So, the cloud, am I right? While it always nice to get away from having to worry about failed hard drives, or backups, or patches, or a million other things, the real upside to using cloud services is that the good folks at Microsoft are able to put so much more into developing new features. Even for services like Exchange that seem mature, there are always new and unexpected ways for them to evolve as part of a huge infrastructure like Office 365 and Azure.

While this blog post isn’t about new features in Exchange Online, it is about a new way to access and administer Exchange Online.

In this blog post I’m going to explore a new feature of Azure that allows for administrators to access Exchange Online in a whole new way.

Read More

As Microsoft implements modern authentication across Office 365, administrators need to understand how to use and control the authentication framework to avoid disruptions.

Modern authentication is an updated set of authentication protocols and policies for Office 365 and Azure that allow improved authentication scenarios. Modern authentication is the term Microsoft uses for its version of OAuth 2.0 to utilize multifactor authentication, smart card authentication and other advanced authentication flows that were not possible with basic, or legacy, authentication.

Read More

As more and more organizations move to Office 365 the challenge shifts from “How do we get into Office 365?” to “How do we manage our data within Office 365?” Keeping your organization’s data secure inside the service is a major concern for many organizations, as well as for Microsoft itself.

To that end, Microsoft has put a lot of work into new features in both Office 365 and Azure that can help organizations better secure their data.  One of those features is Privileged Identity Management (PIM). PIM is a feature that allows Just in Time administrative rights to be assigned to Office 365 accounts. This means that it is no longer necessary to maintain accounts with administrator privileges always assigned. With PIM your organization can setup accounts for your Office 365 administrators that do not have administrative rights until they are needed. When an administrator in your organization needs to make changes within the service, they can request elevation of their account though an automated process.

Read More

Activating PIM roles with PowerShell

In this session we’ll dive into activating Privileged Identity Management roles with PowerShell. We will walk through the problem of activating PIM roles, and how a simple PowerShell script can be used to simplify this process. This session is not about PIM specifically, but more about what it takes to automate this process with PowerShell.

Read More

Teams is Microsoft’s collaboration hub within Office 365. Teams was originally introduced as a direct answer to Slack, but it’s become a much bigger solution than that over the last two years it has been publicly available within Office 365.

According to recent numbers from Microsoft, Teams is now in use at more than 500,000 organizations across the world. With a new service of this scope there is going to be a long adoption period, while organizations wrap their collective heads around how to use a service like this. Hopefully this blog post will start that education and adoption process for a few more Office 365 customers.

Read More

Office 365 and Azure are where many enterprises do their work, and IT pros need to understand how to keep these tenants secure.

As Office 365 has continued to mature, Microsoft has added more options to share information and work with people outside your organization.

However, inviting external users opens the company to some degree of risk when an outsider gains access to your organization's data. This tip will cover the ways to monitor Office 365 guest users to see who has access to what data and how to modify those rights.

Read More

The current version of Exchange can, and in most cases should, be installed on Windows Server Core. Windows Server Core is a version of the Windows Server operating system that does not have a Graphical User Interface (GUI). Since “windows” are well ingrained into the administrative habits of most of us Windows Server administrators, it’s reasonable to expect that most Exchange administrators are going to be a bit hesitant to go down this route.

In this blog post I’m going to look how to install Exchange 2019 on Server Core, the reasons why you should be installing all your new Exchange servers on Server Core, and how using Server Core is going to make you a better administrator.

Read More

Regulation covers and what they can do with their messaging platform to maintain compliance.

The General Data Protection Regulation (GDPR) protects the personal information of people living in European Union (EU) countries by setting rules on how that data can be collected, used and stored. Compliance with GDPR affects IT professionals who work in organizations with an EU footprint no matter where they are based. For example, if a U.S. company falls victim to a data breach that leaks the personal data of EU citizens, then that company could be penalized heavily as a result.

Read More

In October of last year Microsoft released a new version of on-premises Exchange server. Here at the ENow's Solution Engine blog, we realized we had a lot we could cover. Normally I focus mostly on writing about Office 365 and Azure features and updates, but I think there is still room in the blog-o-sphere for a post about on-premises software too.

Since Exchange 2019 came out almost 3 months ago, I don’t see a lot of point in doing another blog post that lists “What’s New in 2019.” I’m going to try a slightly different approach here and assume that you’ve had a chance to review the new features in Exchange 2019. If not, there are plenty of places to find that information already.

Read More

As we come to the end of 2018, or the beginning of 2019 depending on when you’re reading this, it seems like a good time to look at how Exchange Online has changed over the last year. It wouldn’t be too hard for an email administrator these days to think of Exchange Online as a static service. If you are not actively paying attention to the updates in the service, you may have missed some of the changes that have rolled out recently. I thought this would be a good time to take a quick look back at some of the more important changes that have come into Exchange Online.

In this blog post, I’ll give a quick overview of three new features for Exchange Online. I’m not going to go into a full implementation guide for any of these features, but I will link to the appropriate documentation for each of these new features.

Read More

Having grown up with personal computers in the 70s and 80s my introduction to computer science was a simple two-line program.

10 PRINT "Hello, World!"
20 END

I’m sure that most of those who read this blog post will have started their career in a similar manor. Our next step was often to modify this program to repeat “Hell, World!” infinitely, then modify it again to repeat that message a finite number of times.

Microsoft has evoked this heritage with the service it calls “Windows Hello” and the related (but much more clumsily named) “Windows Hello for Business.” These services are a new way to authenticate to your computer, your Active Directory, your Office 365, and your Azure resources. The Hello services are one of the foundational pieces in Microsoft’s strategy to move us away from an authentication model that is dependent on usernames and passwords. In this blog post I’m going to explain what the Hello services do, and what you’ll need to deploy them in your organization.

Read More

In part 1, I talked about some of the basics for Conditional Access. In this blog post, I’ll walk through the technical settings to get it working for an example user I’ll call “John Tester”.

Configuring Conditional Access for “John Tester”

For the purposes of this blog post, John is an end-user who works both in and out of the Office. We’ll say John is on your sales team, and he needs to be able to access Office 365 resources from the road as well as from the office.

For this example, we’ll say that your security team has decided that users logging into Office 365 resources outside of the corporate network need to setup and use Multi-Factor Authentication, but that they don’t need to be bothered with the extra authentication steps of MFA when they are in the office.

Read More

Securing your data in Office 365 can be a challenging task. The problem is that using user names and passwords as the basis of our authentication protocols is not a very successful way to run our technology.

One of the major failings of the username and password system is that it does not include any awareness of the situation in which a user is attempting to authenticate. A user may be trying to authenticate from a new location or may be attempting to authenticate to access an unusual set of data. There are a lot of situations where it may be prudent for the authentication process to be more or less involved.

As more and more organizations move to a cloud based IT infrastructure, security is becoming more of a concern. By definition, cloud-based IT resources are available to be accessed from anywhere on multiple device types. While this convenience is valuable, it can also be dangerous.

Read More

The continuous feature release model of Exchange Online might be a boon for some, but others might consider the need for constant training to be a detriment.

We all know the cloud is there, but how does an organization determine if a move from an on-premises platform is the right one?

Many companies currently using Exchange Server cannot escape from the siren call of the cloud. Untold numbers of organizations will weigh the pros and cons of Exchange Online vs. on-premises Exchange Server. There are many reasons to move to the cloud, just as there are ones to stay put.

Read More