Microsoft 365 Exchange Online Domain Transfers: Strategy Phase
Join us as we continue the Exchange Online Domain Transfers series, focusing on the strategy phase of a Microsoft 365 domain move project.
January 12, 2023
Latest Articles
Security Researchers Can Do Better When Discussing Microsoft 365 Flaws
Security researchers love to report software vulnerabilities that they find. That's their role and it's a valuable contribution to the technical community. However, some of the reports about Microsoft 365 flaws are over-hyped and under-considered, like a recent example covering the risk of phishing in the Exchange Online Direct Send feature.
December 19, 2022
Introduction to the Microsoft Graph PowerShell SDK Part III: Interacting with Exchange Online and SharePoint Online
In this article, Sean McAvinue explains how to Microsoft Graph PowerShell SDK to Interact with Exchange Online and SharePoint Online.
November 23, 2022
Microsoft Security Report Highlights OAuth Compromise of Exchange Online
A report by the Microsoft 365 Defender Research team explained how attackers compromised admin accounts in a Microsoft 365 tenant. They then created a malicious OAuth app, granted the app some high-priority permissions, and used it to update the Exchange Online configuration to allow spam traffic to flow. All of this comes down to allowing attackers to compromise admin accounts.
September 26, 2022
Make Sure Your Implementation of Autodiscover Avoids Common Pitfalls
This article explains the importance of deploying Autodiscover correctly to ensure that all of Microsoft 365 works, including Exchange Online.
September 14, 2022
Migrate Office 365 Inactive Mailboxes and Deleted OneDrives
Retaining inactive mailboxes and deleted OneDrives may be required for compliance; but moving them in a tenant-to-tenant migration can be a challenge. We will discuss how to identify inactive mailboxes and deleted OneDrives, and review the processes available for migration.
August 16, 2022
Microsoft 365 Exchange Online Domain Transfers: Analysis Phase
In this article, we will discuss the Analysis phase of an Exchange Online domain move project. Please refer to our previous post for a brief overview of the five best practices for Microsoft 365 Exchange Online Domain Transfers.
August 9, 2022
Protecting Administrator Mailboxes from Phishing and Other Threats
One way to protect administrator mailboxes is not to use them. And if you want administrators to use separate mailboxes for their permissioned and non-permissioned activities, that's what you might do. However, we can be smarter and use transport rules to selectively block email sent to administrator mailboxes to dissuade internal people from sending email and blocking all but the most essential email coming in from external domains.
March 7, 2022
Exchange Online Launches Support for MTA-STS
Exchange Online now supports SMTP Strict Transport Security (MTA-STS), a mechanism to help defend SMTP communications between mail servers. Microsoft 365 tenants can decide if they want to enable MTA-STS for their domain by publishing a DNS record and an MTA-STS policy. You don't have to use MTA-STS, but it's a good idea to consider the option.
February 4, 2022
How to Transition from Exchange Online Mailbox Retention Policies to Microsoft 365 Retention
Exchange Online has mailbox retention policies. Microsoft 365 has retention policies and retention labels. In this article, we explore how to move away from Exchange Online retention to use Microsoft 365 retention. The transition makes it possible to use the advanced retention capabilities Microsoft is developing that will never show up in Exchange Online, so it's a good long-term goal to have even if it's not on your immediate work list.
January 20, 2022
Exchange Online Introduces DANE and DNSSEC for Outbound Email
In a December 24 announcement, Microsoft says that the roll-out of DNSSEC and DANE support in Exchange Online will start in mid-January 2022. Because this is a big change for the Exchange Online infrastructure, Microsoft is using a phased deployment which won't complete until mid-May. Support for DNSSEC and DANE has been coming for a long time, but it's good that the extra security which these standards bring will be available to Exchange Online tenants.
January 17, 2022
How to Use Office 365 Audit Data with Microsoft Sentinel
Microsoft Sentinel is Microsoft's log aggregator. Along with other data, Sentinel can ingest events from the Office 365 audit log. Once ingested, we can visualize the data through workbooks. If you have an Azure subscription, it's surprisingly easy to take advantage of the 31-day trial to see if Sentinel can do a job for your organization. Follow our steps and you'll be visualizing quickly.
January 13, 2022