Your weekly digest for Microsoft 365 News

Outlook Mobile Device Access changes

For this week’s podcast episode, Sigi and Steve are joined by a special guest, Ross Smith IV who works as a Principal Program Manager at Microsoft. They talk about the upcoming Exchange Online Device Access and Conditional Access changes with Outlook Mobile.

With Device Access in Outlook Mobile as we look at it today, if you configure any conditional access policy – regardless of its applicability to mobile devices – Exchange Online will skip mobile device access rules’ processing for Outlook for iOS and Android devices.

The changes, set for implementation in August 2020, look to allow only certain Conditional Access policies to bypass Exchange’s mobile device access rules for Outlook for iOS and Android devices.

Specifically, only Conditional Access policies configured with the following grant access controls will prevent Exchange mobile device access rules being applied to Outlook for iOS and Android:

  • Require device to be marked as compliant
  • Require approved client app
  • Require app protection policy

You can read more about this here.

Microsoft Security Blog: Defending Exchange servers under attack

As an Exchange administrator, Securing Exchange servers should be one of the most important things you do. There are two primary ways in which Exchange servers are compromised.

The first and more common scenario is attackers launching social engineering or drive-by download attacks targeting endpoints, where they steal credentials and move laterally to other endpoints in a progressive dump-escalate-move method until they gain access to an Exchange server.

The second scenario is where attackers exploit a remote code execution vulnerability affecting the underlying Internet Information Service (IIS) component of a target Exchange server. This is an attacker’s dream: directly landing on a server and, if the server has misconfigured access levels, gain system privileges.

Defending Exchange servers under attack

Here are the key five steps to keep your servers safe:

  • Apply the latest security updates
  • Keep antivirus and other protections enabled
  • Review sensitive roles and groups
  • Restrict access
  • Prioritize alerts

Read more about how to defend Exchange Servers under attack here. You can also read how to improve your defense and security further here.

Microsoft release guidance on configuring Teams Calendar access for Exchange 2016

One area that’s lacked official Microsoft documentation and guidance has been the integration of Teams and Exchange calendar access. Partly this is because many organizations who are staying on-premises might not be licensed for Office 365, and others have decided to migrate to Exchange Online and then enable Teams. Therefore, it’s been somewhat of an edge case.

However – one area that has obviously changed has been the rapid adoption of Teams. This has meant that for many organizations the only way to schedule meetings would be via the Outlook Add-in, unless they are in a position to enable the OAuth relationship for Calendar Access.

A common question has been – what versions of Exchange support calendar access from Teams, where does the mailbox need to be located and what needs to be in-place for this to work. Often there will be some discussion on what Microsoft actually state as supported, as the Teams documentation lacked complete clarity.

This article makes it clear what Microsoft will support and the core requirements for access. What it doesn’t necessarily mention is the specific requirements around Internet access to Exchange Web Services required for those organizations that need to still block EWS for other clients. On the ground experience has shown that in addition to Exchange Online IP addresses and URLs required for Hybrid, your Exchange Servers will also need access from Microsoft Teams IP address ranges.

Read more here.

Defender ATP is GA on Linux, and launches into Preview for Android

It’s not quite the year of the Linux desktop yet, but most organizations standardizing on an anti-malware solution do need protection for both servers and desktops.

Defender ATP support for Linux, therefore, was a must. Launching into GA this week, Defender ATP support for RHEL, CentOS and Oracle Linux 7.2, Ubuntu 16 LTS and Debian 9.

Read the launch blog here and find out more information here.

Teams Consumer launches into Public Preview

Earlier this week, Microsoft launched the “Teams Consumer” – the “Family and Friends” offering that’s distinct from Teams Free.

Teams Consumer allows you to use the “Slack” style functionality in Teams using Microsoft Accounts (or Live IDs, to use their older name) alongside your work accounts.

The ideal use-case scenario for this is organising family activities, sports clubs and other areas where you might struggle to get everyone into one place where files, plans and chats can be shared.

It doesn’t provide the same sort of meeting scheduling functionality as Skype Consumer or Teams Free, so it’s likely that at the moment the main use is for that chat-based collaboration alongside something like Teams for getting together online.

Read more here.

From the eighTwOne Blog: Teams Custom Backgrounds

A useful and funny collection of backgrounds you can use for your Teams calles collected by our fellow MVP Michel De Rooij

Teams Custom Backgrounds

Browse and download the custom backgrounds here.

And of course, on the Practical 365 blog, we’ve got a roundup of custom backgrounds including the admin controls to control it, and links to a variety of free images you can use (without copyright issues).

100 GB File Size for OneDrive and SharePoint

Microsoft announced a few months ago that they would be increasing the Max File Size from 15GB to 100GB for a single file. And the best thing: It’s already available 🙂

Teams functionality to restrict lobby bypass to only the organiser reaches General Availability

This week, Microsoft rolled out the feature to allow a meeting organiser to stop all attendees from joining the meeting until the organiser lets them in.

You could already do this for external participants, and this now gives an option to make all internal participants wait in the lobby as well.

It has been highly requested by Education customers, who have a need to stop students from entering scheduled classes before the teacher arrives.

Read more here.

Live Events gets an additional limit increase

After increasing the maximum number of attendees to Live Events to 10,000 earlier in the year, Microsoft have rolled additional increases that will stay in place until at least the 1st October, 2020.

Teams, Stream and Yammer Live Events will now support up to 20,000 people.

Find out more here.

Microsoft Intune: Endpoint Analytics Public Preview

Endpoint analytics aims to improve user productivity and reduce IT support costs by providing insights into the user experience.

Features available for the preview include:

  • Startup Score
  • Recommended Software
  • Proactive Remediations.

ConfigMgr-managed devices are now supported in addition to Intune-managed devices.

From the preview, you’ll see an endpoint analytics score (similar to secure score) and a baseline, along with recommendations for changes you could consider applying.

Check out the public preview here.

Interesting announcements on the Roadmap

  • Exchange online: Client Access rules support for OAuth POP and IMAP
    • As the title says: Client Access rules will soon support OAuth Pop and IMAP, so you can define e.g., that IMAP basic auth is disabled, but IMAP using OAuth is available for your messaging clients.
    • Planned for July CY2020
  • New Feature: Inline Chat message translation for iOS
    • Inline chat message translation lets users translate Teams mobile chat messages into the language they choose.
    • To translate a chat message, press-and-hold the message to see the translation option.
Inline chat message translation for iOS
  • Roll-out for iOS starts late June, and completed in mid-July CY2020. Android will follow later.
  • Microsoft Teams: Language-aware proofing
    • Users who write different messages in different languages will now see spellchecking relevant to the language they use when typing a message in the Microsoft Teams desktop app.
    • Feature will be released in June CY2020.
  • Microsoft Teams: Templates hits the roadmap
    • Announced at Build, Templates in Teams will allow users to pick specific templates for new Teams, including channels, tabs and applications, based on common scenarios, and allow IT admins to load in their own templates to make available to users.
    • This hit the roadmap and is scheduled for August 2020
  • Microsoft Planner: Tasks for Information Workers in Teams
    • It consolidates your tasks across Microsoft To Do, Teams channels, Planner and Outlook.
    • This includes smart views including tasks assigned to you, the priority and the start or due date.
    • You can choose the view that works the best for them – list, boards, charts, schedules – to get things done. 
    • Feature will planned for July CY2020.
  • Outlook on the web – redesigned inbox “Storage” view in Settings
    • The inbox storage view in Settings will be redesigned:
      • You will see which files and folder are consuming your inbox storage space and manage it.
    • Roll-out is started, and completed in July CY2020

About the Author

Siegfried Jagott

Siegfried is a Microsoft MVP for Office Apps and Services. He has great expertise in Office 365 implementations with a special focus on Security, Messaging and Identity for international customers.

Leave a Reply