Interlink Cloud Blog

facebooktwitterlinkedin

Mike Wilson

Active Directory Federation Services (ADFS) vs. Password Sync

Active Directory Federation Services (ADFS) vs. Password Sync

Figuring out the best way to implement Single Sign-On (SSO) in a Microsoft cloud environment can be challenging given how the options have evolved over time, but it’s a key component of any successful Office 365 or Azure deployment. There are four main options on how you can configure SSO: 

[...]
Sarah Bunt

On-Demand Webinar | How to Stay Secure & Productive with Microsoft’s Enterprise Mobility + Security Suite

On-Demand Webinar | How to Stay Secure & Productive with Microsoft’s Enterprise Mobility + Security Suite

On-Demand Webinar & Slides

view ems e5 webinar


Are you looking to add a tighter level of security to your environment? Do you want to stay secure and productive on your favorite apps and devices?

In this on-demand event, Microsoft and Interlink Cloud Advisors show you the powerful new capabilities of Microsoft Enterprise Mobility + Security and how it ensures your critical company data is protected.

During this online event, see what’s new through a live demo of EMS’s E5 functionality and how it allows you to:

  • Lockdown your valuable data: Automatically classify information to better protect intellectual property with Azure Information Protection. Lock it down so, your competitors can see it and your existing sales people can’t take it with them!
  • Secure the cloud: Drive security policies and reporting across Microsoft and non-Microsoft cloud services with Cloud App Security. Your data is being dispersed all over the global by using various SAAS services. Take back control and visibility – we’ll show you how!
  • Control Administrator Account Access: Ensure that powerful rights are utilized appropriately. Privileged Identity Management gives the ability to grant access to admins only when required and limited to the resources needed.
  • Use Identity Protection: Ensure that users are accessing your environment following the policies that are required for your business. Automatically identify risky scenarios, take appropriate actions, and provide reporting.

In addition, we provide an in-depth licensing overview and comparison of EMS E5 vs. EMS E3 features and functionality. You’ll also see how you can leverage Microsoft paid assessments and proof of concepts to see if EMS E5 is the right solution for your business!

video ems e5 webinar

Click to instantly watch this information-packed webinar and download the slide deck.


PRESENTERS

Eric Inch

Eric Inch

Eric Inch is a Technical Solutions Specialist - Mobility & Security for the Microsoft Corporation. He is responsible for helping clients deploy the EMS offering across their corporate account base.

Eric Brophy

Eric Brophy

Eric Brophy is a Senior Consultant for Interlink who has helped more than a hundred clients migrate their workloads to the cloud.  He is badged by Microsoft and certified in their cloud technologies.

 

 

Matt Scherocman

How Does Archiving in Office 365 Work?

Immutability is the industry-standard term for “preserving data in the system so that it is discoverable, and cannot be destroyed or altered."

With Exchange Server 2016, and Exchange Online, Microsoft enables organizations to preserve individual or all mailbox items for discovery natively, keeping those items within the Exchange infrastructure. This approach is called, In-Place hold.

One significant benefit of hold as opposed to separate, read-only storage is that items are preserved within the Exchange infrastructure, preserving more of the information including metadata and making management easier for IT admins. Users benefit because they can manage their mailboxes using the familiar Outlook interfaces. From an IT-perspective, In-Place Hold eliminates the necessity and complexity of maintaining a separate infrastructure and potentially storage for Exchange items.

Exchange gives organizations the flexibility to choose the architecture that can help meet their immutability requirements whether that is on-premises, online, or a hybrid of both, and supports the ability to store archived items in a separate physical location.

In Exchange Online, you can use In-Place Hold or Litigation Hold to accomplish the following goals:

  • Enable users to be placed on hold and preserve mailbox items immutably
  • Preserve mailbox items deleted by users or automatic deletion processes such as MRM
  • Protect mailbox items from tampering, changes by a user, or automatic processes by saving a copy of the original item
  • Preserve items indefinitely or for a specific duration
  • Keep holds transparent from the user by not having to suspend MRM
  • Use In-Place eDiscovery to search mailbox items, including items placed on hold

Additionally, you can use In-Place Hold to:

  • Search and hold items matching specified criteria
  • Place a user on multiple In-Place Holds for different cases or investigations

How does Litigation Hold work?

In the normal deleted item workflow, a mailbox item is moved to the Deletions subfolder in the Recoverable Items folder when a user permanently deletes it (Shift + Delete) or deletes it from the Deleted Items folder. A deletion policy (which is a retention tag configured with a Delete retention action) also moves items to the Deletions subfolder when the retention period expires. When a user purges an item in the Recoverable Items folder or when the deleted item retention period expires for an item, it's moved to the Purges subfolder in the Recoverable Items folder and marked for permanent deletion. It will be purged from Exchange the next time the mailbox is processed by the Managed Folder Assistant (MFA).

When a mailbox is placed on Litigation Hold, items in the Purges subfolder are preserved for the hold duration specified by the Litigation Hold. The hold duration is calculated from the original date an item was received or created, and defines how long items in the Purges subfolder are held. When the hold duration expires for an item in the Purges subfolder, the item is marked for permanent deletion and will be purged from Exchange the next time the mailbox is processed by the MFA. If an indefinite hold is placed on a mailbox, items will never be purged from the Purges subfolder.

The following illustration shows the subfolders in the Recoverable Items folders and the hold workflow process.

Archiving in Office 365

See this technet article for additional information, or you can view the general sales site from Microsoft here.

Contact Interlink today for help in defining your needs, which licensing options would be the best fit, and actually getting the service configured correctly to ensure the right data is being kept and deleted.  

Matt Scherocman

Six Reasons Microsoft Azure SQL Database Provides the Best Data Security Around

Six Reasons Microsoft Azure SQL Database Provides the Best Data Security Around

Companies leveraging the cloud for business have a multitude of options. They also have a lot of security concerns when transitioning their data to the cloud. Microsoft has built on the SQL Server foundation, bringing a new level of security to help ease the mind of these cloud-driven companies with six enhancements. All of which are crucial reasons to consider Microsoft Azure SQL Database as your company’s cloud platform of choice:

  1. Always Encrypted: Exactly how it sounds, Always Encrypted means your data remains encrypted…all the time to help you protect sensitive data. Data is encrypted in transit, in memory, on a disk, and during query processing.

  2. Transparent Data Encryption: For those of us constantly keeping up on compliance regulations and requirements, this encrypts databases with associated backups as well as transaction log files without needing changes to your applications. The audit trail is clear in order to stay in compliance while keeping data safe from any breach.

  3. Row-Level Security: This feature can limit access to individual rows of data based on a user's identity, role, or query execution context to ensure only the right people can view that data. This also simplifies the application code so that data isn’t accidently shared in any situation.



  4. Azure Active Directory (AD) Authentication: Different from SQL Authentication, Azure AD
    Authentication simplifies password management by allowing you to access a number of Azure services using the same identity. This does not compromise the level of security. It reduces the amount of IT time spends on retrieving lost passwords and login details while maintaining access control every step of the way.

  5. Dynamic Data Masking: Another, more sophisticated, form of encryption allows users to define masking patterns on actual database columns. For example, users can set a masking rule that masks all but the last four digits of any social security number in the result set of any query to ensure that sensitive data is truly safe.

  6. SQL Database Threat Detection: This feature alerts set users of any suspicious database activities automatically and complements Azure SQL Database Auditing, which records database events and writes audited events to an audit log in the Azure Storage account. 

    Microsoft Azure SQL Database Security

Both features are great examples of how users can monitor and quickly respond to risk. Advanced Threat Analytics is yet another approach to helping users stay ahead of sophisticated malware attacks.

Another (bonus) reason to consider Azure SQL Database that’s best shared through this diagram, courtesy of Microsoft Azure, is that SQL Server’s track record speaks for itself. When you’re in the cloud, you can’t be vulnerable and SQL Server lives up to that motto…six years running!

microsoft azure sql database unparalleded security

Data security in the cloud isn’t a set it and forget it process. It is a constant work in progress because the security risks keep changing and technology keeps advancing. Choosing Microsoft as your partner in mitigating those risks is a smart and educated decision in keeping your data safe.

Learn more about these security enhancements by downloading the Security and Azure SQL Database whitepaper and contact us at Interlink for more information.

SQL Modernization Assessment Ad

 

Matt Scherocman

How is Microsoft Protecting Your Data From Government Snooping?

There have been a growing number of stories related to government surveillance of internet data in recent days. Our customers have taken notice and we have heard a number of concerns related to the privacy of their data in Microsoft’s Cloud.

While we share in these concerns, the bottom line is Microsoft is doing everything they can to keep your data safe. More importantly, there is no indication that any of Microsoft’s data has been breached by the government. We are told that on the business platforms, Microsoft has had only a handful of requests to share data with the government and was able to work with clients to provide notice and assistance in the vast majority of the cases.

A recent press release explains what Microsoft is doing to keep your data private.

Highlights include:

Expanding Encryption:

  • Microsoft is expanding or strengthening encryption across all of its services; particularly while data is transmitted over the internet
  • If you are on Office 365, Microsoft already encrypts all information moving between your business and Microsoft, and Microsoft’s internal data centers by default
  • These communication channels are protected by best-in-class cryptography including Perfect Forward Secrecy and 2048-bit Key lengths
  • All information which is stored in a Microsoft data center is protected by industry leading encryption and security protocols

Reinforcing legal protections:

  •  Committed to notifying any company when Microsoft receives a government request for access to their information
  • Working with other cloud providers to make the government go directly to an individual company, rather than a cloud provider, to obtain data

Increasing Transparency:

  •  Increasing the transparency of their software code, making it easier for customers to see for themselves that Microsoft products do not contain back doors.
  • Opening a network of transparency centers in the US, America and Asia

 

For more information or to read the full press release, please see this article from Microsoft

Welcome to the Interlink Cloud Blog

All content provided on this blog is for informational purposes only. The owner of this blog makes no representations or warranties regarding the information from our partners or other external sources.

Blog Categories

Interlink Cloud
Interlink Cloud
5 post(s)
Tips and Tricks
Tips and Tricks
1 post(s)
Outlook
Outlook
2 post(s)
Reporting
Reporting
1 post(s)
Cloud Storage
Cloud Storage
2 post(s)
Webinars
Webinars
14 post(s)
OneDrive
OneDrive
5 post(s)
Yammer
Yammer
3 post(s)
Azure
Azure
19 post(s)
SharePoint
SharePoint
9 post(s)
Microsoft
Microsoft
6 post(s)
Lync
Lync
8 post(s)
Office 365
Office 365
55 post(s)

Blog Archive