Performing a Conditional Access Assessment with PowerShell
Use this PowerShell script to gain insights into a complex, mature conditional access environment.
Use this PowerShell script to gain insights into a complex, mature conditional access environment.
%%excerpt%% Create your Office 365 migration plan by first assessing your environment with these PowerShell scripts.
The OneDrive Sync Client is key to providing users with a reliable way to store files in SharePoint Online and OneDrive for Business. Therefore, it’s important that tenant administrators deploy OneDrive in a way that meets their organization’s requirements. This article explores the administrative options available for deploying and controlling OneDrive Sync Client.
OneDrive for Business has come a long way since its SkyDrive days, and the modern sync client is better than ever with improved features and a more efficient user experience. This article explains how the OneDrive Sync Client works and some of the ways it does more than just make personal files available across devices, such as how it supports connecting to Microsoft Teams and SharePoint Online.
As many organizations adapt legacy scripts to use app authentication instead of traditional service account credentials, security can be compromised if certain risks are overlooked. While app secrets can be great for testing code, there’s a reason they have an enforced expiry date - the longer a secret exists in production, the higher the risk it will become compromised. The methods described in this article will help build a good foundation for app authentication while keeping security top of mind when creating or updating automation scripts.
In the second article of this 2-part series, we describe the alternatives that exist to help secure access for remote workers, exploring the worthy features that don’t require MDCA. The features detailed in this article are available for any tenant with Azure AD Premium licensing and offer a more generic set of controls for tenants where MDCA licensing is not available.
There are many ways to provide secure access for remote users working on a home network or personal device (such as VPNs or VDI environments) and they each bring their own levels of complexity. This article explores using Microsoft Defender for Cloud Apps as a solution that is easily deployed, and capable of expanding beyond Office 365 to bring a higher level of control and governance over third-party cloud apps that lack similar native controls.
Microsoft 365 has many built-in controls to manage how users communicate externally, however, these controls do not generally extend to internal communication. While this is fine in most environments, situations exist where a degree of separation is required to segregate communication across different groups of users. This article details the configuration of Address Book Policies, and how they can be extended to include Teams.
Microsoft 365 Desired State Configuration (DSC), is a way to capture details of a tenant's configuration using PowerShell in such a way that any changes made to the configuration can be easily detected.
With the pace of Office 365 adoption globally, many administrators will inevitably find themselves in a position where they need to manage more than one tenant simultaneously. When managing at scale, PowerShell allows authentication to multiple tenants using different PowerShell instances. Profiles and containers are a great way to operate across multiple tenants and accounts without going through cumbersome sign-out processes and closing browsers.
This article examines the different components of Defender for Office 365, and how you can customize the configuration beyond the baselines to enhance the relevance and impact the policies have on your tenant. The most important aspects to review when modifying the configuration from baselines and the reasons to consider each configuration option are highlighted, but they don’t take you all the way. The items listed here are a subset of what’s available, but when combined with the baselines will help you to bring your Defender implementation to the next level.
There's no definitive 'right' or 'wrong' way to structure Teams and channels, however there are some limits and best practices that can be followed to ensure the structures created are easy to use and navigate. This article explores the decision process Team owners can use to assess if a new channel is needed, what type should be used and how to manage large numbers of channels in a team.