Categories
Defender EOP Exchange Online Protection Microsoft 365 Microsoft Defender Advanced Threat Protection Office 365 Office 365 Advanced Threat Protection phish phishing security Security and Compliance Center

Allowing “Phish” Training Emails in Exchange Online

With the introduction of “Secure by Default” in Exchange Online, where you used to add IPs and other settings such as allow-lists to allow your phish training emails to get through to your users this will no longer work, and shortly it will no longer work to bypass the Exchange Online filters using mail flow […]

Categories
Endpoint Manager Intune MAM Microsoft 365 security

Intune MAM Exemptions – Discovering URL Protocols

In Microsoft Intune you can create a secure container where the data in your apps cannot leak outside of. That is, you can restrict copy/paste outside of the supported apps and restrict opening the data in a different app. But sometimes you need to open the data in a different app and with the Intune […]

Categories
EOP exchange exchange online Exchange Online Protection Outlook owa security spam

[New] External Email Notification in Exchange Online

This is a new feature released in March 2021 that adds support in Outlook (Mac, OWA, Mobile) for the display of the external status of the sender – note at the time of writing it does not add this feature to Outlook for the PC. This should be used to replace the way this has […]

Categories
mdatp security web windows 10

Free Web Content Filtering With Microsoft Defender ATP

Well free as in you need an MDATP licence first, but as this used to be an add on feature on top of MDATP with an additional cost, this is now effectively free once you are licensed for MDATP. The feature enables your organisation to track and regulate access to websites based on their content […]

Categories
2FA Azure Active Directory Azure AD MFA security self-service password reset smartphone sms text message

Impact of Removing SMS As an MFA Method In Azure AD

There are a number of general recommendations that SMS (text messages) as an MFA method is not a good idea (mainly to do with the ease of porting or moving devices the number is associated with). You should always be looking at MFA with an app (Microsoft Authenticator or other) or hardware device. But the […]

Categories
Azure Active Directory Azure AD conditional access enterprise mobility + security Office 365 security self-service password reset sspr

Register For Azure AD MFA From On-Premises Or Known Networks Only

A long request within Azure AD/Office 365 has been the request to be able to register your security info from a known location or only on certain other conditions. Well it looks like this has appeared in Azure AD in the last few days!! Its visible under Azure AD > Conditional Access > New/Existing Policy […]

Categories
active directory Azure Active Directory Azure AD AzureAD EM+S enterprise mobility + security microsoft Office 365 password security

Improving Password Security In the Cloud and On-Premises

Passwords are well known to be generally insecure the way users create them. They don’t like “complex” passwords such as p9Y8Li!uk%al and so if they are forced to create a “complex” password due to a policy in say Active Directory, or because their password has expired and they need to generate a new one, they […]

Categories
EOP exchange online Exchange Online Protection Exchange Server Office 365 security starttls TLS

Forcing Transport Level Secure Email With Exchange Online

In Exchange Online there are a few different options for forcing email to require an encrypted connection. These depend upon the level of licence you have, and some of them are user based (Office 365 Message Encryption for example), but there are two ways to force TLS (transport layer security) for the email between when […]

Categories
MFA MVP security yubikey

Securing Your Windows 10 Login With Yubikey

The Yubikey is a small USB connected hardware device that can generate a variety of security codes. Being virtually indestructible and easy to clip to a key ring (Yubikey 4) or leave inside your only device (Yubikey 4 Nano) you can now use this token to login to Windows. Once you have got your token […]