Microsoft 365

Latest Articles

Microsoft 365 License Management for User Accounts with the Microsoft Graph PowerShell SDK 60 Comments

Microsoft 365 License Management for User Accounts with the Microsoft Graph PowerShell SDK

MSOL and AzureAD license management cmdlets stop working at the end of March 2024. By then, Microsoft 365 will have switched to a new license management platform. The Microsoft Graph PowerShell SDK includes cmdlets which can replace the older code, once you know how. The good news is that this article is packed full of practical examples of how to add, remove, and update licenses assigned to Entra ID user accounts.

April 13, 2022
Building Exchange 2019 Lab Environments

Building Exchange 2019 Lab Environments

Exchange Server on-premises organizations need somewhere to test scenarios for updating, testing configurations, and running occasional “what-if” testing. This article provides guidance on notable alternatives for delivering suitable Exchange 2019 lab environments - without breaking the bank.

March 30, 2022
Creating New Microsoft 365 Accounts with PowerShell 3 Comments

Creating New Microsoft 365 Accounts with PowerShell

It's common to find a requirement to create new Microsoft 365 accounts with PowerShell. We're at a point of transition when the old method of using the Azure AD module will switch to the Microsoft Graph PowerShell SDK or Graph API queries. In this article, we explain how to create new accounts and assign licenses with both the Azure AD module and the Microsoft Graph PowerShell SDK.

March 21, 2022
Protecting Administrator Mailboxes from Phishing and Other Threats

Protecting Administrator Mailboxes from Phishing and Other Threats

One way to protect administrator mailboxes is not to use them. And if you want administrators to use separate mailboxes for their permissioned and non-permissioned activities, that's what you might do. However, we can be smarter and use transport rules to selectively block email sent to administrator mailboxes to dissuade internal people from sending email and blocking all but the most essential email coming in from external domains.

March 7, 2022
Ten Ways to Harden the Security of Your Microsoft 365 Tenant – Part 2 One comment

Ten Ways to Harden the Security of Your Microsoft 365 Tenant – Part 2

Over the years, the Microsoft security stack has become very feature rich and offers many ways to customize the configuration. Third-party products are available with similar features, but lack the integration capability of the Microsoft stack. In the second part of the "Ten Ways to Harden the Security of Your Microsoft 365 Tenant" series, we look at five ways to secure your environment using controls that require a premium license such as Office E5 or Azure AD Premium.

March 2, 2022
Use Azure Front Door to Leverage Microsoft’s Global Network for Exchange 2 Comments

Use Azure Front Door to Leverage Microsoft’s Global Network for Exchange

With Azure Front Door, you can reduce the strain on Exchange through caching, content compression, and by filtering out malicious bots before traffic even hits the on-premises network. In this article, we demonstrate how you can use Front Door to reduce your Exchange Server load, increase OWA Client performance and provide Microsoft managed certificates.

March 1, 2022
Threat Explorer and Investigations: Useful Microsoft Defender for Office 365 Features 19 Comments

Threat Explorer and Investigations: Useful Microsoft Defender for Office 365 Features

Microsoft Defender for Office 365 (plan 2) contains the Threat Explorer feature. It's a useful way to investigate problematic messages which arrive in a tenant. The automated investigations feature can highlight messages containing malware by assembling evidence about warning signs in the message or its contents, and administrators can then action the recommendations up to and including the removal of messages already delivered to user mailboxes. Automating investigations is a good thing, if you afford Defender for Office 365 Plan 2.

February 21, 2022
Why Using App Secrets in Production is a Bad Idea 3 Comments

Why Using App Secrets in Production is a Bad Idea

As many organizations adapt legacy scripts to use app authentication instead of traditional service account credentials, security can be compromised if certain risks are overlooked. While app secrets can be great for testing code, there’s a reason they have an enforced expiry date - the longer a secret exists in production, the higher the risk it will become compromised. The methods described in this article will help build a good foundation for app authentication while keeping security top of mind when creating or updating automation scripts.

February 16, 2022
Attack Simulation Training: RBAC and End User Notifications 2 Comments

Attack Simulation Training: RBAC and End User Notifications

Attack Simulations are Microsoft’s foray into a crowded field of competitors who provide a service that trains users to recognize dangerous email with simulated Phishing or malware-infested messages. Microsoft has continually added features and functionality since they released Attack Simulations, including additional simulation types, different payloads, custom payloads, customizable training and more. The most recent upgrades are RBAC permissions and end user notifications. These two additions to Attack Simulation Training are a great incentive to deploy and adopt this functionality, as End User communications are the key enhancement that make this feature worthwhile for an organization.

February 15, 2022