Category: Microsoft 365

CIAOPS Techwerks 5–Melbourne May 10

bw-car-vehicle

Hot on the heels of a successful CIAOPS Techwerks 4 in Perth in April, Techwerks 5 will move to Melbourne on Friday the 10th of May. The course is limited to 15 people and you can sign up and reserve your place now! You reserve a place by send me an email (director@ciaops.com) expressing you interest.

The content of these events is driven by the attendees. That means we cover exactly what people want to see and focus on doing hands on, real world scenarios. Attendees can vote on topics they’d like to see covered prior to the day and we continue to target exactly what the small group of attendees wants to see. Thus, this is an excellent way to get really deep into the technology and have all the questions you’ve been dying to know answered. Typically, the event produces a number of best practice take aways for each attendee. So far, the greatest votes are for deeper dives into Intune, security and PowerShell configuration and scripts, however that isn’t finalised until the day.

Recent testimonial – “I just wanted to say a big thank you to Robert for the Brisbane Techworks day. It is such a good format with each attendee asking what matters them and the whole interactive nature of the day. So much better than death by PowerPoint.” – Mike H.

The cost to attend is:


Patron Level Price inc GST
Gold Enterprise Free
Gold $ 33
Silver $ 99
Bronze $176
Non Patron $399

To learn more about the benefits of the CIAOPS Patron program visitwww.ciaopspatron.com.

To register, simply email me – director@ciaops.com and I’ll take care of everything from there.

The CIAOPS Techwerks events are run regularly in major Australian capital cities, so if you can’t make this one or you aren’t in Perth on that date, stay tuned for more details and announcements soon. If you are interested in signing up please contact me via emails (director@ciaops.com) and I can let you know all the details as well as answer any questions you may have about the event.

I hope to see you there.

Define an IP range in Cloud App Security

image

For me, Office 365 Cloud App Security is a must have add on for any Microsoft or Office 365 tenant as I have spoken about here:

A great security add on for Microsoft 365

As with all services, once you have enabled it you need to do some customisation to get the best from it. The first thing you should do is define your ‘corporate’ IP addresses. These typically refer to your on premises environment.

The first step in defining these is to access Office 365 Cloud App security, which you can do from the Microsoft 365 Security Center. Once at the home page, select the COG in the top right hand corner.

image

That should reveal a menu like you see above. From this menu select the option IP address ranges.

image

Then select the Category option in the middle of the page and the option for Corporate.

image

You will then see an IP address ranges that have been defined as ‘corporate’ already. To add more ranges simply select the + (plus) button in the upper right. Doing show will provide you a dialog box like shown above where you can now enter the appropriate details.

Why is defining your ‘corporate’ IP addresses important? It helps prevent false positives, especially when you have multiple locations. This is handy when you start setting up rules in Office 365 Cloud App Security, you can easily use the ‘corporate’ definition to designate your known environment. It means also that when you add new locations you don;t have to go and change all your rules, just add top the ‘corporate’ IP range list.

Locking installed apps to Windows Store only

image

If you go into your settings in Windows 10 and select Apps you should see the above dialog.

image

You can see the options that are available to you as shown above. You’ll see that one of the options available is Allow apps from Store only. Although not a fool-proof security option but setting this would reduce the chances of malware executing on the desktop because the only method of installation is from the Microsoft curated Store. A random piece of malware, delivered via email say, could not execute since it doesn’t come from the Microsoft Store I would suggest.

image

Using Intune we can apply this setting across a range of Windows 10 desktops using a Windows 10 Device Restriction Policy as you see above. Simply locate the App Store option, then Apps from store only and set the value to Require as shown.

In a short period of time, once the policy has deployed, those devices will only be able to install software from the Microsoft Store, preventing installation from anywhere else and hopefully also preventing malware installations.

The good thing about this restriction is the user can still be a local administrator of their machine if you desire and installations will be restricted. The other good things is that it is policy based, which means it is easy to turn on and off as required or exclude users if need be.

As I said earlier, it is not a fool proof method of preventing malware being installed on a Windows 10 desktop, but would certainly make it much more difficult. In this day and age, we need all the help we can get to counter the threats. Hopefully, this will help.

Enabling Microsoft Stream transcribing

image

Every plan in Microsoft 365 and just about every plan in Office 365 includes Microsoft Stream, which is a private video hosting service from Microsoft. Stream is also integrated into Microsoft Teams, so that, if you record a meeting in Teams it is automatically saved in Stream for replay later. You can also transcribe anything spoken in the video to searchable text within Stream.

You may however find that this automatic captioning is not enabled by default in Stream. To see whether it is, simply connect to your tenant via PowerShell and run the command:

get-CsTeamsMeetingPolicy -Identity global

In the results look for the line:

AllowTranscription

as shown above. If it is set to False, run the command:

Set-CsTeamsMeetingPolicy -Identity Global -AllowTranscription $True

to enable Stream transcription. Note, that it may take a little while for the policy to be applied.

Now, when you upload a video to Stream or record a meeting in Teams any speech should be transcribed for you automatically.

Microsoft 365 Business adds shared computer activation (SCA) rights

Image may contain: text

The above from is from the message center of a Microsoft 365 Business tenants confirming that Shared Computer Access (SCA) will very soon to be available in Microsoft 365 Business SKUs. This will allow those SKUs to install Office desktop software on things such as on premises servers with a Remote Desktop Services (RDS) role (aka on a Terminal Server).

To do so previous required an Enterprise (E) license. This is big news for Microsoft 365 Business and further improves the value of this SKU!

Need to Know podcast–Episode 203

We catch you up with everything in the Microsoft Cloud and then spend some time talking about the new certifications that have just become available from Microsoft for both Microsoft 365 and Azure. I share some of my experiences and thought around doing these exams and their value to all IT Professionals going forward. We’ll be covering more about certifications down the track but this one should get you thinking about which one you should do!

Take a listen and let us know what you think – feedback@needtoknow.cloud

You can listen directly to this episode at:

https://ciaops.podbean.com/e/episode-203-certifications/

Subscribe via iTunes at:

https://itunes.apple.com/au/podcast/ciaops-need-to-know-podcasts/id406891445?mt=2

The podcast is also available on Stitcher at:

http://www.stitcher.com/podcast/ciaops/need-to-know-podcast?refid=stpr

Don’t forget to give the show a rating as well as send us any feedback or suggestions you may have for the show.

Resources

@contactbrenton

@directorcia

Patron Community

Azure opens datacenters in Africa

Microsoft announces Azure Sentinel

Introducing Microsoft Threat Experts

Get the latest Microsoft Security Intelligence report

Teams V Slack

Connect to Office 365 PowerShell via GUI

MS-100 Certification

MS-101 Certification

Email message traces in Office 365

A very common need these days is to do an email message trace. This can be done the old way in the Exchange Online Admin center or the new way via Mail Flow in the Security and Compliance center.

image

You simply enter the details and then run a search.

image

and the output looks like the above, where you can also drill in and get more detail.

image

As with all things Office 365, you can achieve the exact same thing using PowerShell as I have shown above. The code to achieve this is quite straight forward but I have uploaded it to my GitHub repo to save you the trouble:

https://github.com/directorcia/Office365/blob/master/o365-msgtrace.ps1

Where PowerShell comes into its own is when you need to a variety of tasks, perhaps an investigation of a breach. Using PowerShell you can easily dump all the information to CSV for further analysis rather than having to root it out in the web interface.