Lukas BeranConditional access is a very powerful tool for increasing security of your cloud services. However, full conditional access is...
Office 365
Conditional Access for Microsoft cloud services
Conditional access is a very powerful tool for increasing security of your cloud services. However, full conditional access is only available with Azure AD Premium licenses. With Office 365 licenses, you get only the basic preconfigured settings that you can’t change. What is Azure AD Conditional Access Azure AD Conditional Access [...]
Lukas Beran Change the address from onmicrosoft.com to your own domain
For Azure AD Connect synchronized domains, I find it quite common that a customer sets up the synchronization itself, but does not read documentation describing the preparation before deploying Azure AD Connect. This usually results in using a local domain in the local Active Directory (the .local domain) and does not have a publicly [...]
Lukas Beran How to setup eDiscovery boundaries
Office 365 offers eDiscovery, which is the search for information across the tenant. This enables selected users to search virtually all the data in Office 365, which means, for example, user mailboxes. This is useful when it is necessary, for example, to search for some information for a courtroom. For some larger organizations, [...]
Lukas Beran DMARC validation in Office 365
DMARC is together with SPF and DKIM another technology protecting you against phishing and spoofing. Implementing DMARC with SPF and DKIM provides additional layer of protection. This validation uses DNS records where are specified mail servers authorized for sending emails from your domain. Differences between SPF and DMARC The [...]
Lukas Beran How to setup multifactor authentication in Office 365
Multifactor authentication (MFA) in Office 365 is an option how to dramatically improve security of the Office 365 tenant and therefore all users and data. Thanks to multifactor authentication in Office 365 it is not enough to only know user’s password, but each and every login attempt has to be verified via user’s phone [...]
Lukas Beran