Customers who completely prohibit access to webmail may have a few security concerns. In a Modern Workplace scenario, all users must be able to access their email at any time and from any location. One of the major improvements we have seen from Outlook web access and now Outlook on the web which gives all the rich client end user experiences we see on the Outlook client. However, attachments can pose a significant security concern if Outlook on the web is permitted to be accessed from non-managed machines without any security implementation or if no data loss prevention mechanism in place.
There are two options to handle this scenario at this moment and we will go through them on this blog.
We can use mailbox policy settings to define whether users can open, view, send, or receive attachments when they are signed into Outlook on the web, including whether the user is on a computer that is part of a private or public network.
We have the PublicComputersDetectionEnabled organization value which can help us to prevent downloading the attachments from the non managed computers. The PublicComputersDetectionEnabled parameter determines whether Outlook on the web detects whether a user logs in from a public or private computer or network, and subsequently applies the public network’s attachment handling settings. $false is the default value. If you set this option to $true, however, Outlook on the web will detect if the user is logging in from a public computer, all attachment handling rules will be applied and enforced.
We can check that by running the below command.
Now we run the below command and enable the PublicComputersDetectionEnabled value to True
A content camera can be used with a Microsoft Teams Room system. A content camera collaborates with image-processing software and a whiteboard to enable a presenter to draw on an analog whiteboard and share the content with remote participants.
In this blog we will run through the steps to enable content camera on Teams Room Systems.
There are few prerequisites that needs to be prepared before trying this setup:
This content camera should be pointed at the room’s whiteboard. Please keep in mind that content camera has physical infrastructure requirements that must be considered. It’s usually a piece of equipment (a supported content camera) that hangs from the ceiling and faces the whiteboard.
The writing board must be mandatorily white in color. Other colors are not supported.
A supported content camera as per Microsoft Recommendation on this link needs to be used mandatorily for this functionality.
The camera’s positioning is influenced by the size of the whiteboard used for sharing. The following are some suggestions for board size from Microsoft:
3–6 ft. (0.9–1.8 m) wide — Supported best suited for medium sized rooms.
6–9 ft. (1.8–2.7 m) wide — Recommended best recommended for medium-large rooms.
9–12 ft. (2.7–3.6 m) wide — Supported suitable for board rooms.
Above 12 ft. (3.6 m) wide — camera covers 9–12 ft. (2.7–3.6 m) and crops the rest.
The camera can be placed up to 6 in. (152 mm) above the whiteboard’s top and centered on the whiteboard.
In the current scenario most of the Organizations are running Teams Room systems as their meeting room solution from their Offices. Few of their customers, vendors and partners host their meetings from Zoom ,WebEx or other meeting solutions. In these unique circumstances, we will be hitting in a scenario where there are people attending the meetings from Teams Room from our organization and the meeting sent by vendor or a customer might be Web-Ex or Zoom.
Knowing this requirement Microsoft released a supported Teams App version in the mid of last year for the Room Systems to join Cisco WebEx Meetings from a Teams enabled room system with the direct guest join. Later this option was extended to attend a Zoom Meetings as well from the Teams App version 184.108.40.206. We’ll walk through the procedures to enable Teams Room Devices to join the 3rd party meetings Cisco WebEx and Zoom Meetings.
There are few prerequisites to be met in order to join WebEx and Zoom Meetings from a Teams Room System
Make sure the WebEx and the Zoom Meeting URLs are fully whitelisted in your proxy and in your network to fully support this scenario.
Configure Office 365 Threat Protection and Link Rewrite exclusion list for WebEx and Zoom Meeting URLs.
Configure your Room Mailbox to automatically accept and process the invitation from Zoom and WebEx.
Configure this settings in your Room Systems devices , so that they are ready for this functionality.
To make this work for the Room Mailbox Connect to your Office 365 Exchange Online Tenant and check for the current setup for accepting the meeting room from a 3rd party meeting invites by running the below command.
One of the new feature that was announced in last week for Teams Rooms update was an option to directly cast your content from the mobile device without setting up a formal meeting. This is really beneficial when we need to share some thing directly from our mobile device to the participants in the meeting where we have a meeting room involved as a participant.
To start with utilizing this feature the Microsoft Teams App must be installed on your mobile , Bluetooth must be turned on , both the mobile device and the Teams Room system must be connected to the same network. At this moment the Teams Room must be running on Windows and must be within 10 meters range from the mobile device.
Its very easy to utilize all we need to to is open Teams App on the device – Go to the more option and click on Cast your screen
Once after we do that we are prompted with the below screen and all we need to do is just click on get started.
As we all know the basic authentication will be retired for Office 365 sooner and its high time for us to enforce Modern Authentication on all clients. When most of the organizations have already enabled Modern Authentication which is a good sign. However there are cases where the modern authentication cannot be interactive for the 2nd factor authentication ,needs some planning on those special cases and they have exceptions. For instance Room Systems they are having resource accounts with Teams Enabled and Exchange Online where these resource accounts cannot have modern authentication enabled with MFA like normal user accounts to approve for the 2nd factor authentication.
Post Microsoft Teams Room App version 220.127.116.11 we have the option to enable Modern Authentication on the devices capable of hosting Microsoft Teams Meeting. The account management of the Teams Room devices is set at the application level.
As we all are working remotely from home ,Microsoft Teams has been an extraordinary assistance for all of us in boosting our productivity and keeping us stay connected in this pandemic situation. We are in Teams Remote meeting for almost everyday to complete our daily chores. Well the vast majority of individuals are having a office setup scenario at this point, however its less likely we have setup our own personal meeting room equipment . Most likely we are attending the meetings and doing the works from the same device.
This wasn’t the case before but since we are almost having very frequent remote meetings every day its a good idea to have one personal meeting room device for the below reasons :
You have your laptop with multiple excel sheets, Word Documents , PDFs, Browsers etc., always and you do not need to switch between camera screen and your work thats going on.
There are 2 screens where one is fully focused only for work and other is dedicated only for Meetings.
There are loads of items in the market which is available in a competitive pricing , yet my thought in this blog is to demonstrate that we have a very good option to convert Windows compatible tablet or a Surface Pro into a personal meeting room just in case if you have additional device which has been hibernated for quite a long time.
Classification of data is always an important factor for any organization to protect their data and to make sure only the right people have the access to the right documents. Couple of years back we went through the Azure Information Protection on this blog through which we can classify the sensitivity of any organization documents and leverage them on the Microsoft 365 Applications. Previously in Microsoft 365 only had the built in retention labels through which only the classification of the documents was possible. During this time in order to apply more protection like auto classification and enforce the policy the Azure information Classic Client and Azure Information Protection was utilized.
Its very important to note at this point that the Azure Information Protection Classic client and the Label Management from the Azure Portal are deprecated from March 31 2021.
It has been a quite long time that Microsoft supports sensitivity labels in addition to retention labels, so all action can be completed from the same location from Microsoft Information protection in the Compliance Center. Microsoft recommends to utilize to new Unified labeling and upgrade the clients to new unified labeling client.
Compliance regimes may seem burdensome, but the goal of these policies is to prevent a devastating data breach that can bankrupt a business and cause myriad problems for consumers. It’s important to understand the differences between compliance and security, as well as how data loss prevention (DLP) allows your organization to accomplish both objectives efficiently and affordably.
Here’s what you need to know about cloud DLP and prevalent compliance policies like HIPAA, GDPR, and others.
Cloud compliance vs. cloud security: what’s the difference?
Cloud compliance and cloud security overlap, but these are two different areas of practice. Cloud compliance refers to the regulations and policies designed to protect individuals and companies from the impact of data loss. More specifically, compliance focuses on the type of data collected and stored by a business, as well as the regulatory frameworks that apply to data protection. Cloud security is made up of the physical tools and platforms that protect and defend customer and company data. This could include software like VPNs, DLP platforms like Nightfall, and tools like multifactor authentication. Cloud security also requires action-oriented cloud security policies that are updated regularly to reflect changes in the business and new online threats
Continuing the previous article now we’ll go through the next steps that is required to complete the enterprise voice configuration. Now we have setup the AudioCodes SBC , configured SIP trunk from Office 365 to SBC the next step is to setup PSTN trunk from the SBC to the Telephony Provider.
If there is already an existing setup then this part is not required because the configuration will be already present in that case. In this article we will have a look at how to configure the PSTN Trunk for a new telephony provider.
There are multiple PSTN Sip Providers that we can use to complete this configuration. In our case we have chosen Telnyx as the PSTN Sip Provider for this demo purpose. They provide us the flexibility to purchase numbers as low as 10 USD and hence have chosen this for our testing.
Over here we are not going to deep dive much into Telnyx configuration since our task is to create a PSTN Trunk between them and our SBC. So we will go through only the steps that is required to complete the Direct Routing Configuration.
The moment when we subscribe with Telnyx they provide an advance credit of 10 USD and a portal like below. As per the Telnyx documentation we need to create a new SIP connection to our SBC in the below section where we could see they have a SIP connection with their backend system as a default setup.
When we enable Teams for Skype for Business Hybrid users the final stage of action is to move the actual on premise Skype for Business Account to Office 365 to make them to Teams only mode. As more organization are adopting the Microsoft Teams in a full fast track approach the last stage of migration is to move all the local accounts to Teams Only Mode.
This script will help in moving the users on batches to Teams Only Mode from an input csv file. It also provides the time taken to complete the batch on screen once the migration is completed.
I'm a Certified Microsoft Infrastructure/Cloud Architect with hands-on 14 years of International proven experience in Planning, Design, Execution, Integration, Operations, IT Management specialized in Messaging Platforms Microsoft Teams with Telephony, Skype for Business Voice, Microsoft Exchange, Intune Deployment, Microsoft Azure Infrastructure, and Cloud Security Implementations.
Over time have developed complete IT Implementation skills on Microsoft Infrastructure/Cloud projects within Multinational, Government, Construction, Leisure & Entertainment, Production, Automobile & Financial Industries.
I can be contacted through email firstname.lastname@example.org or through mobile +31 62 050 6978