Follow me on Twitter @AntonioMaio2

Tuesday, May 16, 2017

SharePoint Virtual Summit 2017 - Share with Confidence! #SPSummit


Today Microsoft hosted one of the most highly anticipated SharePoint events:
SharePoint Virtual Summit!

Many of us have been looking forward to this event for weeks and today's event did not disappoint. I tend to focus on the security and governance capabilities when it comes to SharePoint and Office 365, and one of the lines in today's #SPSummit that struck me most was the phrase 'Share with Confidence'! Those of us that work with information every day, even those whose job it is to secure information or oversee the security of information systems, we want to share information with others. Information sharing is a key principle of any collaboration solutions like SharePoint Online. However, we want to be confident that we're sharing with the right people, under the right conditions, and that the information we share is still being protected. Some of today's SharePoint Online announcements really do help improve the Sharing experience in Office 365 so that we can Share with Confidence!


Here are some of my favorite announcements from today that I believe help us better secure our content and share it confidently with others...

Monday, April 10, 2017

Office 365 Audit Log Data - How long are my logs retained for?

I'm a big fan of the Unified Audit Log in Office 365. Its a fantastic tool for monitoring user activity for suspicious behavior, getting automated alerts when particular activities occur and investigating data breaches. I'm talking about the central logging facility within Office 365 that collects log data from many Office 365 workloads, and can be searched in the Office 365 Security and Compliance Center: Go to https://protection.office.com > Click Search & Investigate > Click Audit Log Search.

I often get asked the question, how long are Office 365 log entries stored or retained for? There are several answers...

Monday, April 3, 2017

Security Controls in the OneDrive for Business Admin Center

Microsoft recently added a new and extremely helpful Admin Center to Office 365 specifically for OneDrive for Business.

In terms of additional security controls this is a great addition because it allows us to more easily control access and sharing specifically in OneDrive for Business, and not just SharePoint Online. Many of the external sharing settings overlap with those already available for SharePoint Online sites. However, this is a very good start and we look forward to seeing more capabilities added over time to help us control and manage how our users share content with those outside of our organizations.

For now, let's take a closer look at the security controls now available for OneDrive for Business..

Friday, February 10, 2017

A Practical Overview of Office 365 Advanced Security Management - Part 3
Security Policies

Microsoft Office 365 Advanced Security Management is a capability within the Office 365 platform that allows organizations to go above and beyond the typical security management features, helping them to better secure users, permissions, content and apps. This multi-part blog series will look at how to use the features that make up Advanced Security Management (ASM) and share technical details that will help you to understand the benefits of these robust tools.

In part 1, we provided an Introduction to Advanced Security Management and shared technical information about how it works with the Office 365 Unified Audit Log: A Practical Overview of Office 365 Advanced Security Management - Part 1.

In part 2, we reviewed ASM's Productivity App Discovery Dashboard in depth to see how log files can be imported, how to create reports & interpret the analysis results and how you can try it with built-in sample logs: A Practical Overview of Office 365 Advanced Security Management - Part 2.

In part 3, we review the Security Policies that may be configured to control, monitor and alert on specific user behaviors.

Wednesday, January 25, 2017

A Practical Overview of Office 365 Advanced Security Management - Part 2
Productivity App Discovery Dashboard

In the middle of 2016, Microsoft released the first version of Office 365 Advanced Security Management, a new capability within the Office 365 platform that allows organizations to go above and beyond the typical security management features, helping them to better secure users, permissions, content and apps. This multi-part blog series will look at how to use the features that make up Advanced Security Management (ASM) and share technical details that will help you to understand the benefits of these robust tools.

In part 1, we introduced Advanced Security Management and shared technical information about how it works with the Office 365 Unified Audit Log:
A Practical Overview of Office 365 Advanced Security Management - Part 1.


In part 2, we review the Productivity App Discovery Dashboard capability of ASM to see how log files are imported, how to create reports and review the results of ASM's analysis of those logs, and how you can try it out with some built-in sample logs.


Monday, December 19, 2016

A Practical Overview of Office 365 Advanced Security Management - Part 1
Introduction & Audit Logs

In June 2016, Microsoft released its first iteration of Office 365 Advanced Security Management, a new capability within the Office 365 platform that allows organizations to go above and beyond the typical security management features that let them secure users, permissions, content and apps. In September the team added the Productivity App Discovery feature, and in October the solution continued to progress with additional capabilities to manage app permissions.

This multi-part blog series will look at how to use the features that make up Advanced Security Management and share some technical details that you will hopefully find helpful.

In part 1 of this series we introduce Advanced Security Management and share technical details about how it works with the Office 365 Unified Audit Log.
Let's jump in...

SharePoint 2010 Security Patches - How Vulnerable Are You?
UPDATED: December 2016

YES, this blog post is about SharePoint 2010! 

YES, SharePoint 2010 is old, over 6 years old actually. 
YES, its no longer officially supported by Microsoft, without very specific Premiere Support that is.
YES, we still see a lot of it out there!
YES, if you're going to continue to stick with SharePoint 2010 for now, you must keep current with security patches!

One of the most common security issues we see with SharePoint 2010 farms is that administrators have not kept up with security patches and updates.  This not only makes it difficult to support and maintain the environment, but it also opens your farm up to security vulnerabilities - security vulnerabilities that have already been fixed! 

This article reviews all SharePoint 2010 security updates that have been released in the last 5+ years since Service Pack 1, and discusses the importance of keeping up to date with those patches.

Sunday, December 4, 2016

SharePoint Saturday Ottawa: How Secure is My Data in Office 365? [Updated Slides]

Thanks to everyone that attended my session in Ottawa this weekend. There were some good questions and I hope everyone found it helpful. Please let me know if you have any questions.  For those folks who think that Office 365 is not secure, please read this previous post and my slides carefully and please reach out with questions!

You can also find another post of mine with some discussion about just how secure your data is in Office 365 here: http://www.trustsharepoint.com/2016/10/how-secure-is-my-data-in-office-365.html.

My most up to date slides, which I presented this past weekend, can be found here:



Enjoy!
-Antonio

Thursday, November 3, 2016

Office 365 Security
New Innovations Announced at Microsoft Ignite 2016

I had the privilege of attending the Microsoft Ignite 2016 conference in Atlanta, GA this past September.  It was of course full of great sessions, demos and announcements.  I was impressed at how many of those sessions focused on the security capabilities of the Office 365 platform. I left with the feeling that, through these sessions, announcements, demos and innovations, that Microsoft is clearly demonstrating their commitment and continued investment in providing a secure environment for our corporate data in Office 365.  They've robust feature set that enables both them as operators of the service, and us as customers and users of the service, to protect our sensitive data in Office 365.

That said, the security of our data, even within the Microsoft cloud, is always a shared responsibility. Microsoft provides the most secure cloud platform available and with that robust feature set, they give customers the ability to control how information is secured, accessed, shared, governed and monitored.  Its still up to us as customers to make efficient use of those controls in ways that protect our businesses and keep our users productive.

As we saw at Ignite, Microsoft has continued to innovate providing us ever more robust security controls for Office 365.  In this blog we're going to look at some of the great new security features that were demo'ed and revealed that Microsoft Ignite.  At the end of this blog, I've also included the slides from today's webinar.

Monday, October 24, 2016

When to Use What in Office 365 +
What Can We Share Externally in SharePoint Online?

On October 4th I gave a presentation at the Microsoft Technology Center in Houston on When to Use What in Office 365. It was part of a free roundtable seminar series offered by Protiviti. We had a great turn out and a lot of really good questions. Thank you to everyone that came and my sincere apologies for the delay in posting this presentation.  I wanted to share my slides with the attendees and anyone that reads my blog, and answer a particularly interesting question that came up during the presentation.

Thursday, October 20, 2016

Synchronizing Custom AD Attributes to Office 365 - Part 3

This blog is the 3rd in a 3 part series on synchronizing and working with custom AD attributes in Office 365. In this post we continue with our final step, showing you how to customize the AD Connect synchronization rules.  This will allow your custom AD attributes (customized by extending your AD schema) can be stored in extension attributes in Office 365, so that you can retrieve and work with them.


So, how do we get our custom on premise AD attributes into Office 365 extension attributes so that we can use the Windows Azure AD Module for PowerShell to actually read them?

Synchronizing Custom AD Attributes to Office 365 - Part 2

This blog is the 2nd in a 3 part series on synchronizing and working with custom AD attributes in Office 365. In this post we continue with showing you how to retrieve attributes in Office 365 using PowerShell.


PowerShell can be used to both verify that your custom attributes have actually been synchronized to Office 365, and it can be used to actually accomplish things with those attributes, like having them sync'ed to your user profile in SharePoint Online (but that's for another article).