08Aug2019
06Aug2019
Updated: Exchange Online baseline / best practices scripts
I recently updated the scripts that I use to provision new Exchange Online tenants and configure them according to best practices, and I just uploaded these edits to GitHub. The main script is Baseline-ExchangeOnline.ps1--this is like a "master" script that contains almost all of the others (with a couple of...
24Jul2019
Updates coming soon to the Azure AD Best practices checklist
Update: The best practices checklists and guides are now available. I will be updating the best practices checklist and guide for Azure AD again soon, but I wanted to post a couple of notes about the coming changes--since it may be a while before I get around to editing and publishing...
24Jul2019
How to manage and secure service accounts in Microsoft Office 365 (without MFA)
Okay, so hopefully everyone knows by now that MFA is not an "optional" thing that you can decide to turn on, or not, depending on your "feelings." It isn't a choice, and your feelings about it don't matter. You need to turn it on. I would recommend requiring MFA...
18Jul2019
Reader question: How do I setup iOS devices after disabling app permissions consent for my users?
I continue to get great feedback and questions from our readership lately. Keep it up! I love to field these questions and use them to improve my literature. This person (who is also an MVP) also wished to remain anonymous, and had a couple of good questions regarding my Azure...
18Jul2019
A Reader’s input for your consideration: Blocking unsupported devices with Conditional access
Consider the following scenario (from a reader who wished to remain anonymous): Let's say you have implemented my recommended baseline policies for Conditional access, which require Windows & Mac computers to become managed/compliant with Intune, and iOS & Android devices to use approved client applications. In turn, you get control and...
15Jul2019
Microsoft 365 Device Management / Intune best practices checklist
Update: Downloadable, printable copies of the Microsoft 365 Best practices checklists and guides are now available. Thanks for your support! Similar to the checklist for Azure AD which I recently published, this resource is designed to get you up and running quickly with what I consider to be a good "baseline"...
08May2019
How to deal with departed user data in Microsoft Office 365
Going from one organization to the next, I am always amazed at how different people implement their own take on new user setups or decommissioning departed users. Some have no real organized methodology and it's a hassle every time, while others have a well-developed practice or script around each process. It...
07Dec2017
Password best practices controversy
Last year, Microsoft published this guidance on passwords, which contains some advice that departs from traditional best practices. For example: Eliminate character composition requirements (e.g. multiple character types @, 2, A, b) Eliminate mandatory periodic resets (do not enforce expiry) The reasoning is based on Microsoft's research, and the fact that...
22Jun2017