Tag: #Security

In this episode, we take a comprehensive plunge into the Microsoft Purview Unified Audit log, unraveling its capacity to enable organizations in vigilant monitoring and meticulous activity tracking. Our dialogue encompasses the significance of Microsoft Purview Audit Premium, set to be free with E3 or E5 this September. We also discuss the Storm-0558 threat that took place in July 2023, and how Microsoft responded to mitigate this issue. Moreover, we outline the distinct divergences within the Audit logs, contingent on the utilization of either an E3 or E5 license.

Important links:

1. Analysis of Storm-0558 techniques for unauthorized email access: https://www.microsoft.com/en-us/security/blog/2023/07/14/analysis-of-storm-0558-techniques-for-unauthorized-email-access/
2. Microsoft Blog announcing the new change to audit events that are available with standard licenses: https://www.microsoft.com/en-us/security/blog/2023/07/19/expanding-cloud-logging-to-give-customers-deeper-security-visibility/?ranMID=24542&ranEAID=TnL5HPStwNw&ranSiteID=TnL5HPStwNw-HD0Iy8FEe1Ypa.QDOprQkQ&epi=TnL5HPStwNw-HD0Iy8FEe1Ypa.QDOprQkQ&irgwc=1&OCID=AIDcmm549zy227_aff_7593_1243925&tduid=%28ir__cevxmjhgxskfdzrubqrmalsqxe2xepde1rz1h9g900%29%287593%29%281243925%29%28TnL5HPStwNw-HD0Iy8FEe1Ypa.QDOprQkQ%29%28%29&irclickid=_cevxmjhgxskfdzrubqrmalsqxe2xepde1rz1h9g900
3. Microsoft’s Threat Intelligence Blog: https://www.microsoft.com/en-us/security/blog/topic/threat-intelligence/?sort-by=newest-oldest&date=any
   

DOWNLOAD THIS PODCAST

In this episode, we discuss what is Azure Conditional Access Policies, how to manage them and the best way to deploy them. We talk about how you can test your policies before you make them active, how to keep your tenant clean and Antonio’s top three policies.

DOWNLOAD THIS PODCAST

In this episode we go deep dive answering a question from our audience about what does Microsoft Defender do? Antonio gives it a great overview of the Microsoft Defender family: Defender of Office 365, Defender for endpoint, Defender for identity, Defender for Cloud Apps, Defender for cloud, and Defender for IoT. Then we go in details explaining each service for Defender.

DOWNLOAD THIS PODCAST

In this episode, we discuss the best practices managing Global Admin accounts, how to properly secure them and steps to make sure you protect confidential information from Global Admins. We review few secure methods that can prevent illegal access to your tenant, and you can control this privileged access to your content.

DOWNLOAD THIS PODCAST

In this episode we discuss re-certifying or re-attesting your content in Microsoft 365 to meet compliance or regulation within your organization. Often, companies would like to have the content owners to re-validate their content permission, to make sure the content is only accessible by the right people. We discuss the options to re-attest the content and what options are taken against old content.

DOWNLOAD THIS PODCAST

A common question from our listener is how to protect offline documents downloaded by the users after they no longer work for the organization. We discuss in this episode options with security labels with Microsoft Information Protection and what is the best way to protect the company’s content. We review different scenarios and of course we recommend a process to control and protect sensitive information whether it is in an online or offline mode.

DOWNLOAD THIS PODCAST

In this episode, we are excited to have Matt Soseman, Senior Security Architect at Microsoft , to discuss Security within Microsoft 365. Lots of great information from Matt regarding best practices, how to approach securing your tenant, and how you need to think your security settings. We talked about MCAS, MIP labels, DLP policies and many other goodies around security guidelines.

DOWNLOAD THIS PODCAST

In this episode, we dive into security in Microsoft 365. Like nay other platform, hackers may attempt to get into your tenant to phish for information and cause disturbance in your daily work life. We review options on what to do when you have a data breach in M365 and what actions you should take to correct the breach. We also discuss measures that you can take to minimize the data breach and secure your tenant from future attacks.

DOWNLOAD THIS PODCAST

In this episode, we dive into the M365 security settings to discuss how you can protect your data. We cover authentication options and identity protection, data security policies, Microsoft Cloud App Security (MCAS), Data Loss Prevention (DLP), protecting the content, limiting 3^rd party connectors in Power Automate, and how to protect sharing content from SharePoint and OneDrive.

DOWNLOAD THIS PODCAST