Security and Compliance Center – Brian Reid – Microsoft 365 Subject Matter Expert

SSL Inspection and Microsoft 365

There are a number of features in Microsoft 365 that do not work if SSL Inspection (also known as TLS Interception) is enabled on your device or network provider. You need to disable the listed URLs that Microsoft provides in its documentation. The problem is there is a lot of disconnected documentation! This blog post […]

November 28, 2023

Defender, enterprise mobility + security, microsoft, Microsoft 365, Microsoft Cloud App Security, Microsoft Defender Advanced Threat Protection, Microsoft Defender for Office, Microsoft Teams, Office 365, Office 365 Advanced Threat Protection, Office 365 ProPlus, security, Security and Compliance Center, Uncategorized
Upgrading to Information Barriers v2

Information Barriers are a compliance feature of Microsoft 365, and until March 2023 a version, now known as v1 or legacy mode Information Barriers was the only option in place. Legacy (v1) Information Barriers allowed a user to be a member of a single Information Barrier segment and so communications where limited between all users […]

August 9, 2023

compliance, exchange, exchange online, IB, Information Barriers, OneDrive, OneDrive For Business, Security and Compliance Center, sharepoint
Blocking More Obvious Phish – Attachment Filtering

One relatively easy way to block some categories of phishing email is to block the attachment type that is sent with some of these messages. For example, I have had a few of these recently: Hovering over the attachment I see the filename, and it ends .shtml. This attachment is for server-side HTML (SSI includes […]

May 16, 2023

Defender, Edge, EOP, exchange, exchange online, Exchange Online Protection, Exchange Server, malware, Microsoft Defender for Office, Office 365 Advanced Threat Protection, security, Security and Compliance Center
Improving Exchange Online Email Deliverability Through Third Party Filtering Services – Trusted ARC Sealer

When you receive emails into Exchange Online and you filter the external messages before arrival with a third party filter such as Mimecast, Proofpoint or others, then you can have DMARC failures that result in messages being junked or quarantined. This is a new feature to Exchange Online to allow you to trust the DMARC […]

June 20, 2022

ARC, dkim, dmarc, email, EOP, exchange, exchange online, Exchange Online Protection, phish, phishing, Security and Compliance Center, spam, spf, spoof
Allowing “Phish” Training Emails in Exchange Online

With the introduction of “Secure by Default” in Exchange Online, where you used to add IPs and other settings such as allow-lists to allow your phish training emails to get through to your users this will no longer work, and shortly it will no longer work to bypass the Exchange Online filters using mail flow […]

August 16, 2021

Defender, EOP, Exchange Online Protection, Microsoft 365, Microsoft Defender Advanced Threat Protection, Office 365, Office 365 Advanced Threat Protection, phish, phishing, security, Security and Compliance Center
Unexpected Security and Compliance Center Changes

In the last few days the layout of the Security and Compliance Center with regard to the Threat Management section appears to have changed. In the middle of the week just gone, and for a long while previously, you could access Mail Filtering, Anti-malware, and DKIM from Security and Compliance > Threat Management and see […]

September 16, 2017

Advanced Threat Protection, ATP, EOP, malware, Safe Attachments, Safe Links, Security and Compliance Center, Threat Management

Category: Security and Compliance Center

SSL Inspection and Microsoft 365

Upgrading to Information Barriers v2

Blocking More Obvious Phish – Attachment Filtering

Improving Exchange Online Email Deliverability Through Third Party Filtering Services – Trusted ARC Sealer

Allowing “Phish” Training Emails in Exchange Online

Unexpected Security and Compliance Center Changes