We Make Technology Accessible
to discuss ALL office365 aspect
provisioning ,administration ,EMS ,Hybrid ,Migration
introduction in previous article : we have discussed the concepts of ( access review ) and said it come to resolve many issues including but BOT limited to excessive access of privileged role this article we will see how to use PIM access review with best practice let us go organization case study organization pioneers101 has the following privileged role membership Global Admin RRead More…
introduction after long time of working with microsoft 365 : you will notice that you have a lot of Privileged roles assigned to users some of these Roles still needed and some is NOT required any more this will lead to find anew technique to control the situation which called ( PIM Access review ) as extending to our approach here in Networks pioneers : the first article(s) focus on theRead More…
introduction after we have seen how to configure PIM approaches like : Just in Time ( Eligible Role ) Time Bound Access Permanent active Access it’s very important to be familiar with PIM audit logs and alerts to keep monitoring administrative activities at your organization PIM Audit Logs With Azure Active Directory (Azure AD) Privileged Identity Management (PIM), you can vRead More…
introduction in previous article we have seen how to configure PIM eligible assignment this article : we will discuss new aspect of PIM which is time-bound assignment time-bound assignment time-bound assignment concepts is assign privileged role for user for specific time ( for example 3 months ) ‘but this time : user is activated for all time period ( 3 month ) , and there is NO need to actRead More…
introduction in previous article : we have seen how to assign eligible privileged role to user , and seen also that user can activate his eligible role by him self without need approval from approver this article we will see how to force approval workflow to activate eligible role when to use approval workflow for eligible role there are some time you need to configure approval workflow for Read More…
introduction PIM enable you to control to use administrative roles just in time ( JIT ) is one of PIM approach that allow you to reduce the of compromising your Cloud organization this article we will discuss how to use JIT to control privileged administrative role effectively how JIT works JIT works in the following scenario PIM admin (who is normally is global admin like bisan@Read More…
introduction in second article of PIM : we will see how to setup initial configuration for PIM before get some examples of how to use PIM best practice let us go who can enable PIM any member of Global Admin Role can enable PIM when he enabled PIM >> he will be added to (Privileged Role Administrator ) as seen above : bisan and ahmad are global admin >> they are the ONRead More…
introduction any Organization want to minimize the number of people who have access to secure information or resources, which will reduces the chance of a malicious actor getting that access, or even an authorized user impacting a sensitive resource this will lead us to the concept of Privileged Identity Management (PIM) what is Privileged Identity Management (PIM) Privileged Identity MRead More…
introduction any organization might require for an emergency account in the Azure Active Directory. for many difficult situation including but NOT limited to : The administrator registers with Azure Multi-Factor Authentication (MFA) and all their personal devices are not available or even stolen 🙁 All synchronized account with admin access are deleted and or disabled by malicious atRead More…
introduction Azure Active Directory Identity Protection includes three default policies that administrators can enable. These policies include limited customization but are applicable to most organizations. All of the policies allow for excluding users such as your emergency access or break-glass administrator accounts. Azure AD MFA registration policy Identity Protection can help orRead More…
introduction The Security overview in the Azure portal gives you an insight into your organization’s security posture. It helps identify potential attacks and understand the effectiveness of your policies. The ‘Security overview’ is broadly divided into two sections: Trends, on the left, provide a timeline of risk in your organization. Tiles, on the right, highlight the key ongRead More…
introduction Azure AD Identity Protection is a tool that allows organizations to do the following : Automate the detection and remediation of identity-based risks. Investigate risks using data in the portal. Export risk detection data to third-party utilities for further analysis. The signals generated by Identity Protection, can be further send information to tools like: CondiRead More…
introduction some time you have many conditional access policy and you need to know what policy will be applied will be applied to specific situation the solution is conditional access what if scenario simulator For Better View > Open Image in different TAB What If tool the Conditional Access What If policy tool allows you to understand the impact of your Conditional Access polRead More…
introduction organization may allow users to use their computers to increase productivity but IT staff need to first manage the device identities. IT staff can build on the device identity with tools like Microsoft Intune to ensure standards for security and compliance are met. Azure Active Directory (Azure AD) enables single sign-on to devices, apps, and services from anywhere throuRead More…
introduction previous article we have seen how to use conditiona laccess policies to enhance security in organization by force certain action based on specific condition this article : we will see how to Force to change password with sign-in Risk Risk Classfiication Identity Protection identifies risks in the following classifications: Atypical travel Sign in from an atypical locatRead More…
introduction this article we will see how to block group purchasing to access office.com with unregistered devices in azure AD please join us Pioneers OBS before start apply Conditional Access : we need to understand the Organization Breakdown Structure for company Pioneers OBS For Better View > Open Image in different TAB For Better View > Open Image in differentRead More…
introduction in previous article we have seen how to BLOCK sales department to connect office.com from outside Saudi Arabia this article : we will see how to require MFA ( Multi Factor Authentication ) for HR department when connecting from untrusted IP address Pioneers OBS before stat apply Conditional Access : we need to understand the Organization Breakdown Structure for company Pioneers Read More…
introduction in coming articles we will see how to apply conditional access with varias requirements pleas join us Pioneers OBS before stat apply Conditional Access : we need to understand the Organization Breakdown Structure for company Pioneers OBS For Better View > Open Image in different TAB For Better View > Open Image in different TAB For Better View > Open IRead More…
introduction by default : Microsoft 354 users can access organization’s resources from any devices and from anywhere As a result, it could be subjected to many risk the solution With Azure AD Conditional Access : we can control when and where user can login to which Apps and using which devices MoreOver : we can also apply specific security settings to be applied in specific Read More…
introduction this article we will see different approach of MFA which is MFA using SMS Configure MFA for user MFA SMS send you direct message to your registered phone number if you lost phone >> simply you can ask Microsoft 365 admin to reset you MFA settings and require different method let us go login to microsoft 365 admin center with global admin or user admin role selectRead More…
introduction previous article : we have seen how to configure MFA with microsoft authenticator app as we have seen prove approve or reject action on real time this article we will configure user to use google authenticator app which work on different approach of microsoft authenticator app Google Authenticator is a software-based authenticator by Google that implements two-step verRead More…
introduction in previous article : we have got an overview about MFA this article we will see how to configure user to use [microsoft authenticator app ] as second factor microsoft authenticator app Microsoft Authenticator is a multifactor app for mobile devices that generates time-based codes used during the Two-Step Verification process. we can download microsoft authenticator app from Read More…
introduction In cloud environment : the simple authentication of “username and password” can be easily breached by cyber criminals. and Many logins can be compromised in minutes >> then private data; such as personal and financial details, will be under threat. Which lead us to try to add more authentication methods to make it very difficult to breach your accoRead More…
introduction speaking about microsoft 365 without pointing to Azure Active Directory is meaningless simply because Microsoft 365 is relay on Azure Active Directory [AAD ] for identity management in the first article of series identity management & Protection : we have found here in networks pioneers that it is very important to understand Azure Active Directory [later referred to Read More…
introduction Using Office 365 may expose your sensitive data not only internally, but also to external collaborators or even worse make it publicly available via a shared link. Such incidents might occur due to malicious actor, or by an unaware employee. moreover Office 365 also provides a large third-party app eco-system to help boost productivity. and these apps also can expose Read More…
introduction
Microsoft cloud app security uses app connectors, to do the following : deep integration threat protection government actions and policy enforcement cloud app security can query the cloud app API for activity logs, and start scanning data, accounts, and cloud content. App connectors use the APIs of app providers to enable greater visibility and control by ClRead More…
introduction
after we have got an overview about CAS and see how to create trial subscription this article will used to configure System settings for CAS as the first actions to be done after create subscription
CAS settings
before you start working with cloud app security : it’s better to configure system settings login to https://portal.cloudappsecurity.com fromRead More…
introduction in previous article : we hat got an overview about Cloud App Security this article we will see how to subscribe and how to access then manage CAS please join us CAS prerequisites CAS [or MCAS ] require the following license for License : need one of the following : Azure Active Directory AD Premium 1 with limited feature Enterprise Mobility Suite EMS ERead More…
introduction first article of CAS we have got an overview of cloud app security this article we will keep discovering CAS fact CAS Area CAS has two flavors : CAS for office 365 MS CAS which is simply success security brokers that support Log collector API connectors like drobox Reverse proxy for apps inside on-premise network CAS capabilities Discover and maRead More…
introduction Moving to the cloud increases flexibility for employees and IT teams. 🙂 BUT,,, it also introduces new challenges and complexities for keeping your organization secure. 🙁 SO,,, To get the full benefit of cloud apps and services, an IT team must find the right balance of supporting access while protecting critical data. the Solution is Cloud App Security BrokRead More…
introduction in plreviouse article we have discussed the concept of OME this articles we will see how to encrypt email with OME , and that that will effect email sent to outside organization activate RMS OME capabilities leverage the protection features in Azure Rights Management Services (Azure RMS), the technology used by Azure Information Protection to protect emails and documents vRead More…
introduction People often use email to send sensitive information, such as: financial data, legal contracts, confidential product information, sales reports and projections , patient health information, or customer and employee information. As a result, mailboxes can become repositories for large amounts of potentially sensitive information and information leakage can becomRead More…
introduction in previous article we have seen how to configure automatic classification based on file or email content this article we will how to create label and allow end user to choose labeling based on his convenience AIP Manual classification steps below are steps to create manual labeling , which are similar to automatic labeling with little bit different Activate AIP through htRead More…
introduction in previous article we have got an overview about AIP concepts this article we will see how to configure AIP on cloud on on premise [end client computers ] Manual Classification vs Automatic Classification in most companies : we deal with huge mount of data. So,,, applying label manually is not practical. Therefore,, AIP offers automatic data classification to oveRead More…
introduction Azure Information Protection (AIP) is a cloud-based solution that enables companies to: Discover Classify , label , Monitor and Protect documents and emails by applying labels to content. AIP is part of the Microsoft Information Protection (MIP) solution, and extends the labeling and classification functionality provided by Microsoft 365. actually : AIP proRead More…