Keeping your cloud-based IT infrastructure secure is a constant effort. The people who want access to your data are always working on ways they can get in, so both you and Microsoft need to be working on ways to keep them out. Microsoft is aware of this responsibility, and since you are reading this blog I assume you are as well.

Security Playbooks in Azure Security Center are a new preview tool in your Azure tenant to assist with the task of keeping your data secure. Security Playbooks can help automate your response to specific security alerts as they are detected by Security Center. There are templates available, or you can create your own Playbook from scratch. Playbooks use Azure Logic Apps, so charges for that service do apply.

In this blog post, we’re going to look at the features and functionality available in the preview of Security Playbooks. We will step through setting up a playbook, and we’ll see what playbooks have to offer.

Read More

One of the best things about Office 365 is that we can always count on new features and functionality to be available. Microsoft is constantly working to improve the services already live in Office 365, as well as working to create new services. Some of the new services added do have an additional licensing fee attached, but Microsoft also adds a considerable number of features to the license SKUs already in-place.

One of the new services that has recently been added to the E3 SKUs is Microsoft Bookings. Bookings has been available within the Small Business versions of Office 365 for some time, but now you can add it to your Enterprise Office 365 tenant if you know where to look.

In this blog post, we’re going to explore how to active and use Microsoft Bookings in your Enterprise Office 365 tenant.

Read More

With the influx of cloud services integrating with on-premises products, many Exchange administrators wonder what...

Read More

The move to the cloud often means that we need to learn new ways to manage access to cloud based resources. The methods of delegating administrative control we are accustomed to on-premises are often no longer applicable to cloud-based resources.

Office 365 has long had built in admin roles that can be used to delegate levels of permissions to administrators. The screenshot below shows the current built in admin roles available in Office 365.

Read More

As Exchange administrators we tend to think about servers, networks, and datacenters. While all that is important, the end-users think of email as the client experience. In other words, is Outlook running nicely, or is it running slowly?

One of the biggest factors that influences Outlook performance is caching.

Read More

We get to work with the newest and coolest software all the time. One of the biggest selling point of Office 365 is the constant stream of new features and functionality. New builds of Exchange Online are pushed into Office 365 daily, therefore new features can show up at any time.

These constant updates do come at a cost. To date, the documentation for Office 365 has not kept up with the pace of change in the service. New features and functionality are often added into Office 365 with little to no documentation. This often means that we need to figure them out on our own.

Read More

Cross-forest permissions have long been one of the more difficult aspects of an Exchange Hybrid migration. Ensuring mailbox permissions are preserved can be a major undertaking.

Exchange Hybrid migrations did not support any sort of cross-forest mailbox permissions at first. After a couple of years Microsoft made it possible for full access permissions to work cross-premises.

Recently Microsoft has improved the cross-forest permissions story for Exchange Hybrid migrations. In this blog post, I’ll give you the information you need to set the different permissions in your Exchange Hybrid deployment.

Read More

As more IT services move to the cloud, the need for better security features will only increase. People want to be able to log in hassle-free, but organizations need strong authentication security. The fastest way for this move to cloud service to fail is going to be though a large security breach. Microsoft is aware of all these facts, and they are putting a lot of work into ensuring that logging into their cloud servers is both easy and secure.

Microsoft has been investing in security and identity features for Azure Active Directory. These new features are becoming Generally Available (GA) within Azure Active Directory. In this blog post I’m going to delve into some of the new identity protection features in Azure Active Directory.

Read More

In any IT organization there are administrative tasks that need powerful admin privileges. It's a good security practice that accounts should have the fewest permissions necessary, and only for the period of time they need them. But managing the temporary assignment of admin permissions becomes time consuming. As a result, many organizations assign them on a permanent basis, which is not ideal.

Furthermore, auditing the assignment of administrative permissions is a challenging task. Many of us have used custom scripts and third party reporting tools to keep track of permissions.

Read More

Recently I've been working on a project to package about 1500 applications for distribution through SCCM. To gather the information I need, I wrote a 50-question survey for a few hundred people to answer. The challenge was to get this survey to a large audience and turn the results into actionable information.

There are a variety of services available online for running surveys. This customer is using Office 365, so I wanted to make use of their existing resources. Today, Office 365 has two solutions for running surveys:

Read More

Conditional Access is a premium feature of Azure Active Directory that allows administrators to specify conditions under which users can authenticate into other cloud services. With conditional access, you can specify that a certain set of users can only authenticate to specific applications from specific IPs for example.

The hard part about conditional access is that it takes a lot of work to configure and test the policies. Ensuring that you know how a policy is going to affect your users is critical. In this blog post I’m going to look at a new tool in the Conditional Access line that helps with this problem. "Azure-Active Directory-Conditional Access-What If" gives administrators a new way to test Conditional Access policies to see what the effect of applying those policies will be.

Read More

There are several general practices that can help improve the chances of rolling out Microsoft Exchange updates successfully.

Administrators apply updates to correct issues, but there are times a patch itself will break the system. There is no single way to update and -- if things do not go as planned -- recover Exchange. Every organization has different versions and configurations for the messaging platform. Every Microsoft patch is different.

Read More

Some administrators let the memories of a bad patch linger and put off Exchange updates. Here are some tips to make this necessary chore less of a traumatic experience.

Read More

There are many ways you can manage and control the way your end-users connect to Office 365. Intune, and Azure Active Directory Premium are add-on feature sets for your Office 365 subscription that give you advanced controls for managing client access scenarios, but some customers want a lower level of control that they can implement without having to buy add-on licenses.

In this blog post, I am going to explore some new Client Access Rules that have recently been added into Exchange Online.

Read More