayon and Nerdio to augment our Azure offerings. Azure is complicated and can be difficult to navigate, but solutions like Crayon and Nerdio both have different offerings which fill in the gaps. They help handle translating the client’s need into something which can be cost effective with Windows Virtual Desktop (among many other Azure services).

Transitioning to Azure is easy if you’re somewhat technical and can follow directions, but you can end up with 10 different solutions which do the same thing and vary wildly in cost. The cost all depends on how well you understand the platform and what you need to satisfy the client.

Any MSP can handle the technical side, but the platform requires knowledge and experience to leverage it as efficiently as possible. It can be hard to find the time to maintain your business obligations while staying ahead of the dizzying number of XaaS platforms. Paying for a project to migrate or working with a vendor to simplify Azure and Windows Virtual Desktop setup can ensure your first migrations are a success and stay on track for cost and expectations.

It’s easy once you understand it, but it takes a lot of time and effort to get to the point it all comes together naturally. You can choose to learn on your own slowly, or you can get a jumps jump-start with expertise to immerse you in Azure and learn as you go. Neither solution is the right answer for all MSP’s or businesses, but if it gets overwhelming, there are options to get through the most mundanely challenging parts.

Azure Backup and Security

Azure offers a backup service which makes recovery and backup administration trivial if you’ve already bought into the Azure platform. Azure Backup doesn’t just work for devices hosted on Azure, you can also run it on traditional on-premise setups. It isn’t always the most cost effective solution outside of Azure however.

You also have a simplified network interface which abstracts your networking away from supporting a virtual appliance. Some providers still require you to support virtual firewalls and similar if you want the service to work and be secure. Azure makes it easy in general and keeps it easy enough that some power users can even administer it.

Azure Backups running as a cloud appliance rather than an on-premise machine or similar provides an advantage for security as well. Some crypto and ransomware variants are known to target HyperV machines or certain backup solutions to make recovery more painful. It’s a lot harder to do when it’s a one way transfer into the cloud rather than a machine sharing the same network.

I mentioned compliance earlier with Windows 7 with Windows Virtual Desktop, but this is a huge selling point to some clients. They need a legacy OS and they need to do things right or else have a hugely inconvenient network isolation project. We’ve had vendors suggest clients with applications on Windows Server 2008 R2 literally isolate and spin up a full, separate domain (intentionally using different credentials and user structuring), maintain a jumpbox (or two) which is at least partially isolated, and then suggest users transfer data by moving it from their system to the jumpbox, and then to the secure server to try and remain secure because extended support was too expensive. Or, they could just use Windows Virtual Desktop.

Conclusion

Windows Virtual Desktop won’t fit every client or every workflow, but it is a powerful offering and an efficient tool for many companies. Windows Virtual Desktop expounds on the possibilities in Azure with virtualization and creates the natural evolution to RDP and similar tools and technologies. Understand what it does and how, and you can understand when to use it, or when to not.

Services from Nerdio or Crayon can give you a shortcut to getting the most out of Windows Virtual Desktop and other Azure offerings. Windows Virtual Desktop is powerful, but it can be complicated if you are not familiar with the sheer volume of options. You can make the same basic system a dozen ways with a dozen different prices that all work the same; understanding how the options work and are billed is essential to making the right choices. It’s not hard on its own, but it can be when you’re trying to balance a business and selecting technology.

Sometimes it just works out cheaper long-term to rely on another expert to make the best choices and build the best experience the first few times. It’s important to remember how much your time or obligation is worth. We enable our partners to make use of these technologies to get the most bang for their buck.

Windows Virtual Desktop can provide an easier to manage environment which can be cheaper to operate for many clients. It abstracts away many security and infrastructure concerns, as well as unexpected costs. I’m yet to hear of a client moving to Azure or Windows Virtual Desktop and deciding to move back due to anything other than poor planning. The advantages are too great once you understand them.

Meet Allan Sivils, CEO of Sivils IT Consulting!

Tell us a little about your MSP…

Sivils IT Consulting is located in Virginia Beach, VA. We were established in 2014 after I spent 15 years managing enterprise IT operations. I wanted to create a niche business that focused strictly on partnering with our clients’ IT operations, and not selling software or hardware. We focus on building true partnerships with our clients that allow us to advocate for their business growth.

How long have you been a member of The 20?

We joined in December 2019!

Why did your MSP originally look to partner with The 20?

A couple of reasons – The 20’s model is very similar to what we have been building since we started our business; to focus on being the best “Managed IT Department” for our clients. So, it made perfect sense from a partnership standpoint. Second, we have clients on both coasts, and being a part of The 20 gives us the resources that we need in order to serve clients across the United States. This allows us to scale faster, while not sacrificing the quality that our clients should expect. Lastly, the shared expertise of being a member alongside other top MSP’s allows us to work together to bring the best solutions to our clients.

Tell us about the biggest change in your business since joining The 20.

We do not feel limited by how much we can scale our business by being a member of The 20.

What do you like most about being a member of The 20?

The network of being a member. Being part of such a large community has already helped us since joining in December operationally. We’ve been able to provide onsite resources to our clients that are thousands of miles away, and have these resources follow the same processes we do internally. We’ve been able to implement better technical solutions and processes that have helped us internally to service our clients.

What do you think is the most important quality necessary for success?

Relationships. Both within our MSP community, our vendors, and especially our clients.

What are your biggest business challenges?

Managing the ebb and flow of IT projects around our clients growth – while we do our best to ensure that we can schedule to meet expectations, sometimes the volume of projects needed at one time can be difficult to manage. Also, sometimes projects require a wide range of very specific expertise. Being a member of The 20, this is quickly becoming less of a challenge.

What are your areas of focus for 2020?

Microsoft Azure, Windows WVD and Nerdio. We see that these have a huge operational advantage and efficiency versus having workloads onsite. It also helps us scale our clients faster, while ensuring their business continues to have the highest availability for their operations.

What advice would you share with an MSP looking to scale their business?

Stay focused on the relationships I mentioned above and being the IT Department advocate. Unfortunately, due to the nature of the business, with a lot of us being engineers that get too focused on the details, leverage your fellow partners/vendors instead of trying to take the entire pie for yourself. Follow this up by a repeatable IT operational standard and processes that will be clear and focused for your team to support and, most importantly; stable, secure, and protected for your client.

What book are you currently reading?

I travel a lot, so by “reading…” that really means “audio book” for me. This would be Traction by Gino Wickman. I’m actually listening to it again! I will listen to audio books that I have enjoyed, multiple times — that is — if I find the information extremely valuable.

Favorite blogs / podcasts

Honestly, I don’t have any. I spend so much time investigating, reviewing, testing, and reading about various IT solutions and methods. I guess I would say, I read “the internet.”

Interested in becoming a member? Click here for more information!

Well that’s a wrap on another successful Quarterly meeting with our members!

Winter Quarterly was held at our offices at Legacy Central in Plano on January 16th and 17th, and we had an incredible time with all of you.

You’ve got to win somewhere before you can win everywhere.
– Joseph Landes of Nerdio

Our first day was entirely dedicated to in-depth training sessions by Nerdio, CloudJumper and Crayon. Each company discussed how to sell, calculate and implement Azure. The day concluded with a happy hour. It was 2 hours of games, music and good times spent with our 20 family!

Day 2 kicked off with Tim Conkle who went over with our members the best way to sell cloud and how to package it with our other software platforms. Everyone is moving more away from hardware and towards cloud.

So much was learned, and so much fun was had – there’s nothing we look forward to more than when we have our partners in town, and in the same room. It’s a tremendous energy, and we’re always sad when it ends!

If you have any questions about future Quarterly events, please contact us today to learn more about The 20! We’d love for you to be a part of our Spring Quarterly in May!

And don’t forget to sign up for our MSP Sales Academy going on next month!

Tim clowning around before start time!

Panel discussion lead by CIO Jeff Griffin, CTO Jonathan Blakey, SVP of Sales Roxann Sawyers, and COO Ciera Cole.

by Sage Driskell

Common Phishing Techniques

“Microsoft Support” | This is an extremely common scheme that many people fall for. Someone receives a call or email from “Microsoft” saying they’re compromised, and the “technician” helps the user allow them to connect to the machine in order to compromise their system. A lot of times, they leave behind malware or other remote access tools which they can use to later harvest information. They also typically charge for their “assistance” and collect data either via an invoice or on the phone.

Bank Emails | This is the most well-known phishing attempt. You get an email “from your financial institution” and the domain is usually close to the original, but always a bit suspect. These pages are identical to the bank’s page as well. The easiest way to avoid these is to always log in to the bank site directly rather than doing anything from an unknown communication from them unless you specifically know an email is coming (e.g. password reset).

IRS Emails | As we know, the IRS is almost impossible to work with, so they won’t make your life easy to just call you and square everything away over the phone or via email. These types of phishing attempts typically involve “the IRS” reaching out to you about a “tax issue” and they’re glad to either collect information (including your social) to “process your case”, or in some cases, they’ll take money to help “pay off the owed sum today only”.

Compromised Service Emails | These are a “warning” from a provider that “the service may have been compromised” and they need your details to continue. The login page is usually either really good or else really obviously bad. There is very rarely a middle ground on these. They will sometimes include a specific email or form to make it easier.

Fake Invoices | This is a fake invoice requesting money for some service. These are commonly used to target companies. The invoices are usually extremely generic, may or may not ask for personal details, and target companies where it is easy to miss a small expense.

419 Scam | These used to just be scams, but they’ve grown in some ways. The goal is to get both your money and your identity. These will typically be a business venture or something, but unlike classic 419 scams, they don’t just start asking for $10k for your $10mil “which is stuck in processing and needs the money to be released, Western Union only please!” These will start out as small investment opportunities or similar which may actually show some signs of legitimacy before the big hit.

Spear Phishing | You know that cool flash drive or CD you found in the parking lot near your sensitive workplace? It may be infected with malware or spyware to try and infiltrate your environment. That is the most common spear phishing technique at present. It’s literally just a cool looking piece of media loaded with all sorts of malware.

Signs It’s a Phishing Email

The first thing to look for in any questionable email is this: is this someone I do business with? If you don’t have an account, you obviously have no business receiving their email except as spam. Another thing to look for is the trends of the institution. What I mean by this is, if you’re dealing with a bank, they don’t want you to email them a form. Look for obvious grammar and spelling mistakes. These can be telltale sign that something is amiss. Most financial institutions and similarly private types of institutions want you to sign in and fill it out on their page and will almost always have an internal way to do this from their login from an internal messaging portal or similar. If in doubt, log in directly and look and see if this is a legitimate communication. If it is, you may still be compromised and should still take caution.

Another thing to look at is the domain. Does the domain match the exact one you use for your bank or similar? The names may be very close, but they tend to have some minor issue with them or will redirect through something else. Just because it looks right doesn’t mean it is. You can also check the SSL certificate to see if it is legitimate or not, but that’s a bit more complicated.

Any service which is reaching out can also be called or otherwise contacted to verify the legitimacy of a claim. No one has time for every communication, but anything which looks pressing may be worth trying to communicate with the vendor or service over. I personally just ignore everything unless I get officially contacted about it or know it’s coming.

Another strategy I use is different email accounts tied to specific services. I work with one bank with one account and another bank with a different account. I know I can only receive one banks communication on a specific email, so anything on the other email is obviously a trick. Using email accounts only for specific accounts (and literally nothing else) helps well since you have a lower chance of the email being leaked, but this does require more effort and upkeep.

Further Signs

For more advanced users, you can look at the email headers (to do this in Outlook, see: https://www.technipages.com/outlook-view-message-headers). If you see something like the following message:

How to Recognize and Avoid Phishing Attempts

We can see that this is coming from a [email protected] — which I have no idea what that is — and the email to contact is [email protected]. The domains do not match and neither of these have anything to do with Publisher’s Clearing House. I could not find a specific phishing email in my mailbox with forged headers, but see something like: https://www.alienvault.com/blogs/security-essentials/how-hackers-manipulate-email-to-defraud-you-and-your-customers for an example of what to look for. There are legitimate uses for a “forged” header, but this is typically for bulk mailers and similar, and is rare with official communication.

Another thing to look at is the TLD. If the TLD is foreign for something which is US only, you can almost guarantee the email is a phishing attempt. If the TLD doesn’t match the actual company TLD, then you probably have an issue too. Apple.net is not Apple.com. Tech giants like Apple will tend to nail down sister domains, but smaller companies usually don’t have the resources to do this.

Another trick is to copy and paste the domain from the email into something like: https://www.diffchecker.com/ and then copy the domain from the email. You might get something like:

How to Recognize and Avoid Phishing Attempts

This is obviously a phishing attempt since the domains do not match. With the right font, these are somewhat obvious, but a common tactic is to use Unicode characters or similar characters in another language in order to get around this sort of limitation. This technique helps weed out some of the more obvious tricks, but you should still check the headers.

How The 20’s Security Offerings Mitigate Phishing

Vipre Email Security

Vipre Email Security is the new name for Fusemail. This service blocks both malware and phishing at the source. You don’t need to worry about a user clicking on malware or getting phished if they don’t even see it in the first place. Setup is easy and convenient and is pretty much ready to go (that is, no crazy lists or other hoops like some services) once the initial setup is complete. No solution is perfect however, so training and combination with a tool like OpenDNS makes this tool substantially more powerful. Vipre Email Security gives you the control to throttle scams and phishing attempts in order to keep your clients safe.

OpenDNS

OpenDNS isn’t typically thought of as a way to mitigate phishing attempts, but it works great against fake portals. OpenDNS is easily configurable and scalable for agents at your client’s sites. It prevents the few phishing attempts which get by from being as impactful. There are caveats to this however, but we have seen many tickets from confused users unable to submit their sensitive data to scammers. OpenDNS is flexible and easy to deploy to individual agents or across a network. From a domain environment to workers in the field, OpenDNS has an option to get you covered.

Deep Instinct and Huntress

Deep Instinct and Huntress help prevent and remove compromises from the inside which can lead to legitimate emails becoming weaponized into near impossible to discern phishing from legitimate accounts. By preventing infections, you prevent data leakage and lock down on threats which may threaten your client’s systems with ransomware as well as keyloggers. Deep Instinct and Huntress are like Yin and Yang. Deep Instinct is the prevention, Huntress is the remediation. Find exploits on new clients and help lock them down preventing more seemingly legitimate, internal threats which lead to phishing and worse.

To learn more about The 20 and how we can help your business, be sure to check us out here!

by Joseph Landes

As The 20 MSPs continue to evolve and build successful cloud practices in Microsoft Azure, one of the more frequent questions we receive at Nerdio is “How do I make money selling Azure?” MSPs should always be on the lookout for how Azure can improve their own business needs—namely decreased costs and higher gross profit margins. One of the best ways to do this is familiarizing yourself and deploying Azure Reserved Instances. Let’s talk about how that works.

The cost of Virtual Machines in Azure is the single biggest component of a typical MSP’s IT environment. Therefore, focusing on reducing this large consumption component is a great place to start. The savings are significant but carry a bit of complexity and need some up-front planning to take advantage of them.

Microsoft’s hyper-scale data center strategy has allowed the company to deploy many global regions at great cost to the company. As Azure adoption continues to rapidly grow, Microsoft needs to forecast demand in the various regions, which is far from trivial since public cloud is primarily advertised as a pay-as-you-go utility where you could run a VM one day and turn it off the next. To help with this forecasting challenge and to reward customers who are willing to commit to a certain amount of compute capacity in a specific region for an extended period, Microsoft introduced Reserved Instances (RIs). These RIs can save you from 20% to 57% relative to the list Pay-As-You-Go (PAYG) price.

RIs are reservations of a specific type of compute capacity (i.e., VM family/series) in a specific geographic location (i.e., Azure region) for a predefined period (12 or 36 months). Depending on the VM family, duration of the reservation, and region, these RIs can save you from 20% to 57% relative to the list Pay-As-You-Go (PAYG) price. The trade-off is that you have to pre-pay for the reservation in advance. This is great news for MSPs because typical IT workloads they deploy in Azure on behalf of their customers are persistent and customers are generally open to making one or three-year commitments.

Let’s explore how these RIs work.

When you provision a VM in Azure, two billing meters start running: base compute and Windows Server license. The published PAYG rate includes both components and every plain, vanilla VM you power on will bill you for both. RIs stop the base compute meter.

RIs are purchased with a lump sum payment via the CSP program and are applied to your tenant or subscription. Any VM running inside of that subscription that “matches” the RI will have its base compute rate zeroed out on the next invoice. Remember that RIs are purchased on a per-VM-family, per-region basis. This means that it will only match to a VM or set of VMs if they are of the same family and in the same region as the RI.

With Instance Size Flexibility, Microsoft will automatically apply any reservations in the most advantageous way to reduce the bill – if the VMs are running in the same region and have the same family as the RI. Keep in mind that RIs are a billing concept. There is nothing that needs to be done on the VM itself to stop its base compute meter and utilize the reservation. Azure does that automatically upon issuance of the invoice.

What if you need to change your reservation from one VM family to another or move your VMs to another Azure region?

No problem! RIs can be exchanged without any fees or penalties. Any unused portion of an RI will be applied as a credit towards the purchase of a new RI for a different family, in a different region, or both.

What if you need to cancel a reservation?

This is also possible, but there is a cancellation fee. The cancellation fee is 12% of your purchase price. The unused portion of your reservation will be refunded to you minus the 12% cancellation fee. There are some limitations to this on an annual basis. For example, your cancellations cannot exceed $50,000 in a year.

Let’s stop and think about this for a minute from the perspective of an MSP. The worst-case scenario is a 12% cancellation fee on a reserved instance of a VM they may no longer need in the future. However, the savings is anywhere from 20% to 57%. Therefore, cash flow considerations aside it makes sense to reserve all VMs even if they may need to be exchanged (no fee) or cancelled later (12% fee).

What if your customer cancels your managed service agreement? You have three options:

1. If you have no other customers who can make use of Azure VMs you will be forced to cancel the reservations and pay the 12% early termination fee. However, remember that your savings should more than pay for the early termination fee even in this worst-case scenario.

2. If you have other customers or are bringing in new customers who can make use of reserved Azure VMs, but who need different types of VMs or need to be in a different region, then you would exchange your reservations – at no charge – and extend them to 12 or 36 months.

3. If you have other customers or are bringing in new customers who can make use of the reserved instances in the same region and same VM family, then there is nothing else for you to do. By setting the RIs to shared scope and having all your customers under one tenant with individual subscriptions, the RIs will just keep working for you and stopping the base compute meter on VMs.

What about cashflow?

You may be concerned that having to come up with 36 or even 12 months’ worth of Azure VM fees is a burden on your company. There are financing companies specializing in working with MSPs who will finance the purchase of Reserved Instances. This way you’ll get the benefit of the RI discount but keep the cash outlay monthly. There is obviously going to be a financing fee associated with this, but with savings of up to 57% it’s still worthwhile.

In summary, RIs or reservations are a significant lever to save up to 57% of compute costs, which is the single biggest cost component of an Azure IT environment, and dramatically increase your margins. They do require some advance planning, budgeting, and structuring of your Azure account the right way, but can significantly increase the profitability of your Azure practice. On top of the inherent savings you get with reservations, you may also get anywhere from a 2%-5% discount as a CSP Direct or CSP Reseller. As you can see, discounts start to stack up and free up margin to be used in better ways.

Interested in learning more? Don’t miss Nerdio at The 20’s upcoming VISION Conference!

Joseph Landes is the Chief Revenue Officer at Nerdio—a cloud company whose mission is to enable MSPs to build successful cloud practices in Microsoft Azure. He previous worked at Microsoft for 23 years leading high performing international sales and marketing teams. When not visiting MSPs you can find him trying to visit every country in the world or reading great literary fiction.

by Joseph Landes

Managed service providers (MSPs) in The 20 play a very important role in the adoption of cloud IT environments and the evolution of technology for the small and medium-size businesses they serve. This is particularly true with a powerful, yet complex, cloud environment like Microsoft Azure. SMBs look to MSPs in The 20 to expertly optimize itto fit their needs. But MSPs should also be on the lookout for how Azure can improve their own business needs—namely decreased costs and higher gross profit margins.

Here are five tips from Nerdio for The 20 members to optimize Azure costs and infrastructure to increase margins and make more money offering and reselling Azure.

1. Become a Microsoft Cloud Solution Provider (CSP) Reseller

Becoming a CSP reseller makes it easier for MSPs to transact Azure. In addition, CSP resellers receive a discount off Azure list prices via a CSP distributor—typically large providers—and thereby increase margins. CSP resellers are also eligible for various incentives that Microsoft makes available to its CSPs based on growth objectives. These incentives are incremental to the discount received on Azure consumption and can be in the 10% range or more when added up. Reach out to an IT distributor and ask how to become a CSP reseller or visit Microsoft’s website for more detailed information.

2. Leverage Azure Reserved Instances

The cost of virtual machines (VMs) in Azure is the single most expensive component of a typical MSP’s IT environment. Reserved instances (RIs) are reservations of a specific type of compute capacity (i.e., VM family/series) in a specific geographic location (i.e., Azure region) for a predefined period of time (12 or 36 months). Depending on the above specifics, using RIs and reserving compute capacity ahead of time can save you from 20% to 57% relative to the list pay-as-you-go price. They do require some advance planning, budgeting, and structuring of your Azure account the right way, but can significantly increase the profitability of your Azure practice.

3. Capitalize on Azure Hybrid Usage

Microsoft has created a special entitlement called Azure Hybrid Usage (AHU) that allows MSPs to pay for Windows Server via another licensing program and not through Azure. Essentially, you can bring the Windows Server licenses you already paid for to the cloud for free. As a result, the Windows Server OS meter stops spinning. AHU is a benefit unique to Azure; you can’t bring your own Windows server license to other major cloud providers. Combining RIs with AHU and CSP software subscriptions can reduce the cost of VMs by up to 80%. It goes without saying that the margin impact to an MSP from such significant cost reductions cannot be overlooked.

4. Auto-scaling for Cost Optimization

The value proposition of Azure as a public cloud is its utility-like consumption billing model: Pay only for what you use. To do this, MSPs need a mechanism to know what compute is needed and when, and a system that automatically resizes workloads to fit the demand at any given time. This means that if a VM doesn’t need to be on, a system

needs to be in place to know it and act on it by shutting down the VM at the appropriate time and then turning it back on when it’s needed again.

Azure automation platforms do exactly this, as MSPs can set business hours for each VM and tell the system what to do with the VM outside of those hours: leave it alone, shut it down, or change it to something smaller. The system will then automatically execute these instructions, resizing the VM after the end of business hours and then prior to the start of the next business day.

5. Burstable VM Instances

B-series Azure VMs are known as “burstable” VMs. They are used for non-CPU-intensive workloads (for example, domain controllers and file servers) and cost about 50% of an equivalently sized D-series VM. Burstable VMs are cheaper because Azure imposes a quota on how much of the total CPU cores can be used. Every second that the VM is using less than its quota it is “banking credits” that can be used to burst up to the total available CPUs when needed. While bursting, the VM is consuming its banked credits. Once the credits run out, the VM’s CPU utilization is throttled down to a lower utilization quota.

As you can see, these tips provide multiple ways for MSPs in The 20 to optimize their Azure consumption and increase their profitability. Understanding these tips will help you reconfigure their Azure architecture, determine how much margin they can achieve, and recognize how to build a successful and profitable cloud practice in Azure. Nerdio’s automation platform allows the members of The 20 to achieve all of this and much more. Check us out at the upcoming VISION event or on our website at www.getnerdio.com.

Interested in learning more? Don’t miss Nerdio at The 20’s upcoming VISION Conference!

Well that’s a wrap on another successful Quarterly meeting with our partners!

Spring Quarterly was held at our offices at Legacy Central in Plano on April 11th and 12th, and we had an incredible time with all of you.

Our first day was entirely dedicated to in-depth training session by CloudJumper where they showcased their new Cloud Workspace Management Suite on the new Microsoft Azure Marketplace. This day-long training really allowed Cloudjumper to dive deep into the product and focus our members on the benefits of the new suite that features simplified management, optimized billing, and more automation with control.

The day concluded with 2 demos on ACE and CWA setup, followed by a happy hour sponsored by Cytracom! It was 2 hours of games, music and good times spent with our 20 family.

Day 2 kicked off with Tim Conkle discussing how vision without execution is purely a dream. He also talked about the unlimited potential of growth that exists if you simply reach for it enough. Then, Elite member John Rutkowski of Bolder Designs gave a great presentation on client relations and onboarding.

So much was learned, and so much fun was had – there’s nothing we look forward to more then when we have our partners in town, and in the same room. It’s a tremendous energy, and we’re always sad when it ends!

If you have any questions about future Quarterly events, please utilize our Chat feature on the site, or give us a call! We’d love for you to be a part of our Summer Quarterly in July!

Tim’s opening remarks.

COO Ciera Cole presents.

Cloudjumper presentation.

I think we’ve all seen those virus alerts to some degree or another that pop-up on our desktops telling us that we’ve been infected. They’ll typically pretend to be from legitimate companies like Symantec or Microsoft (in some cases, even using a fake Microsoft logo to establish credibility), and they always want you to call a fake number — which leads to paying money for a fake service.

I’d like to believe that anyone reading this blog is someone who can detect this kind of scam, but regardless, whether you’ve fallen for this in the past or not, new information on the source of this costly annoyance appears to have come to light.

And it takes us all the way to India, thanks to The New York Times.

The article begins by telling us that 1 out of 5 people who receive such alerts tend to contact the fake tech support centers, while 6% of users in general actually pay for the fake services – which is crazy in and of itself.

Nothing about those alerts look legitimate, but hey, there are A LOT of people on this planet…

The meat of the piece points to Microsoft and how they helped police trace who was behind these large-scale operations. Apparently, these scammers have their roots in New Delhi, the capital of India, which is also the epicenter of call centers in general.

According to the software giant, more than 11,000 calls per month about fake security warnings were being received. And many people as a result, lost significant sums of money to the fraud.

On Tuesday and Wednesday, police from two New Delhi suburbs raided 16 fake call centers and arrested more than 50 in connection with the scam.

The Scam

Fixing the non-existent virus could involve calling a tech support center, where an operator would talk a victim through a fake fix and then charge them for the work. In other cases, the bogus tech support team would call their targets themselves and pretend to be a Microsoft employee, bringing to their attention a virus or false claim that his or her system could have been hacked. Eventually, they ask for anywhere from $99 to $1,000 to fix the problem that doesn’t exist in reality.

Courtney Gregoire, an assistant general counsel in Microsoft’s digital crimes unit, perhaps said it best when she was quoted as saying, “This is an organized crime.”

No doubt.

The scam is incredibly lucrative according to researchers at Stony Brook University. They published a detailed study of fake tech support services last year that estimated just a single pop-up campaign, spread over 142 web domains, could bring in nearly $10 million in just 2 months.

Microsoft said it was working with other tech industry leaders such as Apple and Google, as well as law enforcement, to fight the digital epidemic, which is migrating beyond the English-speaking world to target other users in their local languages.

Microsoft has also published advice about ways to spot the fake calls and avoid becoming a victim.

Microsoft re-released its Windows 10 October 2018 Update yesterday, following the company pulling it offline due to data deletion issues over the weekend.

Partner of The 20, and CEO of Cole Informatics, LLC out of Parsons, Tennessee, Terry Cole, made note of these issues on his late last week.

The software giant says there were only a few reports of data loss, at a rate of one one-hundredth of one percent. “We have fully investigated all reports of data loss, identified and fixed all known issues in the update, and conducted internal validation,” says Microsoft’s John Cable, Director of Program Management for Windows Servicing and Delivery.

Microsoft is now re-releasing the Windows 10 October 2018 Update to Windows Insiders, before rolling it out more broadly to consumers. “We will carefully study the results, feedback, and diagnostic data from our Insiders before taking additional steps towards re-releasing more broadly,” explains Cable.

It appears the bug that caused file deletion was related to Windows 10 users who had enabled Known Folder Redirection to redirect folders like desktop, documents, pictures, and screenshots from the default location. Microsoft introduced code in its latest update to delete the empty and duplicate known folders, but it appears they weren’t always empty. Microsoft has developed fixes to address a variety of problems related to these folder moves, and these fixes are now being tested with Windows Insiders.

Speaking of Windows Insiders, Microsoft’s testing community did flag some of these issues ahead of the release. Microsoft appears to acknowledge this as the company is making some changes to the feedback tool for Windows 10 to ensure testers can flag the severity of bug reports. “We have added an ability for users to also provide an indication of impact and severity when filing User Initiated Feedback,” explains Cable. “We expect this will allow us to better monitor the most impactful issues even when feedback volume is low.”

Microsoft will now monitor feedback related to this re-released build of Windows 10 October 2018 Update and will officially launch it to consumers once the company is confident “that there is no further impact” to Windows 10 users. “We are committed to learning from this experience and improving our processes and notification systems to help ensure our customers have a positive experience with our update process,” says Cable.

While we all hope this re-release is a positive one, Microsoft has certain come under fire with its frequent update process. I made note of this in a blog last month that discussed IT admins who are campaigning hard for Microsoft to slow their roll when it comes to their Windows 10 upgrade schedule.

It would appear that IT administrators are campaigning hard for Microsoft to slow their roll when it comes to their Windows 10 upgrade schedule.

Approximately 78% of more than 1,100 business professionals charged with servicing Windows for their firms said that Windows 10’s feature upgrades — now released twice annually — should be issued no more than once a year. The 78% was split almost evenly, with 39.2% arguing for one upgrade per year while 39.3% picked one every two years from a questionnaire on Windows patching, updating and upgrading.

Only 11% agreed that the current twice-a-year release is their preference, and a very small 1% wanted an even quicker tempo than that.

The questionnaire, created by Susan Bradley, who moderates the PatchManagement.org mailing list, asked administrators about whether feature upgrades are useful to their businesses and if Windows 10 has met company needs. Bradley used the responses to support her plea that Microsoft’s top executives address what she and her colleagues believe is an ongoing deterioration in the quality of Microsoft’s monthly patch updates.

But she also raised the issue of the Windows 10 feature upgrades’ release calendar. “If Microsoft is not realizing that [their] enterprise customers are having issues with the timing of the feature updates, then Microsoft is not listening to their enterprise customers.”

And questionnaire commentary by IT administrators vividly paint the frustration felt from the feature upgrades’ frequency.

“Most feature updates introduce so many bugs and problems,” said one respondent. “With the current pace of releases of new feature updates, the entire IT department is busy constantly dealing with all the problems that follow, instead of spending time on activities that actually create value for users.”

“At twice per year, you’ve barely got over one before you need to do it all again, leading to the temptation to skip every other update,” asserted another.

“This may come as a shock to Microsoft management, but our bonuses aren’t geared to the matrices that their bonuses are geared to,” said another participant. “We have better things to do with our time than run on the treadmill that is their business cycle.”

Windows 10’s upgrade tempo has gone through several iterations since mid-2015, when the OS debuted. Initially, Microsoft envisioned four upgrades annually. In 2015, it released the first upgrade, labeled 1511 using the company’s now standard yymm format, about three and a half months after the original 1507. But then Microsoft issued just one upgrade in 2016, the mid-year 1607.

Shortly after that, Microsoft announced that it was formalizing a two-times-each-year schedule, with March and September as release targets. Since then, it’s delivered 1703 (April 2017), 1709 (October 2017) and 1803 (April 2018); it appears to be on track to release 1809 next month.

To complicate matters, for a time Microsoft extended support from the usual 18 months to 24 months for Windows 10 Enterprise and Windows 10 Education. Microsoft justified the extension – which ended with version 1803 – as necessary because “some customers” asked for more time to migrate from one feature upgrade to another.

With 24 months of support, it was feasible for IT to skip one feature upgrade in any given year. But with the return of 18 months of support, it will again be tough for companies to move all PCs to a supported version before the one currently powering the machines stops receiving patches. That was one reason Gartner Research urged enterprises to pressure Microsoft into making permanent the 24-month support period.

Gartner has assumed that Microsoft will not retreat from its two-times-a-year cadence but that it will be pressured, likely by or before the end of 2020, into making the 24 months of support permanent. While that won’t change the release frequency, it will, Gartner has said, allow adopting just one upgrade each year.

We’ll see what happens.

I’ll end with what Michael Wayland, Managing Director of Byte-Werx in Houston (Elite member of The 20) told me:

With the major releases there are often several unforeseen issues that can crop up. This can cause several hours of downtime for endpoints and cost small businesses money. It’s one reason you want a managed IT department to follow the releases, the issues, and release in a methodical and planned way after lab testing. They’re also available to quickly backstop, remediate, or walk through end-users for issues that arise.