Download users photos from Exchange Online with PowerShell

One of the great benefits of Office 365 is how users profiles can be customized and filled with helpful information. Having appropriate manager attributes, for example, can provide an out of the box org chart that can be very useful in large organizations. Users can list their skills or interests on their profile and and …

Continue reading Download users photos from Exchange Online with PowerShell

Protecting against Malicious Azure AD Applications (Part 2: Investigating using MCAS)

In a previous post, I detailed the importance of controlling Azure AD OAuth Applications and consent within your environment. I also looked at how we can add approval for OAuth app requests so that each app can be vetted by an admin before consent is granted. With controls and governance in place, it's important to …

Continue reading Protecting against Malicious Azure AD Applications (Part 2: Investigating using MCAS)

Protecting against Malicious Azure AD Applications (Part 1: Admin Consent)

Integrating applications with Azure AD / Office 365 is a great way to extend the capability of the Microsoft Platform with a wide range of apps. This can open possibilities for productivity apps to help users get their work done quicker and more effectively. An example of this is the iOS mail app which relies …

Continue reading Protecting against Malicious Azure AD Applications (Part 1: Admin Consent)

Detecting and Remediating Plus Addresses in Exchange Online

In a recent Message Center announcement (MC276028), Microsoft have communicated that the Plus Addressing feature which I wrote about previously will be turned on for all tenancies in January 2022. This is a good move that brings Exchange Online in line with a lot of other email systems. Previously, Plus addressing was an opt-in feature, …

Continue reading Detecting and Remediating Plus Addresses in Exchange Online

Configuring Exchange Online Advanced Delivery to Allow Third-Party Phishing Simulations and SecOps Monitoring Mailboxes

Running regular Phishing Simulations in your environment is a great way to keep up user awareness and vigilance and help them to identify common phishing attacks and malicious email. In a previous post I have detailed the process of using the awesome Microsoft Defender for Office 365 Attack Simulation tool. If you are licensed for …

Continue reading Configuring Exchange Online Advanced Delivery to Allow Third-Party Phishing Simulations and SecOps Monitoring Mailboxes

Get Teams Notifications for Office 365 Service Health Issues

When a backend issue occurs in your Office 365 tenancy, it is flagged by Microsoft in the Service Health Dashboard. Here any issues or degradation of a particular service can be tracked and while there is not much action that can be taken to resolve these issues from a tenant admin perspective, they can be …

Continue reading Get Teams Notifications for Office 365 Service Health Issues

Using Azure KeyVault to Secure Graph API Automation Scripts

I previously published a post on how we can use Certificates to securely connect to the Microsoft Graph API. This is a great way to secure automation with Graph. Taking this idea and going a step further, by using Azure KeyVault to store our certificate, it can be used with Azure Functions or Azure Automation …

Continue reading Using Azure KeyVault to Secure Graph API Automation Scripts

Performing a Staged Rollout of Cloud Authentication in Office 365 from Federated

With features such as Pass Through Authentication (PTA) available in AD Connect, there are really very few use cases for ADFS federation any more. I encourage anyone still using ADFS for Office 365 / Azure AD to review if they still need to maintain (a minimum) of four ADFS servers and a number of firewall …

Continue reading Performing a Staged Rollout of Cloud Authentication in Office 365 from Federated