Office-365 on Ru Campbell MVP

Exchange Online Protection & Defender for Office 365 - Common Microsoft 365 Security Mistakes Series

Tue, 19 Dec 2023 08:26:45 +0000

Exchange Online Protection (EOP) and Microsoft Defender for Office 365 (MDO) are the email and collaboration security services native to Microsoft 365. EOP is included at all levels of licensing for Exchange Online, with MDO bringing additional security capabilities to license levels such as Business Premium, Microsoft 365 E3, and Microsoft 365 E5.

In this blog, I’ll review five of the most common security mistakes I see in tenants regarding EOP and MDO. Realistically, this list could go to fifty mistakes, but I’ll focus on ones I think you can quickly convert into quick wins or just may have never crossed your mind.

Deploying Office 365 with Intune as a Win32 App (and Why You'd Want To)

Tue, 15 Jun 2021 15:26:14 +0000

Office 365, or Microsoft 365 Apps for Enterprise, or whatever it’s called this month, can be deployed by Intune to Windows 10 devices using a built-in wizard. The advantage of this is you don’t need to package anything: you fill out some nice drop-downs and options in a GUI, assign it like any other app, and Microsoft takes care of the rest.

In the background, this is using the Office CSP to deploy the client, which makes it quite unique compared to the deployment of other apps, which are best done with Win32 packaging. I wrote a general guide about that for Petri.com, available here.

Revoke Access to Office Files with Sensitivity Labels and Azure Information Protection

Thu, 08 Apr 2021 06:16:40 +0000

Most of us have had that “oh < blank >” moment where we have given someone access to someone only to immediately or later need to undo that access. Azure Information Protection has historically been able to help us there. AIP allowed us to create protected (encrypted) documents and also let us remove access. However, in the move from ‘classic’ AIP to the new unified labelling with sensitivity labels, the ability to revoke was lost in the transition. Now it’s back in preview, but unlike the classic version, it’s managed on the client and not a web portal.

Understanding Application Guard for Office, Now Generally Available

Sat, 30 Jan 2021 22:13:50 +0000

Application Guard first appeared in Windows 10 1709 (“Fall Creators Update”) to isolate Edge browser activity within a Hyper V container. Microsoft now extends that same idea to Word, Excel, and PowerPoint in Office 365 ProPlus Microsoft 365 Apps for Enterprise on Windows 10…

… if you have Microsoft 365 E5 or E5 Security. You knew that was coming!

With Application Guard for Office, your files can open in a sandbox without access local or network storage. This provides an additional layer of protection against threats such as ransomware, for which Office apps are infamous as an attack surface. There’s a significant catch: a standard configuration of Application Guard will allow users to bypass it if they say they trust the file, therefore executing it in the normal way; resource access included. You can change this default behaviour though, so keep reading.

The Differences Between (and History of) the Microsoft 365 Security Centre, Compliance Centre, and Security & Compliance

Mon, 01 Jun 2020 07:11:37 +0000

There are currently three separate admin consoles in Microsoft 365 for administrators to view or configure security and compliance policies, alerts, and reports. Believe it or not, this is down from four at the peak of just-tell-me-where-to-go-to-do-this. This doesn’t even include consoles such as Microsoft Cloud App Security (MCAS). The direction things are heading is good, as I’ll explain in this blog, but the situation does highlight Microsoft’s relatively new culture and position of continual small updates rather than delivering fully finished products.

Prerequisites and Planning for Centrally Deploying Office 365 Outlook Add-Ins

Sun, 05 Jan 2020 21:00:38 +0000

Deploying Outlook add-ins (“apps”) for your O365 tenant is an intuitive experience via AppSource. As a Global Administrator, click GET IT NOW on the app’s page and you are immediately redirected to the Services & add-ins page of the M365 Admin Center.

From there, you can configure add-ins for the whole tenant, just yourself, or by group. All AAD group types, except non-email enabled ones, are supported. If a group is nested, the top-level group gets it, but none of the nested ones. You then choose to deploy as fixed, which means enforced, available, which means shown when users search for apps, or optional, which means installed but can be removed.

Manage MyAnalytics Weekly Insight Digest Emails and App Availability

Mon, 21 Oct 2019 14:25:45 +0000

Made available to more than just E5 licencees earlier this year, MyAnalytics will, by default, send users weekly emails regarding their work patterns.

Users can control this themselves in settings pane of the MyAnalytics web app.

image-2

Administrators cannot, in bulk, keep MyAnalytics enabled for users but disable the email digest. The following PowerShell example instead disables MyAnalytics across all your Microsoft 365 Business licensed users, and therefore removing these emails.