Interlink Cloud Blog

Interlink Cloud Blog

Welcome to the Interlink Cloud Blog

All content provided on this blog is for informational purposes only. The owner of this blog makes no representations or warranties regarding the information from our partners or other external sources.
Sarah Bunt

ON-DEMAND WEBINAR | Everything You Need to Know About GDPR & How it Affects Your Business

ON-DEMAND WEBINAR | Everything You Need to Know About GDPR & How it Affects Your Business

gdpr view webinar and slides

Are you prepared for GDPR?

In May 2018, the EU General Data Protection Regulation (GDPR) comes into effect. This new European privacy regulation will permanently change the way you collect, store and use customer data for any European citizen or company.

Prepare yourself now by viewing this on-demand webinar by Microsoft and Interlink Cloud Advisors, which provides you with an in-depth overview of the GDPR regulations, including high-level requirements, penalties, and what you should be planning for.

Interlink's data protection and information security experts take you through compliance requirements and scenarios and demonstrate the Microsoft tools available to help drive compliance across your entire IT enterprise including Office 365, on premises, and third-party cloud solutions.

Continue reading
  4252 Hits
Matt Scherocman

The Road to General Data Protection Regulation (GDPR) Compliance with Microsoft and Interlink

The Road to General Data Protection Regulation (GDPR) Compliance with Microsoft and Interlink

In the ever-changing digital age, one of the most important things is data protection. In an effort to strengthen and unify data protection for all individuals within the European Union (EU), the EU has decided to implement a new law called General Data Protection Regulation, or GDPR for short. This regulation will start being enforced on May 25, 2018 and will impact almost every business that has employees, customers or potential customers in Europe.

What does the GDPR mean for your company?

With more than 160 GDPR regulation requirements, ranging from mandating a 72-hour notification for personal data breaches to regulations on how you collect, store and use personal information, it’s clear companies will need to get on the path to compliance.

Continue reading
  4839 Hits
Matt Scherocman

Stay Ahead of the Evolving Threat Landscape with Office 365 Advanced Threat Protection (ATP)

Stay Ahead of the Evolving Threat Landscape with Office 365 Advanced Threat Protection (ATP)

With the never-ending threat of malware, companies must continually find ways to stay ahead. How do you protect your data from these threats when they are always evolving and becoming more aggressive? Microsoft has a solution that helps protect Exchange online, Word, Excel and PowerPoint Online called Advanced Threat Protection (ATP). It is another layer of must-have security that Microsoft offers to meet all your business needs.

What exactly does Advanced Threat Protection do?

Continue reading
  6213 Hits
Matt Scherocman

Microsoft Cloud App Security – On-Premise Security in the Cloud

Microsoft Cloud App Security – On-Premise Security in the Cloud

Why Do I Need Security in The Cloud?

Whether you like it or not, your company data is most likely all over the place. More than 80% of employees admit to using non-Microsoft SaaS applications, like Salesforce, Box, etc., at work.* With valuable and confidential files flying around, you need to make sure that the level of security you’ve already implemented on-premises is reflected in the cloud, and Microsoft has you covered. With Microsoft’s Cloud App Security enterprise-grade security for cloud applications, you have the tools for deeper visibility, comprehensive controls, and enhanced protection against the dangers—such as company data leaks—of unsecured cloud activity across multiple non-Microsoft cloud vendors.

Continue reading
  4963 Hits
Eric Inch

"Stay Out Unless I Say So!" - The Sweetness of Azure AD Conditional Access

"Stay Out Unless I Say So!" - The Sweetness of Azure AD Conditional Access

I talk to a lot of customers using Office 365 that would like to have granular control on who can access the hosted services and only allow access to these services from corporate owned and managed devices. Enter Azure AD Conditional Access. “Keep out.. Unless of course you meet certain conditions!”

For example, with Azure AD device access rules you can restrict access to Exchange Online to only domain joined machines.

“Wait?! What?! That sounds just like what I’m looking to do.

What does that look like?”

 

When a user attempts to access Outlook Web App from a personal computer, they go to the OWA URL and enter their username and password.


The conditional access policy will look to verify that the device being used to access OWA is domain joined and registered in Azure AD. Since the computer is a personal computer, the user is denied access.


After closer examination using the “More details” link, you can see the access rules set require the device to be domain joined for access. In the scenario of personal computers, this will show as Unregistered.

Your access to corporate resources was swatted away like Dikembe Mutumbo. “Not in my house!”

“Good Eric, that’s all great but how about the full Outlook client? I would really like to see what options we have to prevent our users from connecting their personal Outlook client to our corporate email.”


When a user attempts to connect the Outlook client on a non-domain machine, the Outlook client will open and prompt the user for authentication.


The user will enter their username and password and the authentication process will look for a registered device.


Once again the user will be gently reminded that they need to be on a corporate owned device.

“Wow Eric, I’m really impressed by Conditional Access and the device access restrictions available in the Microsoft security suite. Anything else we should know? What about users that want to access OWA from other browsers?”

 

First and foremost, under no circumstance should you ever use anything other than Microsoft technology. Ever!

But, in the event some of your users want to go against my recommendation, to access corporate resources protected with device access rules they would need to use a supported browser. Conditional access support for applications: https://azure.microsoft.com/en-us/documentation/articles/active-directory-conditional-access-supported-apps/


The behavior when attempting Outlook Web App using the Google Chrome browser would be as follows:

The user enters their username and password from a non-domain machine.

Since the user is trying to use a browser that doesn’t support conditional access, it gives the user a warning that the browser is not supported and to use Microsoft Edge or Internet Explorer.

The device based access rules are configured within Azure AD Premium and have the following options.

  • Enable Access Rules – On or Off. (self-explanatory)
  • Apply To – Specific groups that you want to scope the access rules to. You also have the ability to except specific users from the scope.
  • Device Rules – The access rules you want to enforce for access to the corporate resources.
  • Application Enforcement – “For browser and native applications” OR “For only native applications” Exchange ActiveSync – Require a compliant device to access email

For more information on Azure AD Conditional access, please read the official Microsoft blog article AzureAD Conditional Access Policies for iOS, Android and Windows are in Preview!

 

Continue reading
  7780 Hits

Welcome to the Interlink Cloud Blog

All content provided on this blog is for informational purposes only. The owner of this blog makes no representations or warranties regarding the information from our partners or other external sources.