Derek Adam Senior Program Manager BRK2064 This talk is about making them ready for the workplace Our apps are our babies Respect the stewardship you might have Dont reveal company secrets ID: 739549
Download Presentation The PPT/PDF document "Keep work and personal data separate and..." is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.
Slide1
Keep work and personal data separate and secure using Windows Information Protection in Windows apps
Derek AdamSenior Program Manager
BRK2064Slide2
This talk is about making them ready for the workplace
Our apps are our babiesSlide3
Respect the stewardship you (might) have
Don’t reveal company secrets
Respect boundaries of access and use terms
Wants things locked up in his domain
Makes rules to try to keep it that way
Understanding the Enterprise customer: IT Administrator
Source:
Stroz
Friedberg, “On The Pulse: Information Security In American Business,” 2013
HIPPA Secure Now, “A look at the cost of healthcare data breaches,” Art Gross, March 30, 2012
WillyVWonka
87% of
senior managers admit to
regularly
uploading work files to a personal email
or cloud account.
1
58%
accidentally sent sensitive information to
the
wrong person
1
$240 average per record
cost of a data breach
across all industries
2Slide4
Want access from personal devices
Prefer as little management as possible
We all make mistakes
Understanding the Enterprise customer: Information Worker
People Like
You and MeSlide5
GREATER THAN EVER.
TODAY, RISK OF DATA FALLING IN THE WRONG HANDS IS
QUITE OFTEN THIS RISK IS
NOT
FROM
EXTERNAL ATTACKERS.
IT COMES FROM
WITHIN.
MAJORITY OF DATA LEAKS HAPPEN ACCIDENTALLY.Slide6
“An employee of the department had inadvertently disclosed the passport numbers, visa details and other personal identifiers of the world leaders attending the G20 summit in Brisbane after an email was mistakenly sent to an organizer of the Asian Cup football tournament because of an autocomplete function”
Personal details of world leaders accidentally revealed by G20 organizers
Guardian
March 30, 2015
AUSTRALIAN IMMIGRATION DEPT. DATA LEAKSlide7
“
Due to authorizations enabled by
GSA 18F staff, over 100 GSA Google Drives were reportedly accessible by users both inside and outside of GSA during a five month period, potentially exposing sensitive content such as
personally identifiable information and contractor proprietary information.
”
Over
100 Google Drives used by the agency were publicly accessible for five months.
Ars Technica, May 17, 2016Office of Inspector General, May 12, 2016US Government Services Administration BreachSlide8
???
%
?
…focus on data leak prevention for personal devices, but ignore the issue on corporate owned devices where the risks are the same or worse.
?
?
?
?
?Slide9
Information protection journey
DEVICE PROTECTION
BitLocker enhancements in Windows 8.1
InstantGo
3
rd
party adoption
Protect data when device is lost or stolen
DATA PROTECTIONRights Management Services (RMS)Office Information Rights Management (IRM)
Azure AD, Azure Rights Management in 2013Protect data when …..
THE GAPAccidental data leakage
3
rd
party solutionsSlide10
HOW OTHERS ARE FILLING THE GAP: PAIN POINTS
Switching modes and between containers
Users change apps to work securely
Experience between mobile and desktop inconsistent
Solutions are expensiveSlide11
FINDING THE BALANCE
Without true platform-level integration, balancing experience, deployment, and cost is impossible
Compromised user experience
ease of deployment,
lowest cost
Better user experience,
difficult to deploy, higher cost
ORSlide12
OUR VISION
Integrate data protection at the platform level to protect corporate data against inadvertent disclosure to unauthorized users and public services through
email, social media
and
public cloudSlide13
Different approach to app management
Mobile & DesktopWindows 10 Anniversary Edition
Enterprise Data
ProtectionSlide14
Different approach to app management
Mobile & DesktopWindows 10 Anniversary Edition
Enterprise Data
ProtectionSlide15
Different approach to app management
Mobile & DesktopWindows 10 Anniversary Edition
Windows Information
Protection
Corp data identifiable from personal
Protects data at rest and in use
Platform integrated, no mode switching
Only IT-Allowed apps see business data
IT controls keys, for selective wipeCommon experience across form factorsSlide16
Extra Security with Data Protection Under Lock
Windows Mobile 10, version 1607
Windows Information
Protection
Blocks read when screen is locked
Optional screen lock security policy
System tosses decryption key on lock
Can encrypt new files and data
Logon, unlock restores keys and accessHelps mitigates system level attacksSlide17
Business/Personal
Skype for Business
Outlook
Facebook
HR
Quick View
OneDrive
WhatsApp
Expense ReportingWord
DropboxDynamics CRM
PhotosWeather
One experienceSlide18
Business/Personal
Skype for Business
Outlook
Facebook
HR
Quick View
OneDrive
WhatsApp
Expense ReportingWord
Candy CrushDynamics CRM
PhotosWeatherBusiness Apps & Data
(Managed)
Personal
Apps & Data
(Unmanaged)
Data exchange is blocked or audited
One experience
Data is isolated
Data is encrypted at rest
Organization holds keys
MDM managed
Block/audit data exchange
APIs for ISVs
Office and OneDriveSlide19
To handle both work and personal dataTo handle revoke gracefully
Keep workingAvoid wiping servers (file sync engines)To handle “Data Protection Under Lock” on mobileYou want enterprises to trust your app!
Why you’d need to enlightenSlide20
DemoSlide21
Protection across Data FlowsSlide22
Windows Information Protection
1
User enrolls with enterprise MDM or domain join
MDM or
ConfigMgr
provisions policy and encryption keys
User
2
PROVISIONING: KEYS AND POLICIES
Policies:
Enterprise allowed apps
Network policies
App restriction policySlide23
Windows Information Protection
User
DATA INGRESS
Data from enterprise network is encrypted
E.g. OneDrive For Business,
Corporate Exchange mail, etc.Slide24
Windows Information Protection
User
Saving to enterprise folder
encryption auto-applied
User option to save as corporate
IT can configure unenlightened apps to automatically protect data
Enlightened apps
protect corporate data
(from app to disk)
DATA
EGRESSSlide25
Windows Information Protection
User
DATA
EGRESS
Enlightened apps can maintain protection
App restriction policy:
Can block egress to other apps
Network policy:
Can block egress to non-corporate sites
(Inter-app, or
over network)Slide26
Windows Information Protection
User
REVOKE
Unenroll
removes keys, and wipes the inaccessible enterprise data
(On
unenroll
)Slide27
Windows Information Protection
User
Intune can manage WIP
Common MDM support across Windows,
iOS & Android with Microsoft Intune
Common developer experience across platforms
iOS & Android enabled via Intune App Wrapping Tool for IT Pros
Microsoft Intune SDK for iOS & Android
Windows enabled via policy
Windows Information Protection APIs for Windows
Like Intune SDKSlide28
Recognize enterprise data sourcesProtect data at rest, in useFollow policy
Enterprise Enlightened AppsSlide29
Recognize personal data sourcesLet personal data be personalNo policy for personal apps & data
Enterprise Enlightened AppsSlide30
Something IT and IW can agree onCompetitive advantage: satisfy both
Enterprise Enlightened AppsSlide31
Set up your dev environmentSlide32
Configure test machine with policy
Option 1: WIP Setup Developer Assistant appFree download from the Store: http://aka.ms/wip-dev-setup
Quick & easy standalone setup of most WIP policies
Good for applying the basics
Option 2: Intune trial account
Click “Try now” button on http://www.microsoft.com/en-us/cloud-platform/microsoft-intune Covers all policies and scenariosGood for testing like a real deploymentWIP Deployment Guide on TechNet: https://technet.microsoft.com/en-us/itpro/windows/keep-secure/deploy-wip-policy-using-intune Slide33
Unmanaged C++ Visual Studio flags for WinRT
Turn on “Consume Windows Runtime Extension”In project properties: Configuration Properties
►
C/C++
►
General
Unmanaged C/C++ apps need the /ZW flag to use WinRT APIsTurn off “Enable Minimum Rebuild”In project properties: Configuration Properties ► C/C++ ► Code Generation Incremental linker doesn’t allow adding Windows metadata to .obj files, so need the /Gm- flagSlide34
Indicate your threading apartment model
[Platform::
STAThread
]
int
_
tmain(int argc, _TCHAR* argv[]){ ...
OR[Platform::MTAThread] int _tmain(int
argc, _TCHAR* argv[]){ ... WinRT is COMSlide35
How to enlighten your appStep 1: Declare enlightenmentSlide36
Declare your app enlightened (WinRT)
xmlns:rescap
= "http://schemas.microsoft.com/appx/manifest/foundation/windows10/
restrictedcapabilities
"
<Capabilities>
<rescap:Capability Name="enterpriseDataPolicy"/> </Capabilities>
Add the enterpriseDataPolicy capabilitySlide37
Declare your app enlightened (Win32)
MICROSOFTEDPENLIGHTENEDAPPINFO EDPENLIGHTENEDAPPINFOID
BEGIN
0x0001
END
MICROSOFTEDPPERMISSIVEAPPINFO EDPPERMISSIVEAPPINFOID
BEGIN 0X0001END
Add these entries to resources.rcSlide38
How to enlighten your appStep 2: Check for the API contractSlide39
Check for the API contract
if (
Windows.Foundation.Metadata.ApiInformation.
IsApiContractPresent
(
"
Windows.Security.EnterpriseData.EnterpriseDataContract", 3) ){ // WIP could apply on this device}
EnterpriseDataContract must be version 3 or higherSlide40
How to enlighten your appStep 3: Enlighten for data flows,
protect-in-use & eventsSlide41
Enlightening Apps for Windows Information Protection
Local (productivity apps)
Network capable (channel apps)
Data Ingress
Check for enterprise tag on data
Check if host belongs to the enterprise
Data In Use
Set mode: Enterprise / Personal
Set context: Enterprise / Personal
Data Egress
Protect enterprise data
Block sending to non-enterprise hosts
Event
handling
Revoke: Close & cleanup
Revoke: Stop enterprise sync completely
Screen lock: Close content
Screen unlock: Reopen content
Screen lock: Stop uploads
Screen unlock: Resume uploadsSlide42
Enlightening Apps for Windows Information Protection
Local (productivity apps)
Network capable (channel apps)
Data Ingress
Check for enterprise tag on data
Check if host belongs to the enterprise
Data In Use
Set mode: Enterprise / Personal
Set context: Enterprise / Personal
Data Egress
Protect enterprise data
Block sending to non-enterprise hosts
Event
handling
Revoke: Close & cleanup
Revoke: Stop enterprise sync completely
Screen lock: Close content
Screen unlock: Reopen content
Screen lock: Stop uploads
Screen unlock: Resume uploadsSlide43
Data Ingress – Recognize enterprise files
Namespace: Windows.Security.EnterpriseData
Class:
FileProtectionManager
Method:
GetProtectionInfoAsync
Takes an IStorageItemReturns protection status and identity string Slide44
Check file
FileProtectionInfo
protectionInfo
= await
FileProtectionManager.GetProtectionInfoAsync(FileHandle);if ((protectionInfo.Status ==
FileProtectionStatus.Protected) &&(ProtectionPolicyManager.IsIdentityManaged(protectionInfo.Identity)){ // Enterprise case, so do things like set enterprise mode}Slide45
Data Ingress – Recognize enterprise files (Pt.2)
Namespace: Windows.Security.EnterpriseData
Class:
ProtectionPolicyManager
Method:
IsIdentityManaged
Identity is an email address or domainData managed only when identity managedSlide46
Check file
FileProtectionInfo
protectionInfo
= await
FileProtectionManager.GetProtectionInfoAsync
(
FileHandle);if (protectionInfo.Status == FileProtectionStatus.Protected) { // Enterprise case, so do things like set enterprise mode}Slide47
Check file
FileProtectionInfo
protectionInfo
= await
FileProtectionManager.GetProtectionInfoAsync
(
FileHandle);if ((protectionInfo.Status == FileProtectionStatus.Protected) &&(ProtectionPolicyManager.IsIdentityManaged(protectionInfo.Identity)){ // Enterprise case, so do things like set enterprise mode}Slide48
Check file
FileProtectionInfo
protectionInfo
= await
FileProtectionManager.GetProtectionInfoAsync
(
FileHandle);if ((protectionInfo.Status == FileProtectionStatus.Protected) &&(ProtectionPolicyManager.IsIdentityManaged(protectionInfo.Identity)){ // Enterprise case, so do things like set enterprise mode}if (protectionInfo.Status == FileProtectionStatus.Unprotected){ // Data is personal}Slide49
Check file
FileProtectionInfo
protectionInfo
= await
FileProtectionManager.GetProtectionInfoAsync
(
FileHandle);if ((protectionInfo.Status == FileProtectionStatus.Protected) &&(ProtectionPolicyManager.IsIdentityManaged(protectionInfo.Identity)){ // Enterprise case, so do things like set enterprise mode}if (protectionInfo.Status == FileProtectionStatus.Unprotected){ // Data is personal}if (protectionInfo.Status == FileProtectionStatus.Revoked){ // Call your revocation handling code}Slide50
Data Ingress – Enterprise data packages
Namespace: Windows.ApplicationModel.DataTransfer
Class:
DataPackagePropertySetView
Property:
EnterpriseId
Managed clipboard / share data is taggedProperty is empty string when not managedSlide51
Check data package view properties
var
enterpriseID
=
shareOperation.data.properties.
enterpriseId; if (string.IsNullOrEmpty(enterpriseId)){ // Personal}else{ // Enterprise managed}Clipboard / Share scenariosSlide52
Enlightening Apps for Windows Information Protection
Local (productivity apps)
Network capable (channel apps)
Data Ingress
Check for enterprise tag on data
Check if host belongs to the enterprise
Data In Use
Set mode: Enterprise / Personal
Set context: Enterprise / Personal
Data Egress
Protect enterprise data
Block sending to non-enterprise hosts
Event
handling
Revoke: Close & cleanup
Revoke: Stop enterprise sync completely
Screen lock: Close content
Screen unlock: Reopen content
Screen lock: Stop uploads
Screen unlock: Resume uploadsSlide53
Data Ingress – Check if host is enterprise
Namespace:
Windows.Security.EnterpriseData
Class:
ProtectionPolicyManager
Method:
GetPrimaryManagedIdentityForNetworkEndpointAsyncTakes a host name objectReturns enterprise identity stringEmpty string means personal, not enterpriseSlide54
Check network host
var
resourceUri
= new Uri(
serverNameString
);
// Check if URI is an enterprise managed endpoint. string enterpriseId = await ProtectionPolicyManager.GetPrimaryManagedIdentityForNetworkEndpointAsync( new HostName(resourceUri.Host)); if(!string.IsNullOrEmpty(enterpriseId)) { // If the enterprise ID is non-empty, it’s managed. // Protect download data, etc. // ...} Slide55
Enlightening Apps for Windows Information Protection
Local (productivity apps)
Network capable (channel apps)
Data Ingress
Check for enterprise tag on data
Check if host belongs to the enterprise
Data In Use
Set mode: Enterprise / Personal
Set context: Enterprise / Personal
Data Egress
Protect enterprise data
Block sending to non-enterprise hosts
Event
handling
Revoke: Close & cleanup
Revoke: Stop enterprise sync completely
Screen lock: Close content
Screen unlock: Reopen content
Screen lock: Stop uploads
Screen unlock: Resume uploadsSlide56
Data In Use – Set app view to enterprise
Namespace:
Windows.Security.EnterpriseData
Class:
ProtectionPolicyManager
Method:
GetForCurrentViewProperty: IdentityPuts AppView (i.e. window) into enterprise mode
Windows enforces clipboard & share policySlide57
Set AppView to enterprise
private void
TagCurrentViewWithEnterpriseId
(string
enterpriseId
)
{ // Note: Empty enterpriseId sets mode to personal ProtectionPolicyManager protectionPolicyManager = ProtectionPolicyManager.GetForCurrentView(); protectionPolicyManager.Identity = enterpriseId; }Slide58
Enlightening Apps for Windows Information Protection
Local (productivity apps)
Network capable (channel apps)
Data Ingress
Check for enterprise tag on data
Check if host belongs to the enterprise
Data In Use
Set mode: Enterprise / Personal
Set context: Enterprise / Personal
Data Egress
Protect enterprise data
Block sending to non-enterprise hosts
Event
handling
Revoke: Close & cleanup
Revoke: Stop enterprise sync completely
Screen lock: Close content
Screen unlock: Reopen content
Screen lock: Stop uploads
Screen unlock: Resume uploadsSlide59
Data In Use – Set network context on thread
Namespace: Windows.Security.EnterpriseData
Class:
ProtectionPolicyManager
Method:
CreateCurrentThreadNetworkContext
Marks thread for enterprise useSockets created on the thread get enterprise accessSlide60
Set + clear enterprise network thread context
// Create protected network context on current thread
using (
ThreadNetworkContext
context =
ProtectionPolicyManager.CreateCurrentThreadNetworkContext(entId)){ var client = new HttpClient(); // Gets LAN/Cloud access of entId // Context automatically disposed when we leave the using scope}// New connections don’t get ‘entId’ LAN/Cloud access now...Set context to access to enterprise network resourcesSlide61
Enlightening Apps for Windows Information Protection
Local (productivity apps)
Network capable (channel apps)
Data Ingress
Check for enterprise tag on data
Check if host belongs to the enterprise
Data In Use
Set mode: Enterprise / Personal
Set context: Enterprise / Personal
Data Egress
Protect enterprise data
Block sending to non-enterprise hosts
Event
handling
Revoke: Close & cleanup
Revoke: Stop enterprise sync completely
Screen lock: Close content
Screen unlock: Reopen content
Screen lock: Stop uploads
Screen unlock: Resume uploadsSlide62
Data Egress – Protect enterprise data: Files
Namespace: Windows.Security.EnterpriseData
Class:
FileProtectionManager
Method:
ProtectAsync
Takes IStorageItem and enterprise ID string
Encrypts file with key tagged to enterprise IDSlide63
Protect file
// Protect file to ‘entID’ (Managed email address or domain)
FileProtectionInfo
protectionInfo
=
await FileProtectionManager.ProtectAsync(fileOrFolder, entID); Slide64
Protect file
// Protect file to ‘entID’ (Managed email address or domain)
FileProtectionInfo
protectionInfo
=
await FileProtectionManager.ProtectAsync(fileOrFolder, entID); // Best practice: check return statusif (protectionInfo.Status == FileProtectionStatus.Protected) { // Set enterprise mode, use standard file APIs to read/write}else{ // Check for other statuses, handle them}Slide65
Data Egress – Protect enterprise data: Buffers
Namespace: Windows.Security.EnterpriseData
Class:
DataProtectionManager
Method:
ProtectAsync
Takes IBuffer and enterprise ID string
Returns new IBuffer encrypted to enterpriseSlide66
Protect buffer
IBuffer inputBuffer
=
CryptographicBuffer.ConvertStringToBinary
(
protectedMessage
, BinaryStringEncoding.Utf8); protectedBuffer = await DataProtectionManager.ProtectAsync(inputBuffer, EnterpriseIdentity);Slide67
Protect buffer
IBuffer inputBuffer
=
CryptographicBuffer.ConvertStringToBinary
(
protectedMessage
, BinaryStringEncoding.Utf8); protectedBuffer = await DataProtectionManager.ProtectAsync(inputBuffer, EnterpriseIdentity);// Best practice: check return statusif (protectedBuffer.ProtectionInfo.Status == Unprotected){ // Protection can fail if app not allowed for EnterpriseIdentity}Slide68
Data Egress – Protect enterprise data: Save UX
Namespace:
Windows.Storage.Pickers
Class:
FileSavePicker
Method:
FileSavePicker (constructor)Property: EnterpriseIdTakes enterprise identity stringSets encryption dropdown to match (if managed)Slide69
Set enterprise context for FilePicker
private
async
void
SaveFile_Click
(object sender,
RoutedEventArgs e) { var savePicker = new FileSavePicker(); savePicker.EnterpriseId = GetCurrentEnterpriseId(); var file = await savePicker.PickSaveFileAsync(); if (file != null) { // Best practice: // Check status with GetProtectionInfoAsync(file) } }Slide70
Enlightening Apps for Windows Information Protection
Local (productivity apps)
Network capable (channel apps)
Data Ingress
Check for enterprise tag on data
Check if host belongs to the enterprise
Data In Use
Set mode: Enterprise / Personal
Set context: Enterprise / Personal
Data Egress
Protect enterprise data
Block sending to non-enterprise hosts
Event
handling
Revoke: Close & cleanup
Revoke: Stop enterprise sync completely
Screen lock: Close content
Screen unlock: Reopen content
Screen lock: Stop uploads
Screen unlock: Resume uploadsSlide71
Event Handling – Revoke
Namespace: Windows.Security.EnterpriseData
Class:
ProtectionPolicyManager
Event:
ProtectedContentRevoked
Register your event handler for revokeSlide72
Handle revoke events – Pt.1 (while running)
// Register handler for revoke eventProtectionPolicyManager.
ProtectedContentRevoked
+=
HandleProtectedContentRevoked
; void HandleProtectedContentRevoked(Object sender, ProtectedContentRevokedEventArgs args) { MyRevokeCleanupRoutine(); // Clean up settings, accounts, tokens, etc. // Sync engines should break enterprise sync relationship. // Delete work related files as they won't be accessible. } Slide73
Handle revoke events – Pt.2 (while I was away)
// After register handler, check if revoked since last time
if (
ProtectionPolicyManager.
HasContentBeenRevokedSince
(
AppGlobals.EnterpriseID, AppGlobals.WorkDataSetupTimeStamp)) { MyRevokeCleanupRoutine(); }Slide74
Event Handling – Screen lock / unlock
Namespace:
Windows.Security.EnterpriseData
Class:
ProtectionPolicyManager
Event:
ProtectedAccessSuspending (screen locking) ProtectedAccessResumed (screen unlocked)Register event handlers for both events
Tip: Close as much enterprise data as possibleTip: Can’t read enterprise under lock, but
Can create new files, buffers, streamsSlide75
Handle suspend / resume events
// Register for device lock and unlockProtectionPolicyManager.
ProtectedAccessSuspending
+=
HandleProtectedAccessSuspending
;ProtectionPolicyManager.ProtectedAccessResumed += HandleProtectedAccessResumed;void HandleProtectedAccessSuspending(Object sender, ProtectedAccessSuspendingEventArgs args) { // Stop enterprise upload, close enterprise files, etc.} void HandleProtectedAccessResumed(Object sender, ProtectedAccessResumedEventArgs args) { // Resume enterprise upload, reopen enterprise content, etc.} Slide76
Resources
WIP Dev Guide: http://aka.ms/wip-dev-guide
WIP Setup Developer Assistant:
http://aka.ms/wip-dev-setup
WIP Deployment guide:
https://technet.microsoft.com/en-us/itpro/windows/keep-secure/protect-enterprise-data-using-wip
Samples: https://github.com/Microsoft/Windows-universal-samples Look for “enterprise data protection”Slide77
Other Windows Information Protection sessions
Code
Title
Time
Room
Speaker(s)
BRK2130Increase app engagement and revenue with the Windows Store and Dev CenterFri10:45 AMC112Chris HallumIDL3070Deploy Windows Information Protection Interactive Digital Labs Slide78
Windows 10 developer breakout sessions
Code
Title
Time
Room
Speaker(s)
BRK2061Architect your Windows apps to work together, moving away from monolithic apps9:00 AMB302 - B303Andy WigleyBRK2063Secure Windows apps and Microsoft Edge websites with Windows Hello10:45 AMA302Anoosh SabooriBRK3238Dive deeper into Windows Store for Business
12:30 PMThomas Murphy Ballroom 1Jan Kalis, Matt KotlerBRK2064Keep work and personal data separate and secure using Windows Information Protection in Windows apps2:15 PMA313 - A314Derek AdamBRK2062Optimize Windows apps across screens with Continuum for phone4:00 PMA402 - A403 Rouella Mendonca
ThursdaySlide79
Windows 10 developer breakout sessions
Friday
Code
Title
Time
Room
Speaker(s)
BRK2060
Use Windows Pen and Ink to build more engaging enterprise apps9:00 AMB308 - B309 Jerry NixonBRK2065Build and distribute enterprise apps with the Windows Store for Business12:30 PMA315 - A316Jan Kalis, Kyle Marsh, John VintzelSlide80
Crawl: Try out the tools and samplesWalk: Test your app with auto-encryption, revoke
Run: Fully enlighten your app Get your app ready for management!
Call to action
Ensure your app is trustworthySlide81
Raise apps that help users respect enterprise data,
and you will be rewarded Trustworthy apps will be chosenSlide82Slide83
Let’s chat
Come talk to us in the Microsoft Showcase areaI’ll be there right after this session
Continue the conversation and get resources at
https://aka.ms/WinDevAtMSIgniteSlide84
From your PC or Tablet visit MyIgnite at
http://myignite.microsoft.com
From your phone download and use the Ignite Mobile App by scanning the QR code above or visiting
https://aka.ms/ignite.mobileapp
Please evaluate this session
Your feedback is important to us!Slide85