In this article, Sean McAvinue explains how to Microsoft Graph PowerShell SDK to Interact with Exchange Online and SharePoint Online.
A report by the Microsoft 365 Defender Research team explained how attackers compromised admin accounts in a Microsoft 365 tenant. They then created a malicious OAuth app, granted the app some high-priority permissions, and used it to update the Exchange Online configuration to allow spam traffic to flow. All of this comes down to allowing attackers to compromise admin accounts.
This article explains the importance of deploying Autodiscover correctly to ensure that all of Microsoft 365 works, including Exchange Online.
Retaining inactive mailboxes and deleted OneDrives may be required for compliance; but moving them in a tenant-to-tenant migration can be a challenge. We will discuss how to identify inactive mailboxes and deleted OneDrives, and review the processes available for migration.
In this article, we will discuss the Analysis phase of an Exchange Online domain move project. Please refer to our previous post for a brief overview of the five best practices for Microsoft 365 Exchange Online Domain Transfers.
One way to protect administrator mailboxes is not to use them. And if you want administrators to use separate mailboxes for their permissioned and non-permissioned activities, that's what you might do. However, we can be smarter and use transport rules to selectively block email sent to administrator mailboxes to dissuade internal people from sending email and blocking all but the most essential email coming in from external domains.
Exchange Online now supports SMTP Strict Transport Security (MTA-STS), a mechanism to help defend SMTP communications between mail servers. Microsoft 365 tenants can decide if they want to enable MTA-STS for their domain by publishing a DNS record and an MTA-STS policy. You don't have to use MTA-STS, but it's a good idea to consider the option.
Exchange Online has mailbox retention policies. Microsoft 365 has retention policies and retention labels. In this article, we explore how to move away from Exchange Online retention to use Microsoft 365 retention. The transition makes it possible to use the advanced retention capabilities Microsoft is developing that will never show up in Exchange Online, so it's a good long-term goal to have even if it's not on your immediate work list.
In a December 24 announcement, Microsoft says that the roll-out of DNSSEC and DANE support in Exchange Online will start in mid-January 2022. Because this is a big change for the Exchange Online infrastructure, Microsoft is using a phased deployment which won't complete until mid-May. Support for DNSSEC and DANE has been coming for a long time, but it's good that the extra security which these standards bring will be available to Exchange Online tenants.
Microsoft Sentinel is Microsoft's log aggregator. Along with other data, Sentinel can ingest events from the Office 365 audit log. Once ingested, we can visualize the data through workbooks. If you have an Azure subscription, it's surprisingly easy to take advantage of the 31-day trial to see if Sentinel can do a job for your organization. Follow our steps and you'll be visualizing quickly.
On November 1, Microsoft will limit auto-expanding archives to 1.5 TB and bring the era of "bottomless archiving" to an end. The new limit might not affect many Exchange Online tenants, but it's a wake-up call for administrators to check how archiving is used in their tenants. To help the process, we've written a PowerShell script to report the current set of user and shared mailboxes with archives.
From November 1, 2021, Microsoft requires Outlook 2013 Service Pack 1 (with fixes) as the minimum client version to connect to Exchange Online. Given all the publicity about attacks against the on-premises version of Exchange earlier this year, it's a wonder why organizations continue to allow people to use outdated client software to connect to Exchange Online. In any case, the drop-dead date is November 1. If you have any old Outlook 2007, Outlook 2010, or Outlook 2013 (before SP1) clients, it's time to start upgrading.
