The value proposition for the services in the EM+S E5 suite does not seem like it has been convincing to customers for a while now. Over the last year or so, Microsoft has been putting a lot of work into the Defender services to improve that value proposition, and to provide a better technical security solution for Microsoft 365 customers.
ENow Software's Exchange blog built by Microsoft MVPs for IT/Sys Admins.
Formerly known as “Cloud App Security”, Microsoft Defender for Cloud Apps is a Cloud Access Security Broker (CASB) that is part of the Microsoft 365 Defender suite of products. Defender for Cloud Apps (DCA) is built to help IT departments control the data that their organizations have hosted in multiple cloud services including but not limited to Office 365.
Microsoft Defender for Office 365 (MDO) is Microsoft’s response and feature set when it comes to e-mail security. Maybe some of you remember the previous name Advanced Threat Protection (ATP).
There are still thousands of cyberattacks targeting zero-day security vulnerabilities in Microsoft Exchange Server faster and more furious every single day as malicious hackers attempt to target organizations that have yet to apply the security patches released to mitigate them.
Securing Exchange Servers
Securing Exchange servers is hard. I mean it can be a giant pain sometimes. There are what, hundreds of millions or maybe billions of lines of code running on your Exchange servers, right? It doesn’t take much for a typo to get through and open a vulnerability that can then be exploited opening the most important and valuable data within your organization to all kinds of bad actors.
Over the past 20 years we’ve seen some dramatic changes in Microsoft Exchange Server. Exchange server 2000 was the first version that was using Active Directory, after switching from its own directory that was in Exchange server version 4.0 until version 5.5.
Everybody receives spam and phishing email. Most of the time they are easy to recognize and just annoying, but sometimes there’s phishing email that’s harder to detect by eye. Imagine you’re the CFO of a company and you receive an email from your CEO where he asks to transfer $ 50,000 to an account. And you cannot talk about it, because it is for an unannounced acquisition.
On February 12, 2019, Microsoft released its quarterly updates for Exchange server, and in this case Microsoft has released Exchange 2019 CU1, Exchange 2016 CU12, Exchange 2013 CU22 and Exchange 2010 SP3 Update Rollup 26 (although the latter is not really a quarterly update).
About a year ago, we published an article on how to manage preservation policies in the new Security and Compliance Center in Office 365 via PowerShell. Over the course of the last year, a great number of new features have been added to the SCC, which is now the central place for data governance in Office 365. With some minor exceptions, all of the functionalities exposed in the SCC are very sensitive and controlling access to them is vital. In this article, we will cover some methods to restrict access to the SCC features. By using PowerShell, of course!