Configuration

Apply Security & Compliance Center Retention Labels to Outlook Folders

I couldn’t really come up with a cool-sounding title for this post, so I just went with the basics of what it does.

Last week, I worked with a customer that wanted to deploy custom retention labels to custom folders inside a user’s mailbox–the idea being that they would create a custom folder structure such as this under a user’s Inbox:

\Inbox
\Inbox\Retention Schedule
\Inbox\Retention Schedule\2 Year (apply a 2-year retention label to everything in this folder)
\Inbox\Retention Schedule\4 Year (apply a 4-year retention label to everything in this folder)
\Inbox\Retention Schedule\7 Year (apply a 7-year retention label to everything in this folder)
\Inbox\Retention Schedule\Forever (apply a ‘Never delete’ retention label to everything in this folder)

Seems easy enough, right? … [ Continue reading ]

Configuration

Exchange Online Protection (EOP) Best Practices and Recommendations

Yes. I said it.

Someone needed to put a line in the sand and today, that person is me.  I’m going to say these are some best practices.

But of course, your mileage may vary, depending on your type of organization (users at a local bank or city government will have different threats presented to them than an engineering firm with international customers, for example). … [ Continue reading ]

Information

Update to Get-UserHoldPolicies

This certainly seems to be a day for updates! Based on some additional feedback from my peers, I’ve updated the Get-UserHoldPolicies script to exclude legacy Exchange MRM policies by default.  MRM policies, while they have RetentionPolicyTags, are technically either moving or deleting content, not preserving it.… [ Continue reading ]

Information

Update to Get-UserHoldPolicies — Now includes DelayHoldApplied

This is just a quick update–if you’ve been using my Get-UserHoldPolicies script to check out the holds applied to your mailboxes, I’ve updated it to include the DelayHoldApplied property.

A Delay Hold is applied whenever a hold is removed from a mailbox (as in, the mailbox is excluded from an inherited policy or manually removed from an explicitly included policy), and stays in effect for 30 days. … [ Continue reading ]

Information

Switch SharePoint Online Lists between Classic and Modern Experience

It’s been coming for a while.

Change is inevitable.

SharePoint Modern UI is here.

And, we’ve begun updating libraries and lists.

Per this link, https://techcommunity.microsoft.com/t5/SharePoint/Update-on-modern-list-tenant-opt-out-removal/td-p/469297, we changed the opt-out methods (from tenant-level to site-level).  One of the things that we noted is that you can use Enable-PnPFeature or Disable-PnPFeature to manage this. … [ Continue reading ]

Identity

Update to PwnCheck script

This afternoon, while working with a colleague, I was alerted to a customer that appears to have the same 6-character password set for every user, which honestly, I feel like violates the very notion of a password.  They’re not currently in Office 365 (or even Active Directory), but the risk is the same:

Users tend to use the same passwords everywhere.… [ Continue reading ]

Configuration

DLP for Bitcoin Addresses

One of the up-and-coming combination phish-ransom attacks is to trick the mark into thinking that you’ve got access to their data, and then get them to send money to a Bitcoin address to protect them from data leakage.  You can create a DLP rule in the Office 365 Security & Compliance Center (or an Exchange Online transport rule) to try to combat this.… [ Continue reading ]

Information

WhoAmI for Office 365

If you’ve ever struggled to find out who your current session is logged in as when you connected to Office 365, here’s a tidbit to shed some light on it:

(Get-PSSession |?{$_.ComputerName -like “*outlook.com”})[0].RunSpace.ConnectionInfo.Credential.UserName

You can also use RunSpace.… [ Continue reading ]

Information

Calculating your Daily Export for the Security & Compliance Center

One of the lesser-known boundaries of Office 365’s Security & Compliance Center is that we only allow 2TB per day export volume.  When we talk about exports, we’re talking about the idea of taking content that has been identified via a content search mechanism (content search, eDiscovery case search, etc) and then staged for download.… [ Continue reading ]