Search for: conditional access policies

167 Results

Microsoft Security Report Highlights OAuth Compromise of Exchange Online

A report by the Microsoft 365 Defender Research team explained how attackers compromised admin accounts in a Microsoft 365 tenant. They then created a malicious OAuth app, granted the app some high-priority permissions, and used it to update the Exchange Online configuration to allow spam traffic to flow. All of this comes down to allowing attackers to compromise admin accounts.

Heard at TEC: Mischief Managed – Attacking (and securing) Azure Managed Identities

A brief recap of Andy Robbins TEC session on Azure Managed Identities, discussing what they are, their challenges, and should you avoid them?

Using Intune App Protection Policy to protect corporate data

Organizations used to use Intune MDM to manage apps, but with the increase in devices and apps, Intune MAM is the more appropriate vehicle. This article will give an overview of Intune app protection policy within MAM with specific policies I found particularly useful for protecting corporate data.

Microsoft Plans Automatic Upgrade of Apple Mail App Profiles

Tens of millions of Apple devices connect to Exchange Online user mailboxes. The mail app profile on many devices still use basic authentication, and that's a big problem because Microsoft will start to remove support for basic authentication for EWS and EAS, the two connectivity protocols used by Apple devices, from October 1, 2022. Microsoft and Apple have come up with a cunning plan to work around the problem. Success requires some administrator intervention to make sure that the app used by Apple to update the mail app profile can work without prompting the user for consent. It's time to act!

Using Microsoft Defender for Cloud Apps to Manage Third-Party Apps Better

I used Microsoft Defender for Cloud Apps in a project with Microsoft 365 E5 licenses and realized it’s a handy and powerful tool at a reasonable price even if purchased as a standalone product. This post will outline practical use cases for using it to monitor and enforce restrictions on Microsoft 365 apps and some third-party apps to reduce the likelihood of information leakage.

When You Should Disable Azure AD Security Defaults

Security Defaults is a control in Azure Active Directory which has been around since 2019 and is enabled by default on new tenants created after October 2019. Microsoft recently announced they will now start turning on Azure AD security defaults for existing tenants. Throughout this blog we will explore what this means and if Security Defaults is the right fit for your organization.

Three Steps to Securing Microsoft Teams

Any discussion about securing Microsoft Teams can rapidly descend into a detailed debate about different policy settings. But when you focus on what really needs to be done, it's all about making sure that user access is secure, external access is controlled, and individual teams are managed. Easy!

Office 365 migration plan assessment scripts

Prepare an Office 365 Tenant-to-Tenant Migration Plan using PowerShell

The complexities of Office 365 tenants only increases the complexities of creating an Office 365 migration plan. To generate an initial assessment for a tenant, I created a PowerShell script to report the most important information that influences migration planning.

Subscribe for Practical 365 updates

Search for: conditional access policies