Help Global Admins to see Azure subscriptions automatically Monday, June 11, 2018 6:00 AM Toni Pohl When creating a new Azure subscription, the Azure Role-Based Access Control (RBAC) permissions must be defined for users to be able to work with the subscription. But, Office 365 Admins can get permissions automatically – if you define it as here! Azure | Cloud | English | Microsoft | Office365 | Security Mediumlink | Permalink | Comments (0) | Post RSS mehr
#TrustInTech Informationstag am 11.6.2018 in München Wednesday, May 23, 2018 1:29 PM ds Unter dem Motto #TrustInTech laden die Gastgeber Trans4mation, atwork und Microsoft Deutschland sowie DriveLock zu einem Informationstag rund um die neuesten Technologien und Trends im Bereich Daten- und Informationssicherheit. atwork | Event | Security Mediumlink | Permalink | Comments (0) | Post RSS mehr
How to implement your GDPR compliance Wednesday, April 4, 2018 7:00 AM Toni Pohl So, you’re in the process of planning your GDPR compliance? We’ve got your back with this short summary and our offers to support! Cloud | English | Microsoft365 | Office365 | Security | atwork Mediumlink | Permalink | Comments (0) | Post RSS mehr
Impressions of Microsoft Tech Summit Amsterdam 2018 Thursday, March 29, 2018 6:00 PM Toni Pohl In the Easter week, we joined the Microsoft Tech Summit Amsterdam. The event took place at RAI Amsterdam from March 28-29, 2018. See some impressions here. Cloud | Azure | Developer | English | Event | Microsoft | MVP | Graph | Office | Office365 | Security | Yammer | atwork Mediumlink | Permalink | Comments (0) | Post RSS mehr
How to create or renew Service Principal Names in Azure Active Directory Saturday, March 24, 2018 4:04 PM Toni Pohl When an automated task or an app needs to access data from Office 365, you need to create an app in the tenant’s Azure Active Directory (AAD). For having full control, e.g. for deleting objects in AAD, a so called Service Principal Name (SPN) can be used. That is similar to a Global Admin in Office 365, but just for apps and usually with a predefined expiration date. Which is good. Or? Azure | App | Cloud | Developer | English | Microsoft | Office365 | Security Mediumlink | Permalink | Comments (0) | Post RSS mehr
Azure information protection user experience with external users Sunday, February 18, 2018 6:40 PM Martina Grom Due to the coming GDPR regulation in May 2018 many customers are working very actively towards this date and check their compliance and security environment. Many requests arise around Azure Information protection which gives customers the ability to classify and protect their data in an easy, reproducible way. Data classification helps users to differentiate between data that can be shared outside an organization and data that is classified or NDA information. Many statistics show that less than 5% of all data from an organization are in that high classification range.Azure Information protection helps you classify and protect that type of data. One of the main questions here is: how is that handled with external or guest users? What is the user experience for an external user and how can he open those protected messages (Mails or Documents). The user experience is demonstrated below. Cloud | Azure | Office365 | Microsoft365 | Security | AIP | Azure Information Protection Mediumlink | Permalink | Comments (3) | Post RSS mehr
How to restrict access and to connect to a single SQL Azure database only Saturday, January 27, 2018 5:00 PM Toni Pohl As of today, many organizations use various Microsoft Azure services. SQL Azure databases are popular among them. Often, IT Administrators want to allow departments or vendors full access to just one specific SQL Azure database and to restrict their access to other resources. See here how this works. Azure | Cloud | Developer | English | Microsoft | SQL Server | Security Mediumlink | Permalink | Comments (0) | Post RSS mehr
How Azure Security Center protects your data against cyber attacks Monday, January 1, 2018 1:00 PM Toni Pohl In many scenarios, public cloud services allow a high grade of elasticity, flexibility and cost effectiveness combined with standardization. On the other hand, every customer needs to build trust to the desired platform and that all his services and data are protected against any attacks. So, it’s very interesting to see, what kind of mechanisms the large cloud providers as Microsoft are using to keep data safe and how they detect attacks and what countermeasures they execute. Azure | Cloud | English | Microsoft | Office365 | Security Mediumlink | Permalink | Comments (0) | Post RSS mehr
Nachlese zum GDPR Workshop mit atwork, Microsoft und Grant Thornton Thursday, September 7, 2017 11:00 AM Toni Pohl atwork organisierte einen GDPR-Workshop, der diese Woche bei Microsoft in Wien stattgefunden hat. Als kompetenten Partner aus der Wirtschaftsprüfung und Steuerberatung konnten wir Philipp Mattes von Grant Thornton gewinnen, der den ersten Teil präsentierte. Unsere Security Expertin Martina Grom informierte in Teil Zwei über die technischen Möglichkeiten mit den Microsoft Cloud Services. Sehen Sie hier eine Nachlese. General | Cloud | Event | Microsoft | Office365 | Azure | Security | atwork Mediumlink | Permalink | Comments (0) | Post RSS mehr
Use Azure AD app principal without user context Monday, August 21, 2017 1:41 PM js For an application registered in AAD to be able to run in application context only without a user context the "Company Administrator" role has to be assigned to the application in order to be able to access administrator endpoints for APIs like the Microsoft Graph. No additional permissions have to be assigned to the application after assigning this role.The assignment has to be done using PowerShell and looks like this: (the app registration has to be done beforehand)Install-Module AzureADConnect-AzureAD$app = Get-AzureADServicePrincipal -SearchString "your app name"$role = Get-AzureADDirectoryRole | Where-Object { $_.DisplayName -eq "Company Administrator" }Add-AzureADDirectoryRoleMember -ObjectId $role.ObjectId -RefObjectId $app.ObjectIdNote that you have to replace the string "your app name" with the name provided to your app registration. The script intalls (if not already installed) the AzureAD PowerShell module and uses the contained commandlets to get the service principal of the app registration by name, gets the Azure AD Directory Role "Company Administrator" and adds this role to the service principal of the app. After the role has been added, the app might, e.g., make queries to the user endpoint of the Microsoft Graph API to get properties from any users in the AAD. Azure | Microsoft | Office365 | PowerShell | Security Mediumlink | Permalink | Comments (0) | Post RSS mehr
How to setup Multi Factor Authentication for your personal Microsoft Account Wednesday, August 16, 2017 9:30 AM Toni Pohl To secure a personal Microsoft Account (MSA, formerly known as LiveID), you can enable two-step verification (MFA) easily. This article shows the How-To. App | English | Microsoft | Security | General Mediumlink | Permalink | Comments (0) | Post RSS mehr
Add your local IP address to a SQL Azure Firewall easily Saturday, May 6, 2017 6:00 AM Toni Pohl When working with SQL Azure you are aware that a connection is just established, if the client’s IP address is configured in the firewall of the SQL Azure database server. You needed to open the Azure Portal-SQL servers service, and add your IP address manually. Well, the good story is, now the SQL Server 2016 Management Studio does this for you! Azure | Cloud | English | Developer | Microsoft | SQL Server | Security Mediumlink | Permalink | Comments (0) | Post RSS mehr