Security

Windows 10 – Windows Defender Advanced Threat Protection

Leave a Comment / Security, System Center, Windows / / / , ,

Windows Defender Advanced Threat Protection (ATP) is a security functionality built in Windows 10 to help detecting, investigating and protecting against threats, introduced with Windows 10 build 1607 (or known as Anniversary Build). In this post, I’m going to implement ATP integrated with SCCM Current Branch (you can request a trial for ATP here http://aka.ms/register-wdatp) […]

Windows 10 – Windows Defender Advanced Threat Protection Read More »

Azure – RMS Protection Tool is reaching the end of life

Leave a Comment / Microsoft Azure, Security / / / ,

The Azure RMS Protection tool is reaching his end of life (and support) on February 10th, 2018 If you are still using it, start upgrading your RMS client to Azure Information Protection client (current GA version available when writing this post is 1.7.210 available at https://aka.ms/aipclient)

Azure – RMS Protection Tool is reaching the end of life Read More »

Azure – Just In Time Virtual Machine access (preview)

Leave a Comment / Microsoft Azure, Security / / / ,

A new security feature has been made available in preview on Azure: Just In Time Access for virtual  machine. While access and behavior of resources hosted on Azure are monitored by Microsoft to avoid malicious activities, there is still risks to get your resources, and in this case your virtual machines, being vulnerable. The Just

Azure – Just In Time Virtual Machine access (preview) Read More »

Azure – Do not configure Enhanced Protected Mode by GPO to get Azure AD Seamless SSO to work

Leave a Comment / Microsoft Azure, Security / / / ,

A colleague of mine shared his experience while trying to make Azure AD Seamless SSO to work. As reminder Azure AD Seamless SSO is still under preview; Azure Active Directory Seamless Single Sign On (Azure AD Seamless SSO) provides single sign-on for users signing in on their corporate desktops connected to the corporate network. When

Azure – Do not configure Enhanced Protected Mode by GPO to get Azure AD Seamless SSO to work Read More »

Office 365 – You can mark actions from Secure Score as managed by third party

Leave a Comment / Office 365, Security / / / , ,

As you may know Office 365 Secure Score is a tool to help you securing your Office 365 tenant by checking your configuration and compare against best practices and recommendations. Microsoft has updated the Secure Score to allow you define recommended/proposed actions as managed by third party. This will help by keeping the recommended action

Office 365 – You can mark actions from Secure Score as managed by third party Read More »

Azure AD Connect – You need to upgrade your Azure AD Connect if using password write-back

Leave a Comment / Microsoft Azure, Office 365, Security / / / , , ,

Microsoft has released a security bulletin related Azure AD Connect. If you are using password write-back you need to upgrade it to the version 1.1.553.0 (released this June) urgently as you are vulnerable to a vulnerability which could allow attackers to reset passwords. Details about the security bulletin here: https://technet.microsoft.com/library/security/4033453.aspx?f=255&MSPPError=-2147217396 Download the latest version of

Azure AD Connect – You need to upgrade your Azure AD Connect if using password write-back Read More »

Azure – Azure AD Privileged Identity Management approval workflow now in preview

Leave a Comment / Microsoft Azure, Security / / / ,

Microsoft has released a new features for Azure AD Privileged Identity Management (Azure AD PIM). This feature is currently in preview. You can now define an approval workflow before any role privileges are granted. To do so you need to edit the role you want to enable the approval workflow; to do so Access the

Azure – Azure AD Privileged Identity Management approval workflow now in preview Read More »

Office 365 – Advanced Threats Protection, Safe Links is coming to Office documents

Leave a Comment / Office, Office 365, Security / / / , , ,

As you may already know Safe Links is a security feature on Office 365 which rewrites URL’s embedded into emails to check if these URL’s are safe which comes with Office 365 E5 (or if you have bought the add-on Advanced Threats Protection). Now, Safe Links is coming to Office documents, performing the same ‘on

Office 365 – Advanced Threats Protection, Safe Links is coming to Office documents Read More »

Office 365 – RMS encrypted messages can now be decrypted on the fly with eDiscovery

Leave a Comment / Office 365, Security / / / , ,

A new functionality for eDiscovery is now available and enabled by default to automatically decrypt RMS encrypted messages when you are exporting the search result.   The decryption capability is automatically added to the eDiscovery Manager group. RMS encrypted messages are decrypted ONLY when exported as individual message; if you export your search result to

Office 365 – RMS encrypted messages can now be decrypted on the fly with eDiscovery Read More »

Office 365 – Script to automate Office 365 Role membership

Leave a Comment / Office 365, Security / / / , ,

UPDATE: script update to enable Azure MFA and correct a bug in the Office 365 role update function Office 365 Role membership management is one of the few workload you can not manage using groups. To automate the membership of these roles I have created a script. The script is comparing Active Directory group membership

Office 365 – Script to automate Office 365 Role membership Read More »