Implementing Conditional Access with Exchange Online (updated using Azure Portal)

  Implementing Conditional Access with Exchange Online (updated using Azure Portal) I am updating this blog post using the new Conditional Access features in the Azure Portal. The new portal is accessed from https://portal.azure.com. I will demo using Exchange Online; however, these same steps can be used with all other Software as a Service applications…


Modern Enterprise Security: 9 Things You Can’t Overlook

Written by John Stasick (Microsoft) and Jake Mowrer (Microsoft) Introduction: A Critical Question, A Critical Reality “Top news today, <insert company name here> announced that their systems were breached by hackers dating back to at least 6 months ago.  Details are currently limited on what information was taken and the full financial impact of the incursion.”…


Implementing Conditional Access with Exchange Online

In this Blog Post, I will step through the process to enable the different features of Conditional Access for Office 365 Exchange Online.  However, these same steps can be used with other Software as a Service applications in Azure. Conditional Access will check the following:      User / Risk      Application      Location      Device…


Mobile Devices and Modern Threats

I had a customer the other day look at my Android device and ask me “Why do you use Android when everyone knows it has huge security flaws.” There is some truth behind this question.  The truth is that all mobile platforms are under attack.  These attackers commonly have a persona as an evil person living…


Cloud App Security – Part 2: Threat Protection

Cloud App Security provides threat protection for your cloud applications that’s enhanced with vast Microsoft threat intelligence and research. Identify high-risk usage, security incidents, and detect abnormal user behavior to prevent threats. Cloud App Security helps you to stay ahead of attackers. You can identify anomalies in your cloud usage that may be indicative of…


Microsoft Cloud App Security – Part 1: Credit Card Numbers

Microsoft Cloud App Security (CAS) – https://www.microsoft.com/en-us/cloud-platform/cloud-app-security In this blog post, I am going to cover how to setup alerts and enforce Data Loss Prevention when a file containing credit card number is detected in a sanctioned cloud app.  A sanctioned app is a cloud application that has been approved in the Cloud App Security console. From…


The 3 Security Questions You Must Ask Every Quarter

Microsoft processes over a billion authentications per day and monitors tens of thousands of attacks. We’ve seen some stuff! What we know from our own telemetry and the best practices that we see is that you can’t rest on the strategy and assumptions that you put in place a year or two ago (these may indeed be as…

0

Welcome to the SCD OoES Blog!

Right about now you might be thinking: “Uh, great… more Microsoft acronyms? What the heck is SCD and OoES?” Don’t worry, they’re easy ones — and spelling them out is the perfect way to introduce you to this blog and the team behind it. First off, SCD. This stands for South Central District. In Microsoft context,…