Blog

Latest Articles

Time to Move Off Exchange Online DLP Policies 8 Comments

Time to Move Off Exchange Online DLP Policies

Microsoft plans to remove the management of Exchange transport-rule based policies from the classic EAC in mid-2022. Given that Microsoft 365 DLP policies offer the same if not better functionality for Exchange Online and can process other workloads as well, it's a good time to consider transitioning away from the older technology. Microsoft is obviously not putting any engineering effort into Exchange-based DLP, so there's no good reason not to move over and use the technology they are investing in, The transition will take time and effort, but it will be worth it.

October 8, 2021
The Practical 365 Update: Episode 28 – Greg Taylor joins us to talk Exchange, plus Teams and more Microsoft 365 news

The Practical 365 Update: Episode 28 – Greg Taylor joins us to talk Exchange, plus Teams and more Microsoft 365 news

On the show this week, I'm joined by new Microsoft MVP and Practical 365 writer, Mike Weaver as co-host since Paul Robichaux is away this week, and of course Mike does a sterling job providing perspective on the week's news alongside myself. Later in the episode though, Paul dropped in for our chat with Microsoft's Greg Taylor - who is back on the technical side of Microsoft Exchange Online working on solving one of today's most important issues - getting rid of Basic Authentication.

October 5, 2021
Consumption Models and Potential Cost Introduced by Microsoft’s New Teams APIs Require Careful Calculation 2 Comments

Consumption Models and Potential Cost Introduced by Microsoft’s New Teams APIs Require Careful Calculation

Along with the general availability of a new Graph Export API for Teams, Microsoft is introducing new licensing and charging models. Understanding the charging incurred for different uses will take some time to sort out and could pose real challenges for ISVs working in the migration space. Developers need to understand terms like model A and model B, seeded capacity, and consumption units and how these apply to their apps. The question now is if this is a test bed for Microsoft to apply similar charges to other APIs.

October 5, 2021
Getting the Most out of Microsoft Defender for Office 365 Policies 4 Comments

Getting the Most out of Microsoft Defender for Office 365 Policies

This article examines the different components of Defender for Office 365, and how you can customize the configuration beyond the baselines to enhance the relevance and impact the policies have on your tenant. The most important aspects to review when modifying the configuration from baselines and the reasons to consider each configuration option are highlighted, but they don’t take you all the way. The items listed here are a subset of what’s available, but when combined with the baselines will help you to bring your Defender implementation to the next level.

October 1, 2021
Microsoft Caps Exchange Online’s “Unlimited Archive” at 1.5 TB 19 Comments

Microsoft Caps Exchange Online’s “Unlimited Archive” at 1.5 TB

On November 1, Microsoft will limit auto-expanding archives to 1.5 TB and bring the era of "bottomless archiving" to an end. The new limit might not affect many Exchange Online tenants, but it's a wake-up call for administrators to check how archiving is used in their tenants. To help the process, we've written a PowerShell script to report the current set of user and shared mailboxes with archives.

September 29, 2021
Azure Bootcamp – Learn From Global Experts

Azure Bootcamp – Learn From Global Experts

On September 30, 2021, IT pros and developers from South Africa are coming together once again to host the first online Azure Bootcamp event! User Group Leads will bring you the latest information and features about Azure and Cloud Computing. The online event is free and hosted live on Twitch.

September 29, 2021
Why a Potential Autodiscover Flaw is Just the Tip of an Iceberg

Why a Potential Autodiscover Flaw is Just the Tip of an Iceberg

It's often helpful when security researchers like Guardicore shed light on flaws in Microsoft Exchange - however, the Autodiscover protocol isn't flawed in the way they describe. Even though the issue is hard to replicate, it shouldn't distract from the work you need to do to protect your organization from the underlying reason why people want your credentials.

September 28, 2021
Hot Air and Publicity for Purported Autodiscover Security Flaw 13 Comments

Hot Air and Publicity for Purported Autodiscover Security Flaw

Lots of excitement was generated when Guardicore revealed a purported vulnerability with the Exchange Autodiscover service. However, the almost total lack of detail about the configuration used for testing and to generate the reported results makes it impossible for Exchange administrators to check the theory against their own deployment. I don't think a problem exists with Exchange Online, but it's possible that poor DNS practice or flawed third-party clients could cause an issue with on-premises servers. The case remains to be proved.

September 23, 2021
Connecting to the Microsoft Graph Using the PowerShell SDK 49 Comments

Connecting to the Microsoft Graph Using the PowerShell SDK

The Microsoft Graph SDK for PowerShell exists to help developers use Graph API calls from PowerShell. It works, but like anything in life, there's a right way to connect and use the SDK and a wrong way. In this article we explore topics like how to connect to the right tenant, how permissions are managed (or not), and why running Graph SDK cmdlets interactively isn't something you should do in production. Good as the SDK is, Microsoft has some big issues to solve to address some obvious security issues.

September 23, 2021