Power BI – Use Power BI as your security dashboard by connecting to Microsoft Graph Security (preview)

As you may know, Microsoft Graph Security is the unified way to gather all security signals from the Microsoft Cloud security solutions (Azure, Office 365, on-premises using connector…). Well, this is now getting better and easier for your security team to get the unified view resulting of these correlation. You can now use the new Power BI Microsoft Graph Security connector and the sample dashboard (https://aka.ms/graphsecuritypowerbiconnectorsamples) to get an rapid…

Read More

Azure – Use Azure Information Protection to apply S/MIME protection (preview)

If you use Azure Information Protection (AIP) you can now use it to apply S/MIME protection. To enable S/MIME protection with AIP, logon to your Azure portal (https://portal.azure.com/) and reach out the Azure Information Protection configuration blade Then access the Policies\<the policy you want to configure> and open the the contextual menu (available at the end) to access the Advanced Settings There you have to configure the following settings and…

Read More

Azure Information Protection – Central management for AIP Scanner is coming

The Azure Information Protection (AIP) scanner is going to be easier to manage: a central management for Azure AIP scanner is coming. This new capability is currently in preview; this means you need to use the Azure Information Protection preview client (version 1.45.32.0 or later) and the required Azure administration portal configuration blade (if this is not yet available in your tenant, you will have to wait as the deployment…

Read More

Flow – You can use Flow to automate actions based on Cloud App Security event

If you are using the Cloud App Security (CAS) service, you can connect Microsoft Flow to it in order to automate actions like generating ticket in SIEM system, send notification to user and/or manager, disable account… To do so you must, off course, have an active Cloud App Security and Flow subscription. Then you need to generate a token to allow Flow to connect to CAS Connect to your Cloud…

Read More

Identity – A new form of identity is being developed by Microsoft

This clearly follows the path of what has been already announced by Microsoft for using blockchain to manage, protect and validate identities. A new form of identity, called Decentralized Identity, is under way to help developer to validate identities. You can start using these API’s (based on the W3C CCG draft specifications – https://w3c-ccg.github.io/did-spec/) by using the samples and documentation available here http://aka.ms/DIDforDevs This will help authenticating and validating various…

Read More

Azure – Integration of PDF Acrobat Reader with Azure Information Protection is now generally available

It has been announced last September at the Ignite 2018 conference and in preview since then. Now, the integration of Acrobat Reader with Azure Information Protection is now GA. To take advantage of it, you have few things to do: Download and deploy the latest Adobe Acrobat Reader from https://get.adobe.com/reader/ Download and deploy the add-in available here https://go.microsoft.com/fwlink/?linkid=2050049 You can also use the Foxit Reader available here https://www.foxitsoftware.com/pdf-reader/ Download and…

Read More

Azure – New Azure Information Protection Client available

The new Azure Information Protection (AIP) client (version 1.41.51.0) is now available for download here https://www.microsoft.com/en-us/download/details.aspx?id=53018 As part of the usual fixes, the new version includes support for central reporting, support for S/MIME or better handling for disconnected client (aka client which will not be able to connect to internet for a certain period of time). Also it no longer excludes MSG, ZIP or RAR files from the Windows Explorer…

Read More

Office 365 – Privileged Access Management is available to Office 365

As announced at the Ignite 2018 conference, a new access management capability is now available to Office 365. This new feature, called Privileged Access Management (PAM), will help you granting on a ‘just in time’ basis high level privileges to Office 365 services. PAM is currently limited to Exchange Online scope. To set it up, you will need to use a security group for the PAM access (if you are…

Read More

Azure – You can enable analytics for Azure Information Protection

This is a new capability being added to Azure Information Protection (AIP), currently in preview. You can now enable analytics for AIP. To do logon to your Azure portal (https://portal.azure.com) and reach out the Azure Information Protection configuration blade From there you should see  Configure analytics (preview) under the Manage section From this configuration blade you can use an existing Log analytics workspace or create a new one; if you…

Read More

Windows / Azure – Reset password from all Windows

You may be already aware that you can provide the ability to your end-user to reset their password (Self Service Password Reset – SSRP) directly from the logon screen for Windows 10 Azure AD Joined device (see https://t.co/LW060QqgGV if you want to know more). Well, Microsoft has announced a major improvement for this feature as you can now use it for all Windows version (from Windows 7 to Windows 10…

Read More

Exchange Online – Implement ‘Limited Access’ Conditional Access

You may already know that you can implement a ‘limited access’ conditional access for SharePoint Online and OneDrive for Business, allowing end-users to access content on SharePoint Online but not authorizing to download anything while accessing using non compliant devices. Now, you can do the same for Exchange Online to allow your end-users accessing their mailbox using Outlook on the Web (aka Outlook Web Access) while the device they are…

Read More

Azure – Secure Score is now available for Azure

You may already know Secure Score for Office 365, helping you to understand your security settings on Office 365 and providing guidance to increase it. Now, you can have Secure Score for Azure Active Directory (AAD) too The functionality is currently in preview and can be accessed either through the dedicated preview portal (https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/IdentitySecureScore) or by accessing your Azure AD administration portal () or Azure portal (https://portal.azure.com/) and then reaching…

Read More

Azure – New Azure information Protection Client available

A new version (1.37.19.0) of the Azure Information Protection Client has been released. You can download it from https://www.microsoft.com/en-us/download/details.aspx?id=53018 This version includes few updates and changes: Support for the ISO standard for PDF encryption. You need to configure the below advanced configuration to enable it and then keep the PDF format for encrypted PDF files instead of using the PPDF Labels applying protection are now displayed on Office 2016 clients…

Read More

Security – The latest Threat Modeling tool is now in GA

The latest version of Microsoft Threat Modeling Tool (TMT) is now available in general availability (GA). If you were using the preview, you will be prompted to upgrade – NOTE it will mandatory to upgrade after Oct 15th. The 2016 version is still supported until Oct 1st, 2019. If you want to start using the tool go there. For those who do not know what MTM is, this is a…

Read More