Microsoft plans to enable Azure AD Security Defaults for Office 365 tenants created prior to October 2019. The move will protect an additional 60 million Azure AD accounts against common attacks by enforcing MFA more broadly. It's a big deal in terms of improving the overall security posture of Office 365. If you don't want to use Security Defaults, tenant administrators can switch them off.
Any discussion about securing Microsoft Teams can rapidly descend into a detailed debate about different policy settings. But when you focus on what really needs to be done, it's all about making sure that user access is secure, external access is controlled, and individual teams are managed. Easy!
The Exchange Recipient Admin Center (ERAC) is a free local web UI to help you manage Exchange-related attributes after you remove the last Exchange Server and install Microsoft's supported Management Tools onto your administrator workstation.
Identity Governance within Azure Active Directory Premium Plan 2 can help administrators bring balance to identity controls and streamline sign-in. In this article, I describe what's in Identity Governance and how those features can assist with identity management.
When Microsoft released cross-tenant access settings into preview, the natural focus was on how this capability enabled external access to Teams shared channels. However, the story is deeper because cross-tenant access settings are also available for Azure AD B2B Collaboration (aka guest user access). A different blocking mechanism is used and it delivers better results, once you're used to the new method.
MSOL and Azure AD license management cmdlets stop working in August 2022 when Microsoft 365 switches to a new license management platform. The Microsoft Graph PowerShell SDK includes cmdlets which can replace the older code, once you know how. The good news is that this article is packed full of practical examples of how to add, remove, and update licenses assigned to Azure AD accounts.
Azure AD cross-tenant access settings or policies define how your tenant collaborates with other Microsoft 365 tenants. By default, collaboration using Azure B2B Direct Connect is disabled, so some work is needed to prepare for Teams shared channels. In this article, we look at how to set up cross-tenant policies to enable collaboration to begin using Teams shared channels.
Continuous access evaluation (CAE) is a feature that flew under the radar over the past two years. Even so, CAE for Azure Active Directory is an extremely important feature that will not only increase the security posture of your environment but reduce the amount of time before a user loses access to resources when certain critical events happen. This article discusses the need for the feature and how to work with it.
It's common to find a requirement to create new Microsoft 365 accounts with PowerShell. We're at a point of transition when the old method of using the Azure AD module will switch to the Microsoft Graph PowerShell SDK or Graph API queries. In this article, we explain how to create new accounts and assign licenses with both the Azure AD module and the Microsoft Graph PowerShell SDK.
Backing up Azure AD may sound like a counterintuitive concept to many. However, in this article, we examine several reasons aside from Disaster Recovery that support why this is good practice for enterprise organizations, now more than ever.
Microsoft has announced a six month extension for support of the Azure AD Graph API. The new deadline is the end of 2022, which gives Microsoft 365 tenants some extra time to convert PowerShell scripts which use the Azure AD and MSOL modules. The original deadline for retirement of the Azure AD license management cmdlets remains at June 30, 2022.
Over the years, the Microsoft security stack has become very feature rich and offers many ways to customize the configuration. Third-party products are available with similar features, but lack the integration capability of the Microsoft stack. In the second part of the "Ten Ways to Harden the Security of Your Microsoft 365 Tenant" series, we look at five ways to secure your environment using controls that require a premium license such as Office E5 or Azure AD Premium.
