Azure – Azure Security Center playbooks

4 new playbooks to demonstrate Azure Security Center capabilities are available. With these 4 playbooks you can demonstrate/evaluate Azure Security Capabilities to protect your Azure resources against virus attack, SQL injection, DDoS on public IP or cross site scripting. You can deploy the playbooks from the following URL to your Azure tenant: Virus attack playbook – https://aka.ms/ASCPlaybooksVAttack – deploys 2 virtual machines, OMS and associated network resources. One of the…

Read More

Azure / Office 365 – New registration experience coming for Azure MFA and Azure SSPR

You may already well know the Azure Multi Factor (MFA) and Azure Self Service Password Reset (SSPR) features; if not you are missing a very good piece of your Azure AD/Office 365 services. Well, a new registration experience for Azure MFA and Azure SSPR is currently being in preview to simply the end-user registration experience. With the current experience, end-users had to register twice their details (like phone number or…

Read More

Intune – Third party antivirus solutions are now supported for Device Compliance Policy

Until the last Intune update (week of July 2, 2018), when you were setting up a Windows 10 Device Compliance Policy you were obliged to use Windows Defender as local antivirus solution if you wanted to set an antivirus solution is required to be marked as compliant. After this update, you can now set this requirement even if you are using a third party antivirus solution (such as Symantec) as…

Read More

Exchange Online – You can download a quarantined email

A new option has been deployed on the Security and Compliance portal for quarantined emails. You can now download a quarantined email to help you analyze it. As the email has been put in quarantine it is important to download it on a secure client (aka with an up to date antivirus protection and potential additional security configuration) to avoid spreading bad stuff within your network. This option may be…

Read More

Azure – Define a security baseline for Azure AD Administrators

A new security feature has been delivered in preview for Azure AD; a security baseline for any Azure AD Administrator. This baseline will be enabled by default (during the preview you HAVE to enable it) and is going to request multi-factor authentication (MFA) for any privileged account like: Global Administrator Service Administrator SharePoint Administrator Exchange Administrator Conditional Access Administrator Security Administrator To enable/disable (while not recommended) the security baseline go…

Read More

Azure – Use Azure AD Password Protection with your on-premises Active Directory

You may already know that Azure AD is using advanced technologies to protect your credentials, especially your password. It even detects if the password you are trying to use (when you have to change it due to expiration) has been used too much or has been compromised (or banned). This is a huge security feature but until now this was only available if you use Azure AD for authentication. Starting…

Read More

Exchange Online – Update in Office 365 Message Encryption for attachments

An update is going to be rolled out (and disabled by default) for Office 365 Message Encryption. With this update administrators will be able to allow/deny the opening of an attachment outside of an Office 365 service (like Gmail or Outlook) were not able to open attachments send using Office 365 Message Encryption. As of today (and until your administrators enable it), attachments can not be opened when sent through…

Read More

Azure – Azure AD delegated application management roles are in preview

Good news, new Azure AD delegated management roles are available in preview: Application Administrator: This role provides the ability to manage all applications in the directory, including registrations, SSO settings, user and group assignments and licensing, Application Proxy settings, and consent. It does not grant the ability to manage conditional access. Cloud Application Administrator: This role grants all the abilities of the Application Administrator, except it does not grant access…

Read More

Office – Flash, Silverlight or Shockwave controls are disabled

​If you are using Office 2016 or Office 365 you may be impacted when using PowerPoint, Excel or Word. For security reasons new builds of Microsoft Office for Office 365 block activation of Flash, Silverlight, and Shockwave controls. Most users won’t be impacted, but for some users this may cause one of the following issues: When you click on an embedded Flash movie in PowerPoint Slide Show, nothing happens even…

Read More

Office 365 – Alert policies are coming on Office 365

For those who are using Office 365 (E1, E3, E5 and Advanced ATP), a interesting update is coming on Office 365 Security & Compliance center: alert policies As a first stage deployment, these new default alerts will let you when: an elevation of privileges has been done on Exchange Online emails are being delayed for delivery a user is creating a forward/redirect rule To take advantage and configure these alert…

Read More

Azure – New version of Azure MFA Server

A new version of the Azure MFA Server (8.0.0.3) is available for download here https://aka.ms/mfadownload?download=mfa&clcid=0x9 This new version includes few improvements, like: Improved interaction with AD Sync Support for TLS 1.2 for LDAP, User Portal to Web Service SDK, and SChannel replication Accessibility improvements to User Portal, MFA Server management, and installation Compliance with General Data Protection Regulation The GDPR tool (MultiFactorAuthGdpr.exe) is available in the C:\Program Files\Multi-Factor Authentication Server…

Read More

Office 365 – Advanced Threats tracker

If you are using Office 365 E5 plan (or if you have the Advanced Threats Protection) you can take advantage of a new capability to help you protect your data on Office 365 called Advanced Threats Tracker This functionality is an advanced dashboard showing you all threats against your organization to help you assess the situation. You can access it from the Security and Compliance portal within the Threat Management\Threat…

Read More

Azure – New Azure Information Protection Client released

A new version (1.27.48.0) of the Azure Information Protection (Azure AIP) client has been released and available for download at https://www.microsoft.com/en-us/download/details.aspx?id=53018 (as usual one as self install executable and one as MSI package for enterprise wide deployment). The main updates focus on the AIP Scanner: You can define (add/remove) specific file extension using the Add-AIPScannerScannedFileTypes/Remove-AIPScannerScannedFileTypes commands Set a default label (without inspecting the content) using the MatchPolicy of the Set-AIPScannerRepository…

Read More

Azure – Azure AD External Collaboration Policy is now available

After few months in preview, the Azure AD External Collaboration policy is now available in GA with easier way to manage. In preview mode you had to use PowerShell to setup and manage the external collaboration policy, with the GA you can now use the Azure Administration portal, making things a little bit easier. To enable and manage Azure AD External Collaboration policy go to Azure AD management portal (https://aad.portal.azure.com)…

Read More

Security – Microsoft Authenticator will support backup and restore

A long awaited feature for the Microsoft Authenticator is coming soon on iOS first. With this new feature, the Microsoft Authenticator app will be able to backup (and so restore) your accounts added onto the app. This will be less painful when you have to re install the app either on a new device or after your device has been reset. The functionality is currently under preview – aka beta.…

Read More