Deploying Windows Hello for Office 365 or Hello World for Office 365

Having grown up with personal computers in the 70s and 80s my introduction to computer science was a simple two-line program.

10 PRINT "Hello, World!"
20 END

I’m sure that most of those who read this blog post will have started their career in a similar manor. Our next step was often to modify this program to repeat “Hell, World!” infinitely, then modify it again to repeat that message a finite number of times.

Microsoft has evoked this heritage with the service it calls “Windows Hello” and the related (but much more clumsily named) “Windows Hello for Business.” These services are a new way to authenticate to your computer, your Active Directory, your Office 365, and your Azure resources. The Hello services are one of the foundational pieces in Microsoft’s strategy to move us away from an authentication model that is dependent on usernames and passwords. In this blog post I’m going to explain what the Hello services do, and what you’ll need to deploy them in your organization.

Read More

Conditional Access in the Field - Part 2

In part 1, I talked about some of the basics for Conditional Access. In this blog post, I’ll walk through the technical settings to get it working for an example user I’ll call “John Tester”.

Configuring Conditional Access for “John Tester”

For the purposes of this blog post, John is an end-user who works both in and out of the Office. We’ll say John is on your sales team, and he needs to be able to access Office 365 resources from the road as well as from the office.

For this example, we’ll say that your security team has decided that users logging into Office 365 resources outside of the corporate network need to setup and use Multi-Factor Authentication, but that they don’t need to be bothered with the extra authentication steps of MFA when they are in the office.

Read More

conditional Access in the Field - Part 1

Securing your data in Office 365 can be a challenging task. The problem is that using user names and passwords as the basis of our authentication protocols is not a very successful way to run our technology.

One of the major failings of the username and password system is that it does not include any awareness of the situation in which a user is attempting to authenticate. A user may be trying to authenticate from a new location or may be attempting to authenticate to access an unusual set of data. There are a lot of situations where it may be prudent for the authentication process to be more or less involved.

As more and more organizations move to a cloud based IT infrastructure, security is becoming more of a concern. By definition, cloud-based IT resources are available to be accessed from anywhere on multiple device types. While this convenience is valuable, it can also be dangerous.

Read More

Breaking down the Exchange Online vs. on-premises choice

The continuous feature release model of Exchange Online might be a boon for some, but others might consider the need for constant training to be a detriment.

We all know the cloud is there, but how does an organization determine if a move from an on-premises platform is the right one?

Many companies currently using Exchange Server cannot escape from the siren call of the cloud. Untold numbers of organizations will weigh the pros and cons of Exchange Online vs. on-premises Exchange Server. There are many reasons to move to the cloud, just as there are ones to stay put.

Read More

Intune Explained

Intune was born as Microsoft’s Cloud based Mobile Device Management platform. Since then, it has grown into a management platform for both mobile devices and P.C.s. Intune can now manage iPhone, Android, Windows Phone, and some versions of Windows. It’s clear that Microsoft intends to grow Intune into a complete cloud-based device management platform.

The process of planning for an Intune roll out can be difficult. The features and functionality within Intune are ever evolving, so knowing how to deploy Intune effectively takes some studying. In this blog post, we’ll provide an introduction into Intune's current capabilities. We will test out what Intune can do to make your data more secure in a “Cloud First, Mobile First” world. 

Read More