Search for: conditional access policies

167 Results

Deploying the Microsoft Tunnel VPN Gateway in Enterprise Environments

Tips and Techniques to Avoid Common Issues In a previous post, I discussed how to leverage the Microsoft Tunnel solution to control access to your Microsoft 365 environment. In this article, I discuss deploying the Microsoft Tunnel VPN gateway in an enterprise environment. Basic Deployment The basic steps to deploy the Microsoft Tunnel VPN gateway […]

Continue Reading Deploying the Microsoft Tunnel VPN Gateway in Enterprise Environments

Using Microsoft 365 Desired State Configuration in Tenant-to-Tenant Migrations

Control Your Configuration as Migrations Unfold It can be quite a challenge to maintain workload configurations in a Microsoft 365 tenant. Small to medium size organizations might have administrators responsible for the management of the entire tenant. Large enterprise organizations might assign different people to manage different workloads. All share a common responsibility of keeping […]

Continue Reading Using Microsoft 365 Desired State Configuration in Tenant-to-Tenant Migrations
GENERIC Azure AD and authentication

Microsoft Plans Big Security Improvement for Unprotected Office 365 Tenants

Microsoft plans to enable Azure AD Security Defaults for Office 365 tenants created prior to October 2019. The move will protect an additional 60 million Azure AD accounts against common attacks by enforcing MFA more broadly. It's a big deal in terms of improving the overall security posture of Office 365. If you don't want to use Security Defaults, tenant administrators can switch them off.

Continue Reading Microsoft Plans Big Security Improvement for Unprotected Office 365 Tenants
App secrets

Why Using App Secrets in Production is a Bad Idea

As many organizations adapt legacy scripts to use app authentication instead of traditional service account credentials, security can be compromised if certain risks are overlooked. While app secrets can be great for testing code, there’s a reason they have an enforced expiry date - the longer a secret exists in production, the higher the risk it will become compromised. The methods described in this article will help build a good foundation for app authentication while keeping security top of mind when creating or updating automation scripts.

Continue Reading Why Using App Secrets in Production is a Bad Idea
teams guest accounts

Five Practical Actions to Control Guest Accounts for Microsoft Teams

The number of guest accounts in Azure AD keeps growing, largely due to usage in Microsoft Teams. In this article, we describe five basic management steps to control where guests come how, how they connect, what they can do and access, and removing inactive guests. It's the kind of thing all Microsoft 365 tenants should do.

Continue Reading Five Practical Actions to Control Guest Accounts for Microsoft Teams
GENERIC Admin

Five New Year Resolutions for Microsoft 365 Tenant Administrators

The Microsoft 365 ecosystem is a big place and it's hard to keep on top of everything. But to start 2022 off with a bang, here are five areas for tenant administrators to consider when they plan how they'll spend their time in the new year. As always, feel free to disagree and add comments describing what you plan to do in 2022.

Continue Reading Five New Year Resolutions for Microsoft 365 Tenant Administrators

Can Entra ID Custom Security Attributes Replace Exchange Custom Attributes?

Microsoft launched the preview of Azure AD custom security attributes on December 1. Custom attributes are well known to Exchange administrators. In this article, we look at how to create and add Azure AD custom security attributes, how to transfer data from Exchange to Azure AD, and how to retrieve information from the attributes. Azure AD custom security attributes have some advantages, but they also have some downsides.

Continue Reading Can Entra ID Custom Security Attributes Replace Exchange Custom Attributes?
Microsoft Exchange

Why can’t you remove the last Exchange Server?

So, you've completed your migration to Exchange Online. Email flows smoothly into and out of the cloud, and all your mailboxes are now online. What's next for your Exchange Servers, now that you've made the transition? After completion you will have several tasks to perform to remove Exchange Servers from your environment, but there is one important caveat you need to know about; if you run Azure AD Connect then you can't remove every Exchange Server from your environment. You will need to keep at least one around for management purposes. In this article, I'll walk through what you can do to minimise what you keep and need to maintain, and what you can consider planning for in the future. You can also join me at TEC this week, on September 2nd.

Continue Reading Why can’t you remove the last Exchange Server?