Teams Real Simple with Pictures: Implementing System Preferred MFA

Ok time is of essence! There is a ton on. Corp wise. Community wise. You may have seen it on social this week that Teams Nation is coming back. Yes, Vesku and I were asked many many times. And yes, we decided to get onboard that crazy train again. But whilst it may seem like an eon away given it's February 2024 and a million things will happen between now and then; you'll have to believe me when I say that I'll soon be sitting here the weekend prior doing last minute speaker checks. So this week is a real quick one. And it's really following on from the blogs on Entra that I have covered the past few weeks. This is looking at System Preferred MFA in the context of Teams. So what is it? By definition, 'System-preferred multifactor authentication (SPMFA) prompts users to sign in using the most secure method they registered'. In other words, if you have registered Authenticator and SMS as two methods to sign-in using MFA then SPMFA is going to prioritise the more secure method which is Authenticator over SMS. It doesn't stop the choice of the other, but it does set precedence when signing into an app such as Teams or into the Microsoft 365 portal. Why is this important? Two reasons. The first is as described - it sets the most secure sign in method and that's ultimately what we as admins want to see for our users in Teams. The second is that by setting precedence, this could facilitate user behavioural change over time, with a view to removing less secure registered methods in the future. Now this feature should be set to enabled by default in time, but today in my Ring 4 test tenant it's set to Microsoft Managed. Could be lit up. May not. But it's not enabled. So here's a twist. Lets enable the methods for Authenticator and SMS, then enrol to MFA, then enable System-preferred MFA by default. Just for laughs, but also because I have a nice fresh tenant after my old one went into grace 😀

Teams Real Simple with Pictures: Launching an Attack Simulation in Teams with Collaborative Security

It's done. Vuzion is now Infinigate Cloud. And from my own practice perspective the Teams, and the SharePoint Sites have been rebuilt. The lists, and the flows, and the loops, and the Power BI reports. And all has been migrated. There has been legal to do. There has been some architectural to do. There has - truly - been an obscene amount of DevOps tasks. And there has been burndowns the like of which could very much be considered ones for the ages. But it's done. And I never intended to go six weeks off of the blog, but neither did I anticipate having to practically suspend my community and MVP inputs whilst I had to focus and hone in on what needed to be done on the business end. Now, I am very much looking forward to the next few years at Infinigate Cloud. In the immediate future whilst I am holidaying out on the Isle of Wight with the family, I am looking forward to simply writing this blog. It's going to be about launching attack simulations within Microsoft Teams which is part of the new Collaborative Security functionalities announced at Secure and which is currently in preview. This'll need Microsoft Defender for Office 365 Plan 2, of which Attack Simulation Training (AST) is a part, and whilst I'll only run through a straightforward credential harvest, I hope that it will whet the appetite enough for you to go on and test it and explore more. One note right off the bat - in the context of Teams messages are defined strictly as private 1:1 chat messages. No group chat. No channels. No guests. For now.

Teams Real Simple with Pictures: Getting Hands on with Bulletins

Happy Valentines Day! It's been a busy few weeks. I am in the middle of this thing called the Microsoft Teams Winter Tour. Basically, it's about ten conferences I am speaking at chained together throughout at the course of January and February. At the time of writing I have done seven. So three more to go - and all three come a week from today on the 19th in a triple header that'll see me speak in France, Italy and Nigeria all on the same day. To be fair its been incredible - but it's also been hard to keep up with all the new stuff coming out in Teams too - and there's been a lot. A lot of news and a lot of developments. So in the period between now and Ignite I am going to try and step back up and I'll start with something which seemed to fly under the radar which is bulletins. This is an app which appeared sometime last week and what interests me particularly about this is that its a Power App, one whose data is stored within Dataverse. Now Power Apps in Teams has massive potential - we all know this, we've all known this a long time. However, previously Power Apps designed by Microsoft typically came as either Teams Templates, or Power Apps Templates which meant you would need to customise and install them yourself as Custom Apps: in other words they weren't already available out of the box from the Teams App store. Is this a new direction? Have Microsoft seen the best way to get into Power Apps is to actually go from the position of using them then customising them? Well, yes. Read the description below - 'it's then easy for an org to go on and extend the core functionality'. Clever Microsoft. Oh I see you. But let's talk about Bulletins. It's an app that's designed to keep Team Members informed in terms of broadcasts and announcements. FAQ's also. Now I can only imagine some within the Yammer community are going to have something to say here - but before we mosey on down to Defcon 1 in regards to apps which dupe functionality, let's have a walkthrough and deploy this and see how we go. Personally, from the description I think this could be good. On the other hand, I also think it could go really bad if people don't understand about storage