Configuration

Creating Scoped DLP rules with Custom Sensitive Information Types

A few weeks ago, I put out a series of posts on creating and using custom sensitive information types (https://www.undocumented-features.com/tag/sensitive-information-types/).  The blog, posts, however, focus on using the DLP configuration options available in the Security & Compliance Center.

Rules created via the DLP wizard in the Security & Compliance Center have the benefit of being able to be applied globally across your organization and its content sources. … [ Continue reading ]

Configuration

Looky, looky! Custom sensitive information types with even more customitivity!

So, of course, as soon as I finish up posting a few entries (here and here), we go and release a new UI to help you get it done on your own!

You can do most of the effort of creating a data classification here, although if you want to use any of our built in functions (such as credit card Luhn check), you’ll need to export/modify/import, use the sensitive information type package that I created (referenced earlier) or use one of our native DLP classifications.… [ Continue reading ]

Configuration

Sensitive Information Types–now with more sensitivity!

UPDATE: The TechNet Gallery link for this post has been updated.

So, this is an entry that has been long in the making.  I have had several customers over the last few years give feedback about our Data Loss Prevention’s (DLP) matching requirements, mostly around how they require too much corroborating evidence (in the form of patterns or keywords) to meet their organization’s very restrictive policies.… [ Continue reading ]

Configuration

Update: AAD Connect Network Test Tool

I trotted out the trusty WireShark and Fiddler tools today and ran through the latest iteration of AAD Connect setup.  In so doing, I’ve added a few endpoints to the test:

$CRL
http://ocsp.msocsp.com

$RequiredResources
adminwebservice-s1-co2.microsoftonline.com

$RequiredResourcesEndpoints
https://adminwebservice-s1-co2.microsoftonline.com/provisioningwebservice.svc

As always, the newest version is available at http://aka.ms/aadnetwork.… [ Continue reading ]

Configuration

Update to Create-LabUsers tool

Update: I’ve added a shortlink for this tool: http://aka.ms/createlabusers.

Because you didn’t ask for it, I went ahead and added to it.

Well, that’s a lie.  I actually had some really great ideas and feedback, so I’ve added a few new features that I wanted to draw attention to:

  • Detect existing Exchange session – If you cancel the script to create mailboxes while it’s running, you previously needed to run a Remove-PSSession to close the open Exchange session. 
[ Continue reading ]
Configuration

ATP: Safe Attachments, Safe Links, and Anti-Phishing Policies or “All the policies you can shake a stick at”


With the advent of scammers, spammers, phishers, and other types of baddies, and the complementary rise in anti-malware, anti-spam, domain and sender verification techniques, we’re in a perpetual cat-and-mouse game.  I’ve had several customers over the past few weeks ask me about best practices for configuring some of the Advanced Threat Protection (ATP) features.… [ Continue reading ]