Tracker Approval Process
Continuing our review of practices to protect cloud infrastructures from weaknesses that can be introduced from on-premises accounts, we consider admin rights, authentication, and conditional access policies. Plus the need to collect and analyze the log data available in cloud environments to make sure that nothing nasty is slipping through.
Microsoft has released two new features to help Multi-factor authentication for Azure AD accounts work smarter and better. It's possible to implement number matching and additional context for MFA challenges in 30 minutes, and the two increase the security of MFA. It's something that every Microsoft 365 tenant administrator should consider, as we explain here.
Nicolas Blank provides step-by-step instructions on configuring Exchange 2019 as an anonymous relay within your own network.
According to a Microsoft presentation at TEC 2021, organizations moving to the cloud from on-premises infrastructures should pay attention to security weaknesses that could be introduced from on-premises accounts. It's all too easy to allow a highly-permissioned on-premises account to evolve into one that has full access across a Microsoft 365 infrastructure, and that can lead to terrible consequences if attackers penetrate the on-premises infrastructure and compromise the accounts.
In this week's Practical 365 podcast it's a bumper show - covering everything post-Microsoft Ignite including what's arrived in Microsoft 365 for you to use right now - plus we firm up some of the dates for new features and changes coming to the suite.
Adaptive scopes are a new way to target locations for Microsoft 365 retention policies. Previously, we covered how to use scopes to find users and groups. Now, we move to describe how to use adaptive scopes to find SharePoint Online sites and OneDrive for Business accounts. The process is not quite as easy as it is to create scopes for users and groups, but once you understand how to add custom properties to sites, you're home free and easy. That is, if you have the necessary Office 365 E5 licenses to use adaptive scopes...
Adaptive scopes are a new way to dynamically target sets of locations (sites, users, and groups) for Microsoft 365 retention policies. In this article, we discuss the basics of adaptive scopes and how to build the filters used in the scopes, and then how to use adaptive scopes in retention policies. Adaptive scopes are well suited to the kind of processing needed by large enterprises, which is good because they required Office 365 E5 licenses.
Microsoft has issued security updates for Exchange 2013, 2016, and 2019. The updates can only be applied to servers running up-to-date cumulative updates. Organizations running Exchange 2016 or 2019 should apply the updates as a matter of urgency because of a known vulnerability circulating in the wild.
Although it's easy to write scripts using cmdlets in the Microsoft Graph PowerShell, SDK you probably don't want to execute the scripts interactively. In this article, we explain how to use certificate-based (app-only) authentication to run scripts. This is very much an explanation about how to accomplish the task in a testing environment. If you want to run scripts in production, some extra work is needed.
Microsoft 365 Desired State Configuration (DSC), is a way to capture details of a tenant's configuration using PowerShell in such a way that any changes made to the configuration can be easily detected. DSC allows administrators to understand when configurations change so that they can take action when necessary. In this article, Sean McAvinue explains how to use DSC to capture and report details of your Microsoft 365 tenant.
In this week's episode - we're live from Microsoft Ignite 2021 (virtually, for once) talking through the biggest announcements. We'll be updating the episode live as we broadcast too, so be sure to check back after the show to read the best bits.
The Office news at Microsoft's Fall Ignite event was dominated by Teams and technology associated with Teams. A new Microsoft 365 app called Loop will be available in 2022 and we'll have the chance to use Connect IQ to make our messages even more intelligent than they are now. And if you really get funky, you can join a Teams mesh meetings in a virtual environment. But the bad news is that Teams Shared Channels are delayed until preview in early 2022.
