How AWS is Transforming the Pharmaceutical Sector in Pakistan

The pharmaceutical industry in Pakistan has been steadily growing over the years and is now one of the largest revenue-generating sectors in the country. With the increasing demand for quality healthcare products and services, the need for advanced technologies to support the pharmaceutical industry has also become crucial. This is where cloud computing, particularly Amazon Web Services (AWS), comes into play.

AWS is a cloud computing platform that offers a wide range of services and tools to help businesses of all sizes and industries manage their data, applications, and operations efficiently. For Pakistani businesses in the pharmaceutical sector, utilizing AWS can bring about numerous benefits and help them stay competitive in the ever-evolving healthcare landscape.

One of the main advantages of using AWS for pharmaceutical businesses is cost reduction. Traditional on-premise data centers and IT infrastructure require a significant amount of investment and maintenance costs. With AWS, businesses can reduce their hardware and IT expenses, as they do not need to invest in physical servers, storage, or networking equipment. AWS also offers a pay-as-you-go pricing model, allowing businesses to only pay for the resources they use, making it a cost-effective solution for pharmaceutical companies of all sizes.

Another key benefit of AWS is scalability. The pharmaceutical industry is highly volatile, and the demand for drugs and medical products can fluctuate drastically. With AWS, businesses can easily scale their resources up or down, depending on the demand, without any disruption in operations. This also means that businesses can quickly adapt to market changes and launch new products or services without worrying about IT limitations or infrastructure costs.

Data security is a significant concern in the pharmaceutical industry, where sensitive patient data and confidential research and development information are constantly being handled. AWS offers advanced security features, including encryption, access control, and compliance certifications, to ensure that businesses’ data and operations are protected from potential cyber threats. With AWS, businesses can have peace of mind knowing that their data is secure and compliant with industry regulations.

The pharmaceutical industry in Pakistan also heavily relies on data analysis and research to develop new drugs and improve existing products. AWS provides a range of data analytics and machine learning tools that can help businesses gain valuable insights from large and complex datasets. This can aid in identifying market trends, predicting demand, and optimizing business processes to make data-driven decisions.

Additionally, AWS also offers various communication and collaboration tools, such as Amazon Chime and Amazon WorkSpaces, that can help pharmaceutical businesses improve their internal communication and collaboration processes. This is especially beneficial in the current remote work environment, where teams need to work together efficiently to meet business goals.

In conclusion, the benefits of using AWS for Pakistani businesses in the pharmaceutical sector are numerous. It can help businesses reduce costs, improve scalability, enhance data security, and gain valuable insights from data analytics. With the support of AWS, pharmaceutical businesses in Pakistan can streamline their operations, stay competitive, and continue to grow in the dynamic healthcare industry.

How to change MFA Phone Number for Microsoft 365 Account

As technology continues to advance and security threats become more prevalent, it is important to take proactive measures to protect your online accounts. One of the most effective ways to secure your Microsoft 365 account is by setting up Multi-Factor Authentication (MFA). MFA adds an extra layer of security by requiring you to provide an additional form of verification, such as a code sent to your phone, when logging into your account. 

  

However, in some instances, you may need to change the MFA phone number associated with your Microsoft 365 account. This could be due to a change in your personal phone number or switching to a new device. Whatever the reason may be, it is a simple process to update your MFA phone number and ensure the security of your account. Don’t have MFA enabled yet? Scroll to the bottom of this tutorial for the guide which explains how to set it up for an extra layer of protection!

  

Before we dive into the steps, ensure that you have admin access to the Azure portal. Additionally, you should know the user whose MFA details will be updated. This information is crucial to ensure that the changes are made to the correct account. 

 

Now, let’s take a look at the steps for changing your MFA phone number for your Microsoft 365 account: 

  

Steps to Change the MFA Phone Number:
STEP #1: Sign in to the Azure Portal · Go to https://portal.azure.com.
  1. Sign in with an account that has the necessary admin permissions.
STEP #2: Navigate to Azure Active Directory
  1. In the left-hand navigation pane, select Azure Active Directory.
 STEP #3: Find the User
  1. Under Manage, select Users.

  2. Use the search bar to find the specific user whose MFA phone number you need to change.

  3. Click on the user’s name to open their profile.

 STEP #4: Manage User Settings
  1. In the user profile, under Manage, click on Authentication methods.

STEP #5: Update the Phone Number
  1. If the user has an existing phone number configured, you will see it listed.

  2. Click on the Edit icon (a pencil) next to the phone number.

  3. Update the phone number to the new desired number.

  4. Click Save.

STEP #6:  Notify the User
  1. Inform the user that their MFA phone number has been updated.

  2. The user should verify that the new phone number works for MFA by attempting to sign in.

Additional Considerations: 

  

  • Backup Methods: Ensure that users have backup MFA methods configured, such as an alternate phone number or an authenticator app, to avoid being locked out.
  • Policy Compliance: Verify that the change complies with your organization’s security policies.

It is important to note that you should have at least two methods of verification set up. This could be a phone number and an email address, or even two phone numbers. With multiple methods, you can ensure that you always have a way to verify your identity and access your account. 

But be mindful that changing the MFA phone number for a Microsoft 365 account will not disable MFA. The user will still be required to provide the additional factor for authentication. 

 In conclusion, with the rise in cyber threats, it is essential to secure your Microsoft 365 account with MFA. By following the simple steps outlined in this blog post, you can easily change the MFA phone number for a user account in your organization. It is recommended to regularly review and update MFA details to ensure the security of user accounts. 

Don’t have MFA enabled yet? Follow this simple guide below that explains how to set it up for an extra layer of protection!

Office Offline Installation

OFFICE INSTALLATION
Offline Installation of Office

Step 1 - Download and install the Office Deployment Tool

  1. Create a folder on your hard drive and name it ODT. For this example, we’ll create it on the c:\ drive, like so: c:\ODT.
  2. Download the Microsoft 365 Deployment Tool from the Microsoft Download Center. Select Save As and save it to your downloads folder.
  3. In your downloads folder, double-click the Office Deployment Tool exe file to install it.
  4. If you see the User Account Control prompt that says, Do you want to allow this app to make changes to your device?, click Yes.
  5. Accept the Microsoft Software License Terms, and then click Continue.
  6. In the Browse for Folder dialog, select the ODT folder you created in earlier, and then click OK.

Step 2 - Create the configuration file

Visit to https://config.office.com/deploymentsettings 

  • Select version of windows 32/64 bit which you want to deploy

  • Select which products and apps you want to deploy (Choose office Application e.g Office Apps / Visio / Project or any other application option).
  • Select Current Channel & Latest Version.
  • Select Desired Applications and click Next.
  • Choose your language and click Next.
  • Do not make any changes in Installation option and click Next.
  • Do not make any changes in Update and upgrade option and click Next.
  • Do not make any changes in License & Activation option and click Next.
  • Provide your organization name in General Field and click Next.

  • Do not make any changes in Application Preferences option and click Finish.
  • Click Export and download Configuration in XML format.

  • After downloading Configuration.xml file replace this file in ODT folder.

Office 365 email setup for Thunderbird (Pop/IMAP – Modern Authentication)

T

Thunderbird is a free email application that’s easy to set up and customize – and it’s loaded with great features. Thunderbird will need to be updated to version 77.0.b1 or higher in order to work with Office 365. You can download the latest version of Thunderbird here.

Pre-requisites

You need to ensure that you have already configured app registration in Azure Active Directory and granted users access to use the application. If not please follow steps in our earlier blog here.

Setting up Thunderbird
  • Launch Thunderbird. Select +New, Existing Email Account from the ‘hamburger’ menu.
  • Enter your name and e-mail address. You can leave the password empty. Press Continue to have Thunderbird figure out where your mailbox is hosted. This should discover your account in Office 365.
    The settings you see should be:
Username: username@domain.com
Password: Office 365 password
Protocol: IMAP
Incoming (IMAP): outlook.office365.com SSL
Outgoing (SMTP): smtp.office365.com STARTTLS
TB1
  • Click Done to confirm the creation of your account. If you are prompted for your password, hit Cancel.
  • Navigate to Account Settings -> Server Settings.
  • Under Authentication method, select OAuth2.
  • Navigate to Account Settings -> Outgoing Server.
  • Under Authentication method, select OAuth2.
  • Close the Account Settings. Select your Inbox, and you should be prompted with the Office 365 login page.
Manual Server Information
Username: username@domain.com
Password: Office 365 password

Incoming: IMAP
Server: outlook.office365.com
Port: 993
SSL Enabled: Yes
Authentication: OAuth2

Outgoing: SMTP
Server: smtp.office365.com
Port: 587
SSL Enabled: STARTTLS
Authentication: OAuth2
TB2

Start using OAuth for Office 365 POP/IMAP authentication

Microsoft has disabled Basic authentication for most Exchange Online protocols. Microsoft has documented the requirements and configuration steps to use OAuth with POP/IMAP in Microsoft 365 in this article: Authenticate an IMAP, POP or SMTP connection using OAuth | Microsoft Docs. You’ll see details about the registration of the required Azure AD applications and the permissions required for the access token to give Exchange Online the authorization of the mailbox access request.

OAuth 2.0 Authentication

Microsoft 365 (formerly Office 365) supports two kinds of OAuth 2.0 authentication:

  • Delegated authentication is suitable for desktop, mobile or web applications with signed-in user present.
    This mode is described in detail in another article.
  • App-only authentication is suitable for services or daemons with no user present. Instead, these unattended applications authenticate using client secrets (application credentials) to receive an access token, which is then used to gain access to a mailbox using IMAP, POP3 or EWS protocols.
SETUP OAUTH
Configuring Microsoft 365
Register your application

In Azure Portal ⇒ expand the left menu ⇒ select Azure Active Directory ⇒ select App registrations ⇒ click + New registration. (Azure Portal is constantly evolving, so if you cannot find this page, use the search bar.)

Name your application, choose which kind of accounts are going to use it, and click Register.

Once you successfully register your application you can view its associated IDs. Some of them will be needed later to obtain an OAuth 2.0 token.

Set up client secret (application password)

In the left menu, select Certificates & secrets ⇒ click + New client secret.

Provide some description for this secret, choose expiration period, and click Add.

Immediately copy and save the newly created client secret’s Value (not Secret ID). You will not be able to view the Value later anymore.

Add app permissions

In the left menu, select API permissions ⇒ click + Add a permission.

Navigate to APIs my organization uses tab ⇒ type Office 365 Exchange in the search bar ⇒ click Office 365 Exchange Online entry.

Click Application permissions ⇒ type AccessAsApp ⇒ check IMAP.AccessAsApp and/or POP.AccessAsApp ⇒ click Add permissions.

The newly-added IMAP.AccessAsApp and POP.AccessAsApp permissions have to be approved by your organization’s administrator. Ask them to grant consent to your application by clicking Grant admin consent for [organization].

Add mailbox access permissions

Before you proceed, make sure you have AzureAD and ExchangeOnlineManagement PowerShell modules installed. If not then run the commands below to install them.

 

Install-Module -Name AzureAD
Install-Module -Name ExchangeOnlineManagement

 

Next we need to fetch the principal ID for the application we just created using the Azure Portal. Fill in the App ID and Tenant Id and run the following:

 

$AppId = "YOUR_APP_ID_HERE"
$TenantId = "YOUR_TENANT_ID_HERE"
Import-module AzureAD
Connect-AzureAd -Tenant $TenantId
($Principal = Get-AzureADServicePrincipal -filter "AppId eq '$AppId'")
$PrincipalId = $Principal.ObjectId

 

Now we need to register the service principal for your application

 

$DisplayName = "Service Principal for IMAP/POP3"
Import-module ExchangeOnlineManagement
Connect-ExchangeOnline -Organization $TenantId
New-ServicePrincipal -AppId $AppId -ServiceId $PrincipalId -DisplayName $DisplayName

 

Add FullAccess mailbox permissions to all mailboxes you want to access from your application using:

 

Add-MailboxPermission -User $PrincipalId -AccessRights FullAccess -Identity "mailbox.1@domain.org"
Add-MailboxPermission -User $PrincipalId -AccessRights FullAccess -Identity "mailbox.2@domain.org"
Add-MailboxPermission -User $PrincipalId -AccessRights FullAccess -Identity "mailbox.3@domain.org"

 

At this point you have registered an application for accessing Office 365 mailboxes via IMAP or POP3 protocol and received its Application (client) ID, Client secret and Directory (tenant) ID.

These strings are going to be used by your application to authenticate to Microsoft 365 via OAuth 2.0 and receive an OAuth token. This token is then used to authenticate to Exchange Online using IMAP or POP3 protocols.