Security & Compliance

135 Topics

Former Employer Abuse
My former employer, Albert Williams, president of American Security Force Inc., keeps adding my outlook accounts, computers and mobile devices to the company's azure cloud even though I left the company more than a year ago. What can I do to remove myself from his grip? Does Microsoft have a solution against abusive employers?
varle-vs-asf
Nov 06, 2024 Place Azure
6Views
0likes
0Comments
How to Protect ...azure-api.net Subdomain from DDoS Attacks when using API Management Basic
Dear Tech Community , I am usingAzure API Management (APIM Basic)inexternal modeand without VNet integration, meaning my API instance is publicly accessible through the default...azure-api.netsubdomain. I'm also using a custom domain but the default domain still remains aktive. I am concerned about potentialDDoS attacksand want to secure this subdomain. I am considering usingAzure Front Doorto filter the traffic and leverage itsWeb Application Firewall (WAF)for enhanced protection. Could you please clarify the following: Is it possible to fully protect the API subdomain (...azure-api.net) via Azure Front Door or other products, ensuring no traffic bypasses Front Door and directly reaches the original APIM domain? What additional configurations, such asIP filtering or header validation, are required to restrict access so that only traffic routed through Azure Front Door reaches the APIM domain? Given thatAPI Management without VNet integrationdoesn’t support DDoS Protection Standard, what are the best practices forDDoS protectionin this scenario? Could you recommend any additional steps or configurations to ensure that allDDoS and security measuresare effectively implemented? Thank you for your support. Best regards Michael
Solved
mischmuc089
Oct 29, 2024 Place Azure
240Views
0likes
3Comments
Oath hardware token
Hi All, I just received my hardware tokens to set up for a few users in our organization that do not have access to company mobile devices. I have uploaded the .csv files with the required information in our Azure portal and it successfully uploaded. I am not able to activate the token, it keeps failing but I’m not sure why and I don’t really get a reason. Is there a clearer way to set this up or do I need to enable something before I set this up. I would like this set up before the end of the week, any help is appreciated. Thanks,
esardinha
Oct 09, 2024 Place Azure
4.5KViews
0likes
9Comments
Windows Updates and Defender Updates on Azure VM
Hi all, We want to build a locked down Azure VM with no public IP address. Is it possible for this VM to still get updates and report without a public IP address. Or is it a case that we really need a public IP address and then a firewall for this to be secure?
Solved
DaithiG
Sep 04, 2024 Place Azure
430Views
1like
2Comments
Azure OpenAI FedRAMP High + M365 Copilot Targeting Sept 2025 for GCC High/DOD
We’re excited to share two major updates for our public sector and defense customers: Azure OpenAI Service is now FedRAMP High authorized for Azure Government. This approval allows government agencies to securely leverage advanced AI capabilities, including GPT-4o, within their Azure Government environment. For the first time, we’re targeting a General Availability (GA) of September 2025 for Microsoft 365 Copilot in GCC High and DOD environments (pending government authorization). Copilot will deliver powerful AI tools tailored for decision-making, automation, and enhanced collaboration, all while meeting the strict compliance and security needs of our defense and government customers. For more information on these updates and how they can impact your workflows, check out the full blog post Let’s discuss how you’re planning to use these AI advancements in your environments!
Sarah_Gilbert
Aug 20, 2024 Place Azure
235Views
0likes
0Comments
Paste Link or Embed Object an encrypted/protected document (Sensitivity Label) causes error.
We are using Microsoft Purview's Built-In Labeling and have defined sensitivity labels. We are noticing that if the excel (or word) document is encrypted/protected with sensitivity labels, they can not be paste linked or embedded into another document (PowerPoint, etc). 2 Behaviors outlined: 1) Insert -> Object -> Create From File will produce an error :Files with restricted permission cannot be inserted into this presentation or 2) If you attempt to paste link to encrypted document (ex. excel), the option to paste link to Microsoft Excel Worksheet Object is missing. The only option is a hyperlink. A nuance - in a situation where excel was not labeled and paste linked into a PowerPoint, if the excel was laterencrypted/protected, the link stays in place. That is, if you update the excel, it will update Power point (example) The error seems to only occur if the excel is encrypted/protected prior to be paste linked. Has anyone experienced this and is there a fix?
aymiee
Aug 01, 2024 Place Azure
1KViews
0likes
2Comments
Access to subscription resources.
Hello, I want to ask you all about subscription access for users outside. The idea is to split our Azure subscription from one global to one per coutry. We are going to do some stuff there but we might need to give access to resources for employes from other countries to ex. show them what we did, how it works and let them play with it. Example: Right now we are doing some R&D on global account but it will be much better to have our own for each country. In future, we might need to share access to that environment/product etc. to other employes outside our subscription. Why? We want to have some kind of indicator which will tell us how many hours/connections was done and all that stuff. Why not resource group? It will be much easier to just give access to "our" own Azure env rather than specifying roles, telling what to edit and what not etc. We have some production stuff there etc... So, is it possible to give access to these resources for employes from other subscriptions with "full" functionality of resources inside? Can connections to VM's or Kube clusters will be possible? Thank you!
Mike29f
Jul 19, 2024 Place Azure
386Views
0likes
4Comments
Block Microsoft 365 account from logging on Windows machine?
Hello! How can I block a user from logging on Windows with Azure AD on our machines, but still allow it to use Microsoft 365? Basically we have a service account that should only be accessed from iOS MDM devices by default. A way to exempt some Windows machines would be nice, but the preference is ban the account from Windows logon altogether. We use Microsoft 365 with Intune. All machines are managed. Thanks in advance!
CeciNestPasLegal
Jul 11, 2024 Place Azure
292Views
0likes
1Comment
insufficient privileges to remove member out of security group - im global admin
Hi all, Was wondering if you can help. I am a global admin and I cant seem to remove users out of this security group: Any ideas why I would get this message?
AB21805
Jun 27, 2024 Place Azure
18KViews
0likes
6Comments
Azure AD Sync Error 0xcaa10001 in access work or school settings
Hi everyone I have a problem with my AAD connection on my BYOD. Has anyone seen this error code and managed it to solve? It is an annoying error. Around 3-4 times a day I also get a toast notification that prompts me to fix the accounts I'm using on my device. Have a look on the attachments. I have an Education and a Work Account and most times it works all but I want to solve this issue, so that the notification disappears. My BYOD is AADR, and I signed in first with my Work account so the policies from my work applies on the device. I can also make an RDP Connection to my AADJ Desktop at my work, so I think the registration process worked fine on my BYOD. Also in the Apps that are using one or both of my business accounts I exprience no problems. I can't find any related discussions or docs to this error. Btw I'm a Global Admin at my work so if anyone has a solution which requires admin privileges, I got it. Thanks for every reply ❤️
preuley30
Jun 17, 2024 Place Azure
5.2KViews
0likes
5Comments