Security

Our Governance Toolkit 365 (GT365) provides information and automation solutions for a Microsoft 365 tenant. In order to use the functions, this app must be approved by an administrator. In addition, new solutions are constantly being added. Some of these also require new permissions. You can find out how you as an administrator can grant and renew these permissions here. GT365 requires an app “Governance Toolkit 365” that reads the data from the M365 tenant and collects it for further actions. An administrator must approve this app so that the functions can be used. There are the following functions that administrators can perform: ...

Microsoft Entra Privileged Identity Management (PIM) allows administrators to manage role assignments efficiently, ensuring that users have the necessary permissions only when needed. By following a few simple steps, administrators can make users eligible for specific roles, activate roles as required, and manage both built-in and custom roles. This process enhances security by minimizing the duration and scope of privileged access, making it a crucial tool for maintaining a secure and compliant environment. In this article, we explore how to read a user’s Microsoft Entra roles and history using PIM and the Microsoft Graph REST API. ...

As reported in most media, we would like to inform you about a global outage caused by a erroneous software update from cybersecurity company CrowdStrike today, on July 19th. This Endpoint security solution is used in many organizations, from hospitals to tech companies, education, airports and many other industries. Crowdstrike rolled out an update to its customers that caused Windows 10 computers to crash, see the CrowdStrike Statement on Falcon Content Update for Windows Hosts. The affected computers no longer start correctly, but instead produce a Windows BSOD (Blue Screen Of Death). Such computers are getting stuck at the “Recovery” screen. See how to resolve this if your Windows computer is affected by the CrowdStrike update. ...

In Part 2 of this series we look into setting up and managing applications in a Microsoft 365 tenant. In Part 1, I focused on how Azure AD applications can be used to provide secure access control to data and services. I demonstrated how to create an Azure AD application in the home tenant and the importance of integrating with Azure AD for centralized app registration, management, and security measures. In this article, I will dive deeper into the topic and exploring how to use and manage a multitenant app in foreign M365 tenants. So, let’s get started! ...

Microsoft Entra ID (or Azure AD) applications are cloud-based applications that can be integrated with Azure AD for authentication and authorization purposes. Using such applications provides a way to centrally manage and secure access to your cloud-based applications and services using Azure AD identities and credentials. This article is presented in two parts, exploring the practical implementation and functionality of apps across tenant boundaries. It provides an overview of how these apps operate and the details of permissions when used in a real-world setting. ...

Need to activate the Microsoft 365 sensitivity labels for Groups and Sites? This must be done with PowerShell. Find the current working script here. The article Assign sensitivity labels to Microsoft 365 groups in Microsoft Entra ID describes basically how to activate the Groups and Sites settings with Microsoft Beta Graph PowerShell: “…To apply published labels to groups, you must first enable the feature. These steps enable the feature in Microsoft Entra ID….”. My colleague Christoph Wilfing corrected and completed the script so that it optimizes module loading times and works in all cases. Thx Christoph! ...

Back in 2022 I started to celebrate Women’s history month, which happens each year in March by highlighting women in technology that inspired me. March 8th is celebrated worldwide as Women’s day. At the end of March in 2022 it was clear that I wanted to continue the series because we are many. And I want all of them to shine, because every women makes an impact in the industry. Each of these women has made significant contributions to the tech industry, breaking barriers and paving the way for future generations. ...

Part of the job of Microsoft 365 administrators is to ensure that their users can access and work with all services. This also includes ensuring that applications work. Microsoft Entra manages applications and the associated settings in a central location. It is relevant to know when application certificates and secrets expire in order to renew them in a timely manner. This article shows how you can query which applications need to be updated. ...

Power Pages is a enterprise-grade software-as-a-service platform from Microsoft that provides a low-code solution for building, managing, and hosting dynamic enterprise websites. It enables citizen developers and professional developers within organizations to quickly and securely build custom external-facing web applications. These applications are tailored for use by the organization’s consumers, partners, community users, and internal users. Learn more about Power Pages here. Power Pages architecture The rapid shift towards digital technologies has led to a significant increase in remote work, heightened customer expectations for online applications and services, and increased use of advanced technologies across the board. Behind all of these advances is the driving force of cloud computing, which is enabling and enabling these transformative changes. Today, some IT solutions no longer require software development. Power Pages tries to address this and is part of Microsoft’s Power Platform. It is built on Microsoft Azure and leverages the same security stack as Azure, which integrates with Microsoft 365 compliance tools. This screenshot shows a quick sample of a generated Power Pages site. The site can be enriched with forms and workflows. ...

Microsoft has announced its latest rebranding project, causing confusion and curiosity throughout the tech community. Get ready ladies and gentlemen, because Azure AD has shed its old identity and has become the powerful “Microsoft Entra-ID”! The name Azure AD was unwieldy, but established. The name change has drawn mixed reactions from industry experts. Some have lauded Microsoft for its bravery, claiming that the name “Microsoft Entra-ID” (ME-ID ?) captures the essence of identity management in a way no other name ever could. Others, however, raised skeptical eyebrows, wondering if the marketing team was too creative to change an established name during the brainstorming session. But from the ashes of Azure AD, Entra-ID rises like a phoenix and promises to be the ultimate custodian of your digital identity. ...