Last month Microsoft announced that they enable auditing by default on every mailbox. Before this, you needed to run a script on every newly created mailbox to enable auditing for the items you wanted. Microsoft provided a script for this that can be found on GitHub.
The announcement can be found on techcommunity.
In this announcement, they say that every new mailbox gets the default set of auditing. This default set can be updated from Microsoft’s side, but when you have enabled auditing by yourself or the script, they provided it stays that way.
So, what is Access Review? It is an Azure solution that can assist in the reduction of access to guests in your tenant and access to applications for your users. This tool can assist you in doing automated reviews of access to certain Enterprise applications or on AD groups in your tenant. See this YouTube video for a detailed explanation
https://youtu.be/kDRjQQ22Wkk
The downside of this tool is that it is only available when you have Azure AD P2 or EMS E5 license.
Let’s kick this post of what I mean with a break glass account.
What is a break glass account? A break glass account is a non-personal in case of an emergency account that is never used and is stored in a vault where only a few people have access too. This account is a global admin on your tenant and in some sense is the top-level account of your environment.
Collaborating with Microsoft Teams is very easy, and I’m using it at several customers. At one customer the teams are getting multi-language where before every conversation was in Dutch, now with new team members that are not speaking Dutch they have trouble going back into the conversations and do not understand what is written. Luckily Microsoft Teams now offers the ability like Skype to have translations for this.
We found that this was not enabled by default in the tenants that I worked checked.
What is Azure AD Terms of use? Within Azure AD conditional Access there is an option called Terms of use. As Microsoft explains it:
“Azure AD Terms of use provides a simple method that organizations can use to present information to end users. This presentation ensures users see relevant disclaimers for legal or compliance requirements.”
So basically, you will give the end users a popup or screen when they login with a disclaimer for legal or compliance reasons.
This week I had the privilege to speak at DIWUG about securing your Office 365 environment. This time I started from a governance point of view. So what policies do we have and do we need before we can set up the security in Office 365. Also what licenses are available and do we need additional licenses to satisfy our security needs.
In the demos I showed how Conditional Access can help securing the environment and how Terms of use can be used for certain user groups or applications.
Today I had the privilege to speak at SharePoint Saturday Genève. I did a session about security in a cloud environment when you are moving from an on-premises environment to the cloud. The security then moves from your perimeter network to the user’s identity. The session gave an overview of the tools in Azure AD to secure the cloud identity.
[slideshare id=125157044&doc=20181206-spsgenevewearemovingtothecloudwhataboutsecurity-181206131838]
At my customer we are using Privileged Identity Management (PIM) for all admin related tasks, no employee has standing access within the company.
What is PIM Let’s first start by explaining Privileged Identity Management. It is a service that is available in Azure AD and is part of Azure AD Plan 2. For a user to use it, they need this plan enabled. PIM makes it possible to give a user the privilege to elevate his or her access rights for a preset amount of time to a higher role such as User Administrator or SharePoint Administrator.
This week I had the privilege to speak at Office 365 connect.
My session was scheduled on the second day at 9 am. My session was about Protecting your data in Office 365 and had the big room where the keynote was yesterday.
For me, this was the first time on a big event speaking and was a bit excited on doing this. After just a few minutes it felt good and had a great presentation with good feedback from the audience.
This weekend I had the privilege to speak at SharePoint Saturday in Leicester. Here I did a session on Protecting your data in office 365. I talked about how we did security before the cloud and what Microsoft provides to keep your data safe in Office 365. I showed Multifactor authentication with Conditional Access, disabling legacy authentication, Privileged Identity Management, Identity Secure Score and Password less Authentication.
See my deck below