CISA Report Only Scratches Surface of Securing Office 365

The CISA report titled “Microsoft Office 365 Security Observations” makes five recommendations to improve security of an Office 365 tenant. The recommendations are valid, but competent administrators won’t take long to implement them. In fact, the worst thing is that consultants brought in to help organizations didn’t seem to have much expertise in securing Office 365.

Use an Exchange Authentication Policy to Block Email Protocols

Microsoft has released a preview of the cmdlet set to allow tenants to create and manage protocol authentication policies for Exchange Online. It’s a great chance to disable basic authentication and reduce the attack surface for password spraying.

How Exchange Online Room Mailboxes Use AutoUpdate and AutoAccept

Microsoft issued Message Center update MC151582 to tell Exchange Online administrators about a new default value for automatic processing of events sent to room mailboxes. Unfortunately, the PowerShell code in the update contains an error, so here’s some fixed code to check existing values and to set them to the new default, if you want to do that.