Microsoft

Microsoft TechCommunity Top Posts February 2022, Week 3

I’m a little bit late due to a cold but here’s the rundown of my picks of the TechCommunity posts of the week:

Quickly get assessment recommendations in Microsoft Compliance Manager

The Compliance Manager in Microsoft 365 covers a lot of areas around reducing risk, data protection and regulatory standards, and now there’s an extra layer (at a cost) to use templates that can apply to different regions, industries etc. You can do a 90 day trial to check it out. There’s a general push I’ve seen towards companies needing to be more complaint than ever before, so I expect many will need to start looking into these.

Microsoft Compliance Manager (MSCM) Ninja Training: Q1 2022

No idea about Compliance Manager? Luckily Microsoft has a bunch of free Ninja training on it at three levels – fundamental, intermediate, and advanced. If you think you’re already a pro at it, then take the Knowledge Check quiz and see how you do.

The Splunk Add-on for Microsoft Security is now available

It’s not all just about Microsoft Sentinel as a SIEM in the Defender space, you can now send off your Alerts and Incidents to Splunk if that’s your preferred platform – and it’s this sort of open approach that will continue to help the Microsoft Defender stack continue to be successful and grow in the security space.

New tools to create and customize professional looking diagrams in Visio for the web

Visio for the web is getting several more features drop soon and for many, negates the need for a full desktop install as well as actually paying extra for a license. The two features I like are Format Painter (like when you do it for text, but instead a Visio object), and Snap Experience Improvements to make aligning your objects a lot easier to do. If you haven’t already, promote Visio for the web in your company and to your userbase!

Autoruns v14.09, ProcMon v3.89, Sysmon v13.33 and ZoomIt v5.10

Many people don’t know about the sysitnernal tools, or if they do, don’t know many of the actual tools themselves and what they do. The above four products have new versions, with the most notable being Zoomit which now supports pen and touch drawing as a part of it’s screen annotation and magnifying abilities – great for live presentations and demos.

Windows Server Hotpatching is here!

The start of something many of us have dreamed of for a long time – applying patches and not requiring a reboot. Also, it only applies to patches that are in the hotpatch program – but it’s a start. This does just apply to Windows Server 2022 Datacenter: Azure Edition (Core) so that’s a bit of a limited audience, let’s hope this expands to everything.

Reconnect Series: Richard M. Hicks

If you have ever looked into Direct Access or Always On VPN, you would have seen Richard Hicks’ name come up. A very nice guy who even took the time out to talk to myself and a few colleagues over a call on some Always On VPN woes we had hit during rollout. If you ever need anything in this space, be sure to see what Richard has to say on the matter first.

Azure AD Certificate-Based Authentication now in Public Preview

For the use cases where you’d like cert based auth, you can now try this with Azure AD. The official documentation on how to set this up is here and as the article shows, after entering a username you can use the ‘Sign in with a certificate’ option in lieu of a password. This removes one of the remaining needs of running ADFS yourself.

Security baseline for Microsoft Edge v98

Keep on top of the Microsoft Edge Security Baseline – you’ll have to check this out with every version release of Edge. Three settings are highlighted to review, along with 10 new settings.

New and exciting features available for Microsoft Teams breakout rooms

Breakout rooms were one of those features Zoom had and Teams didn’t – but Teams has caught up, and continues to bring new features to the function. There’s more options around reassigning participants already in breakout rooms, better overviews of what’s happening with the participant assignment experience being updated, a breakout room timer that can be visible for participants, and Breakout room managers support letting more than just the organisers of the meeting manage the breakout rooms. All welcome additions and updates!

Why Yammer? Perspectives from community professionals

Yammer is one of the less celebrated aspects of Microsoft 365, and Rebecca Jackson consolidates many considerations on the benefits of Yammer. Worth a read from those who use and appreciate the platform.

Streamlining the submissions experience in Microsoft Defender for Office 365

The team is moving all the different types of submissions from users into a single area now, which makes management a lot easier. The four types of submissions are Emails, Email Attachemnts, URLs, and User reported messages. This is rolling out right now and you may already see these four tabs in the Submissions area of the Microsoft 365 Defender portal.

That’s it for this week (so much stuff!), as always you can see the entire feed of TechCommunity posts at https://twitter.com/MSITTechNews and you can see my previous TechCommunnity picks here https://www.adamfowlerit.com/tag/techcommunity/

Microsoft TechCommunity Top Posts February 2022, Week 2

Here’s my weekly review of the best of TechCommunity:

You can do more with OneNote for the web and in Teams

OneNote was somewhat abandoned for a while, but Microsoft are now working to make it better. Nice to see that particularly the web based version of OneNote is getting some new features, so you don’t need to install the app. Looking forward to a lot more movement in the OneNote space.

Microsoft Teams performance improvements reduce power consumption in meetings by up to 50%

Back in 2020, Teams CPU and RAM usage was high by the app. So much so, that for me, the standard laptop build went from 8GB of RAM to 16GB. Staff would complain of their device running slow when in a meeting. Improvements had to happen – which they have, and it’s nice to see the transparency now from Microsoft on how they’ve come along this journey. Teams 2.0 came out with Windows 11 with the promise of being rewritten from the ground up and better in many ways, but it’s not a direct replacement for Teams (at least yet).

New Microsoft Viva Adoption Resources are here!

Microsoft have released the Viva Adoption Page where you can get guidance on how to start, or continue, your company’s journey in rolling out Viva. Resources like this are very useful, even if it’s a sanity check to know you haven’t missed something. Keep in mind, Viva has 4 main aspects – Viva Learning, Viva Connections, Viva Topics, and Viva Insights. Check out the pricing page to see what Viva bits you get with existing licenses, and what needs an extra license.

All Microsoft Defender for Identity features now available in the Microsoft 365 Defender portal

I’m still liking these self descriptive titles. This is the continuation of the plan to combine portals, particularly in the Defender space, with the goal of having everything in once place (*cough* msportals.io). That portal is of course https://security.microsoft.com and great to see more and more of these things go together in one pane of glass.

Introducing the new Overview page for Test Base for Microsoft 365

Microsoft seems pretty serious about Microsoft 365, although I think they should have called it ‘Microsoft Cloud 365’ for a bit less confusion around names, but for any admin wanting to get going with Microsoft 365, the Test Base page is somewhere you can start to work out how Microsoft 365 might work for you with documenation, guides, package testing, and metrics – as well as showing failures.

What’s New: Consolidating Apache Log4j-related insights across Multiple Tenants and Workspaces

That nasty Log4j vulnerability is going to be around for a long time – and just because you did a spot check of your environment when the sirens went off, doesn’t mean someone won’t deploy an old version of it in the future (have you ever seen a vendor give you a package that includes the absolute latest release of all other open source software?). If you’re a SOC or looking after multiple customers/tenants, then you’re going to want to check this out.

Make Sustainability Part of Everybody’s Job

Something a bit less technical, but also something we probably all have some power over improving where we work. General wastage has both an environmental and business impact, and could be as simple as changing printer defaults to double sided printing rather than single sided, or choosing environmentally friendly powered options for your datacentres on the next refresh (maybe under the sea?). At least make yourself aware of some of the possibilities, and invite an open conversation with others on what could be done to improve sustainability.

That’s it for this week, as always you can see the entire feed of TechCommunity posts at https://twitter.com/MSITTechNews and you can see my previous TechCommunnity picks here https://www.adamfowlerit.com/tag/techcommunity/

Microsoft TechCommunity Top Posts February 2022, Week 1

Time to go through the week’s TechCommunity posts and check out my favorites:

Microsoft Forms as a Tab in Teams using graph API in Power Automate

I like content like this where it’s stepping through exactly what to do, to make three different parts of M365 talk together. Great if you’re learning about Power Automate.

Don’t pay more for SharePoint Storage than you have to :-)

SharePoint Online isn’t an infinite bucket of storage, and this post covers how (he thinks) it works, and some considerations on how to control and clean it up. There’s also a script to run that will show how much storage can be saved per site collection – useful!

Attack Simulation Training: User tags based targeting in simulations – now live!

Tags are apparently the new groups and I’m not actually sure what advantage Tags have over managing Groups for this sort of thing, but it’s there and live. The Attack Simulation Training in Office 365 Security is actually quite good, and I like how it shows an example email and points out the areas to look at. Worth checking out.

Turn off Mirror my video in Microsoft Teams meetings to match your video to your audience’s view

These titles are getting longer. Microsoft Teams is rolling out the ‘Mirror my video’ option so you can see how others see you, now how you’d see yourself in a mirror which is the default (and can take a minute to process the difference). A good explanation and screenshots in this one, in case you’d like to inform your user base.

ProvisionGenie 🧞 – a community driven initiative

If you’re brave enough to let end users create their own groups, this seems like a more structured way of allowing it and having more of it build the way they want. Looks like a really cool community driven piece of work!

Demystifying Microsoft Teams Rooms (Windows) application releases

If you have Microsoft Teams Rooms (MTR) devices running on Windows, then you should be across how updates are applied and in what frequency, just like Windows 10/11 and Office 365. There’s also the Microsoft 365 Public roadmap to get an idea what’s coming for MTR devices.

The Power BI Roadmap – Released!

No beating around the bush on this one and I’ll save you a click, the Power BI roadmap has been updated.

What’s new in Microsoft Endpoint Manager – 2201 (January) edition

Although my brain can’t handle the yymm format of MEM releases, this shows the product is still alive and being well developed. The three items highlighted are – Microsoft Tunnel client functionality on Microsoft Defender for Endpoint iOS, Filters in Microsoft Endpoint Manager, and enabling .DMG app installs on macOS. Filters also has it’s own dedicated post here, and it’s also worth mentioning the ‘Visualize your content package distribution in Configuration Manager TP 2201‘ post which does what it says, nice little addition there.

What’s New in Microsoft Teams | January 2022

If you want a popular post, this is one of them at 30k + views already. There’s so many new features listed that I started writing them down and changed my mind – go check out all the new stuff.

Try Microsoft Lists with your Microsoft account (Preview)

Microsoft takes another step into the consumer world with releasing Microsoft Lists for Microsoft accounts. It’s limited to the first 200,000 people who sign up for it – I’m a huge fan of Lists and I’m sure people using spreadsheets for this sort of thing for personal reasons would get some benefits of using Lists instead.

Troubleshooting RBAC configuration issues in Exchange Online

If you’d like to see what someone has to go through when troubleshooting why someone can’t run a certain command, and why people end up using Domain Admin/Tenant Admin, here’s a good example :) Permissions are tricky, and here’s some common scenarios and how to work your way through them.

Speed up data entry and validation with AutoComplete for dropdown lists in Excel for Windows

I’m trying not to make jokes here, but this is now trying to make Excel more like Microsoft Lists, and probably does it better than Microsoft Lists’ dropdown options. Only in the beta channel for Excel at this point in time.

Tips for task management across Microsoft

Confusing about when to use Microsoft To DoMicrosoft ProjectMicrosoft OutlookMicrosoft OfficeMicrosoft Teams, and Microsoft Loop for task management? So is everyone else, and this is a great rundown of what to use and when.

PowerBI: Screen scrape to Gorgeous Visual in 5 Easy Steps

Daniel Kim asks “Have you ever wanted to scrape data from a website and create a dashboard with the data?” and I hadn’t, but this still sounds pretty cool and I had no idea Power BI could do it.

How you can learn Python with this 11 part series

I’m not going to learn Python, but this is free learning content for anyone who does. Free!

Microsoft Sentinel – continuous threat monitoring for GitHub

Sentinel is kicking goals as a very good SIEM solution. Now it can monitor GitHub for suspicious activities. If you’ve got Sentinel and GitHub, connect these two up!

Introducing MTA-STS for Exchange Online

This is something for Exchange Online admins to look into – a new security standard which is already on, and is designed to avoid man-in-the-middle attacks. Read up on this one.

That’s it for this week, as always you can see the entire feed of TechCommunity posts at https://twitter.com/MSITTechNews and you can see my previous TechCommunnity picks here https://www.adamfowlerit.com/tag/techcommunity/

Microsoft TechCommunity Top Posts January 2022, Week 4

Here’s my selection of TechCommunity posts for this week. My plan was to pick 5ish, but there’s a heck of a lot of content to go through, read, then decide if it’s worthy:

Mainframe Data Modernization to Azure

If you like visuals, you’ll like this post. The exponentially increased amount of data we have to work with becomes more difficult to manage on-premises, and this article covers some of the considerations around this and methods to move your data to the cloud. Nice for some future planning considerations.

Windows Server End of Support: Key Dates

Don’t forget those end of support dates! Windows Server 2022 is out, 2008 + R2 is on extended security updates, and 2012 + R2 has a bit under 2 years left before standard support ends (unless of course it gets extended). If you have 2008 or 2012 servers in your environment, just remember how old those are already. Upgrade sooner rather than later, instead of getting caught out by a project where something needs your domain forest level at 2019, and all your DC’s aren’t even on that version of Windows Server…

Users get intermittent credential prompt on client browser when using IIS Windows Authentication

January 2022 wasn’t a good month for Microsoft patches, one of many problems was this “After installing this update on domain controllers (DCs), affected versions of Windows Servers might restart unexpectedly.” Nice. Spend some time understanding the state of patches right now and make sure you’re not experiencing any of the several issues we’ve seen, including this.

Achieve better patch compliance with Update Connectivity data

A nice report in Intune shows the ‘Update connectivity’ stats of devices – the idea behind this is to see if devices aren’t online long enough to get updates. This data doesn’t really give you solutions to the problem, but does give you an idea on the risk in your environment if devices aren’t getting patched regularly, and how many devices have this as an issue. Everyone loves a donut graph, especially Microsoft.

Microsoft Teams users can now chat with any Teams user outside their organization

Pretty big news for work based Teams talking to external people via their Microsoft personal (consumer) account, or phone number. Note that this doesn’t create a SMS conversation, it requires a Microsoft account and will invite someone to sign up if they don’t already have one. This can be a good way for staff to talk to external people live, but still in a regulated/logged way, and the same way they’d talk to internal staff. External people also don’t need to install software (back in the day everyone wanted Skype installed to talk to that 1 external person) which is another plus. Lots of details on this post showing how it works and how to make sure it’s enabled in your tenant.

Sending From Email Aliases – Public Preview

I like this one. You can turn on the setting ‘SendFromAliasEnabled‘ in your tenant which lets users pick from a list aliases to send from – across Outlook for the Web and Outlook for iOS and Android. There are known issues so be very careful about enabling this in your tenant, but for people who need to send from different aliases for different reasons, this looks like a very useful new feature in Exchange Online.

Announcing general availability of vulnerability management support for Android and iOS

That other device that every employee has is often deemed as too hard to do much about, so it’s good to see something actually happening in the iOS and Android space for Defender – although there’s not too much it can do yet (especially for iOS). Still, this is worth looking into and is probably one of those things that if something bad did happen, you’d be happy you proactively rolled it out.

Onboarding Devices in the Microsoft 365 Apps Admin Center

Lots of content in this one. I don’t see too much content around the Microsoft 365 Apps Admin Center (and maybe that’s because when I see the name, my brain drops out the word ‘Apps’ and I’m thinking of the wrong portal). It’s https://config.office.com/ and the feature list here is continually growing. Looking through the reports will give you a better insight into what’s happening in your environment, and probably raise some questions :)

That’s it for this week, as always you can see the entire feed of TechCommunity posts at https://twitter.com/MSITTechNews and you can see my previous TechCommunnity picks here https://www.adamfowlerit.com/tag/techcommunity/

Hornetsecurity Overview – 365 Total Protection


The Microsoft 365 Suite contains a lot of different solutions; and varying levels of security on those solutions, depending which tier of licensing you have. Microsoft’s security answers have varying levels of user experience, technical requirements, and administrative burdens.

For example, if you’ve used Microsoft native solutions to look at mailflow regularly compared to third-party solutions, you’d probably agree that Microsoft do not provide a quick and easy experience in troubleshooting why an email didn’t arrive. If you have to go back more than 2 days, then you’ll potentially have to wait a few hours just to get the results of the mailflow steps.

Third-party solutions must compete with Microsoft in their own space for security solutions, which means they need to be adding value somehow; cheaper, easier to use, more features, and/or quicker.

Hornetsecurity’s answer to this is their 365 Total Protection solution. I’m fairly experienced with Microsoft’s first party offerings, and a few other third-party mail security solutions, so was interested to see how this stacked up and where it might fit.

Hornetsecurity shows the 3 different tiers of licensing, and an option to start a free trial:

The above pricing based on the feature set seems quite reasonable to me, and from the page you can click on each feature and see more information including a screenshot.

The free trial process is well documented – the first page lays out what you’re in for which will unsurprisingly require tenant admin access to approve tenant permissions for Hornetsecurity.

Once you accept the permission request, a synchronisation will start. As I’m doing this in my own tenant of 1 user, it took about 20 seconds to perform. You’ll then need to update MX records so mail flows through the Hornetsecurity service, so it can do many of the services listed.

Not all services rely on mail flow, there is also an Outlook add-in. For older versions of Outlook it can be downloaded and installed like a traditional add-in, or there’s the much nicer modern method that’s controlled from inside Microsoft 365 admin center to deploy and show for users (I wish more vendors did this!).

Either way, the Outlook add-in provides several functions such as being able to report emails, block/allow emails, and view archived emails.

Some other notable features of the 365 Total Protection solution:

  • Email Archiving – something Microsoft can do, but don’t do a great job of exposing the archived emails. 10 years of email retention should be more than enough for most companies, and even if you have archiving enabled in your tenant natively, this gives you a backup of all your emails.
  • Email Live Tracking – a real time view of mail flow that works quickly and doesn’t require reports to be generated after 2 days that are CSV files.
  • Individual User Signatures – Centralised signatures that are also monitored for people who decide to change them away from the company standard. Different groups can get their own style of signature too. Microsoft still has nothing in this space natively and is still in the early days of having a signature saved to someone’s profile.
  • eDiscovery – Being able to search quickly across all emails in the company for keywords is a handy thing. Another one that Microsoft can do, but it’s clunky and far from quick.
  • Email Continuity Service – If Microsoft’s mail services go down, you can keep going until they’re back – delivering and sending emails directly through Hornetsecurity, then syncing up what happened after the event.
  • Automated backups for mailboxes, Teams, OneDrive and Sharepoint – this is really where all your Microsoft 365 data will live. Again, it gives you somewhere this data can be backed up and restored outside of Microsoft’s ecosystem.

There is of course a lot of security aspects to the solution such as Forensic Analyses, URL Malware Control and Realtime Threat Reports, but I quite like the Malware ex-post alert and Malware ex-post deletion. Malicious emails that get through on any system (and I’ve seen this with other third-party solutions as well as Microsoft) need to be detected and cleaned up, as well as investigated on whether anyone clicked the link. This ties into URL Malware control, which will do URL rewriting. Microsoft do this natively, but I’ve found the cleanup aspect can take a little while to perform and isn’t a seamless process from detection to cleanup.

One last point – it is good to see that they have a data centre in Australia as I see many of these companies ignore our region, which makes it hard when you need to keep your data in-country.

I look forward to playing around with Hornetsecurity further. If you’re curious too, then check out their free trial here.