What's Trending

Subscribe

Latest Posts

Secure Access for Remote Workers without Microsoft Defender for Cloud Apps

In the second article of this 2-part series, we describe the alternatives that exist to help secure access for remote workers, exploring the worthy features that don’t require MDCA. The features detailed in this article are available for any tenant with Azure AD Premium licensing and offer a more generic set of controls for tenants where MDCA licensing is not available.

February 3, 2022

Windows 11 Requirements & TPM: What Are the Real Benefits?

In June of 2021, Microsoft announced the requirements for Windows 11, which has a notable security hardware requirement: PC configurations must include version 2.0 of the Trusted Platform Module (TPM) to install Windows 1. This article reviews what TPMs are, outlines the benefits and use cases, and examines the extent to which the requirement will protect devices from the most common threats.

January 31, 2022

Using Microsoft Defender for Cloud Apps to Secure Access for Remote Workers

There are many ways to provide secure access for remote users working on a home network or personal device (such as VPNs or VDI environments) and they each bring their own levels of complexity. This article explores using Microsoft Defender for Cloud Apps as a solution that is easily deployed, and capable of expanding beyond Office 365 to bring a higher level of control and governance over third-party cloud apps that lack similar native controls.

January 27, 2022

Bridging the Gap Between Microsoft Teams and Email

Teams is mostly an internal communications platform while email connects billions of people around the world. Inside Microsoft 365 tenants, you might need to connect Teams and email together. In this article, we discuss the out-of-the-box features available to link the two and describe some of the positive and negative points of each. You can certainly bridge the gap between Teams and email, but maybe Microsoft could grease the connection just a little more...

January 25, 2022

How to Transition from Exchange Online Mailbox Retention Policies to Microsoft 365 Retention

Exchange Online has mailbox retention policies. Microsoft 365 has retention policies and retention labels. In this article, we explore how to move away from Exchange Online retention to use Microsoft 365 retention. The transition makes it possible to use the advanced retention capabilities Microsoft is developing that will never show up in Exchange Online, so it's a good long-term goal to have even if it's not on your immediate work list.

January 20, 2022

Why Separate Microsoft 365 Administrator Accounts are Critical to Security Posture

There’s a lot of debate around the need to separate Microsoft 365 administrator accounts, especially when controls such as Privileged Identity Management exist within an organization. However, even with PIM there are remaining security concerns which necessitate the operation of separate accounts. This article explains the importance of using separate accounts; details how to target different Conditional Access policies for admin and user accounts and highlights how this approach increases your security posture and limits potential attack vectors against administrator accounts.

January 18, 2022

Exchange Online Introduces DANE and DNSSEC for Outbound Email

In a December 24 announcement, Microsoft says that the roll-out of DNSSEC and DANE support in Exchange Online will start in mid-January 2022. Because this is a big change for the Exchange Online infrastructure, Microsoft is using a phased deployment which won't complete until mid-May. Support for DNSSEC and DANE has been coming for a long time, but it's good that the extra security which these standards bring will be available to Exchange Online tenants.

January 17, 2022