Hello Reader, and [some greeting]

We have another newsletter hot of the press for you! In this edition, we have another Microsoft 365 Management Tip, an opportunity for you to become an irreplaceable Microsoft 365 expert, some upcoming events, and a few recent announcements that caught our attention!

💡A Microsoft 365 Management Tip:

One thing I ofter here is how some people still trust on-premises more than the cloud from a security perspective. While we could debate the merits of that argument, one of the reasons has to do with physical access and not being able to access on-premises resources anytime from anywhere. But, guess what, while not completely the same, you can limit who can access resources protected by Entra ID, both Microsoft 365 resources, or any other that may use Entra for SSO.

​Conditional Access in Microsoft Entra allows you to block access (or allow access) based on device trust. When setting up Device Filters in the conditions and selecting “TrustType” you are provided with three options: Microsoft Entra joined, Microsoft Entra hybrid joined, Microsoft Entra registered. By allowing devices that are joined or hybrid joined (or blocking those that aren’t) you can effectively limit access to Microsoft 365 from devices outside of your control. This goes a long ways towards securing access to Microsoft 365 (and other apps) and better protection your data!

Would you like become the irreplaceable Microsoft 365 resource for your organization? Let me know!​

Upcoming Events

• ​Orlando FL - Global Power Platform Bootcamp 2024: It’s short notice, but hopefully I’ll be delivering one or two sessions at this conference in two weeks. One around Logic Apps vs. Power Automate and a second one around Powering up Microsoft Teams with Power Apps!
• ​Microsoft 365 Conference Orlando - May 1 & 2: I’m not planning to attend this conference, but maybe I’ll still make an appearance since it’s only 2 hours away. So, if you will be there, let me know, and maybe we can meet.

🗞️ Microsoft 365 news highlights

• Since we’re talking about Conditional Access. Microsoft has released more granular certificate-based authentication (CBA) configuration in Conditional Access! This policy allows you to customize policies in order to “allow access based on certificate issuer or policy OIDs.”
• This one comes with a disclaimer that I haven’t used this script or gone through it line by line, but it looks like a neat little script. When you run it, it should (remember I haven’t tested) go through and tell your where your various Microsoft Entra ID group are used. I’ve actually had clients ask for this exact thing, so it’s definitely on my list to check out as well. If anyone beats me to it, I would love to hear what you think!

​

Thank you all and have a great day!

Ben Stegink

Helping you become a Microsoft 365 Expert!

​