How To

Most system administrators need to connect to many different systems, often in a variety of ways. There are several tools out there that offer this ability, but one of the more popular tools available is that of mRemoteNG. Originally a fork of mRemote, mRemoteNG adds many new features to mRemote. Features To support the many… Read More

Know Data to Protect Data On May 14, Microsoft announced that discovery and review capabilities for labeled data and sensitive data types were generally available in the Microsoft 365 Compliance Center. Microsoft calls this “know your data,” part of their Information Protection and Governance framework. The idea is that if you understand your data, you… Read More

Office 365 tenants often want to journal email from Exchange Online mailboxes. Things become a little more complicated when protected email is involved, but Exchange can decrypt protected messages and create journal reports with attachments containing the original encrypted message and a decrypted copy. That should be enough for journaling systems to process the journal reports and import messages into their repositories.

File Servers - We all have them in one form or another. These servers tend to grow exponentially more critical than what we imagined when deploying them. They were also quite cumbersome to migrate until Microsoft released its Storage Migration Service. But there is one important scenario that it does not cover - consolidating multiple… Read More

Any terminal output in PowerShell is controlled by formatting files. Oftentimes, it is very useful to display more information about a given object than the default views offer. Since the early days of PowerShell, there has been an option to modify this display by using Format.ps1xml files. The biggest change to formatting, in recent years,… Read More

Microsoft recently announced at Build 2020 that it is working on a native open-source package manager for Windows. Due to hit general availability in May 2021, Windows Package Manager is now accessible on GitHub and for Windows Insiders in preview. In this article, I will show you how to use Windows Package Manager (WPM) to… Read More

Tracking Down Obsolete Accounts Last December, I wrote about how the problem of identifying obsolete guest accounts that exist in an Office 365 tenant. An increasing number of applications support Azure B2B Collaboration and create guest accounts to allow external people to access content. Teams is a great example, as are the sharing links used… Read More

Securing Confidential SharePoint Online Data SharePoint Online sites hold some very confidential information. Now that SharePoint Online supports sensitivity labels, you can protect individual documents with encryption to stop their contents leaking. Other features, like regarding newly uploaded documents sensitive by default to stop them being shared externally until Data Loss Prevention (DLP) processing completes,… Read More

The first article in this series discussed how to remove the ability of OWA users to create autoforwarding addresses. This does a lot to stop the forwarding of email outside an organization, but OWA is only one part of the problem. We also need to deal with the other ways that messages can be automatically… Read More

Autoforwarding is Badness Allowing users to forward their email outside Exchange Online is bad, especially if they don’t keep a copy of the forwarded messages in their mailbox. Apart from removing email from the controls imposed by data governance policies, it creates a risk that confidential information travels outside the organization, including when an attacker… Read More

If you have Office 365 E5 licenses, your mailboxes generate MailItemsAccessed events. These events are stored in the Office 365 audit log and can be used for investigating potentially compromised mailboxes. Useful information is in the audit events, but some processing is needed to extract the full benefit. Here's how to do it with PowerShell.

Communications Compliance is a part of Microsoft 365's Insider Risk functionality. This is a replacement for Office 365 supervision policies and introduces coverage of new communications and a lot of machine learning, plus a link to Advanced eDiscovery for the really complicated cases. Not every Office 365 tenant will be interested in employee monitoring, but those that need to should look at Communications Compliance.

Microsoft announced that it is delaying disabling legacy TLS protocols by default in all its supported browsers.

Office 365 Sensitivity Labels are supported by Teams, Groups, and Sites, but some work is needed if you want to replace older text-only classification labels with Office 365 Sensitivity Labels. This article explains how to use PowerShell to update Office 365 groups with new sensitivity labels. The labels are then synchronized to teams and sites.

There have always been a few options for running background asynchronous tasks within PowerShell. Traditionally, PowerShell (PS) Jobs was the go to method as a job could be started and then control returned to the console. PS Jobs were always heavy, in regards to resource usage, and depending on what needed to be run, this… Read More