When it was first available, Microsoft 365 Data Loss Prevention (DLP) policies could only process Microsoft 365 data. Over the last few years, Microsoft expanded the scope for DLP to support these additional environments. In this article, we focus on implementation details around applying DLP to endpoint devices.
With Teams being one of the most popular Microsoft collaboration apps, it is only right that it be included in tenant migrations! But, how do you go about getting started? In this blog, Randy Rempel reviews the top 10 must-do actions to ensure a successful Teams Tenant Migration.
Most Microsoft 365 user accounts don't need access to Exchange Online PowerShell. It's an administrative tool that end users don't get much value from. In this article, we explore the best way to disable Exchange Online PowerShell using a script that can run interactively or as a scheduled Azure Automation runbook (the best way for automatic management).
At the end of March, Practical 365 traveled with the TEC European roadshow, traveling between three cities in Europe over a week, listening to experts talking primarily about security-focused topics aimed at improving your Microsoft 365, Azure AD and Active Directory. Read our whistle-stop tour of the most important points made by expert speakers.
While some methods for MFA responses have security issues, people often overlook their practical advantages. Not everyone is ready to dump a valid authentication method. In this article, we take the journey to removing phone-based responses from your tenant while considering some practical implications.
Many PowerShell scripts written to automate operations in Microsoft 365 tenants fetch Azure AD users or mailboxes to process. In this article, we explain how to fetch user objects effectively by using filters to make sure that scripts process the right set of accounts or mailboxes.
After seemingly ignoring the situation for years, Microsoft delivered modern authentication for Exchange Server (for pure on-premises organizations) in Exchange 2019 CU13. The solution uses ADFS to issue and manage the OAuth 2.0 tokens and is supported by the latest version of Outlook for Windows. Support for other clients is in the works.
Because of the way the Windows security model works, it’s not currently possible to eliminate the use of passwords for local administrator accounts. Given that fact, the next best solution is to remediate the biggest problems with passwords for these local accounts, including weakness, reuse, and tenure. In this article, we discuss how the Local Administrator Password Solution (LAPS) helps with all of those!
Microsoft has long been asked to support guest account expiration, just like the functionality available for on-premises Active Directory accounts. Engineering priorities have not allowed the developers to work on the feature, but it's possible to do the job with PowerShell as we explain here.