Latest posts

Restricting desktop applications with Cloud App Security conditional access

Date: Thursday, Jan 7, 2021
Reading time: 6 minutes.

Many organisations restrict access to Office 365 services and applications from unmanaged or non-compliant endpoints through the use of Azure AD conditional access policies. In additional to these traditional conditional access policies, Cloud Apps Security (CAS) extends these capabilities with additional features, including custom block messages and custom alerts surfaced from within the CAS administration portal. CAS policies are broken down into session policies (those which affect web browser sessions) or access policies (those which affect desktop applications) and are applied to access attempts against Office 365 applications and services such as Microsoft OneDrive for Business, Microsoft Exchange Online, Microsoft SharePoint Online, and Microsoft Teams.

Microsoft 365 Licensing Visualisations

Date: Sunday, Dec 13, 2020
Reading time: 1 minutes.

Microsoft Licensing visualisations for December 2020. Licensing information based of Aaron Dinnage’s licensing information, this version provides a different style of visualisation for M365 licensing only. Aaron’s page contains more license types, more information below on how to access his Git repository. Download Microsoft 365 Licensing Visualisation : Click here to download Included License Types: Microsoft Office E3 Microsoft Office E5 Azure AD Premium P1 Azure AD Premium P2 Enterprise Mobility + Security E3 Enterprise Mobility + Security E5 Windows 10 E3 Windows 10 E5 Microsoft 365 E5 Security Microsoft 365 E5 Compliance Information Protection & Governance Insider Risk Management eDiscovery & Audit Microsoft 365 E3 Microsoft 365 E5 Additional notes:

Tags: Microsoft Licensing
Categories: M365 Updates

Using Cloud Apps Security to restrict cut, copy, paste, printing, and file downloads from non-Intune compliant endpoints

Date: Sunday, Dec 13, 2020
Reading time: 8 minutes.

Microsoft’s Cloud Apps Security (MCAS) extends the conditional access configuration and alerting capabilities provided by Azure Active Directory. Many organisations rely on conditional access to control the devices people use to access corporate data, and in many instances to block access if devices do not meet compliance requirements. But what happens if blocking access from unmanaged devices is too restrictive? What if an organisation needs to continue to support access from these devices and can access be enabled in a secure manner?

Three years and counting: a working from home experiment

Date: Monday, Mar 16, 2020
Reading time: 8 minutes.

In recent weeks due to global circumstances there is much chatter surrounding the need for people to work from home and the impact this type of decision has on the ability for people to successfully complete their work within these constraints. Whilst working from home is not a new concept and many organisations allow for staff to work from locations other than their typical central office location, for many people this arrangement may be for a single day per week, less frequently, alternatively for some they make a deliberate choice to always leave home each day and be present at the office.

Tags: Microsoft Teams Office 365
Categories: Other

Just in time access for Office 365 privileged groups

Date: Tuesday, Feb 11, 2020
Reading time: 7 minutes.

Understanding who has access to your resources Securing and managing membership of privileged groups and roles should be a priority for every organisation. Privileged groups and roles, those which provide elevated access to resources of which may be of sensitive or confidential nature, are vital for any IT department to function and provide administrators access to the services and data supporting the business. Traditionally, IT departments utilise a security model whereby administrative permissions are permanently assigned irrespective of how often they are required, or accounts may have access enabled and revoked on an as needed basis, which is a manual process subject to human error.

Productivity Tip - Do the People in Your Organisation Know How to Access Microsoft Stream?

Date: Wednesday, Dec 18, 2019
Reading time: 3 minutes.

Stream Overview Have you enabled Microsoft Steam for the people within your organisation? Are they aware of what features it enables? Do they record meetings and then struggle to find the recordings? Since Microsoft released Teams with the ability to record meetings that are stored in the cloud, Stream has become an integral tool to access and review the recorded meeting content you have been granted access. It is feature rich allowing people the ability to access, review, and search within the recorded meeting content from either desktop, laptop, or mobile device.

Governance Tip - Group Expiration Policies

Date: Tuesday, Dec 10, 2019
Reading time: 3 minutes.

What is an Office 365 Group Expiration Policy? A Group expiration policy is one method to control the lifecycle of Office 365 groups. Enabling group expiration provides an automated process which facilitates the removal of Office 365 groups which have not been utilised within a predetermined amount of time. When applying an expiration policy, there are multiple services which may be affected, including; Teams, Exchange, SharePoint, and Planner. How do they work?

Compliance Tip - Dynamic Membership and Microsoft Teams

Date: Sunday, Dec 8, 2019
Reading time: 4 minutes.

Defining membership of a Microsoft Teams team The default behaviour of how membership is populated for a Microsoft Teams team is determined by the security permissions assigned to the team. The permissions may be assigned as either public, where people within an organisation have the ability to add themselves as a member, or private, where people within an organisation can request to join or an owner may add them on their behalf.


Paul Maggs

Principal Consultant
Modality Systems

Melbourne, Australia