• Patch Lady – Office 365 in the cross hairs

    Posted on December 3, 2019 at 19:18 CST by Comment in the Forums

    Over the Thanksgiving weekend I was migrating the firm over to Office 365 and I’ve been also enabling such things as two factor authentication and conditional access based on location.

    Even with the Microsoft 365 business subscription that I have I found that I needed to bump up and purchase an Azure AD P1  license in order to review and audit the logins.

    Because I’m in the process of setting up multi-factor, already I have seen that there are log in attempts from (yes I had to google that one up) Armenia.  Here’s my absolute bare minimum recommendations for small businesses going to Office 365:

    Make sure you’ve enabled the Multi-factor authentication using the Microsoft authenticator app  (MFA is now free and part of the security defaults feature).  Note that you can set up the authenticator app on multiple devices – handy if you forget your phone at home.  You can also whitelist the static IP of the office so desktop users that don’t roam and only log into their applications locally won’t be hit by two factor.  You absolutely want to run everyone through https://aka.ms/MFASetup and set up multifactor authentication and lock down access such that multi factor is mandated.  You want to disable basic (or legacy) authentication.

    You’ll want an Azure P1 license for at least the admin account ($6 per month) so that you can review the log ins.

    And then if you are an Office 365 admin, check out these resources.

    Bottom line, know that yes, they really really really are out to get you.

    P.S.  users should be able to access https://mysignins.microsoft.com/ to review their personal logins.

    Windows Security
DON'T MISS OUT!
Subscribe to the Free Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

View the Forum

  • Recent Replies
  • My Replies
  • My Active Topics
  • New Posts in the Last day
  • Private Messages
  • Knowledge Base
  • How to use the Forums
  • All Forums

    • Recent Topics

    My Profile

    March 2025
    S M T W T F S
     1
    2345678
    9101112131415
    16171819202122
    23242526272829
    3031  

    Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.

    Mastodon profile for DefConPatch
    Mastodon profile for AskWoody

     

    Home About FAQ Posts & Privacy Forums My Account
    Register Free Newsletter Plus Membership Gift Certificates MS-DEFCON Alerts

    Copyright ©2004-2025 by AskWoody Tech LLC. All Rights Reserved.