Need to Know podcast–Episode 232

No interview this episode only news with Brenton and myself. Been a little while since we have chatted so a few things to cover off in the Microsoft Cloud and in general.

This episode was recorded using Microsoft Teams and produced with Camtasia 2019

take a listen and let us know what you think – feedback@needtoknow.cloud

You can listen directly to this episode at:

https://ciaops.podbean.com/e/episode-232-updates/

Subscribe via iTunes at:

https://itunes.apple.com/au/podcast/ciaops-need-to-know-podcasts/id406891445?mt=2

The podcast is also available on Stitcher at:

http://www.stitcher.com/podcast/ciaops/need-to-know-podcast?refid=stpr

Don’t forget to give the show a rating as well as send us any feedback or suggestions you may have for the show.

Resources

@contactbrenton

@directorcia

Brenton’s Adoption Podcast

What’s new with Microsoft 365 February 2020

Forms Activity Reports

Staying on top of Office 365 updates

Update to Microsoft Authenticator

Microsoft’s New Cloud printing service

Detect workplace harassment

Our commitment to customer during COVID-19

Techwerks 11–Melbourne 8th May 2020

bw-car-vehicle

We will be back in Melbourne for Techwerks 11 on Friday the 8th of May 2020. The course is limited to 20 people and you can sign up and reserve your place now! You reserve a place by completing this form:

http://bit.ly/ciaopsroi

or sending me an email (director@ciaops.com) expressing your interest.

The content of these all day face to face workshops is driven by the attendees. That means we cover exactly what people want to see and focus on doing hands on, real world scenarios. Attendees can vote on topics they’d like to see covered prior to the day and we continue to target exactly what the small group of attendees wants to see. Thus, this is an excellent way to get really deep into the technology and have all the questions you’ve been dying to know answered. Typically, the event produces a number of best practice take aways for each attendee. So far, the greatest votes are for deeper dives into the Microsoft Cloud including Microsoft 365, Azure, Intune, Defender ATP, security such as Azure Sentinel and PowerShell configuration and scripts, with a focus on enabling the technology in SMB businesses.

Recent testimonial – “I just wanted to say a big thank you to Robert for the Brisbane Techworks day. It is such a good format with each attendee asking what matters them and the whole interactive nature of the day. So much better than death by PowerPoint.” – Mike H.

The cost to attend is:

Gold Enterprise Patron = Free

Gold Patron = $33 inc GST

Silver Patron = $99 inc GST

Bronze Patron = $176 inc GST

Non Patron = $399 inc GST

I hope to see you there.

Trusted IPs

One of the ways that you can ease the burden of having to use MFA with every login to services like Microsoft 365 is to implement Trusted IPs for a limited set of networks. This feature is available with Azure MFA which is part of Azure AD Premium P1 and all SKUs of Microsoft 365 including Microsoft 365 Business.

You can read more about Trusted IP’s here:

https://docs.microsoft.com/en-gb/azure/active-directory/authentication/howto-mfa-mfasettings#trusted-ips

To configure Trusted IPs in your environment visit:

https://account.activedirectory.windowsazure.com/usermanagement/mfasettings.aspx

If you don’t have the appropriate license you will only see:

If you have the appropriate license you will see more options like so:

Thus, into the lower box you put the IP address range(s), behind which you do not wish to have MFA enabled. Anywhere else, it will remain enabled and required. Also don’t forget to check the option to Skip above this box.

If you also look inside your Conditional Access configuration, you will now find that you also have a new Location called MFA Trusted IPs as shown above. You can thus use that as part of your Conditional Access policies if you wish which you can read more about here:

https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/location-condition#trusted-ips

In summary then, Trusted IPs allow you to remove the need to use MFA when configured and are part of Azure AD Premium P1 or Microsoft 365 licenses. They are great way to remove the need for MFA for network ranges that you trust. Typically these are the IP ranges inside a businesses local network, that the business completely manages and controls.

Secure logging with Microsoft 365 presentation

Here’s the slides from my longer presentation today at Ignite Copenhagen

Securely logging to Microsoft 365

Getting access to your information in Microsoft 365 starts with logging in but is it secure as it could be? Understanding security options at the point of entry like MFA, Legacy Authentication and Conditional Access on all devices is critical to keeping information protected as it is not only you that is trying to log into your account these days! Learn what security technologies you can add at login and the best practices approaches to configuring and monitoring these. Security starts at the doorway to Microsoft 365 and simple configurations can greatly reduce your risks of unauthorised access. Come and learn what can be done.

https://www.slideshare.net/directorcia/securely-logging-to-microsoft-365

Office 365 Backup presentation

Here’s the slides from my short theatre presentation at Ignite Copenhagen

THR30149 – Do you need to backup Office 365?

Is there are need to backup Microsoft 365 data given the feature set in place? What exactly is provided out of the box by Microsoft and what might require the consideration of additional solutions? What are the best practices with what can be enabled in Microsoft 365 to provide maximum data protection before considering alternatives? Determining this will help you create a better and more effective policy to ensure the availability of your information in all situations. Come and learn how to better protect your data and what additional steps you can take to improve its security and reliability.

https://www.slideshare.net/directorcia/do-you-need-to-backup-office-365

Need to Know podcast–Episode 231

FAQ podcasts are shorter and more focused on a particular topic. In this episode I’ll talk about the different Advanced Threat protection (ATP) offerings that Microsoft has.

This episode was recorded using Microsoft Teams and produced with Camtasia 2019

Take a listen and let us know what you think – feedback@needtoknow.cloud

You can listen directly to this episode at:

https://ciaops.podbean.com/e/episode-231-all-the-atps/

Subscribe via iTunes at:

https://itunes.apple.com/au/podcast/ciaops-need-to-know-podcasts/id406891445?mt=2

The podcast is also available on Stitcher at:

http://www.stitcher.com/podcast/ciaops/need-to-know-podcast?refid=stpr

Don’t forget to give the show a rating as well as send us any feedback or suggestions you may have for the show.

Resources

Office 365 ATP

Defender ATP

Azure ATP

Microsoft Defender App Guard issue

**** Update **** – Solution is here – Resolving Windows Application Guard issues

This article is bit different from most others. In this post I’ll be sharing a current issues I have with Defender Application Guard. If you have some suggestions of any additional troubleshooting, I’d love to hear, because currently, I’m not having much luck finding a solution.

The issue is that if I go into the new Edge browser and select a New Application Guard Window, I end up with:

WDAG Report – Container: Error: 0x80070013, Ext error: 0x00000001; RDP: Error: 0x00000000, Ext error: 0x00000000 Location: 0x00000000

I have tried the wdagtool command line tool with the following result:

I have also run a:

sfc /scannow

across my machine with no integrity issues.

If I dig into Event viewer | Application and services log | Microsoft | Windows | WDAG-Manager, I see:

A Failure has occurred: HResult = The media is write protected., File = windows\hvsi\hvsimgr\container\hvsicontainer.cpp, LineNumber = 769, Function = NULL, Message = NULL, CallingContext = NULL, Module = hvsimgr.exe, Code = NULL

and in Event viewer | Application and services log | Microsoft | Windows | WDAG-Service, I see:

Container service failed to start the container: The media is write protected.

I have the App Guard Service enabled in my Windows Features as well.

I have tried:

Re-installing Windows
Re-running Windows install again
Removing all App Guard components, rebooting, reinstalling all the components again and rebooting
Installing Hyper V service
Installing Sandboxing Service

I am still trying to resolve this issue, and have tried quite a few knowledgeable people who haven’t had much luck either. So, if you have any suggestion of what may help, please let me know.

Securely logging to Microsoft 365 – THR30117

Thanks to Microsoft for the opportunity to speak at Microsoft Ignite the Tour Sydney. Also, a big thanks to everyone who attended my shorter theatre session – Securely logging Microsoft 365 on day 1. Here are the slides from that which many people asked for:

I have another session tomorrow that I’ll also post up for people when complete.