Here’s a presentation I did recently on security using Microsoft 365 Business. You can download the slides here:
Category: Uncategorized
Free CIAOPS Yammer support network
I am happy to announce that I have set up a free CIAOPS Patron support network on Yammer that is focused on the Microsoft Cloud. In there I have groups on Azure, Microsoft 365, Office 365, Windows 10 and more. Members can ask questions, reply to posts as well as a share interesting information to help others.
Although access to this network is free it is by invite only, so if you want access you’ll need to send me an email (director@ciaops.com) requesting access.
I’ve done this in Yammer for a few reasons. Firstly, it is going to give me the experience of managing a ‘larger’ Yammer external network. This will hopefully improve both my technical experience with the product but also skill me more on how to successfully implement adoption. Secondly, I’ve hopefully giving people a way to get a feel for what Yammer is all about, how it works and what benefits it provides. Yammer for me is probably the most important adoption tool as I have said before:
Focus on the “me” services first
so hopefully giving people a reason to come and experience Yammer for themselves will give them a better idea of what role it can play in a business.
Again, this offering is free but by invite only. To secure your invite just email me at director@ciaops.com.
Need to Know podcast–Episode 183
I’m joined by Gabe Long from Microsoft to look at Microsoft 365 Business in depth. Gabe has been involved with the Microsoft 365 Business product since its launch and shares with use all the great new stuff that has been added since April. Of course there is news and updates from myself and Brenton bringing you up to date with the latest from the Microsoft Cloud.
Take a listen and let us know what you think –feedback@needtoknow.cloud
You can listen directly to this episode at:
https://ciaops.podbean.com/e/episode-183-gabe-long/
Subscribe via iTunes at:
https://itunes.apple.com/au/podcast/ciaops-need-to-know-podcasts/id406891445?mt=2
The podcast is also available on Stitcher at:
http://www.stitcher.com/podcast/ciaops/need-to-know-podcast?refid=stpr
Don’t forget to give the show a rating as well as send us any feedback or suggestions you may have for the show.
Resources
Upcoming CIAOPS classroom training
Enhanced User Experience for Office 365 Advanced Threat Protection
Office 365 Advanced Threat Protection
What’s new and what’s next with Windows Autopilot
Modernize your SharePoint team sites by connecting them to new Office 365 Groups
Share your mobile screen in Teams meeting
Introducing list sharing in Microsoft To Do
Standard SSD disks for Azure VMs
Configuring an Office 365 SPAM filtering policy
A common complaint I hear about Office 365 from IT Professionals is that it doesn’t filter spam as well as other third party solutions. My immediate question at that point is always “Well, have you actually gone in and configured ANY of the spam settings in Office 365 to improve your results?” to which the answer is always No. Thus, if you don’t take the time to customise what you get out of the box you’ll only get an out of the box solution which is probably not what you want! Thus, some configuration is required for EVERY Office 365 tenant to improve its spam filtering abilities.
The out of the box spam settings for Office 365 are not configured in an aggressive manner and you should go in and make changes from the defaults I would suggest. Here’s how to do that.
You’ll firstly need to login to the Office 365 portal as an administrator with rights to make changes. You’ll need to then navigate to the Office 365 Admin Center and select from the Admin centers on menu on the left hand side. You’ll find the Admin centers option right at the bottom.
From the list of options that now appear select Exchange as shown above.
This will take you to the Exchange Admin center as shown above. In here select the protection option on the left and then spam filter on the right.
You will then typically see a single policy called Default.
With this default policy selected, press the edit button (pencil) from the menu to view what settings this default policy has.
Select the different menu options on the left to view all the settings. Most you will see, like in the advanced settings shown above, are set to off.
You can of course edit this default policy, however it is better practice to go back to the list of policies and create a new one and leave the default one in place.
When you create a new policy using the plus button (+) a new dialog will appear like show above.
Give the new policy a name and now scroll through the settings to configure them for your needs.
When you reach the advanced options towards the bottom you’ll see a number of options that can set on or off. The crowd sourced results I obtained for these were:
Image links to remote sites = OFF
Numeric IP addresses = ON
URL redirect to other port = ON
URL to .biz or .info websites = ON
Empty messages = ON
Javascript or VBScript in HTML = ON
Frame or iFrame tags in HTML = ON
Object tags in HTML = ON
Embed tags in HTML = ON
Form tags in HTML = ON
Web bugs in HTML = ON
Apply sensitive word list = ON
SPF record hard fail = ON
Conditional sender ID hard fail = ON
NDR backscatter = ON
You can then set whether the policy will simply run in test mode if you wish.
The final option is to determine where this policy will apply. Normally you want this across all your domains and users but as you see, you can have different policies for different users and domains if you wish.
All you now need to do is save the policy and start monitoring the results.
Hopefully, you can now see that out of the box Office 365 does take a very relaxed approached to spam which is not uncommon for most spam protection products. You can, and should, of course go in and configure the available options to be more restrictive. When you do this you will of course get much better results.
This post showed you how to make spam filter setting via the web interface, a much better and more consistent approach across many tenants is to do this using PowerShell. Look out for an upcoming article on this.
SPAM filtering in Office 365–Best practice results
Recently, I asked people to vote on the settings in Office 365 Spam protection they believe should be made active to improve protection. That survey will continue to run and you can add your voice here:
However, with just over 30 votes as I write this I think we can draw some indications of what the best practice options are going to be.
So let’s start with the ones that should be definitely turned on based on a majority of votes for that condition:
URL direction to another port = ON
Backscatter = ON
SPF Hard fail = ON
Scripts in HTML = ON
Numeric IP addresses in URL = ON
Apply sensitive words list = ON
Empty Messages = ON
Web Bugs = ON
Condition Sender hard fail = ON
Form Tags in HTML = ON
Frame or iFrame tags in HTML = ON
Embed Tags in HTML = ON
Next, the one’s that should be off are:
Image links in Remote Site = OFF
Lastly, border line results that you probably want to set on if you want aggressive anti spam or off if you want relaxed.
Object tags in HTML = ?
URL to .INFO or .BIZ sites = ?
I’ll leave the survey running and you can check the results at any time in the future here.
In upcoming post I’ll show you how to set these options inside Office 365. However, thanks to the wisdom of the crowd (thanks to all who voted) we have an idea of what the settings should be.
SPAM filtering Office 365–Help shape a best practice
I hear a lot of people say that they don’t find Office 365 anti-spam filtering as good as other providers. My reply to that is – “Have you ever actually gone in and configured the settings from what is there by default?”. Unsurprisingly, the answer is always No.
The out of the box spam settings you get with Office 365 are designed for the “average” and probably configured for the least business interruption (i.e. less aggressive classification of what is spam). Thus, to get the optimal level of filtering you desire, it is recommended that you go and set the options the way that you want.
I have configured my tenant for the way I wish to handle spam but that is probably not exactly the best place for people to start. So with that in mind I thought that I’d call on the power of the crowd and offer up a survey were people can nominate what they consider to be major indicators of spam, based on the policy options that Microsoft provide. You’ll find that survey here:
which I encourage you to fill out and share with everyone else.
The idea is that once the results are in I report back on an overall “best practices” starting policy that the majority would feel comfortable with. I can then also show you how to exactly configure that in Office 365.
So please take a moment to complete the survey and share you expertise and thought on the ‘best practice’ approach of configure anti-spam policies in Office 365.
You can find the details on the specific advanced spam filtering options in Office 365 here:
http://technet.microsoft.com/en-us/library/jj200750(v=exchg.150).aspx
CIAOPS Need to Know Azure Webinar–June 2018
This month I’ll take a look at the different VPN options you have in Azure and how you configure these. There’ll also be news, updates and Q and A. I hope to see you there.
June Azure Webinar Registrations
The details are:
CIAOPS Need to Know Azure Webinar – June 2018
Thursday 28th of June 2017
2pm – 3pm Sydney Time
All sessions are recorded and posted to the CIAOPS Academy.
There of course will also be open Q and A so make sure you bring your questions for me and I’ll do my best to answer them.
The CIAOPS Need to Know Webinars are free to attend but if you want to receive the recording of the session you need to sign up as a CIAOPS patron which you can do here:
or purchase them individually at:
Also feel free at any stage to email me directly via director@ciaops.com with your webinar topic suggestions.
I’d also appreciate you sharing information about this webinar with anyone you feel may benefit from the session.
CIAOPS Need to Know Office 365 Webinar–June
For June, I’m going to help you understand which Office 365 collaboration service you should use when. I’m going to give you a framework that you can apply across just about any organisation to help you make the most of services like Teams, SharePoint, OneDrive, Yammer and so on. I’ll also bring you up to date with everything happening in the Microsoft and Office 365 space as always.
You can register for free at:
The details are:
CIAOPS Need to Know Webinar – June 2018
Thursday 28th of June 2018
11am – 12am Sydney Time
All sessions are recorded and posted to the CIAOPS Academy.
There of course will also be open Q and A so make sure you bring your questions for me and I’ll do my best to answer them.
The CIAOPS Need to Know Webinars are free to attend but if you want to receive the recording of the session you need to sign up as a CIAOPS patron which you can do here:
or purchase them individually at:
Also feel free at any stage to email me directly via director@ciaops.com with your webinar topic suggestions.
I’d also appreciate you sharing information about this webinar with anyone you feel may benefit from the session.
CIAOPS 