Persistently Vulnerable Exchange Servers: prepare for email throttling & blocking

[Update]: There was a change in the rollout timeline. We’ve also shown how to pause email throttling and blocking if your Microsoft 365 tenant is affected.

Microsoft throttles and even blocks emails sent from Exchange Server to Exchange Online. The transport-based enforcement system reports emails sent from vulnerable Exchange Servers and gradually delays and blocks mail flow to force admins to update their on-prem environments. This is to ensure superior security of Microsoft 365 organizations. See if the feature affects you and what you can do to keep your mail flow running. Continue reading...

Transport-based enforcement system blocks emails from persistently vulnerable Exchange servers

Microsoft 365 Copilot explained, the admin’s way

AI, or Artificial Intelligence in full, is a hot topic these days – no matter if we speak about personal or professional context. The popular Microsoft 365 offering from Microsoft has been AI-enabled at the end of 2023 through the introduction of Copilot, a solution to boost end-users’ productivity. Let’s have a closer look at Microsoft 365 Copilot, since, as an admin, you might face the task to set up this technology in your organization’s tenant any time soon. Continue reading...

All you need to know about Microsoft 365 Copilot

Conditional Access Policies in Microsoft 365

Conditional Access Policies (CAP) and Continuous access evaluation (CAE) are mechanisms introduced to Entra ID (Azure AD) to help organizations control access to their Microsoft 365 tenant. They make Client Access Rules obsolete. Read on to learn what you need to set up Conditional Access and how to configure your policies to, for example, block PowerShell access to your company for non-admin users. Continue reading...

Conditional Access Policy Microsoft 365

How to prevent users from changing profile photos in Microsoft 365

[Update]: This post was updated on November 3, 2023 to reflect changes in Microsoft 365 (Office 365).

When you set up user photos in Microsoft 365 (Office 365), they propagate through the whole Microsoft 365 tenant and apps integrated with Azure AD. This means that they are displayed in Outlook, Teams, SharePoint, and more. By default, any user can change their photo to anything they like. This might be a problem for admins who want to keep everything in order. In this article, I’ll show you why and how to block users from changing their photos in Microsoft 365. Continue reading...

How to prevent users from changing profile photos in Microsoft 365

How to set up Microsoft 365 archive policy

With thousands of emails exchanged every day even in a single medium-sized organization, user’s mailboxes might quickly get full. In Exchange Online, you can try to overcome this problem by enabling archive mailboxes and telling users to move old items to them. Unfortunately, the human factor can be the weak link in the process. This is where Microsoft 365 archive policies come into play, offering you a centralized and automated way to keep your users’ primary mailboxes below the cap. Continue reading...

Archive policy configuration in Microsoft 365 (Office 365)

All about sensitivity labels in Exchange Online

[Update]: This blog post was first published on December 13, 2021. It was updated to reflect UI changes in the Microsoft Purview compliance portal (Microsoft 365 compliance center) and show new features, like inheriting a higher priority sensitivity label from email attachments.

Microsoft 365 admins have many tools they can use to secure documents and emails. One of those tools is a sensitivity label. I’ll explain in detail what a sensitivity label is, how to set it up and test if it works well. Continue reading...

Sensitivity labels in Microsoft 365