Security

When creating a new Azure subscription, the Azure Role-Based Access Control (RBAC) permissions must be defined for users to be able to work with the subscription. But, Office 365 Admins can get permissions automatically – if you define it as here! They key you need to enable that is called “Global admin can manage Azure Subscriptions and Management Groups” in the Azure Active Directory management in the Azure Portal at https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/Properties. See the following screenshot. ...

Unter dem Motto #TrustInTech laden die Gastgeber Trans4mation, atwork und Microsoft Deutschland sowie DriveLock zu einem Informationstag rund um die neuesten Technologien und Trends im Bereich Daten- und Informationssicherheit. Bilden Sie sich am 11. Juni 2018 im Microsoft Hauptquartier in München zu Themen wie die DSGVO/GDPR, Cloud Security, Modern Devices sowie die rechtlichen Aspekte weiter. Unsere Experten (CEOs, Manager, MVPs und Rechtsanwälte) möchten Ihnen durch ihre informativen Vorträge einen umfassenden Einblick in die Thematik gewähren und offene Fragen beantworten. So können Sie effektiv dazu beitragen Ihren eigenen Geschäftsbetrieb abzusichern und an die am 25. Mai 2018 neu in Kraft tretende EU Datenschutz-Grundverordnung (DSGVO) anzupassen. ...

So, you’re in the process of planning your GDPR compliance? We’ve got your back with this short summary and our offers to support! There is a lot of information around GDPR (the general data protection rules of the EU). We at atwork offer support in the GDPR processes. Sure, GDPR compliance must be checked individually, per company. But, let’s summarize the substantial facts regarding an organization’s IT here. The necessary steps very briefly are: ...

In the Easter week, we joined the Microsoft Tech Summit Amsterdam. The event took place at RAI Amsterdam from March 28-29, 2018. See some impressions here. Beside the breakout sessions, Tech Summit provided experts panels, workshops, and booths to directly get in contact with the Microsoft teams and third party vendors and to ask questions. See more details at the conference website at www.microsoft.com/techsummit/amsterdam. We from atwork were glad to contribute with breakout sessions and a workshop along with speakers from Microsoft and some fellow MVP colleagues: ...

When an automated task or an app needs to access data from Office 365, you need to create an app in the tenant’s Azure Active Directory (AAD). For having full control, e.g. for deleting objects in AAD, a so called Service Principal Name (SPN) can be used. That is similar to a Global Admin in Office 365, but just for apps and usually with a predefined expiration date. Which is good. Or? ...

Due to the coming GDPR regulation in May 2018 many customers are working very actively towards this date and check their compliance and security environment. Many requests arise around Azure Information protection which gives customers the ability to classify and protect their data in an easy, reproducible way. Data classification helps users to differentiate between data that can be shared outside an organization and data that is classified or NDA information. Many statistics show that less than 5% of all data from an organization are in that high classification range. ...

As of today, many organizations use various Microsoft Azure services. SQL Azure databases are popular among them. Often, IT Administrators want to allow departments or vendors full access to just one specific SQL Azure database and to restrict their access to other resources. See here how this works. Use SQL Management Studio or SQL Operations Studio When working with SQL databases, installing the SQL Management Studio (SSMS) is very helpful. You can get the latest version from Download SQL Server Management Studio (SSMS) for free. Alternatively, you can use the new lightweight and cost free SQL Operations Studio. ...

In many scenarios, public cloud services allow a high grade of elasticity, flexibility and cost effectiveness combined with standardization. On the other hand, every customer needs to build trust to the desired platform and that all his services and data are protected against any attacks. So, it’s very interesting to see, what kind of mechanisms the large cloud providers as Microsoft are using to keep data safe and how they detect attacks and what countermeasures they execute. ...

atwork organisierte einen GDPR-Workshop, der diese Woche bei Microsoft in Wien stattgefunden hat. Als kompetenten Partner aus der Wirtschaftsprüfung und Steuerberatung konnten wir Philipp Mattes von Grant Thornton gewinnen, der den ersten Teil präsentierte. Unsere Security Expertin Martina Grom informierte in Teil Zwei über die technischen Möglichkeiten mit den Microsoft Cloud Services. Sehen Sie hier eine Nachlese. Die GDPR-Veranstaltung fand am 5. September 2017 im Microsoft Office in Wien statt. Veranstalter waren Microsoft, atwork und Grand Thornton. Rund 30 Teilnehmer folgten unserer Einladung zu dem kostenfreien Event. ...

For an application registered in AAD to be able to run in application context only without a user context the “Company Administrator” role has to be assigned to the application in order to be able to access administrator endpoints for APIs like the Microsoft Graph. No additional permissions have to be assigned to the application after assigning this role. The assignment has to be done using PowerShell and looks like this: (the app registration has to be done beforehand) ...