Interlink Cloud Blog

facebooktwitterlinkedin

Mike Wilson

Azure Site Recovery (ASR) | Easy and Cost-effective Disaster Recovery

Azure Site Recovery (ASR) | Easy and Cost-effective Disaster Recovery

Disaster recovery (DR) was once a privilege reserved for large enterprises with substantial budgets and sizeable IT staffs. In year’s past, small and mid-market companies could fall back to manual or paper based processes.  However, that simply isn’t the case today. For most businesses, the paper processes are a thing of the past. Losing access to their critical systems will mean loss of business, lost customers, and possibly even going out of business. This makes disaster recovery an absolute necessity. Fortunately, Azure Site Recovery (ASR) makes it cost-effective and easy. Azure Site Recovery list price is $25 per virtual machine per month – which is incredibly low. 

[...]
Mike Wilson

How to Protect Your Data and Stop Shadow IT

How to Protect Your Data and Stop Shadow IT

Everyone has more work these days. And everyone wants to get it done as easily and efficiently as possible. Unfortunately, the shortcuts users take—like setting up shadow IT and reusing corporate credentials—can put data at risk. If your unfamiliar with the term “shadow IT,” it describes unsupported IT systems, solutions, hardware, and software that is not approved by an organization or their IT department.

[...]
Matt Scherocman

Microsoft Cloud App Security – On-Premise Security in the Cloud

Microsoft Cloud App Security – On-Premise Security in the Cloud

Why Do I Need Security in The Cloud?

Whether you like it or not, your company data is most likely all over the place. More than 80% of employees admit to using non-Microsoft SaaS applications, like Salesforce, Box, etc., at work.* With valuable and confidential files flying around, you need to make sure that the level of security you’ve already implemented on-premises is reflected in the cloud, and Microsoft has you covered. With Microsoft’s Cloud App Security enterprise-grade security for cloud applications, you have the tools for deeper visibility, comprehensive controls, and enhanced protection against the dangers—such as company data leaks—of unsecured cloud activity across multiple non-Microsoft cloud vendors.

[...]
Sarah Bunt

On-Demand Webinar | How to Stay Secure & Productive with Microsoft’s Enterprise Mobility + Security Suite

On-Demand Webinar | How to Stay Secure & Productive with Microsoft’s Enterprise Mobility + Security Suite

On-Demand Webinar & Slides

view ems e5 webinar


Are you looking to add a tighter level of security to your environment? Do you want to stay secure and productive on your favorite apps and devices?

In this on-demand event, Microsoft and Interlink Cloud Advisors show you the powerful new capabilities of Microsoft Enterprise Mobility + Security and how it ensures your critical company data is protected.

During this online event, see what’s new through a live demo of EMS’s E5 functionality and how it allows you to:

  • Lockdown your valuable data: Automatically classify information to better protect intellectual property with Azure Information Protection. Lock it down so, your competitors can see it and your existing sales people can’t take it with them!
  • Secure the cloud: Drive security policies and reporting across Microsoft and non-Microsoft cloud services with Cloud App Security. Your data is being dispersed all over the global by using various SAAS services. Take back control and visibility – we’ll show you how!
  • Control Administrator Account Access: Ensure that powerful rights are utilized appropriately. Privileged Identity Management gives the ability to grant access to admins only when required and limited to the resources needed.
  • Use Identity Protection: Ensure that users are accessing your environment following the policies that are required for your business. Automatically identify risky scenarios, take appropriate actions, and provide reporting.

In addition, we provide an in-depth licensing overview and comparison of EMS E5 vs. EMS E3 features and functionality. You’ll also see how you can leverage Microsoft paid assessments and proof of concepts to see if EMS E5 is the right solution for your business!

video ems e5 webinar

Click to instantly watch this information-packed webinar and download the slide deck.


PRESENTERS

Eric Inch

Eric Inch

Eric Inch is a Technical Solutions Specialist - Mobility & Security for the Microsoft Corporation. He is responsible for helping clients deploy the EMS offering across their corporate account base.

Eric Brophy

Eric Brophy

Eric Brophy is a Senior Consultant for Interlink who has helped more than a hundred clients migrate their workloads to the cloud.  He is badged by Microsoft and certified in their cloud technologies.

 

 

Eric Inch

"Stay Out Unless I Say So!" - The Sweetness of Azure AD Conditional Access

"Stay Out Unless I Say So!" - The Sweetness of Azure AD Conditional Access

I talk to a lot of customers using Office 365 that would like to have granular control on who can access the hosted services and only allow access to these services from corporate owned and managed devices. Enter Azure AD Conditional Access. “Keep out.. Unless of course you meet certain conditions!”

For example, with Azure AD device access rules you can restrict access to Exchange Online to only domain joined machines.

“Wait?! What?! That sounds just like what I’m looking to do.

What does that look like?”

 

When a user attempts to access Outlook Web App from a personal computer, they go to the OWA URL and enter their username and password.


The conditional access policy will look to verify that the device being used to access OWA is domain joined and registered in Azure AD. Since the computer is a personal computer, the user is denied access.


After closer examination using the “More details” link, you can see the access rules set require the device to be domain joined for access. In the scenario of personal computers, this will show as Unregistered.

Your access to corporate resources was swatted away like Dikembe Mutumbo. “Not in my house!”

“Good Eric, that’s all great but how about the full Outlook client? I would really like to see what options we have to prevent our users from connecting their personal Outlook client to our corporate email.”


When a user attempts to connect the Outlook client on a non-domain machine, the Outlook client will open and prompt the user for authentication.


The user will enter their username and password and the authentication process will look for a registered device.


Once again the user will be gently reminded that they need to be on a corporate owned device.

“Wow Eric, I’m really impressed by Conditional Access and the device access restrictions available in the Microsoft security suite. Anything else we should know? What about users that want to access OWA from other browsers?”

 

First and foremost, under no circumstance should you ever use anything other than Microsoft technology. Ever!

But, in the event some of your users want to go against my recommendation, to access corporate resources protected with device access rules they would need to use a supported browser. Conditional access support for applications: https://azure.microsoft.com/en-us/documentation/articles/active-directory-conditional-access-supported-apps/


The behavior when attempting Outlook Web App using the Google Chrome browser would be as follows:

The user enters their username and password from a non-domain machine.

Since the user is trying to use a browser that doesn’t support conditional access, it gives the user a warning that the browser is not supported and to use Microsoft Edge or Internet Explorer.

The device based access rules are configured within Azure AD Premium and have the following options.

  • Enable Access Rules – On or Off. (self-explanatory)
  • Apply To – Specific groups that you want to scope the access rules to. You also have the ability to except specific users from the scope.
  • Device Rules – The access rules you want to enforce for access to the corporate resources.
  • Application Enforcement – “For browser and native applications” OR “For only native applications” Exchange ActiveSync – Require a compliant device to access email

For more information on Azure AD Conditional access, please read the official Microsoft blog article AzureAD Conditional Access Policies for iOS, Android and Windows are in Preview!

 

Welcome to the Interlink Cloud Blog

All content provided on this blog is for informational purposes only. The owner of this blog makes no representations or warranties regarding the information from our partners or other external sources.

Blog Categories

Interlink Cloud
Interlink Cloud
5 post(s)
Tips and Tricks
Tips and Tricks
1 post(s)
Outlook
Outlook
2 post(s)
Reporting
Reporting
1 post(s)
Cloud Storage
Cloud Storage
2 post(s)
Webinars
Webinars
14 post(s)
OneDrive
OneDrive
5 post(s)
Yammer
Yammer
3 post(s)
Azure
Azure
19 post(s)
SharePoint
SharePoint
9 post(s)
Microsoft
Microsoft
6 post(s)
Lync
Lync
8 post(s)
Office 365
Office 365
55 post(s)

Blog Archive