Microsoft 365 4 | Thibault Chatiron

New features on ATP Safelinks

Microsoft add two new feature on ATP Safe Links : Display the organization branding on notification and warning pages Use custom notification ATP Safe Links branding is now rolling out for you! Check out your ATP Safe Links policy.

Teams DLP Playbook – Release

This document provides an overview of how enterprise customers can deploy Microsoft Teams-DLP for protecting sensitive information that is traversing with-in or outside of the organization. Unified DLP has integration with multiple workloads that help to protect customer data with a single policy. Teams-DLP is one of the workloads within the Unified-DLP console. This guide …

Publisher verification and app consent policies [General Availability]

With usage of cloud apps and the remote work, attackers leverage application-based attacks, such as consent phishing. Indeed, they try to to gain unwarranted access to valuable data in cloud services. General availability of publisher verification At the beginning of this month, Microsoft announced that publisher verification was generally available. This capability allows developers to add a …

Migrating from Exchange Transport Rules to Unified DLP

Microsoft shared a document that provides an overview of how enterprise customers can migrate their existing Exchange Transport Rules to Unified DLP portal. It walks through the different stages of migration and shows the effectiveness of the unified DLP portal as a single place to define all aspects of your DLP strategy. In summary, this …

Microsoft Endpoint Data Loss Prevention [Public Preview]

In order to accelerate the deployment of a comprehensive information protection strategy, Microsoft announcedb the public preview of Microsoft Endpoint Data Loss Prevention (DLP). Microsoft Information Protection (MIP) is a solution that understands and classifies data, keeps it protected, and prevents data loss across M365 apps, M365 services, third-party SaaS applications… Endpoint DLP now extends …

Office 365 ATP connector for Azure Sentinel [Public Preview]

Nice to see the Office 365 Advanced Threat Protection connector for Azure Sentinel ! Description Office 365 Advanced Threat Protection (ATP) safeguards your organization against malicious threats posed by email messages, links (URLs) and collaboration tools. By ingesting Office 365 ATP alerts into Azure Sentinel, you can incorporate information about email- and URL-based threats into …

On-premises data at rest DLP [Private Preview]

Microsoft DLP for on-premises is part of the Microsoft 365 DLP suite of features you can use to discover and protect your sensitive data across Microsoft 365 services. This feature will allow you to scan on-premises file shares or SharePoint and detect when sensitive data is overshared. This gives you the visibility and control you …

Application Guard for M365 Apps [Public Preview]

Files from the internet and other potentially unsafe locations can contain viruses, worms, or other kinds of malware that can harm your users’ computer and data. To help protect your users, Office opens files from potentially unsafe locations in Application Guard, a secure container that is isolated from the device through hardware-based virtualization. When Office …

Restrict guest access permissions in Azure Active Directory [Public Preview]

There are a new access level for Guest users in order to limit their permissions : Permission level Access level Same as member users Guests have the same access to Azure AD resources as member users Limited access (default) Guests can see membership of all non-hidden groups Restricted access (new) Guests can’t see membership of …

Revoke guest access to SharePoint Online and OneDrive after a defined period of time

Update 19/05/2021 : Microsoft has updated the rollout timeline. The roll out will begin at the end of May You will soon be able to create a policy that automatically revokes access for external guests to SharePoint Online (SPO) sites and individual OneDrives after a defined period of time. When will this happenMicrosoft will gradually roll …

Azure AD My Sign-Ins – Portal to report unusual sign-in activity [General Availability]

Azure AD My Sign-Ins is now General Available — a portal that allows end users to review their sign-in history to check for any unusual activity. The My Sign-Ins page permits to see: If anyone is trying to guess their password. If an attacker successfully signed in to their account from a strange location. What …

Office 365 ATP: External email forwarding controls and policy change

Automated external email forwarding is a tactic attackers use to exfiltrate data out of an organization. To counter that, Microsoft is updating their anti-spam policies. First, they are providing a control to easily enable automatic external forwarding for select people in your organization. Second, they will change the “Automatic” setting to block automatic external forwarding. …

TLS 1.0 and 1.1 retirement date in Office 365 to be October 15, 2020

Microsoft is moving all of their online services to Transport Layer Security (TLS) 1.2+ toprovide best-in-class encryption, and to ensure their service is more secure by default. Key Points: Major: Retirement Timing: October 15, 2020 Action: update or replace client devices as appropriate How this affects your organization: Once this change takes affect, all connections …

Office 2013 Client Connectivity to Office 365 Services

Office 2013 clients’ connections to commercial Office 365 services will not be supported after October 13, 2020. After this date, ongoing investments in the Office 365 cloud services – including Exchange Online, SharePoint Online, and OneDrive for Business – will proceed based on post-Office 2013 requirements. Microsoft recommends that organizations with Office 2013 clients consider …

Customization of quarantine notification

Microsoft is making it possible for you to customize quarantine notifications with your organization logo, custom display name, and a custom disclaimer. When this will happen Microsoft will begin rolling this out at the end of July (previously mid-July) and expect to be complete in September. How this will affect your organization Example of custom …

Office 365 ATP Campaign View enhancements

Microsoft is making some enhancements to Office 365 campaign views. How this will affect your organization Once rolled out the following enhancements will be available: Malware attacks are now expressed as campaigns and benefit from the same advanced clustering and visualization that phish campaigns have had Campaign timeline is now interactive, allowing inspection of what …

Automatically block guest access to new OneDrive and SharePoint files until scans are complete

You can enable Data Loss Prevention (DLP) to automatically block external access to new files in SharePoint Online and OneDrive for Business until those files have been fully scanned for sensitive information. How this will affect your organization This capability is available for all new files uploaded to both OneDrive and SharePoint. When new files …

Enhancements to Threat Explorer and real-time detections

When? The rollout will be complete by mid-August. How this will affect your organization These changes include timezone improvements; making the chart legend value a filter; and updates to in-production information. In addition, there is an updated refresh process. Note that you will need to click on the Refresh button to filter results as part …

Office 365 ATP recommended configuration analyzer version 1.9 released

New version 1.9.11 of ORCA (Office 365 Recommended Configuration Analyzer) ready for download: https://powershellgallery.com/packages/ORCA/ Improvements : Check if enhanced filtering is turned on (mportant if you have a solution in-front of EOP/ATP) Check for duplicate anti-malware policiesCheck for duplicate anti-malware policies Check for duplicate anti-spam policies Check for duplicate anti-phishing policies Check Safe Attachments Policy …

Safe documents – Office 365 ATP [General Availability]

Safe Documents is a new feature that improves the existing Protected View experience. The feature automatically verifies the document against the latest known risks and threats before allowing users to leave the Protected View container. Prerequisites Microsoft 365 E5 This feature is off by default and needs to be enabled by a Security Administrator Integration …

M	T	W	T	F	S	S
		1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30	31

Cookie	Duration	Description
__gads	1 year 24 days	The __gads cookie, set by Google, is stored under DoubleClick domain and tracks the number of times users see an advert, measures the success of the campaign and calculates its revenue. This cookie can only be read from the domain they are set on and will not track any data while browsing through other sites.
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
CONSENT	2 years	YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data.

Cookie	Duration	Description
ANONCHK	10 minutes	The ANONCHK cookie, set by Bing, is used to store a user's session ID and also verify the clicks from ads on the Bing search engine. The cookie helps in reporting and personalization as well.
IDE	1 year 24 days	Google DoubleClick IDE cookies are used to store information about how the user uses the website to present them with relevant ads and according to the user profile.
MUID	1 year 24 days	Bing sets this cookie to recognize unique web browsers visiting Microsoft sites. This cookie is used for advertising, site analytics, and other operations.
test_cookie	15 minutes	The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.

Cookie	Duration	Description
_clck	1 year	No description
_clsk	1 day	No description
ApplicationGatewayAffinityCORS	session	No description available.
CLID	1 year	No description
GoogleAdServingTest	session	No description
LiSESSIONID	session	No description available.
LithiumUserInfo	past	No description
LithiumUserSecure	past	No description
LithiumVisitor	1 year	No description available.
original_req_url	past	No description
SM	session	No description available.
SRM_B	1 year 24 days	No description available.

Category: Microsoft 365

New features on ATP Safelinks

Teams DLP Playbook – Release

Publisher verification and app consent policies [General Availability]

Migrating from Exchange Transport Rules to Unified DLP

Microsoft Endpoint Data Loss Prevention [Public Preview]

Office 365 ATP connector for Azure Sentinel [Public Preview]

On-premises data at rest DLP [Private Preview]

Application Guard for M365 Apps [Public Preview]

Restrict guest access permissions in Azure Active Directory [Public Preview]

Revoke guest access to SharePoint Online and OneDrive after a defined period of time

Azure AD My Sign-Ins – Portal to report unusual sign-in activity [General Availability]

Office 365 ATP: External email forwarding controls and policy change

TLS 1.0 and 1.1 retirement date in Office 365 to be October 15, 2020

Office 2013 Client Connectivity to Office 365 Services

Customization of quarantine notification

Office 365 ATP Campaign View enhancements

Automatically block guest access to new OneDrive and SharePoint files until scans are complete

Enhancements to Threat Explorer and real-time detections

Office 365 ATP recommended configuration analyzer version 1.9 released

Safe documents – Office 365 ATP [General Availability]

Thibault CHÂTIRON

Follow Blog via Email

Recent Posts

Categories

Archives