Skip to main content

Posts

Showing posts from September, 2018

Just-In-Time VM Access in Azure

In Azure using IaaS workloads, the new  Just-In-Time VM Access helps to mitigate a brute force attack by limiting the time that a port is kept open. Very easy to set up and can control SSH or RDP ports as applicable. This feature in preview now and should be GA soon. Enabling the option will help to harden the security. This would also help to meet the security score by meeting Azure CIS Foundation requirement - "JIT Network Access is 'On'". https://azure.microsoft.com/en-us/blog/reduce-your-exposure-to-brute-force-attacks-from-the-virtual-machine-blade/

Template Management - a new SPO feature announced

Here is an announcement from MSFT regarding file template management. Just checked my tenant and I do not see it yet so cannot give a firsthand experience. But going through the blog, it looks like the "Edit New menu" and "Add template" are new. With this, it is possible to add document templates to SharePoint document library content types. It will be interesting to see if this is available for both the classic site and modern site (library)? The menu dropdown is slightly different between them. While the title and description include "manage" in it, without a centrally managed deployment support (to all of the sites), the management part kind of weakens. I would think, from what I see in the screenshot, that a site owner will be able to create a template and upload. That could be an interesting governance experience. Now, what about ODFB? Each user's personal experience in their ODFB will differ from that of their experience in their te...

Privileged access management in Office 365 - In Preview now

Privileged access management in Office 365, would be a pretty good feature for that organization needing to meet compliance requirements. Currently, I am helping a client to understand the security possibility in O365 so they can implement and enable secure sharing through ODFB. This new capability, when available, will basically bring a process/feature used by MSFT in their Office 365 service maintenance management. One can control access to the tenant by those with admin privileges. No more privileged users can log in and administer the services without an oversight. This feature creates a workflow, requiring approvals and expires the access after an interval of time. Everything is audited so compliance team is happy as well. Read more: https://techcommunity.microsoft.com/t5/Security-Privacy-and-Compliance/Announcing-preview-of-privileged-access-management-in-Office-365/ba-p/183743

Highly Discussed Office 365 features in dev/testing

Some Office 365 features that are in dev/testing cycle as of 9/2/2018 that are interesting and quite often discussed with clients: Rich Yammer feeds in SharePoint New web part to add a fully functional native Yammer feed to any modern SharePoint site. Advanced anti-spoofing protection for external domains in Office 365 Extending coverage of Advanced Anti-spoofing protection for external domains in Office 365 and additional checks for stricter DMARC enforcement Microsoft Bookings - mobile app read-only mode Users with an Office 365 license who have been added to a booking calendar but are not the Bookings calendar admin can now use the Bookings mobile app in read-only mode to see their bookings. (For some reason, bookings have not picked up. I thought this would be helpful to every organization. Maybe we are not educating properly?) Microsoft Secure Score support for new controls Secure Score will add new controls to support Microsoft Cloud App Security and Azure...