Need to Know podcast–Episode 259

FAQ podcasts are shorter and more focused on a particular topic. In this episode I speak about some automation options that are available in the Microsoft Cloud.

This episode was recorded using Microsoft Teams and produced with Camtasia 2020

Take a listen and let us know what you think – feedback@needtoknow.cloud

You can listen directly to this episode at:

https://ciaops.podbean.com/e/episode-259-baselines/

Subscribe via iTunes at:

https://itunes.apple.com/au/podcast/ciaops-need-to-know-podcasts/id406891445?mt=2

The podcast is also available on Stitcher at:

http://www.stitcher.com/podcast/ciaops/need-to-know-podcast?refid=stpr

Don’t forget to give the show a rating as well as send us any feedback or suggestions you may have for the show.

Resources

FAQ 20

@directorcia

Use security baselines to configure Windows 10 devices in Intune

Preset security policies in EOP and Microsoft Defender for Office 365

CIAOPS Patron Community

Echoes of past–We remember

The 11th hour of the 11th day of 11th month is the anniversary of the end of the “The Great War” as it was known. At that time the world was also starting to be engulfed with what would become known as the Spanish Flu. Both of these tragedies killed millions of people worldwide and left an indelible mark on history.

Over one hundred years later, the world finds itself again in the midst of geopolitical friction and a global pandemic. If there is one thing we can take from history is that humanity came through these challenges and continued. It is therefore probably never more important than now to take a moment and remember all those who died. Some did so serving their country, like the ANZAC soldiers. Others did so serving humanity, the medical staff. Yet others were simply innocent victims of these major events.

In current times, probably the most challenging period in about one hundred years, we should pause, reflect and give thanks for what we have. We should give thanks for those who sacrificed for others. We should remember all those whose lives were changed forever in ways they probably had little control over. All that lived through the horror of one hundred years ago are now gone. Their legacy is merely our memory.

Our service to them should not only be to remember their deeds and circumstances but to learn from the lessons of history and ask what can in done, no matter how small, for others and greater good. Like it or not, we are all in this together and the way that out is always via a shared experience. If history teaches us anything, solutions to problems come via the application of shared humanity not individualism. There is never a better time than now to demonstrate this.

The cessation of World War One brought an end to savage fighting and unprecedented carnage wrought on an industrial scale never seen before. It was however a time when ANZAC troops distinguished themselves and both Australia and New Zealand probably ‘arrived’ on the world stage. Their legacy lives on. Their sacrifices are not forgotten. Their courage provides us strength to face, battle and defeat our own challenges in the modern experience.

Let us therefore take a moment to pause, remember, draw strength and work together, as they did, for a better world for all.

For those interested in the accomplishments of the ANZACs in Europe during World War One, please have a look at my web site – Australian Battlefields of World War I – France

November poll

ask-blackboard-chalk-board-chalkboard-356079

For November I’m asking people:

Are you using a third party product/service to ‘backup’ Office 365 outside of what Microsoft provides?

which I greatly appreciate you thoughts here:

http://bit.ly/ciasurvey202011

You can view the results during the month here:

http://bit.ly/ciaresults202011

and I’ll post a summary at the end of the month here on the blog.

Please feel free to share this survey with as many people as you can so we can get better idea on this question.

Integrate Office 365 with Microsoft Defender for Endpoint

One of the benefits of using security solutions in the Microsoft Cloud is that they integrate together, quickly and easily. If you are using Microsoft Defender for Endpoint then signals from this can be shared with the Microsoft 365 Threat environment.

SNAGHTML15c406c8

To enable this integration navigate to the Office 365 Security & Compliance portal. Expand the Threat Management option from the menu on the left. Then select Explorer from the options that appear. Finally, in the right hand pane scroll to the right until you locate the WDATP Settings hyperlink as shown above, and select it.

image

Ensure the Connect to Windows ATP is set to On, typically it is off by default.

image

In the Microsoft Defender Security center navigate to Settings. Select the Advanced features option from the menu on the left. Ensure the Office 365 Threat Intelligence connection is set to On.

Once done, your systems are integrated and will now share information between them. This will make identifying threats much easier because now:

  • You will be able to view device details and Microsoft Defender for Endpoint alerts from the Threat Explorer.

  • Microsoft Defender for Endpoint will be able to query Microsoft 365 for email data in your organization and show links back to filtered views in the Threat Explorer.

Disabling basic authentication in Microsoft 365 admin console

I’ve previously spoken about why it is important to:

Disable basic auth to improve Office 365 security

PowerShell is generally the easiest manner in which that can be done. However it is possible via the Microsoft admin portal.

image

Navigate to:

https://admin.microsoft.com/

and select Settings from the options on the left. Then select Org settings and then Modern authentication on the right as shown above.

image

You should then see a dialog box appear like that shown above. At the bottom you will find the capability to enable or disable basic authentication.

image

If you want to disable basic authentication for the protocols listed simply unselect that option as shown above where it has been done for IMAP4 and POP3.

Before you go and disable things it is a good idea to have and see what maybe using basic authentication. You can do that by following the steps I outlined in this article:

Determining legacy authentication usage

Disabling basic authentication is a major way to improve the security of your tenant and is strongly recommended for all environments.

CIAOPS Need to Know Microsoft 365 Webinar–November

laptop-eyes-technology-computer

The most under utilised tool in the Microsoft suite is OneNote. Join us for a deep dive into what OneNote is and how to make the most from it personally and professionally. There is also plenty of news that I’ll cover as well as open Q and A for any questions you may have.

You can register for the regular monthly webinar here:

November  Webinar Registrations

The details are:

CIAOPS Need to Know Webinar – November 2020
Friday 27th of November 2020
11.00am – 12.00am Sydney Time

All sessions are recorded and posted to the CIAOPS Academy.

The CIAOPS Need to Know Webinars are free to attend but if you want to receive the recording of the session you need to sign up as a CIAOPS patron which you can do here:

http://www.ciaopspatron.com

or purchase them individually at:

http://www.ciaopsacademy.com/

Also feel free at any stage to email me directly via director@ciaops.com with your webinar topic suggestions.

I’d also appreciate you sharing information about this webinar with anyone you feel may benefit from the session and I look forward to seeing you there.

Need to Know podcast–Episode 258

Apart from all the latest Microsoft Cloud news, I speak with David Bjurman-Birr who is a security architect, especially focused on the SMB space. David shares plenty of great tips when it comes to ensuring your Microsoft 365 tenant. Listen along to stay safe.

This episode was recorded using Microsoft Teams and produced with Camtasia 2020

Take a listen and let us know what you think – feedback@needtoknow.cloud

You can listen directly to this episode at:

https://ciaops.podbean.com/e/episode-258-david-bjurman-birr/

Subscribe via iTunes at:

https://itunes.apple.com/au/podcast/ciaops-need-to-know-podcasts/id406891445?mt=2

The podcast is also available on Stitcher at:

http://www.stitcher.com/podcast/ciaops/need-to-know-podcast?refid=stpr

Don’t forget to give the show a rating as well as send us any feedback or suggestions you may have for the show.

Resources

David Bjurman-Birr

@directorcia

CIAOPS Patron Community

CIAOPS Blog

The definitive guide to Productivity Score

Microsoft Teams reaches 115 million DAU—plus, a new daily collaboration minutes metric for Microsoft 365

Darknet Diaries podcast

Security Unlocked podcast

Uncovering hidden risk podcast

Microsoft announces plans to establish its first cloud region in Austria to accelerate local innovation and growth

Microsoft to establish its first datacenter region in Taiwan

Microsoft’s commercial cloud continues to hum with Azure sales up 48% in Q1

Plus Addressing Now Available in Exchange Online

NIST cybersecurity framework

Australian cybersecurity guidance for SMBs

Australian essential eight explained

Office 365 investigation tooling

Guide to implementing CIS Controls with Microsoft 365 Business Premium

Practical guide to securing remote work using Microsoft 365 Business Premium

SMB Tech community