User Profile
SebastiaanR
Brass Contributor
Joined Jan 10, 2020
User Widgets
Recent Discussions
Re: Protecting Oracle Keys with Azure Key Vault
Thank you so much for taking the time to respond. I would be more interested in a direct integration, but it did not seem as though this is/was possible, and that the only route was to go through the Oracle Key Vault. I checked the relevant documentation on Oracle's site, and while the cloud services are well documented, I'm coming up empty for any documentation related to 19c on-premises installations. If he have any supporting documentation that highlights the direct integration I'd appreciate it very much.Protecting Oracle Keys with Azure Key Vault
Has anyone used Azure Key Vault to protect keys for on-premises Oracle databases? From what I can see, it isn't a direct integration but rather using Oracle Key Vault for the key management and then integrating OKV with Azure Key Vault as the HSM. Has anyone done this, and is it a supported configuration?MFA on AAD-joined Device - Prompt on M365 App Access
Hi community, I'm working with a customer who insists on having an MFA prompt when accessing M365 resources (Outlook, SharePoint, OneDrive...). They are currently using RSA and Citrix, and used to providing an OTP to log in. The devices they are using is AAD joined and Intune-managed, which means that MFA is satisfied quietly. They don't have WHfB, so they log in with a username/password. Of course the login is successful, but they don't get prompted for MFA (by design). Despite me showing them that MFA is satisfied when investigating the sign-in logs, they argue that is is not secure, their argument being "What is someone's laptop is stolen and they have their username/password stuck at the bottom? How will this MFA then help secure them?"... which in honesty, is a valid concern. Obviously, this is an issue in itself, but not an impossible scenario. In this scenario, what would be the mitigation? I'm thinking a push to WHfB would help, but then the argument will be "Oh well, what happens when a user has their PIN stuck to the bottom of their laptop....". Is there a way I can force MFA for them on their Office apps to give them a level of comfort until they move to WHfB and can consider a biometric-type login? Thanks in advanceSensitivity Labels with Teams Sites and SPO Sites
I've gone through the docs and busy working through posts here as well, but I wanted to check my understanding as far as labeling Teams and SPO is concerned, please. What I want to achieve: 1. Apply a label to an SPO site and have content inherit the label. My understanding is that this is not the case, and the only way to achieve this is through automatic labeling of the docs itself. 2. Prevent content with a higher sensitivity label to be moved into a SPO/Teams site with a lower sensitivity, e.g. Confidential to Public. From what I can see, there is nothing preventing me from moving these files into the relevant locations. Access to the files really only comes down to the rights associated with it. 3. Block anyone from adding any external guests to a SPO or Teams site that's been labeled as restricted? If there's a resource somewhere that discussed this at length somewhere I'd really appreciate that. TIAAdding Context To Custom Alerts in Purview
Hi Community, Is it possible to add context to custom alerts created in Purview Alert Policies? At the moment we are running a Powershell command that creates a custom alert that triggers when there are any role group changes, i.e. adding or removing anyone from a Purview role. The alert works fine, but it doesn't provide any context, specifically what role was affected. We only see the activity (Set-RoleGroup), the user and the item. Ideally we would want to see what role group was affected. Is there any way of getting more granular? Is there a better way of doing this?AIP Scanner Not Auto-Labelling On-Prem Content
Re-posting this issue again, still battling I'm not getting auto-labeling of sensitive information types done against discovered on-prem data. The content is discovered, and the sensitive information types are identified, but labels are not being applied. Is there a good (read "idiot proof") guide I can follow that will guide me through the process? I'm sure (hoping) I'm missing something small, just can't seem to hack it. TIAAIP Sensitive Information Types - On-prem not get auto-labelled
Hello community, I've set up an AIP scanner in my lab environment, and pointed it to a repository for scanning. It's picking up all my files and I can see the files in the data classification tab in the Compliance portal. What's not happening though is the application of sensitivity labels on the on-premises content. When I upload the same content to SPO or OneDrive, it does pick up the information type and automatically applies the labels and classifies it. I have auto-labeling enabled on the content scan jobs and enabled pretty much every config I could see that could force *something* to happen, but nothing. What could I be missing?PIM Access Review Audit
Good day community, I've noticed when I complete an access review in PIM against other accounts, the activity gets logged, i.e. the Approve/Deny decision, but it doesn't show me any specific information related to the changed values (old/new value), as per below: How/where would I see this specific activity from an audit perspective to understand the impact of the change rather than there just having been a change. ThanksLog analytics Workspace Design Considerations - Recommendations & Technical Guidance
Hi community, Is there some technical guidance or recommendations related to the LA workspace designs when it comes to the onboarding of resources to Defender for Cloud, i.e. have a single LAW for all resources, or split it out according to some or other plan? Also, enabling Defender for Cloud at subscription level rather than LA level? Although I suppose this would make sense if you only wanted to include some resources under a subscription instead of a blanket enablement? ThanksInformation Protection - Duplicate Sub-Labels Error
Hi Community, I'm trying to create sub-labels in Information Protection, and I get errors related to duplicate values that already exist. These are on sub-labels, and my understanding is that as long as the top-level label is unique, you can have sub-labels of the same name? As an example: External\ \Non-Business \Business Internal\ \Non-Business \Business In this example I would get an error that I cannot create certain labels due to the label "Business" already existing. Am I misunderstanding the limitation of the platform?MDO Attack Simulation - Hybrid/On-Prem
**Copy of post under SCI**: MDO Attack Simulation - Hybrid/On-Prem - Microsoft Tech Community Good day community, Does the Attack Simulation capabilities extend to on-prem/hybrid Exchange environments as well, or only accounts that have been migrated fully to Exchange Online? TIACompliance Manager Premium Templates
Hi community, Just a sanity check, please. For me to implement any of the premium assessments templates, I need to have an E5/A5 type license, as per the below link: https://docs.microsoft.com/en-us/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance#which-licenses-provide-the-rights-for-a-user-to-benefit-from-the-service-6 I'm specifically interested in the South African POPIA assessment in the organization. https://docs.microsoft.com/en-us/microsoft-365/compliance/compliance-manager-templates-list?view=o365-worldwide Also, I can see a lot of the premium templates, although, the South African POPIA template is not even showing. ThanksRe: Defender for Endpoint - Blocking Unsanctioned VPN Connections
Thijs Lecomte Thanks. I agree, the long-term solution would be to actually limit the installation of these programs to begin with. I think we will end up creating the indicator to do the initial detection of these connections, and then transitions the devices across to be managed through policy. It's definitely a pain in the backside!
