I will be speaking at the European Collaboration Summit 2018

Some exciting news! I’ll be speaking at the European Collaboration Summit 2018 in Mainz, Germany on May 28-30. My session is “Securing Exchange Online” and during that hour I will go through the capabilities of Exchange Online (Office 365) to further secure your email data and mail flow based on up-to-date know-how. It’s a topic I like, is quite relevant and popular, I also have to update my session every time with new information and considerations. The Summit itself looks

Read more

Office 365 will allow TLS 1.2 only starting October 31st 2018

Update 10 February 2018* So, Microsoft announced a new date for this change and updated their support article regarding TLS support. It’s now October 31st 2018, instead of March 1st 2018. This gives organizations a lot more time to prepare for this change. IMHO the previous date was maybe a little too ambitious. It seems that Microsoft got enough feedback to push back the date. Even earlier the Exchange Product Team posted an article in a series of three, detailing

Read more

I’ll be speaking at E-Communications & Collaboration Day 2017 (BE-COM.eu) on May 3rd 2017

In a few weeks, I’ll be travelling to Novotel Leuven in my neighboring country Belgium for the E-Communications & Collaboration Day 2017, a full-day (May 3rd 2017) of expert presentations and content about Office 365, Exchange, Skype for Business and related technologies. During this day, I will be presenting “Securing Exchange Online”: In this session, Dave Stork will go through the capabilities of Exchange Online (Office 365) to further secure your email data and mail flow. Questions like: •    How

Read more

Creating an Activity alert in Office 365

Within Office 365 you can use Audit Logging to monitor specific actions admins and users take. It’s comparable with Auditing within Exchange, but for most of all actions available in your Office 365 tenant. However, you need to do a search to find those actions perhaps long after the fact. That might be adequate for most organizations, but it would be nice to get an near immediate alert on the important stuff. Luckily, that is also possible! Consider the following

Read more

The end is nigh for Exchange 2007: support nearing end and some other reasons to upgrade

The Exchange Team blog reminded us today that in about a year the extended support for Exchange Server 2007 will end. This means no more updates of any kind, not even security updates. Feature updates already stopped 4 years earlier when Mainstream support ended. The product will continue to run, but how longer it’s being kept in production that will add some risk to your environment due to security issues not being fixed. You can find lifecycles of other Microsoft

Read more

In light of Windows 10: Comparing Service and Privacy agreements

There’s been a lot of media attention regarding Windows 10 and privacy concerns. Unfortunately not all reports contain correct facts while others suggest some of the implemented technology is unique for Windows 10. There’s a lot of bad reporting (do some of them even fact check?) or even malicious FUD (Fear, Uncertainty and Doubt) out there. Now, don’t get me wrong, knowing how the products you use handle your (meta)data and privacy is IMHO very important and should receive all

Read more

Checking security protocols and ciphers on your Exchange servers

Microsoft states that Exchange 2010 and 2013 are secure out of the box. With this they mean that every traffic coming in and out of Exchange is one way or another encrypted with security protocols. Whether this is web traffic or specific for SMTP. Even IMAP and POP are enabled with mandatory encryption (although the services are disabled by default). However the past few months we’ve had reports that specific encryption security protocols and ciphers (algorithms used for encryption and decryption)

Read more

IIS Exploit can reboot your Windows Server; install patch KB3042553 ASAP

This week Microsoft release a patch for Windows 7/Windows Server 2008 R2 and up that fixed a critical remote execution bug, see MS15-034 and CVE-2015-1635 for more info. Unfortunately the patch was reversed engineered and now an exploit is available. This was detected and described by ISC SANS. They added Denial of Service (DoS) as possible impact, next to Remote Code Execution. As it turns out, the DoS in question actually causes a Blue Screen of Death (BSoD, also known as bugcheck)

Read more

Exchange RBAC might be more granular than you think

Most Exchange admins probably know (or should know )  the permission model since Exchange 2010 is Role Based Access Control, RBAC for short. With it, you can regulate quite granularly what admins and end-user are able to do, without the hassles of Access Control Lists (ACLs). However, it recently became clear that it might be more granular than you think. You can allow only certain types of PowerShell Cmdlets, have only change rights on a certain Organizational Unit (OU)or types

Read more

Apple iPhone 5s TouchID and Exchange ActiveSync (updated)

2013/10/17: Added support statement by Microsoft below Just today I was curious how the Apple biometric convenience solution TouchID on the iPhone 5s would impact password policies enforced by Exchange ActiveSync(EAS). I frequently run into complaints from Android users who previously used a Pattern Lock instead of a PIN to unlock their phones. When my EAS policy sets specific password requirements, the Pattern Lock is replaced by the phone OS to the more traditional PIN (or alphanumeric password) unlock. Unfortunately,

Read more
1 2