In case you missed it: Microsoft will stop using TLS 1.0/1.1 in Microsoft 365 by October 15, 2020. The date was pushed multiple times in the past and this deprecation was originally announced back in 2017. If you have not planned for this, you better read on! What is the take on this? Applications will … The end is near, three weeks notice! weiterlesen
During the last months, this question became very relevant as many organizations have shifted to supporting remote workers during COVID-19 work-at-home times. Many organizations have implemented VPN solutions hastily and forgot about the correct routing or DNS resolution strategy for SaaS services like Microsoft 365. I have been asked questions like: Is my network connection … Microsoft 365 – Do I get the best network performance? weiterlesen
Update: Added a paragraph to clarify on the effect of Windows Autopilot for device Retire / Delete actions. It feels there are a million different reset options in Microsoft’s endpoint manager (aka Intune). Some of the options even provide additional "suboptions". I would like to explain the different options, their differences, and their main use … Intune: What is Retire / Wipe / Delete / Fresh Start / Autopilot Reset weiterlesen
If you are annoyed about your users receiving the notification to install Outlook mobile, the announcement MC219490 in the Microsoft365 Message Center in the may be helpful to you! You can now control if the user is shown a hint for installing Outlook Mobile in either Outlook on the Web or in Desktop Outlook. Avoid … Stop Outlook advertising for outlook mobile weiterlesen
Today’s capabilities to segregate administrative permissions in Azure AD are limited. The Azure AD has a flat structure. In the on-premises AD we know the concept of organizational units, where we can delegate permissions to and create hierarchies. One could think the implementation of Administrative Units (AU) in Azure is a similar concept of the … Administrative Units preview weiterlesen
Have you ever wondered how Microsoft prevents password guessing attacks or brute force attacks on Azure AD? Well, it is basically the same method as you would do on your on-premises User Directory! It is just smarter! Azure AD Smart lockout is a feature being applied to every sign-in processed by Azure AD, regardless if … Azure AD Smart Lock-Out weiterlesen
Microsoft offers multiple Secure Scores (Office 365 Secure Score, Identity Secure Score, Microsoft Secure Score) to give customers a better view of their security posture. Based on predefined metrics and rule sets you can gain a score for your configuration settings in your tenant. Microsoft gives you pretty handy suggestions on how to improve your … Identity Secure Score weiterlesen
FIDO2 Authentication German version available FIDO2 is on everyone's mouth at the moment. The new standard of the Alliance for Fast IDentity Online (FIDO) is becoming a real alternative for the unpopular passwords. And because the FIDO2 standard is also favored by the World Wide Web Consortium (W3C), you should take a closer look at it. HOW DOES … Sign-in without a password with FIDO2 weiterlesen
FIdo2 Authentication English version available FIDO2 ist momentan in aller Munde. Der neue Standard der Allianz für Fast IDentity Online (FIDO) entwickelt sich zu einer echten Alternative für die unbeliebten Passwörter. Und weil der FIDO2 Standard auch vom World Wide Web Consortium (W3C) favorisiert wird, sollte man diesen nun auch mal genauer betrachten. Wie funktioniert … Ohne Passwort anmelden mit FIDO2 weiterlesen
In den beiden Post hier und hier habe ich bereits beschrieben, wie man die Suchmachine im Edge Browser anpassen kann. Die CSP Variante war nur ein Beispiel für die Flexibilität von Intune, und wie manauch sein Ziel erreichen kann, wenn es noch keine vorgefertigten Einstellmöglichkeiten im Intune Portal gibt. Hier nur die empfohlene Variante mithilfe … Standard Suchmaschine in Edge ändern (Intune, Device Restriction Policy) weiterlesen
Cloud Identity - Modern IT 