Contributor Dana Epp is well known in the Microsoft Most Valuable Professional (MVP) community for his security expertise (which we appreciate here at Microsoft 365 Nation). Over the summer, Epp shared out the Azure Security Architect map you can review HERE. It’s truly a case of a picture is worth a thousand words (especially in a blog). To understand the full context of this, you’ll want to also review Epp’s reshare of the Azure Solution Architect Map. Note this isn’t for the faint of heart. Pull up with a fresh cup of coffee and soak it all in.
Official Microsoft 365 Security Observations
I was recently tipped off by contributor Dana Epp about the recently released (May 13, 2019) “Microsoft Office 365 Security Observations” [Analysis Report (AR19-133A). Get ready to get WOWed with the link below for the full report from the Cybersecurity and Infrastructure Security Agency (CISA). There are a few talking points I can share here from the report.
- Multi-factor authentication for administrator accounts not enabled by default
- Mailbox auditing disabled
- Password sync enabled
- Authentication unsupported by legacy protocols
You can read the full report HERE.