On the show this week, Steve, Paul and Rich are joined by Microsoft’s VP Director of Identity Security, Alex Weinert, to discuss almost all things related to securing identities. We hear about what happened behind the scenes during Storm-0558, and we discuss essential steps to protect Microsoft 365. What aren’t organizations doing that they should be? What types of attacks should we expect in the future, plus more.

And we discuss the latest news in the world of Microsoft 365 – in particular we discuss the new Teams 2.1 client that recently became GA, and for those still running on-premises or Hybrid Exchange Servers, it is time to get patching.

The New Microsoft Teams is GA: Ready to roll out?

We said earlier in the year that we’ll be expecting Teams 2.1 before the end of year, based on the Microsoft 365 Roadmap promises for Teams apps in the Microsoft 365 portal; and we weren’t disappointed, as Microsoft have reached general availability of the new Teams 2.1 client.

This is a major update that brings performance improvements, native notifications, and a redesigned meeting experience to the desktop app. We share some tips on how to prepare for the rollout of the new Teams client, and what benefits it will bring to users and admins.

Read more in Microsoft’s announcement on the Tech Community

Get Patching Exchange as October 2023 Updates are released

In this section, we cover the latest security updates for Exchange Server, which apply both to those running on-premises Exchange and those running Hybrid servers. These updates are critical, as they fix a remote code execution vulnerability, so if you haven’t already – make sure your servers are patched. On the show, Paul details specifics about the issues solved and what mitigations Microsoft had put in place already.

Read more on the Exchange Team Blog

Roundtable: Cyber Security & Storm 0558 with Alex Weinert

In our guest spot this week, we were joined by Alex Weinert, VP Director of Identity Security at Microsoft, to discuss the cyber attack known as Storm 0558, which you can read more about in detail in Paul’s blog post on the subject.

Figure 1: Watch an excerpt from the podcast on the Practical 365 YouTube channel.

We talk about how Microsoft detected and responded to the attack, what steps customers should take to protect themselves, and what lessons were learned from the incident.

Of course, whilst Microsoft suffered a blow – your configuration both on-premises and in Microsoft 365 is vital to keeping your data and users secure. So we also discuss some of the best practices and tools for securing identity and access management, such as passwordless authentication, conditional access, and identity security and protection. In the discussion, we highlight the importance of having a security mindset and staying vigilant against evolving threats.

Halloween is coming: Hear about Security Nightmares with AD in the next show

We’ll be back for our next episode with myself and Rich at the helm, joined by Sean Metcalf, for our October 31st episode. On the show we’ll have some stories that will keep you awake at night and checking under the bed for cyber ghouls trying to take a bite out of your Active Directory – it is one not to miss.

About the Author

Steve Goodman

Technology Writer and Chief Editor for AV Content at Practical 365, focused on Microsoft 365. A 12-time Microsoft MVP, author of several technology books and regular Microsoft conference speaker. Steve works at Advania in the UK as Field Chief Technology Officer, advising business and IT on the best way to get the most from Microsoft Cloud technology.

Leave a Reply