As promised during my Administration and Governance talks in 2019, here are companion resources to go along with the tips we discussed.
Continue readingMicrosoft Teams Administration & Governance Resources
Reply
Category Archives: Security
Post MSIgnite 2018 – What I’m Watching
As I filtered through the 1700+ sessions leading up to Microsoft Ignite, I quickly knew that unless I was able to clone myself I would have some catching up to do. Rather than try to sort through all of the sessions again later, I made a playlist of sessions that I’d like to go back and watch.
The playlist is a compilation of 70+ videos and 24+ hours of content, mostly in the Azure and Office 365 arena since that is where a lot of my focus is these days. Is there a session that shouldn’t be missed? Feel free to let me know what should be added!
Removing Multiple Blocked Senders from EOP
Along with an Office 365 subscription, you get Microsoft’s mail filtering solution Exchange Online Protection (EOP). You can also subscribe to EOP if you are running on on-premises mail solution.
One nice feature of EOP is that it can be configured to detect and block outbound spam. IF When a user account gets compromised (or maybe you have legitimate spammers) Microsoft can block the ability for the account to send any more outbound mail until you have addressed the account and unblocked it. This is great until you have an outbreak of compromised accounts, likely due to phishing victims, and need to remove multiple blocked addresses. So how can we do this?
Spectre, Meltdown, and Your Enterprise
Update: Intel has reported that customers with certain CPUs are experiencing random reboots after applying firmware updates to patch this vulnerability. I can’t say this enough but TEST before rolling these out!
By now, you have likely heard about recently disclosed vulnerabilities called Spectre and Meltdown. If not, TechCrunch has a detailed article about them that will get you up to speed. The vulnerability affects most modern operating systems and processors. It also affects other systems such as iOS, MacOS, Android, Chrome, etc.
I have found that many IT people I talk with do not understand what needs to happen to address these vulnerabilities. I think this is (at least partly) because unlike many previous vulnerabilities, simply installing a Windows update does not fix the problem. The fix also requires registry keys to be set and firmware updates released by the hardware manufacturers to be applied.
After reviewing what needs to happen to protect enterprise systems, I have pulled together some information so you can protect yourself as well. While this is not an all-encompassing guide, it should point you to many of the resources needed to address the vulnerabilities. Rather than this blog post being extremely long and repetitive, you will find many linked items below to already created documentation that will be helpful in patching your systems. Continue reading
Ignite 2017 Day 1 Recap
The first day of Microsoft Ignite brought a staggering amount of announcements, most of which I have yet to read about in detail. With the number of product groups represented at the conference, I am sure there are still some that I haven’t heard about. In all of the sessions I attended today, I saw Microsoft’s mission throughout. It is clear that they are really focused on ensuring users have the tools they need to be productive.
Microsoft Mission: Empower every person and every organization on the planet to achieve more.
It's Partly Cloudy 