Category: Azure

News Informatique

New policy details blade for Conditional Access troubleshooting [Public Preview]

The new policy details blade displays which conditions and access controls were satisfied during sign-in. This granular information makes it easy to troubleshoot failures and re-configure policies if necessary. In this example, we can see that the report-only policy “Block access outside trusted locations” applied to Lisa Smith’s sign-in because she satisfied the user, application, …

Insights and reporting workbook [General Availability]

The insights and reporting workbook gives you a summary view of Azure AD Conditional Access in your tenant. With the capability to select an individual policy, you can better understand what each policy does and monitor any changes in real time. The workbook streams data stored in Azure Monitor. Using the dashboard, you can see …

Report-only mode for Azure AD Conditional Access [General Availability]

Report-only mode for Azure AD Conditional Access lets you evaluate the result of a policy without enforcing access controls. You can test report-only policies across your organization and understand their impact before enabling them, making deployment safer and easier. New Azure AD Conditional Access policies will be created in report-only mode by default. This means …

Sensitivity labels with protection in SharePoint and OneDrive [General Availability]

You can now apply sensitivity labels, with protection policies, not just in Office apps on Windows, Mac, iOS and Android but also in Office on the web. Users will see sensitivity as an option on the ribbon of the Office on the web, and as the applied label name on the status bar. In addition, for …

Combined MFA and password reset registration is now generally available

The 16th April, Microsoft announced that the combined security information registration is now generally available. This new experience makes it easy for users to register for Multi-Factor Authentication (MFA) and Self-Service Password Reset (SSPR) in a simple step-by-step process. Mobile experience Now, when users register while signing in on their phone, they’ll see this easy …

Microsoft Defender ATP capabilities on mobile [Public Preview]

Update 12/06/2020 : The MDATP app will be available in the Google Play store for Q3 2020 You may have seen Microsoft Defender ATP settings available in Android compliance policies within the management console. The Microsoft Defender ATP app is currently in preview, but will be available soon in the Google Play store by mid-May. …

Problem with macOS 10.15.4 native mail client and Azure Conditional Access

After updating to macOS 10.15.4, you could experience unexpected access app prompts or blocks to applications such as native mail. The macOS device was enrolled in Intune and there was a conditional access policy requiring a compliant device. Currently, Microsoft – with the help of Apple – discovered that upgrading to macOS 10.15.4 exposed a bug …

Azure ATP now detects SMBGhost

The SMB vulnerability CVE-2020-0796, also known as “SMBGhost” or “CoronaBlue”, was published a few days ago. This CVE is about a potential remote code execution due to a buffer overflow vulnerability in the way SMBv3 (3.1.1) handles SMBv2 compression requests. The vulnerability affects Windows 10 and Windows Server 2019 versions 1903 and 1909. A few …

Live response for MDATP is backported

When the feature appeared, you had to run the 1903 version of Windows 10. Yesterday, Microsoft announced that live response for MDATP is now in public preview for earlier versions of Windows 10 including 1709, 1803, and 1809 What is Live Response ? Live response is a capability that gives an instantaneous access to a …

Azure ATP now detects SMBGhost

The SMB vulnerability CVE-2020-0796, also known as “SMBGhost” or “CoronaBlue”, was published the 12th March. This CVE is about a potential remote code execution due to a buffer overflow vulnerability in the way SMBv3 (3.1.1) handles SMBv2 compression requests. The vulnerability affects Windows 10 and Windows Server 2019 versions 1903 and 1909. The attackers will …

Localization migration from AIP classic client to Security and Compliance Center

There are 3 main objects in the policy definition that can be migrated to the Security and Compliance portal. Some of the object migrations are automated and some of must be completed manually: Label definition – automatically migrated when you click the Activate button. Different policies – can be copied automatically, make sure to pay …

Request for extended support for the AIP classic client

If you actively use one of this feature : ability for admins to track and revoke protected documents, logging events to Windows event log on set/remove label, holding your own key And you cannot transition to the unified labeling platform without support for that feature, you can request extended support for the Azure Information Protection …

New Office app for iOS and Android supports sensitivity labels

The new mobile app called Office – combining Word, Excel, and PowerPoint into a single app – is generally available worldwide for anyone on Android and iOS phones, since the 19th of February 2020. Sensitivity label capabilities in Word, Excel, and PowerPoint For iOS and Android : Where these have a minimum version listed, the …

Automatic labeling in Office Apps – Limited Preview [EN]

Microsoft announced limited preview of automatic sensitivity labeling in Office apps using ready to use classifiers. As part of this preview, the Microsoft 365 Compliance Center will allow you to create sensitivity labels and corresponding automatic or recommended labeling policies in Office apps using ready to use classifiers. The six ready to use classifiers that …

Azure AD support for FIDO2 security keys in hybrid environments – Public preview [EN]

Today, Microsoft announced the public preview of Azure AD support for FIDO2 security keys in hybrid environments. Users can now use FIDO2 security keys to sign in to their Hybrid Azure AD joined Windows 10 devices and get seamless sign-in to their on-premises and cloud resources. With the expansion of FIDO2 support to Hybrid environments, …

Safe Documents in Office 365 ATP [EN]

Safe Documents is a public preview feature in Office 365 Advanced Threat Protection (ATP) that uses Microsoft Defender Advanced Threat Protection to scan documents and files that are opened in Protected View. Safe Documents automatically checks documents against known risks and threat profiles before allowing them to open. Users are not asked to decide on …

Securing Sensitive Data with the AIP Unified Labeling Scanner [EN]

The AIP scanner allows you to scan your on-premises data repositories against the standard Office 365 sensitive information types and custom types you build with keywords or regular expressions. Once the data is discovered, the AIP scanner(s) can aggregate the findings and display them in Analytics reports so you can begin visualizing your data risk …

Web content filtering with Microsoft Defender ATP now in public preview [EN]

Web content filtering is a new feature in Microsoft Defender ATP that enables security administrators to track and regulate access to websites based on specified content categories. You can configure policies within Microsoft Defender Security Center to block or gather access data on certain categories across your machine groups. This feature provides the following capabilities: …

Block Access to Unsanctioned Apps with MDATP and MCAS [EN]

This new feature leverages Microsoft Defender ATP network protection in block mode ensuring the protections are in place wherever the device’s location. Prerequisites Microsoft Cloud App Security license Microsoft Defender ATP license Windows 10 version 1709 (OS Build 16299.1085 with KB4493441), Windows 10 version 1803 (OS Build 17134.704 with KB4493464), Windows 10 version 1809 (OS …

Deprecation of label management in Azure portal and AIP classic client [EN]

As you know, Microsoft has launched Unified Labeling several months ago, they has announced yesterday that “former” label management in Azure portal will not be supported after March 31, 2021. You can read more about it at https://techcommunity.microsoft.com/t5/azure-information-protection/deprecation-notice-azure-information-protection-classic-client/ba-p/1092108