Blog stories

From when ever there is need to rotate access keys to your CosmosDB or any other storage service using Access keys this is the best practis method to do so. So for CosmosDB these are the steps needed to be used. Head into Azure portal and navigate to your CosmosDB and select “keys” from the…

Windows365Let`s first talk about licenses.Provisioning the beauty! De-provisioning and cleanup Windows365 Windows365 is a Cloud pc for all users and it`s so easy to start using! In this post I will go through a setup of Windows365 Business in a cloud only tenant and show you how fantasticly easy this is! There are some pre-requisites…

So! I`m back again after not blogging, speaking or “anything” for the community for the last one and half year (since the pandemic started in Norway 12.03.2020)! I have been spending the summer in paternity leave at home with my 1 year old son and been been recharging my batteries to full and from now…

The new built-in admin consent workflow within AzureAD Enterprise Application is amazing! This feature will give you the control that you need to take care of your companies sensitive information like user id`s, files, email accounts etc. Did you know that malicious applications is often a start of a sophisticated phising attack? If a malicious…

If your Microsoft 365 tenant like mine is located in a region that not`s include your country then this is how you should configure your tenant to get the data as close to you as posible! (if Microsoft has opened a Datacenter in your country of course :)) Why move your data? There are several…

In this post I want to go through some steps that I think is quickest method to get started with Microsoft Endpoint Manager. This will not cover ALL the features but it will give you an quickstart to the service. For instance, what shold you start with? To be honest, start with something easy and…

Many people wonder what Microsoft Endpoint Manager is and how to quickly gain value to their company by using it. In this post i will give you some quick information on what it is and later on create a how to get started quckly with Microsoft Endpoint Manager! So what is Microsoft Endpoint Manager? Some…

Last but not least in my blog post series “S for Security in EMS” is about Microsoft Cloud App Security! Microsoft Cloud App Security is a CASB (Cloud access security broker) service delivered by Microsoft that will give you several features to protect your data, users and cloud services. MCAS is giving you a great…

So in this fourth blog post in my series S for Security in EMS we will og deeper in Advanced Threat Analytics included within EMS. So what is Advanced Threat Analytics? Well, it`s an on-premises platform that helps protect your enterprise from multiple types of advanced targeted cyber attacks and insider threats. Why is this…

So this is the third post in my blog post series “S for Security in EMS” and I will try to cover some Microsoft Intune benefits and quick-wins meaning how to quickly get started with Intune and to gain some benefits right the way.  First, what is Microsoft Intune?   Microsoft Intune is an cloud based…

Even tho Azure Information Protection is included within the EMS package i would recomend using the Office 365 Unified Labeling insted. Those labels which can be eather Sensitivity or Retention labels and capabilities comes with in the Office 365 E3 or Office 365 E5 license. Why should you use Unified labels you say? Well, in…

Since MyAnalytics is an “Opt-Out” feature in Office 365, some companies wants to change this behavour for their users, meaning that each users should enable this feature them self instead of the service being automatically enabled when users are created. Changing settings in Office 365 to change this behavour: Remove the three ticks on the…

Let`s start off with the EMS E3 package and that will give you access and user rights to use Azure AD Premium P1 features. So do you need it? Well, Azure AD Premium P1 gives you capabilities for your hybrid users to access both on-prem and cloud resources. The synchronization also provides write-back capabilities so…

Since Enterprise Mobility + Security (EMS) is a core component of Microsoft 365 services you need to understand what services is present within the EMS package. In the same way that Microsoft 365 services comes with a E3 or E5 service level does EMS also that. I will try to give a easy and understandable…

Azure tags is an important tool of marking your resources with some additional information.  This information can be what your business requires and is not set by any templates or so.  Keep in mind that when you start with tagging it must give you some sort of value in some reasons this is cost-related that meaning you can tag resources with a costcenter tag like  CostCenter : BusinessApplication CostCenter : Human Resources  Other departments can also be in use of tags and then i`m thinking of the Security department and their Incidence and Respond team. By adding additional information to your Azure resources, you can set an value on resources and with that also prioritize what resources to mitigate first if there is an security incident.   Setting tags can be done at creation of the resource in the Azure Portal but also within ARM templates or you can use Azure Policy to add tags after deployments aswell.   When adding tags to a existing resource navigate to the resource and hit the Tags pane in the menu then add a TagName and a Value of the tag.  Going forward this can also be done when creating a new resource within the Wizard and also by ARM temlates by adding this to the “Parameter” section of your ARM temlate: “resourceTags”: { “type”: “object”, “defaultValue”: { “CostCenter”: “BusinessApplication”} } And this to the actual resource  “tags”: “[parameters(‘resourceTags’)]”, If using Azure Policy to remidiate existing resources you can use a built in policy named “Add a tag to resource” and deploy that to your subscription.   By using Azure Policies you can also block creation of new resources without having a Tag set to the resources upon creation.  …