In the first six parts of this series (Part 1, Part 2, Part 3, Part 4, Part 5, Part 6), I’ve covered the basics of encryption, BitLocker, TLS, Office 365 Message Encryption, Information Rights Management, and S/MIME. In part seven, I’m going to wrap the discussion of encryption within Exchange Online by providing a quick summary of each option and giving some examples of the best circumstances in which to use each.
Read moreEncryption in Exchange Online Part 6 →
S/MIME is “client to client” encryption. S/MIME is the only client-side option available in Exchange Online to allow Outlook or OWA clients to encrypt messages from creation to delivery. That’s not to say that email normally leaves your PC in plain text. Depending on what client you use, and how you connect to Exchange, in-transit encryption mechanisms such as TLS protect messages en route to Exchange. However, that protection is removed once messages reaches Exchange and other protection is then used, like BitLocker to protect data at rest in the database.
Read moreEncryption in Exchange Online Part 5 →
Now that we have the basic three templates working, let’s circle back and talk about that “advanced features” button we saw earlier. In your Office 365 portal go into Admin > Service Settings > Rights Management and select Manage in the center dashboard. You will be redirected to an Azure website (no need to log in again) where you will see a dashboard that looks like this
Read moreEncryption in Exchange Online Part 4 →
Active Directory Rights Management Services (AD RMS) is a system that allows users to apply Information Rights Management (IRM) protection to content, such as email messages and Office documents. Once content is rights protected it can only be used by specific individuals in specific circumstances, depending on the template that is applied to the content.
Read moreExchange Cumulative Update process
With the release of Exchange 2013 Microsoft has adopted a new update process. It’s been almost two and a half years that this update process has been in place, and there is still a considerable lack of understanding in the community about the process. There is so little understanding that I’ve seen conversations between several different groups of really smart Exchange experts this week that included tons of misinformation and misunderstanding. In this post I am going to try to clear up all the questions and lay it all out for you.
Read moreEncryption in Exchange Online Part 3 →
In the first two articles (Part 1, Part 2) in this series, I gave a very basic explanation of how a couple of different types of encryption work and introduced the first two type of encryption in Exchange Online. In part three of this series I am going to talk about Office 365 Message Encryption.
Read moreEncryption in Exchange Online Part 2 →
In the first article in this series, I gave a very basic explanation of how a couple of different types of encryption work. This explanation will serve as the foundation for us to talk about how the different encryption features of Exchange Online work, and how you can best use them.
Read moreEncryption in Exchange Online Part 1 →
If you’re reading this, I’m going to go out on a limb and assume you’re familiar with the internet. You know it can get pretty darn harry out there. Any information you put out there can be taken from your control at any time. You don’t have to be a bad guy to want to keep you information private. Whatever your reasons, your interest in keeping your data to yourself may be a factor inhibiting you from moving to Exchange Online. In this article I am going to explain the different type of encryption you can use in Exchange Online, and how best to employ each of them.
Read moreWhat does “the end of mainstream support” mean?
Recently Exchange 2010 reached the end of mainstream support. Depending on how much you like click bait websites, you may have heard (or imagined as most certainly happened with some bloggers) all kinds of different things that might mean. Well never fear citizen. I am here to explain what that means for you, and just what you should do about it.
Read moreExchange 2013 performance counters
The Exchange 2013 performance recommendations section of TechNet has been fairly sparse up until this month. Now our patience has been rewarded with this section on Exchange 2013 performance counters.
Read moreFort Knox: Office 365 encrypted file storage
In Mid-2014 Microsoft introduced a new encryption technology to Office 365 that they code named “Fort Knox”. Fort Knox is a blob encryption technology that is applied to SharePoint Online and OneDrive for Business, and as I am primarily an Exchange guy I was not really aware of Fort Knox until recently. After taking a look at this technology, I think it is a pretty nifty bit of security that Office 365 customers, and potential Office 365 customers, should know about.
Read morePassword Management
Today I am going to move a bit off of my normal topic of Exchange and Office 365. I don’t think this topic is going to be too far afield, but fair warning none the less. In this post I am going to talk about password management, and a nifty new tool that I think makes the somewhat cumbersome task a bit easier and more secure.
Read moreNew Exchange hybrid troubleshooting tool
Anyone who has ever done an Exchange Online hybrid deployment can tell you that process can be frustrating. Before the Hybrid Configuration Wizard the process was long and complicated with too many steps and too many places to make a small mistake. With the advent of the HCW the process became much more of a “black box” where the guy doing the deployment really didn’t know what configuration changes were being made, so misconfigurations became very hard to troubleshoot. Add on top of all that the fact that you, and the person doing the deployment really have no control or visibility into the Microsoft side of thing, and a hybrid deployment quickly turns into a difficult task.
Read moreChanges to off boarding from Exchange Online
When I migrate customers to Exchange Online I always recommend they maintain an Exchange hybrid server. There are several reasons for this recommendation; it’s much easier to manage SMTP addresses with an Exchange server on-premises, and it’s much easier to get your mailboxes back out of Office 365 if you maintain a hybrid server. To me, one of the great advantages of Office 365 is that I have never felt Microsoft was trying to “trap” customers in the service. They have always made it fairly easy to move mailboxes in and out of Office 365.
Read moreMCSMLab: Now with 100% more MVP
On the morning of January 1, 2015 I received notification that I have been awarded my first MVP. Seems to me to be a pretty decent way to kick off a new year.
Microsoft’s MVP program is an award to recognize “exceptional, independent community leaders who share their passion, technical expertise, and real-world knowledge of Microsoft products with others”. I am honored to join their ranks.
Read more