Configuring Data Loss Prevention for Microsoft Teams

Configuring Data Loss Prevention for Microsoft Teams

Data Loss Prevention has now been included into Microsoft but being a Skype for Business consultant have you ever configured DLP? Probably not.

So this post will look how it is configured from Start to Finish so let’s start with the standard prerequisites;

  • Office 365 Global Administrator Account

Launch Microsoft 365 Admin Center –> Select Security from under Admin Center

Admin Center

Click “More resources” and Open for Office 365 Security and Compliance Center

Click Data Loss Prevention –> Click Policy –> Click Create a policy

Data Loss Prevention

For the purpose of this post I will be creating a policy for covering UK National Insurance Numbers / Passport Numbers. DLP has a list of generic policies or you can configure a custom policy

Select –> Privacy –> Select UK Personally Identifiable Information (PII) Data –> Click Next

Polices

Click Next

Create Policy

At this stage you can select if you want to configure this policy for Exchange email, Microsoft Teams chat and channel messages, OneDrive and SharePoint Documents or specify a subset of services.

Select your required option –> Select Next

Microsoft Teams or All

Example of specifying a subset of services, at this stage you can also Include/Excludes Groups, Accounts and Sites.

Select options

Select Find content that contains

For this post, I am looking for PII data that is being shared outside my organisation.

Select Next

Configure Policy

Using the default options here but you can configure option to send incident report to a Distribution List or individuals.
Select Next

Configure Policy

Select “I’d like to test it out first” or Yes, turn it on right away. This is depending if your organisation is ready for the big switch on. The tenant being used in this post is a test tenant will small amount of users.

Press Next

Configure policy

Review your configured settings –> Select Create

Review

Testing – DLP for Micorsoft Teams

So like with all things Microsoft, we have to wait for replication to take place before we can really start testing DLP. Please dont expect your change to work straight away as its needs to work its way through the big Microsoft cloud.

Email Notification that NINO Number has been shared using Microsoft Teams
Warning Message to the User that sent the NINO Number
Email Notification that NINO Number detected in Exchange

So its safe to say DLP is now working within my tenant.

Regards

The Author – Blogabout.Cloud

Big News: Microsoft Teams being rolled out with Office 365 ProPlus (CDN)

Big News: Microsoft Teams being rolled out with Office 365 ProPlus (CDN)

Finally, Microsoft Teams will be introduce into Office 365 ProPlus… Microsoft Teams will be introduced into the;

  • February Monthly Channel; the
  • March Semi-Annual Channel Targeted (SAC-T); and
  • July Semi-Annual Channel (SAC)

But will automatically install Teams when Office 365 ProPlus is installed on new PCs and Macs.

image

Now the million dollar question, how is it being introduced?

As a Consultant that has delivered and spoke about Office ProPlus for a number of years, I do have concerns about how it’s going to be introduced and here’s why.

Office 365 uses the (CDN) Content Delivery Network for providing updates to all the Office ProPlus products, is it not the case with Microsoft Teams.

The update mechanism is completely different as the client is delivered by good old MSI so this will bring a number of questions and challenges to start;

  • What version of Office am I running?
  • What version of Teams am I running?
  • Does Teams need updating?
  • I have this weird problem but my colleague doesnt, is it version related?
  • etc.. etc…

However, if they integrate Microsoft Teams into the CDN it is definitely the way forward and also allows the customer to exclude Teams in the configuration.xml (if this is a requirement). It is very early days and I am sure more information will be released in due case but until then I am looking forward to see what the future holds as Microsoft have stated
Teams will automatically be installed for users who already have Office 365 ProPlus in the future.” So if you’re not using Microsoft Teams today Microsoft are making damn sure its available to increase adoption.

The Author – Blogabout.Cloud

Microsoft Teams PowerShell Module Updates (Version 0.9.6 now available)

Microsoft Teams PowerShell Module Updates (Version 0.9.6 now available)

Microsoft have recently released an update to the Microsoft Teams powershell module, in this update we see 3 new exciting additions allowing more control for your Microsoft 365 Global Adminstrator or dedicated Microsoft Teams Service Administrator.

New-Team -Owner Parameter

You can now create Microsoft Teams using the Owner parameter

Edit all Teams settings on all Teams without ownership

Now as a Microsoft 365 Global Admin or Microsoft Teams Service Admi, you can edit all setting within a Microsoft Team located within your tenant.

What no licence require?

The administration account no longer requires a Microsoft Teams Licence in order to use the PowerShell Module

So now lets update Microsoft Teams PowerShell module.

I have created the following script which will check your client machine to see what version is installed and install the latest version.

Detect, Remove, Destroy and Upgrade your Microsoft Teams Module`

Regards

The Author – Blogabout.Cloud

Microsoft Teams Direct Routing with Azure Audiocodes SBC

Microsoft Teams Direct Routing with Azure Audiocodes SBC

Microsoft Teams Direct Routing is the latest in connecting your SIP trunk provider but how about leveraging the Microsoft cloud and deploy your Session Boarder Controller (SBC) into Azure.

Audiocodes are one of many SBC providers using Azure to provide an additional options with your approach to moving to Microsoft Teams.  If your a consultant deploying AudioCodes Mediant VE SBC for Microsoft Azure, this process couldnt be any easier with using Azure Resource Manager (ARM) templates which can be developed to adapt to any customer requirements.

If you have a bit of Azure knowledge in deploying new resources the below image will not be to difficult understand.

But if this is the first time you’ve looked deploying a resource in Azure, I highly recommend looking at creating a template and use Visual Studio. This will allow you to make modification in the code and learn how ARM templates work.

How much does the Audiocodes Virtual Machine cost?

The below tables is based on today costing as of 12 November 2018 and these prices may change.

VM Size Offering Family VCPU RAM Data Disk Max IOSP Temporay Storage SIP Sessions Price
D2_v2 Standard General Purpose 2 7 8 8×500 100GB 200 £75.41
D2_v3 Standard General Purpose 2 8 4 4×500 50GB 500 £66.54
D3_v2 Standard General Purpose 4 14 16 16×500 200GB 900 £150.83

Microsoft Teams Direct Routing will only get bigger as time goes on and you can expect the number of supported SIP sessions to increase (expected 6000 sessions in Q1 2019). It is also worth noting that Audiocodes also offer a multi tenant SBC so if you are a service provider, you can house multi customers on a single SBC appliance.

Regards

Author – Blogabout.Cloud

Dynamic groups in Microsoft Teams

Dynamic groups in Microsoft Teams

Microsoft Teams now supports dynamic groups but what does this mean? Dynamic groups are an Azure AD Premium (P1) feature that allows group membership to be automatically tied to AD attributes (i.e. users with a location of ‘London, New York or Seattle’) that will continuously sync as the membership changes over time. Dynamic group membership reduces the administrative overhead of adding and removing users.

Which is great for IT Administrator across the group.

How to create a dynamic group

Please follow the steps from here

https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/groups-create-rule

Once you have created the group, every assigned member will receive an email stating they have joined the defined group

We already have a group (Office or Security) and would like to change its membership type to “Dynamic”

Of course you can do this from the Azure AD admin center. Please follow the steps from here https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/groups-change-type

How do create a Microsoft Team with a Dynamic Group

Launch Microsoft Teams and click “Join or create a team

Click “Create a team from an existing Office 365 Group

Select the dynamic group you are an owner of and the group name will become the Team name.

Command Questions

Does this support syncing Security Groups (SGs)?

No, dynamic membership groups are different from SG/DL

How long does the dynamic group changes take to reflect in Teams?

This can take up to 2 hours after membership changes are reflected in Azure portal.

Regards,

Author – Blogabout.Cloud

What version, ring and enviroment am I apart of in Microsoft Teams?

What version, ring and enviroment am I apart of in Microsoft Teams?

How do I know what version of Microsoft Teams Client I am running?
How do I know what ring I am apart of?
How do I know what environment I am apart?

Enter…

Get-Content $env:UserProfile”\AppData\Roaming\Microsoft\Teams\settings.json” | ConvertFrom-Json | Select Version, Ring, Environment

Regards

The Author – Blogabout.Cloud

Detect, Remove, Destroy and Upgrade your Microsoft Teams Module`

Detect, Remove, Destroy and Upgrade your Microsoft Teams Module`

The following script has been designed to detected, remove and upgrade your Microsoft Team PowerShell Module.

How does it work?

The script will initial check if you are running a PowerShell window with evaluated privileges as this is a prerequisites to running this script. Once Administrative privileges have been detected it will compare the installed version of the Microsoft Teams module against the online version located the PSGallery. If the online is greater than the installed version, the script will use the uninstall-module cmdlet to remove the previous version and install the latest version from the PSGallery.

If your installed version matches the online version no actions will be taken.

This script also includes an output of the installed client version of Microsoft Teams with its Ring and Environment information as shown below

Download this script today

Detect-MicrosoftTeams-Version (542 downloads)

Regards

The Author – Blogabout.Cloud