Forum Widgets
Latest Discussions
Microsoft 365 Copilot Search Now Available
Microsoft 365 Copilot Search is the second iteration of Copilot Search. It borrows heavily from the older Microsoft Search in Bing feature in terms of how it presents different types of results. Copilot Search is unmatched when it comes to searching Exchange, SharePoint, and Teams, but its ability to search the web is hindered by the dependency on Bing and the preference given to Microsoft.com sources. https://office365itpros.com/2025/07/14/copilot-search-mark2/Securing the Modern Workplace: Transitioning from Legacy Authentication to Conditional Access
Authored by: Gonzalo Brown Ruiz, Senior Microsoft 365 Engineer & Cloud Security Specialist Date: July 2025 Introduction In today’s threat landscape, legacy authentication is one of the weakest links in enterprise security. Protocols like POP, IMAP, SMTP Basic, and MAPI are inherently vulnerable — they don’t support modern authentication methods like MFA and are frequently targeted in credential stuffing and password spray attacks. Despite the known risks, many organizations still allow legacy authentication to persist for “just one app” or “just a few users.” This article outlines a real-world, enterprise-tested strategy for eliminating legacy authentication and implementing a Zero Trust-aligned Conditional Access model using Microsoft Entra ID. Why Legacy Authentication Must Die No support for MFA: Enables attackers to bypass the most critical security control Password spray heaven: Common vector for brute-force and scripted login attempts Audit blind spots: Limited logging and correlation in modern SIEM tools Blocks Zero Trust progress: Hinders enforcement of identity- and device-based policies Removing legacy auth isn’t a nice-to-have — it’s a prerequisite for a modern security strategy. Phase 1: Auditing Your Environment A successful transition starts with visibility. Before blocking anything, I led an environment-wide audit to identify: All sign-ins using legacy protocols (POP, IMAP, SMTP AUTH, MAPI) App IDs and service principals requesting basic auth Users with outdated clients (Office 2010/2013) Devices and applications integrated via PowerShell, Azure Sign-In Logs, and Workbooks Tools used: Microsoft 365 Sign-In Logs Conditional Access insights workbook PowerShell (Get-SignInLogs, Get-CASMailbox, etc.) Phase 2: Policy Design and Strategy The goal is not just to block — it’s to transform authentication securely and gradually. My Conditional Access strategy included: Blocking legacy authentication protocols while allowing scoped exceptions Report-only mode to assess potential impact Role-based access rules (admins, execs, vendors, apps) Geo-aware policies and MFA enforcement Service account handling and migration to Graph or Modern Auth-compatible apps Key considerations: Apps that support legacy auth only Delegates and shared mailbox access scenarios BYOD and conditional registration enforcement Phase 3: Staged Rollout and Enforcement A phased approach reduced friction: Pilot group enforcement (IT, InfoSec, willing users) Report-only monitoring across business units Clear communications to stakeholders and impacted users User education campaigns on legacy app retirement Gradual enforcement by department, geography, or risk tier We used Microsoft Entra’s built-in messaging and Service Health alerts to notify users of policy triggers. Phase 4: Monitoring, Tuning, and Incident Readiness Once policies were in place: Monitored Sign-in logs for policy match rates and unexpected denials Used Microsoft Defender for Identity to correlate legacy sign-in attempts Created alerts and response playbooks for blocked sign-in anomalies Results: 100% of all user and app traffic transitioned to Modern Auth Drastic reduction in brute force traffic from foreign IPs Fewer support tickets around password lockouts and MFA prompts Lessons Learned Report-only mode is your best friend. Avoids surprise outages. Communication beats configuration. Even a perfect policy fails if users are caught off guard. Legacy mail clients still exist in vendor tools and old mobile apps. Service accounts can break silently. Replace or modernize them early. CA exclusions are dangerous. Every exception must be time-bound and documented. Conclusion Eliminating legacy authentication is not just a policy update — it’s a cultural shift toward Zero Trust. By combining deep visibility, staged enforcement, and a user-centric approach, organizations can securely modernize their identity perimeter. Microsoft Entra Conditional Access is more than a policy engine — it is the architectural pillar of enterprise-grade identity security. Author’s Note: This article is based on my real-world experience designing and enforcing Conditional Access strategies across global hybrid environments with Microsoft 365 and Azure AD/Entra ID. Copyright © 2025 Gonzalo Brown Ruiz. All rights reserved.Building Enterprise-Grade DLP with Microsoft Purview in Hybrid & Multi-Cloud Environments
Authored by: Gonzalo Brown Ruiz, Senior Microsoft 365 Engineer & Cloud Security Specialist Date: July 2025 Introduction Data is the lifeblood of every modern organization, yet it remains one of the most exposed assets. As organizations embrace hybrid and multi-cloud models, traditional endpoint or email-only DLP solutions no longer provide sufficient protection. The explosion of data across Exchange, SharePoint, Teams, OneDrive, and third-party SaaS applications introduces new risks and compliance challenges. Microsoft Purview Data Loss Prevention (DLP) provides a powerful solution that unifies data governance, sensitivity labeling, and policy enforcement across your cloud ecosystem. However, building an enterprise-grade DLP strategy goes far beyond enabling policies. Why Traditional DLP Fails in Modern Environments Traditional DLP approaches often: Protect only endpoints or email without covering cloud services Lack integration with data classification and labeling frameworks Generate excessive false positives due to generic rule sets Create operational friction for end users In hybrid environments with Teams, SharePoint, and OneDrive, these limitations lead to fragmented coverage, compliance blind spots, and user workarounds that expose sensitive data. The Microsoft Purview Advantage Microsoft Purview DLP offers: Unified policy management across Exchange Online, SharePoint, Teams, and OneDrive Integration with Sensitivity Labels for data classification and encryption Real-time policy tips that educate users without blocking productivity Built-in compliance manager integration for audit readiness When architected properly, Purview becomes a strategic enabler of data governance and compliance rather than just a security checkbox. Key Components of an Enterprise-Grade DLP Strategy 1. Data Classification and Labeling Implement Sensitivity Labels with auto-labeling policies to classify and protect sensitive data at scale. 2. Policy Scoping and Exceptions Handling Design DLP policies that balance security with operational needs, incorporating exceptions for justified business processes. 3. Insider Risk Management Integration Correlate DLP events with insider risk signals to identify intentional or accidental data misuse. 4. Audit, Reporting, and Compliance Evidence Configure alerting, detailed reporting, and data residency mapping to fulfill regulatory and internal audit requirements. Implementation Framework: Your Step-by-Step Guide 1. Preparation Conduct a data inventory and sensitivity assessment Identify regulatory and contractual compliance obligations Engage business stakeholders for adoption readiness 2. Pilot Deployment Roll out policies to a controlled user group Review policy matches and refine rules to minimize false positives Provide targeted user training on policy tips and data handling expectations 3. Full Deployment Scale DLP policies across workloads (Exchange, SharePoint, Teams, OneDrive) Implement automated remediation actions with user notifications and audit logs 4. Optimization and Continuous Improvement Review policy match reports regularly to fine-tune thresholds and rules Incorporate feedback from security, compliance, and end users Integrate with eDiscovery workflows for legal readiness Best Practices and Lessons Learned Start with monitor-only policies to baseline activity before enforcing blocks Combine DLP with Sensitivity Labels and encryption policies for holistic protection Regularly educate users on data classification and handling standards Create clear governance structures for DLP ownership and policy management Balance security controls with user productivity to avoid shadow IT workarounds Conclusion Data Loss Prevention is no longer optional – it is a critical enabler of trust, compliance, and operational excellence. By architecting Microsoft Purview DLP as part of an enterprise data governance strategy, organizations can protect their most valuable asset – data – while empowering users to work securely and efficiently. Author’s Note: This article is based on my extensive professional experience designing and implementing Microsoft Purview DLP solutions for global enterprises across hybrid and multi-cloud environments. Copyright © 2025 Gonzalo Brown Ruiz. All rights reserved.Helping my younger sibling stay on track with summer assignments in Word
Hi! My younger brother is really struggling with summer assignments this year. He’s supposed to write a few essays using Microsoft Word, but writing has never been his strong suit. We’ve tried using templates and even OneNote to organize ideas, but he still feels overwhelmed and stuck. I’ve been helping him as much as I can, but I’m wondering if there’s a better way to support him. Has anyone else had this kind of experience? What tools or approaches worked for you to help a younger student write better, especially when motivation is low?Reuse Slides Button in the Ribbon: Unavailable by Design😟
𝓝𝓸𝓸𝓸𝓸𝓸! 𝐏𝐨𝐰𝐞𝐫𝐏𝐨𝐢𝐧𝐭’𝐬 𝐑𝐞𝐮𝐬𝐞 𝐒𝐥𝐢𝐝𝐞𝐬 𝐁𝐮𝐭𝐭𝐨𝐧 𝐈𝐬 𝐆𝐨𝐢𝐧𝐠 𝐀𝐰𝐚𝐲 Microsoft has officially announced that the Reuse Slides Button will be deprecated on July 31, 2025 (Message Id MC 1111178). Just so you know, only a short notice was provided. It was announced on July 7, 2025 in the Admin Message Center. —𝐇𝐞𝐫𝐞’𝐬 𝐖𝐡𝐚𝐭 𝐭𝐨 𝐊𝐧𝐨𝐰👇🏾 Details in this blog: POWERPOINT REUSE SLIDES MISSING TRACCreations4E #traccreations4e-p25 7/11/2025EntraExporter Tool Exports Details of an Entra ID Tenant
The EntraExporter toolis a PowerShell module that generates details of objects in an Entra ID tenant configuration (like groups, policies, and users) and creates JSON files. It’s a great way to capture point-in-time information about Entra ID (Azure AD) configuration. Although you can’t replay the captured data to recreate objects, having all the information available is a great start if you need to restore or replay anything. https://office365itpros.com/2023/08/24/entraexporter-tool/Microsoft Graph PowerShell SDK V2.29 Now Available
Version 2.29 of the Microsoft Graph PowerShell SDK can now be downloaded from the PowerShell Gallery. Initial tests show that the release is stable. However, it’s recommended that you deploy V2.29 on a few workstations to test essential scripts before proceeding to a full-scale roll-out. V2.29 does not address the issue with PowerShell runtime in Azure Automation, but overall, first indications are that V2.29 is a good release. https://office365itpros.com/2025/07/11/microsoft-graph-powershell-sdk229/Error exporting file as PDF: The online service is not available in your region.
On MacOS 15.5 with the latest (enterprise channel) or Microsoft Office We have a issue currently that certain users in different location is getting a issue when saving as a pdf when the option 'best for electronic distribution and accessibility is selected. "Error exporting file as PDF: The online service is not available in your region. Please contact your administrator." This uses the Microsoft online services when using 'best for printing' - it works fine as thats a local pdf printing and does not use MS online services the region is set to UK we are going to look at the locations and see if any traffic is being blocked as well
Automate tab greyed out in online Excel
I've been developing a script in online Excel using the code editor on the Automate tab. The script takes the data in a table and sorts it into some other tables depending on a few fields. I then have a PowerPoint macro which picks up the data and sets up and populates some slides with the data. I have returned to the Excel script today after a few days focusing on the PowerPoint macro and I cannot access or run my script as all of the buttons on the Automate tab are greyed out (see image below). I can still run the script via a PowerAutomate flow - I just can't edit, run or even see it in the online app. While developing it, the buttons worked fine in Chrome but were greyed out in Edge browser for reasons I couldn't ascertain. Now they are greyed out in Chrome too. Scripts and script sharing are enabled for all users in my organisation. We're using Office 365 A1. Any help would be appreciated.
