Evaluating PIM's Effectiveness | Practical365
This article outlines how to get started with PIM, how to audit its use, and what workarounds could be circumventing your security controls.| Practical 365
This article outlines how to get started with PIM, how to audit its use, and what workarounds could be circumventing your security controls.| Practical 365
In this episode of Practical Protection, we discuss Microsoft’s Secure Future Initiative and what their latest progress report reveals about improving identity protection, reducing privileged access, and accelerating vulnerability response—and what you can take from it to strengthen your own environment. The post Practical Protection: Learning from Microsoft’s Secure Future Initiative appeared first on Practical 365.| Practical 365
In this installment of the Graph Activity Log series, we uncover how attackers exploit OAuth app consent to silently access Microsoft 365 data. Using targeted KQL queries and PowerShell automation, this blog shows how to detect, investigate, and respond to these stealthy identity-based threats. The post Investigating OAuth App Abuse with the Graph Activity Log appeared first on Practical 365.| Practical 365
Boasting a 20-fold increase in scalability and a cloud mailbox to hold a channel calendar, Microsoft is giving Teams private channels a significant revamp in an update that will roll out in late September 2025. The new mailbox is the new home for compliance records for private channels, which means that Microsoft 365 retention policies need a review to make sure that conversations are retained as desired. The post Second Generation of Private Channels Scales Up to New Heights appeared first o...| Practical 365
In Part 3 of our Controlling Access in Entra ID Apps series, we explore how combining Administrative Units with RBAC roles enables scoped, secure management of Microsoft 365 resources. Learn how dynamic membership rules and role assignments help enforce least privilege, simplify delegation, and improve operational clarity across your tenant. The post Controlling Access to Microsoft 365 Entra ID Apps Part #3 appeared first on Practical 365.| Practical 365
In the blog, Lewis Baybutt breaks down how Copilot agents enhance Microsoft 365 by enabling users to interact with enterprise data and perform tasks. The article explores agent types, developer tools like Agent Builder and Copilot Studio, and how consumption licensing unlocks deeper functionality. The post Understanding Copilot Agents in Microsoft 365 Copilot Chat appeared first on Practical 365.| Practical 365
Microsoft 365 Copilot is a great AI notetaking app for Teams meetings, but it's expensive. A range of cheaper options are available from other AI companies. Should Microsoft 365 tenants allow users to install these apps and access what goes on in Teams meetings? It could be a difficult decision.| Practical 365
Since its inception, the Teams user interface emphasized teams and channels for collaboration. But that's not how people work, and the new chat and channels experience emphasizes chats a lot more. This doesn't mean that channels are going away. They remain the foundation of teams and the right way to communicate and share information for ongoing use, but the change to highlight chats might take some getting used to.| Practical 365
Practical Office 365 News, Tips, and Tutorials| Practical 365
Dynamic Microsoft 365 Groups come with many advantages, but they also require Entra P1 licenses. This article explores how to create and maintain a DIY version of dynamic Microsoft 365 groups using the Microsoft Graph PowerShell SDK and Azure Automation. At the end of the day, the principle is proven, but maybe it's best to pay for the licenses. The post Practical Graph: Creating Dynamic Microsoft 365 Groups without Entra P1 Licenses appeared first on Practical 365.| Practical 365
In this blog, we explore how IT admins can leverage WinGet, Microsoft’s Windows Package Manager, to streamline application deployment and updates across Intune-managed devices. The post Using WinGet with Intune appeared first on Practical 365.| Practical 365
In this blog, we dive into Microsoft’s GitHub Spark, and how it redefines how developers and non-developers alike build intelligent web apps. By combining GitHub Copilot with a natural language interface, Spark lets users describe what they want and watch it come to life with no deep coding required. The post Practical AI: Experimenting with GitHub Spark appeared first on Practical 365.| Practical 365
In this article, Jaap Wesselius provides an overview of Exchange SE, discusses possible upgrade paths, and outlines Exchange server support. The post Exchange Server Subscription Edition appeared first on Practical 365.| Practical 365
Many organizations view Teams chats stored in OneDrive for Business as potential compliance risks. Without proper retention policies, this data can be lost, deleted, or retained too long. In this blog, we dive into managing Teams chat files automatically with Purview.| Practical 365
This article explains how to use PowerShell to create a report listing the files from a OneDrive for Business account. Because so many Microsoft 365 apps store their files in OneDrive (and other apps too), OneDrive can become a form of dumping ground for data. Seeing file information in the report allows account owners to clean up their digital debris.| Practical 365
Many Teams users love to use group chats as a way to get work done. Group chats are effective, but the information shared in chats ends up in personal OneDrive accounts. To help switch people back to channel conversations, Teams has a new threaded layout to make conversations behave much like chats. The new layout works well for some channels but not for others.| Practical 365
In this Episode of the Practical 365 podcast, Steve and Paul deep dive into the Microsoft 365 Copilot exploit, "Echo Leak," discussing its implications for AI safeguards and the future of agentic AI. The conversation then shifts to a recent global outage affecting Google and Cloudflare, highlighting the challenges of maintaining hyperscale services. We also examine Microsoft's new initiative to offer containerized M365 instances in Europe, addressing concerns over data sovereignty. Finally, t...| Practical 365
There's a lot to learn about Copilot Studio, especially for hard-pressed Microsoft 365 tenant administrators who already have too much work to do. This article gives administrators the essential details that they should consider as Copilot agents become more interesting to their organization.| Practical 365
In the first installment of Securing Microsoft 365 with Graph Activity Logs, Mezba Uddin dives into the essentials of the Microsoft Graph Activity Log, what it does, its importance for visibility, and how to get it running to start seeing it's data.| Practical 365
With Microsoft Power Platform on the rise with over 56 million monthly active users, governance is vital to reduce potential risk. In this first installment of Practical Power Platform, we discuss essential areas Microsoft 365 admins should focus on, including the Power Platform Admin Center, Data Loss Prevention (DLP) policies, tenant isolation, and Microsoft Purview auditing.| Practical 365
It's time to check recipient filters for dynamic distribution groups to ensure that you don't have any wildcard prefixes used with the -eq operator to find recipients based on their email addresses. A November 30 update will stop this kind of recipient filter working, and might have a knock-on effect on other processes.| Practical 365
Vasil Michev explores how you can mitigate threats and scope down permissions using application access policies in Exchange Online| Practical 365
Learn how to increase cost efficiency within Microsoft Sentinel by leveraging Log Analytics capabilities.| Practical 365
Many apps are created in the Azure AD for a tenant. Those apps have permissions to allow them to access data, and consent for those permissions are granted by administrators and users.| Practical 365
