In this episode, we take a comprehensive plunge into the Microsoft Purview Unified Audit log, unraveling its capacity to enable organizations in vigilant monitoring and meticulous activity tracking. Our dialogue encompasses the significance of Microsoft Purview Audit Premium, set to be free with E3 or E5 this September. We also discuss the Storm-0558 threat that took place in July 2023, and how Microsoft responded to mitigate this issue. Moreover, we outline the distinct divergences within the Audit logs, contingent on the utilization of either an E3 or E5 license.
- Analysis of Storm-0558 techniques for unauthorized email access: https://www.microsoft.com/en-us/security/blog/2023/07/14/analysis-of-storm-0558-techniques-for-unauthorized-email-access/
- Microsoft Blog announcing the new change to audit events that are available with standard licenses: https://www.microsoft.com/en-us/security/blog/2023/07/19/expanding-cloud-logging-to-give-customers-deeper-security-visibility/?ranMID=24542&ranEAID=TnL5HPStwNw&ranSiteID=TnL5HPStwNw-HD0Iy8FEe1Ypa.QDOprQkQ&epi=TnL5HPStwNw-HD0Iy8FEe1Ypa.QDOprQkQ&irgwc=1&OCID=AIDcmm549zy227_aff_7593_1243925&tduid=%28ir__cevxmjhgxskfdzrubqrmalsqxe2xepde1rz1h9g900%29%287593%29%281243925%29%28TnL5HPStwNw-HD0Iy8FEe1Ypa.QDOprQkQ%29%28%29&irclickid=_cevxmjhgxskfdzrubqrmalsqxe2xepde1rz1h9g900
- Microsoft’s Threat Intelligence Blog: https://www.microsoft.com/en-us/security/blog/topic/threat-intelligence/?sort-by=newest-oldest&date=any
In this episode, we discuss what is Azure Conditional Access Policies, how to manage them and the best way to deploy them. We talk about how you can test your policies before you make them active, how to keep your tenant clean and Antonio’s top three policies.
In this episode we go deep dive answering a question from our audience about what does Microsoft Defender do? Antonio gives it a great overview of the Microsoft Defender family: Defender of Office 365, Defender for endpoint, Defender for identity, Defender for Cloud Apps, Defender for cloud, and Defender for IoT. Then we go in details explaining each service for Defender.
In this episode, we discuss the best practices managing Global Admin accounts, how to properly secure them and steps to make sure you protect confidential information from Global Admins. We review few secure methods that can prevent illegal access to your tenant, and you can control this privileged access to your content.
In this episode we discuss re-certifying or re-attesting your content in Microsoft 365 to meet compliance or regulation within your organization. Often, companies would like to have the content owners to re-validate their content permission, to make sure the content is only accessible by the right people. We discuss the options to re-attest the content and what options are taken against old content.
In this episode we address this question from one of our listeners: We are just beginning to use office365. We have our important documents in OneDrive. We wish to share these files with others. Should we jump to teams? Or can we start sharing the files on SharePoint.
We review the options of sharing files from OneDrive or SharePoint, and where is the best to collaborate and co-author documents. We discuss the pros and cons of each option, and we give our recommendation, taken into consideration compliance around the documents.
A common question from our listener is how to protect offline documents downloaded by the users after they no longer work for the organization. We discuss in this episode options with security labels with Microsoft Information Protection and what is the best way to protect the company’s content. We review different scenarios and of course we recommend a process to control and protect sensitive information whether it is in an online or offline mode.
In this episode, we are excited to have Matt Soseman, Senior Security Architect at Microsoft , to discuss Security within Microsoft 365. Lots of great information from Matt regarding best practices, how to approach securing your tenant, and how you need to think your security settings. We talked about MCAS, MIP labels, DLP policies and many other goodies around security guidelines.
In this episode we are answering a question whether organizations user a default label when using Microsoft Information Protection. We dive into the details of MIP, what are the most commonly deployed labels, how to configure them and more information on how you can secure your data with MIP.
We are excited to host Joanne Klein, Microsoft MVP, Advanced Compliance Specialist, and part of the Microsoft Blackbelt team, to discuss compliance in M365. In this episode, Joanne shares with us her thoughts and experience about the M365 compliance platform. We talk in detail about Information Protection, Retention, Records Management, File plan, and best practices to deploy compliance at a large scale.