Microsoft announces Endpoint Data Loss Prevention (DLP) available in Preview

Microsoft has released its Data Loss Prevention tools for endpoint clients. Customers with Microsoft 365 subscriptions can now protect data on physical devices next to online services and apps.

This new feature it is possible to enable Microsoft 365 policies that have been configured for apps, to be active on computers as well. This is an extra service of Data Loss Prevention. It enables IT administrators to allow users what to do with sensitive data, and what to share. For example, IT administrators can block copying sensitive files to an external USB drive, or print the file.

Continue reading “Microsoft announces Endpoint Data Loss Prevention (DLP) available in Preview”

Enforce (Azure) MFA with Conditional Access policies

Multi Factor Authentication (MFA) is an added security feature from Azure which I believe that should be enabled by default for everybody in Office 365 and Azure. There for this manual how to enforce (Azure) MFA for all users using Azure Multi Factor Authentication

MFA can prevent unauthorized access in case of the following events:

  • Leaked credentials
  • Sign-ins from anonymous IP addresses
  • Impossible travel to atypical locations
  • Sign-ins from unfamiliar locations
  • Sign-ins from infected devices
  • Sign-ins from IP addresses with suspicious activities

Using Conditional access we can ensure that your users and company data is safe. Important to know is that Office 365 MFA is free of charge, and if you have Azure AD applications an Azure AD Premium license is required.

Named location

If you want to mark your locations as trusted location, you can do that if you have a static public IP. So the first steps are there to define your office locations.

Continue reading “Enforce (Azure) MFA with Conditional Access policies”