Browsed by
Tag: Security

Improve your Azure Multi-Factor Authentication Notifications

Improve your Azure Multi-Factor Authentication Notifications

Recently, Uber appeared to be hacked in what is called a MFA Fatigue attack. The attacker continuously sent MFA requests to an end user hoping they would accidentally approve one of them. Microsoft has several items to help prevent MFA fatigue attacks that you can configure and enable for your end users. Traditionally, MFA notifications are push notifications where a user can either accept or deny the request. Some improvements to this have been multiple number options where the end user must select one of four numbers that is presented on the screen they are logging into. The problem with this is that leaves a 1 in 4 chance an accidental selection may result in unauthorized access.

Configure Fraud Alerts

Fraud Alerts allow your users to report fraud if they receive a two-step verification request that they didn’t initiate and automatically block their account from sign-on.

Go to the Azure … Continue...

Block Outdated Operating Systems with Microsoft Defender for Cloud Apps (Cloud App Security)

Block Outdated Operating Systems with Microsoft Defender for Cloud Apps (Cloud App Security)

In this write up I will be configuring Microsoft Defender for Cloud Apps (old name is Cloud App Security) and Conditional Access to block outdated operating systems from accessing Microsoft 365 services within my tenant.

 

Licensing

First thing you want to figure out, is licensing. You must have a license that enables “Microsoft Defender for Cloud Apps Discovery” and not “Microsoft Defender for Cloud Apps.” At the time of writing EM+S E5 sku will not work but Microsoft 365 E5 Security sku will. You will also need Azure Active Directory Premium P2 license.

Setting up Conditional Access

Once we have the proper licensing we need to route applications to Microsoft Defender for Cloud Apps. In the Azure Portal, go to Conditional Access and create a new Policy.

Assignments

In my assignments, I selected all users and excluded my break-glass account.

Cloud Apps or Actions

Next, I selected the Office … Continue...

Customize your Office 365 Encrypted Messages with your Organizations Brand in Office 365

Customize your Office 365 Encrypted Messages with your Organizations Brand in Office 365

As an Office 365 administrator, you can apply your company branding to customize the look of your organization’s Office 365 Message Encryption email messages as well as the contents of the encryption portal. You can customize the following aspects of the viewing experience for recipients of encrypted email messages:

  • Introductory text of the email that contains the encrypted message
  • Disclaimer text of the email that contains the encrypted message
  • Text that appears in the OME portal
  • Logo that appears in the email message and OME portal
  • Background color in the email message and OME portal

You can also revert back to the default look and feel at any time.

Below is the default message your recipient will see when they receive an encrypted email message.

Customize the Message

To customize the OME message you will first need to connect to Exchange Online using Remote PowerShell. You then want to get … Continue...