I’ll be speaking at E-Communications & Collaboration Day 2017 (BE-COM.eu) on May 3rd 2017

In a few weeks, I’ll be travelling to Novotel Leuven in my neighboring country Belgium for the E-Communications & Collaboration Day 2017, a full-day (May 3rd 2017) of expert presentations and content about Office 365, Exchange, Skype for Business and related technologies. During this day, I will be presenting “Securing Exchange Online”: In this session, Dave Stork will go through the capabilities of Exchange Online (Office 365) to further secure your email data and mail flow. Questions like: •    How

Read more

Creating an Activity alert in Office 365

Within Office 365 you can use Audit Logging to monitor specific actions admins and users take. It’s comparable with Auditing within Exchange, but for most of all actions available in your Office 365 tenant. However, you need to do a search to find those actions perhaps long after the fact. That might be adequate for most organizations, but it would be nice to get an near immediate alert on the important stuff. Luckily, that is also possible! Consider the following

Read more

The end is nigh for Exchange 2007: support nearing end and some other reasons to upgrade

The Exchange Team blog reminded us today that in about a year the extended support for Exchange Server 2007 will end. This means no more updates of any kind, not even security updates. Feature updates already stopped 4 years earlier when Mainstream support ended. The product will continue to run, but how longer it’s being kept in production that will add some risk to your environment due to security issues not being fixed. You can find lifecycles of other Microsoft

Read more

In light of Windows 10: Comparing Service and Privacy agreements

There’s been a lot of media attention regarding Windows 10 and privacy concerns. Unfortunately not all reports contain correct facts while others suggest some of the implemented technology is unique for Windows 10. There’s a lot of bad reporting (do some of them even fact check?) or even malicious FUD (Fear, Uncertainty and Doubt) out there. Now, don’t get me wrong, knowing how the products you use handle your (meta)data and privacy is IMHO very important and should receive all

Read more

Checking security protocols and ciphers on your Exchange servers

Microsoft states that Exchange 2010 and 2013 are secure out of the box. With this they mean that every traffic coming in and out of Exchange is one way or another encrypted. Whether this is web traffic or specific for SMTP. Even IMAP and POP are enabled with mandatory encryption (although the services are disabled by default). However the past few months we’ve had reports that specific encryption protocols and ciphers (algorithms used for encryption and decryption) used aren’t considered safe

Read more

IIS Exploit can reboot your Windows Server; install patch KB3042553 ASAP

This week Microsoft release a patch for Windows 7/Windows Server 2008 R2 and up that fixed a critical remote execution bug, see MS15-034 and CVE-2015-1635 for more info. Unfortunately the patch was reversed engineered and now an exploit is available. This was detected and described by ISC SANS. They added Denial of Service (DoS) as possible impact, next to Remote Code Execution. As it turns out, the DoS in question actually causes a Blue Screen of Death (BSoD, also known as bugcheck)

Read more

Exchange RBAC might be more granular than you think

Most Exchange admins probably know (or should know )  the permission model since Exchange 2010 is Role Based Access Control, RBAC for short. With it, you can regulate quite granularly what admins and end-user are able to do, without the hassles of Access Control Lists (ACLs). However, it recently became clear that it might be more granular than you think. You can allow only certain types of PowerShell Cmdlets, have only change rights on a certain Organizational Unit (OU)or types

Read more

Apple iPhone 5s TouchID and Exchange ActiveSync (updated)

2013/10/17: Added support statement by Microsoft below Just today I was curious how the Apple biometric convenience solution TouchID on the iPhone 5s would impact password policies enforced by Exchange ActiveSync(EAS). I frequently run into complaints from Android users who previously used a Pattern Lock instead of a PIN to unlock their phones. When my EAS policy sets specific password requirements, the Pattern Lock is replaced by the phone OS to the more traditional PIN (or alphanumeric password) unlock. Unfortunately,

Read more

Blocking iOS 7 in Exchange 2010 & 2013 (updated)

Now that iOS 7 available, it might be interesting to know how to block this version. In the past there were some issues with the Exchange ActiveSync implementation in specific iOS DeviceOS versions (read this and this). Please note that I did not encountered or heard of any ActiveSync issues with iOS 7, but it might be prudent to be prepared. But first we have to find out which DeviceOS versions are already present, or how they are presented to

Read more

How to use the Microsoft Authenticator WP app with Google

A while back, Microsoft enabled the long awaited 2-factor authentication feature for Microsoft Accounts and released a code generator for Windows Phone. But a little know fact is that this app can also be used for the Google Account Two-factor authentication. See the screenshots below on how to do this: Go to the right corner of you Google page and select Account. On the left you will see some options, select Security. Select Settings. When you haven’t entered a mobile

Read more
1 2