Returned ‘400 4.4.7 Message delayed’ from MessageLabs.com

I need a solution

When we send emails to many customers who are using Symantec’s service, we receive refunds, such as

供管理员使用的诊断信息:

生成服务器: CDSSRVDCEX02.hkdc.cds-net.com
接收服务器: cluster5a.eu.messagelabs.com (18.194.106.207)
 

blau@plumproducts.com
Remote Server at cluster5a.eu.messagelabs.com (18.194.106.207) returned ‘400 4.4.7 Message delayed’
1/24/2019 10:45:09 AM – Remote Server at cluster5a.eu.messagelabs.com (18.194.106.207) returned ‘451 4.4.0 Primary target IP address responded with: “421 4.4.1 Connection timed out.” Attempted failover to alternate host, but that did not succeed. Either there are no alternate hosts, or delivery failed to all alternate hosts. The last endpoint attempted was 18.194.106.207:25’

原始邮件头:

Received: from CDSSRVDCEX01.hkdc.cds-net.com (10.1.1.33) by
 CDSSRVDCEX02.hkdc.cds-net.com (10.1.1.64) with Microsoft SMTP Server (TLS) id
 15.0.1367.3; Thu, 24 Jan 2019 14:52:39 +0800
Received: from CDSSRVDCEX01.hkdc.cds-net.com ([fe80::41b3:7f32:d22f:6b81]) by
 CDSSRVDCEX01.hkdc.cds-net.com ([fe80::41b3:7f32:d22f:6b81%16]) with mapi id
 15.00.1367.000; Thu, 24 Jan 2019 14:52:38 +0800
From: April Shao <aprilshao@cdsshanghai.com.cn>
To: “op@fanfeitrans.com” <op@fanfeitrans.com>
CC: “blau@plumproducts.com” <blau@plumproducts.com>
Subject: CTCVANL06138SH0
Thread-Topic: CTCVANL06138SH0
Thread-Index: AdSzsUJdsk09dD0MRRSTWf5Qunf96A==
Date: Thu, 24 Jan 2019 06:52:38 +0000
Message-ID: <60de1864092a42339ddefd0e1bf213d3@CDSSRVDCEX01.hkdc.cds-net.com>
Accept-Language: zh-CN, en-US
Content-Language: zh-CN
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [221.133.242.163]
Content-Type: multipart/related;
       boundary=”_004_60de1864092a42339ddefd0e1bf213d3CDSSRVDCEX01hkdccdsnetc_”;
       type=”multipart/alternative”
MIME-Version: 1.0
 

We try to solve this problem with smart hosts, but it can’t solve all the problems in the end.

Our domain:cds.com.hk,cdsshanghai.com.cn, cdsningbo.com,cdsqingdao.com,cdsxiamen.com

Our exchange servers IP : 175.45.36.68-70

0

Related:

  • No Related Posts

Can’t receive emails from clients using symantec

I need a solution

Hi, 

For nearly 1/2 year now, we’ve been unable to receive emails from clients using higher-levels of symantec security. We had an issue last year with an infected machine that appears to have given us a negative reputation (Case 00013827), but we had this lifted late last year and we still don’t receive emails.

Here’s an example:

Diagnostic information for administrators:

Generating server: LV-EX01.lismore.local

rebecca@armsign.com.au
server-18.tower-403.messagelabs.com
Remote Server returned ‘550 Invalid recipient <rebecca@armsign.com.au> (#5.1.1)’

Original message headers:

Received: from LV-EX01.lismore.local (10.1.2.18) by LV-EX01.lismore.local

(10.1.2.18) with Microsoft SMTP Server (TLS) id 15.0.1367.3; Tue, 27 Nov 2018

12:05:35 +1100

Received: from LV-EX01.lismore.local ([fe80::a1e0:dede:77a3:156d]) by

LV-EX01.lismore.local ([fe80::a1e0:dede:77a3:156d%16]) with mapi id

15.00.1367.000; Tue, 27 Nov 2018 12:05:35 +1100

From: Kate Steel <Kate.Steel@lismore.nsw.gov.au>

To: “‘rebecca@armsign.com.au‘” <rebecca@armsign.com.au>

Subject: test

Thread-Topic: test

Thread-Index: AdSF7UupFZy6WiA5Sf66pQIm+USZgA==

Date: Tue, 27 Nov 2018 01:05:35 +0000

Message-ID: <ad5f04ab2f1e4a3097ad423beff6146e@LV-EX01.lismore.local>

Accept-Language: en-AU, en-US

Content-Language: en-US

X-MS-Has-Attach:

X-MS-TNEF-Correlator:

catalogueonsend: False

x-ms-exchange-transport-fromentityheader: Hosted

x-originating-ip: [10.10.2.112]

Content-Type: multipart/alternative;

        boundary=”_000_ad5f04ab2f1e4a3097ad423beff6146eLVEX01lismorelocal_”

MIME-Version: 1.0

This issue is now happening with other clients who are using symantec products. We are unable to send/receive pretty much with everyone using your products. Can we get this resolved?

0

Related:

  • No Related Posts

Microsoft Windows Security Updates January 2019 overview

Welcome to the first Microsoft Windows Patch Day overview of 2019. Microsoft released security updates for all supported client and server versions of the Windows operating system and other company products such as Microsoft Office on January 8, 2019.

We publish a monthly overview shortly after Microsoft’s release on the second Tuesday of each month. The overview lists all released security updates with links to Microsoft Support articles, known issues, downloads, and other Patch Tuesday related information.

You can check out the December 2018 Patch Day overview here.

Note: As always, we recommend to back up the system before you install updates for Windows or any other program.

Microsoft Windows Security Updates January 2019

Click on the following link to download an Excel spreadsheet that includes data about all released security updates for Microsoft Windows versions and other Microsoft products. Just click on the following link to start the download: security-updates-microsoft-january-2019-windows.zip

Executive Summary

  • Microsoft released security updates for all client and server versions of Windows.
  • No critical vulnerabilities in Windows 8.1 and 7.
  • Microsoft released security updates for Microsoft Edge, Internet Explorer, Adobe Flash Player, .NET Framework, Microsoft Office, Microsoft Exchange Server, and Microsoft Visual Studio
  • Windows 10 version 1809 is in active distribution. Check out our guide on delaying feature updates for Windows 10 to avoid the installation.
  • The Update Catalog lists 187 updates for January 2019.

Operating System Distribution

  • Windows 7: 15 vulnerabilities of which 15 are rated important.
  • Windows 8.1: 18 vulnerabilities of which 18 are rated important.
  • Windows 10 version 1607: 23 vulnerabilities of which 1 is critical and 22 are important
  • Windows 10 version 1703: 24 vulnerabilities of which 1 is critical and 23 are important
  • Windows 10 version 1709: 24 vulnerabilities of which 1 is critical and 23 are important
  • Windows 10 version 1803: 26 vulnerabilities of which 3 are critical and 23 are important
  • Windows 10 version 1809: 25 vulnerabilities of which 2 are critical and 23 are important

Windows Server products

  • Windows Server 2008 R2: 15 vulnerabilities of which 15 are important.
  • Windows Server 2012 R2: 18 vulnerabilities of which 18 are important.
  • Windows Server 2016: 23 vulnerabilities of which 1 is critical and 22 are important.
  • Windows Server 2019: 25 vulnerabilities of which 2 are critical and 23 are important.

Other Microsoft Products

Windows Security Updates

All Windows versions:

Starting with the January 2019 security updates, PowerShell remote endpoints cannot be configured anymore to work with non-administrator accounts.

Attempts to use non-admin accounts throws the following error after installation of the updates:

“New-PSSession: [computerName] Connecting to remote server localhost failed with the following error message: The WSMan service could not launch a host process to process the given request. Make sure the WSMan provider host server and proxy are properly registered. For more information, see the about_Remote_Troubleshooting Help topic.”

Windows 10 version 1809

KB4480116

Security updates to Microsoft Edge, Internet Explorer, Windows App Platform and Frameworks, Windows MSXML, Windows Kernel, Windows Storage and Filesystems, Windows Wireless Networking, Microsoft JET Database Engine, Windows Linux, Windows Virtualization, and the Microsoft Scripting Engine.

Windows 10 version 1803

Fixes a highly exploitable issue in Windows 10 version 1803; recommended to patch as early as possible. See Zero Day Initiative and Microsoft’s guidance on the vulnerability.

KB4480966

  • Security updates to Internet Explorer, Microsoft Edge, Windows App Platform and Frameworks, the Microsoft Scripting Engine, Windows Kernel, Windows Storage and Filesystems, Windows Virtualization, Windows Linux, Windows MSXML, and the Microsoft JET Database Engine .

Windows 10 version 1709

KB4480978

  • Fixes an issue with esentutl /p which caused the repair to result in a “mostly empty database” which is corrupt and cannot be mounted.
  • Security updates to Internet Explorer, Microsoft Edge, Windows App Platform and Frameworks, the Microsoft Scripting Engine, Windows MSXML, Windows Kernel, Windows Storage and Filesystems, Windows Virtualization, Windows Linux, and the Microsoft JET Database Engine.

Windows 10 version 1703

KB4480973

  • Security updates to Internet Explorer, Microsoft Edge, Windows App Platform and Frameworks, the Microsoft Scripting Engine, Windows Authentication, Windows MSXML, Windows Kernel, Windows Storage and Filesystems, Windows Virtualization, Windows Linux, and Microsoft JET Database Engine

Windows 10 version 1607

KB4480961

  • Security updates to Internet Explorer, Windows App Platform and Frameworks, the Microsoft Scripting Engine, Windows Kernel, Windows Hyper-V, Windows MSXML, and the Microsoft JET Database Engine.

Windows 8.1 and Windows Server 2012 R2

KB4480963 Monthly Rollup

  • Protection against Speculative Story Bypass CVE-2018-3639 for AMD-based computers
  • Security updates to Windows App Platform and Frameworks, Windows MSXML, Windows Kernel, Windows Storage and Filesystems, Windows Wireless Networking, and the Microsoft JET Database Engine.

KB4480964 Security-only

  • Same as Monthly Rollup

Windows 7 SP1 and Windows Server 2008 R2 SP1

Note: The updates may introduce issues with network shares.

KB4480970 Monthly Rollup

  • Protection against Speculative Story Bypass CVE-2018-3639 for AMD-based computers
  • Security updates to Windows Kernel, Windows Storage and Filesystems, Windows Wireless Networking, and the Microsoft JET Database Engine.

KB4480960 — Security-only

  • Same as Monthly Rollup

Other security updates

KB4483235 — Windows 10 version 1809 and Windows Server 2019 — Security update for Internet Explorer

KB4483234 — Windows 10 version 1803 — Security update for Internet Explorer

KB4483232 — Windows 10 version 1709 — Security update for Internet Explorer

KB4483230 — Windows 10 version 1703 — Security update for Internet Explorer

KB4483229 — Windows 10 version 1607 and Windows Server 2016 — Security update for Internet Explorer

KB4483187 — Cumulative security update for Internet Explorer: December 19, 2018 — fixes a remote code execution vulnerability.

KB4480059 — Security and Quality Rollup for .NET Framework 4.5.2 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008

KB4480051 — Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4480054 — Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Windows Server 2012 R2

KB4480055 — Security and Quality Rollup for .NET Framework 4.6 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008

KB4480057 — Security and Quality Rollup for .NET Framework 4.5.2 for Windows 8.1 and Windows Server 2012 R2

KB4480058 — Security and Quality Rollup for .NET Framework 4.5.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4480061 — Security and Quality Rollup for .NET Framework 3.5 for Windows Embedded 8 Standard and Windows Server 2012

KB4480062 — Security and Quality Rollup for .NET Framework 2.0, 3.0 for Windows Server 2008

KB4480063 — Security and Quality Rollup for .NET Framework 3.5.1 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4480064 — Security and Quality Rollup for .NET Framework 3.5 for Windows 8.1 and Windows Server 2012 R2

KB4480070 — Security Only Update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4480071 — Security Only Update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Windows Server 2012 R2

KB4480072 — Security Only Update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008

KB4480074 — Security Only Update for .NET Framework 4.5.2 for Windows 8.1 and Windows Server 2012 R2

KB4480075 — Security Only Update for .NET Framework 4.5.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4480076 — Security Only Update for .NET Framework 4.5.2 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008

KB4480077 — Security Only Update for .NET Framework 4 on WES09 and POSReady 2009

KB4480083 — Security Only Update for .NET Framework 3.5 for Windows Embedded 8 Standard and Windows Server 2012

KB4480084 — Security Only Update for .NET Framework 2.0, 3.0 for Windows Server 2008

KB4480085 — Security Only Update for .NET Framework 3.5.1 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4480086 — Security Only Update for .NET Framework 3.5 for Windows 8.1 and Windows Server 2012 R2

KB4480957 — Security Only Quality Update for Windows Server 2008

KB4480968 — Security Monthly Quality Rollup for Windows Server 2008

KB4480965 — Cumulative Security Update for Internet Explorer

KB4480972 — Security Only Quality Update for Windows Embedded 8 Standard and Windows Server 2012

KB4480975 — Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012

KB4480979 — Adobe Flash Player update

KB4481275 — Security Update for WES09 and POSReady 2009

KB4481480 — Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4481481 — Security Only Update for .NET Framework 3.5.1 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2

KB4481482 — Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4481483 — Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012

KB4481484 — Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2

KB4481485 — Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Windows Server 2012 R2

KB4481486 — Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 on Windows Server 2008

KB4481487 — Security Only Update for .NET Framework 2.0 for Windows Server 2008

KB4480056 — Cumulative Update for .NET Framework 3.5 and 4.7.2 for Windows 10 Version 1809, Windows 10 Version 1803, Windows 10 Version 1709, Windows 10 Version 1703, Windows 10 Version 1607, Windows 10 Version 1511, Windows 10 Version 1507, and Windows 10

Notes

Known Issues

Windows 10 version 1809 — KB4480116

  • Third-party applications may have difficulty authentication hotspots.

Windows 10 version 1803 — KB4480966

  • Same as Windows 10 version 1709
  • Some users may not be able to pin web links to the Start Menu or Taskbar.
  • After installing KB4467682, the cluster service may fail with 2245 (NERR_PasswordTooShort) if the Minimum Password Length policy is set to a value greater than 14 characters.KB4480966.

Windows 10 version 1709 — KB4480978

Windows 10 version 1703 — KB4480973

  • Third-party applications may have difficulty authentication hotspots.
  • Instantiation of SqlConnection can throw an exception.

Windows 10 version 1607 — KB4480961

  • Same as Windows 10 version 1709
  • After installation of KB4467691, Windows may not start on “certain” Lenovo devices with less than 8 Gigabytes of RAM.
  • After installing KB4467684, the cluster service may fail with 2245 (NERR_PasswordTooShort) if the Minimum Password Length policy is set to a value greater than 14 characters.KB4480966.
  • After installation of the update on Windows Server 2016, Outlook instant searches may fail with “Outlook cannot perform the search”.
  • System Center Virtual Machine Manager (SCVMM) managed workloads are noticing infrastructure management issues after VMM refresh as the Windows Management Instrumentation (WMI) class around network port is being unregistered on Hyper-V hosts.

Windows 8.1 — KB4480963

  • Third-party applications may have difficulty authentication hotspots.

Windows 7 — KB4480116

  • Third-party applications may have difficulty authentication hotspots.

Security advisories and updates

ADV190001 | January 2019 Adobe Flash Update

Non-security related updates

KB4090007 — Windows 10 version 1709 — Intel Microcode updates around the following products (CPUs) have been revised

KB4091663 — Windows 10 version 1703 — Intel Microcode updates around the following products (CPUs) have been revised

KB4091664 — Windows 10 version 1607 — Intel Microcode updates around the following products (CPUs) have been revised

KB890830 — Windows Malicious Software Removal Tool

Microsoft Office Updates

Microsoft released non-security updates for Office in the first week of January 2019.

The list of security updates released in January 2019 for Office is available here.

How to download and install the January 2019 security updates

windows updates january 2019

Security updates are released via Windows Update for the majority of Home systems. All Home systems are set up to check for updates automatically and download these when discovered.

Administrators may run a manual check for updates to pick up the new releases early:

  • Activate the Start Menu, e.g. by tapping on the Windows-key.
  • Type Windows Update and select the tool from the list of results.
  • Activate “check for updates” to run the manual update check.

Windows updates may be downloaded directly using third-party tools, e.g. Windows Update Minitool or wumgr, or Microsoft’s Download Center. Links to the January 2019 cumulative updates are posted below.

Direct update downloads

Microsoft publishes all cumulative security updates and other updates on the Microsoft Update Catalog website. Direct download links are listed below.

Windows 7 SP1 and Windows Server 2008 R2 SP

  • KB4480970 — 2019-01 Security Monthly Quality Rollup for Windows 7
  • KB4480960 — 2019-01 Security Only Quality Update for Windows 7

Windows 8.1 and Windows Server 2012 R2

  • KB4480963 — 2019-01 Security Monthly Quality Rollup for Windows 8.1
  • KB4480964 — 2019-01 Security Only Quality Update for Windows 8.1

Windows 10 and Windows Server 2016 (version 1607)

  • KB4480961 — 2019-01 Cumulative Update for Windows 10 Version 1607

Windows 10 (version 1703)

  • KB4480973 — 2019-01 Cumulative Update for Windows 10 Version 1703

Windows 10 (version 1709)

  • KB4480978 — 2019-01 Cumulative Update for Windows 10 Version 1709

Windows 10 (version 1803)

  • KB4480966 — 2019-01 Cumulative Update for Windows 10 Version 1803

Windows 10 (version 1809)

  • KB4480116 — 2019-01 Cumulative Update for Windows 10 Version 1809

Additional resources

Summary
Microsoft Windows Security Updates January 2019 overview
Article Name
Microsoft Windows Security Updates January 2019 overview
Description
An overview of all Microsoft security updates released for all supported versions of Microsoft Windows and other company products on January 8, 2019.
Author
Martin Brinkmann
Publisher
Ghacks Technology News
Logo
Advertisement

Related:

  • No Related Posts

Re: Repair corrupt .pst file in Outlook

If PST file doesn’t open in Outlook then try these methods to fix this problem:

1. Try to open Outlook in Safe mode.

2. Use Scanpst.exe free tool

3. Open Task Manager > Kill any instance of Outlook > Reboot computer

4. Go to Properties of PST file > Click on Unblock option > Open PST file in Outlook

5. For HKEY_CURRENT_USERSoftwareMicrosoftOffice<number>Outlook

(a) Add New / Expandable String Value

(b) Name = ForcePSTPath

(c) Value = <path to PST data folder> (e.g. P:MyDataOutlook )

6. Automated Tool

These 6 methods are very useful to repair corrupt .PST file in Outlook and also fix error “.pst file doesn’t open in Outlook”. Firstly try manual methods if it is not working then try automated tool. There are so many tools available online, I have mentioned few tools in this comment.

https://www.softwaresuggest.com/us/stellar-phoenix-outlook-repair

https://www.stellarinfo.com/outlook-pst-file-recovery.php

Related:

  • No Related Posts

Using messaging gateway to send confirmation email to external account

I need a solution

Good afternoon, 

I am looking for a way to send a message to another user account when specific recipients have any inbound emails. 

Exchange 2010 does not allow this( why, I cannot tell you). I am hoping for Symantec Messaging Gateway to be able to help.

I have an example below:

if abc@gmail.com  comes across SMG as a recipient   I would like a message to state ” a new message has arrived in the abc@gmail.com account” to another xyz@hotmail account. 

Is this possible.

0

Related:

  • No Related Posts

DLP Endpoint Agent 15.1 Crashes Skype Meetings

I do not need a solution (just sharing information)

My organization recently updated from Symantec Data Loss Prevention 14.6 MP2 to 15.1. We are also in the process of migrating our users to Skype for Business 2016 (formerly known as Lync) and Skype Meetings.

I’ve found that “Application Monitoring” in Symantec Data Loss Prevention 15.1 is by default configured to monitor Application File Access (AFAC) for the Skype for Business / Lync process (Lync.exe). However, whenever my users attempt to launch or join a Skype meeting, Skype for Business will enter a non-responsive state.

Examination of logs shows that the Lync.exe process is actually accessing a Windows Jump List (.automaticDestinations-ms file). The detection eventually times out if you wait the default 15 minutes.

11/21/2018 00:17:55 | 67720 | INFO    | CoreServices.MessageLogger | MESSAGETYPE_DETECTION_REQUEST    MESSAGESOURCE_FILE_SYSTEM_CONNECTOR  11/21/2018 06:17:55  [
Request Id #123
Detection Request Details :
    Session Command : Single Request
    Request Type : Data In Motion Request

Dim Detection Request Details :
    Process Id : 21852
    Process Path : C:Program Files (x86)Microsoft OfficerootOffice16lync.exe
    Application Name : Microsoft Lync
    User : yourusername
    Domain : yourdomain
    Time Stamp : 11/21/2018 06:17:55
    Dim Event Type : Application file access

AFAC Detection Request Details :
 file: C:UsersyourusernameAppDataRoamingMicrosoftWindowsRecentAutomaticDestinations78f0afb5bd4bb278.automaticDestinations-ms
]

11/21/2018 00:32:55 | 67720 | INFO    | CoreServices.MessageLogger | MESSAGETYPE_DETECTION_RESPONSE    MESSAGESOURCE_DETECTION_SCHEDULER  11/21/2018 06:32:55  [
Request Id #123 FAILURE Detection timeout allow
Scan Time : 900146 ms]

I’ve been able to resolve the issue by creating a Channel Filter to exclude either the file path or the file type. Just sharing information and wondering if anyone else has ran into similar issues? Skype in general doesn’t seem to be stable with Application File Access (AFAC) monitoring turned on.

0

Related:

  • No Related Posts

Office 365 Security and Compliance Tools for Collaboration Apps – Are You Covered?

EMC logo


Microsoft has an ever-growing list of Security & Compliance tools for Office 365. With the multitude of tools and rapid pace of new releases, it can be challenging to keep track of everything. Ensuring security and compliance in the cloud is top of mind, especially with so many organizations moving to Office 365.  After all, it’s the cloud productivity platform of choice. Therefore, you’ll want to ensure your organization is protected by understanding the most relevant security and compliance features for Office 365 collaboration services.

 

Security & Compliance Center

In the on-premises version (and earlier days of Office 365), SharePoint had its own features for security & compliance, including document deletion policies, in place record management, site closure / deletion, information management policies, and the eDiscovery Center. These features would allow you to manage the retention or modification of files; however, they only applied to content within SharePoint. In Office 365, content and data may be stored in multiple applications including Exchange, Teams, Skype, OneDrive, and of course SharePoint. As a result of this connected ecosystem of collaboration tools, Microsoft has built features that allow you manage retention and modification of files across all these services from a single place – the Security & Compliance Center. Instead of using the SharePoint-specific features, you should plan and implement retention policies and/or labels for more inclusive protection. Retention policies apply to ALL content within a selected service/area. Labels can be manually applied to individual items (or libraries) – or automatically applied (based on conditions) if you have an Office 365 E5 license. The auto-apply feature is particularly valuable when your business doesn’t want to leave this decision up to the content owners.

Another note on labels – the future of labels (starting to roll out now) also includes Azure Information Protection (AIP). Previously, this was a separate feature that also included “labels” to classify, protect, and/or encrypt content regardless of where it was stored (even outside of Office 365). As announced at Microsoft Ignite 2018, the AIP “labels” are soon going to integrate with Office 365 labels so that you can manage retention, records, and encryption/protection all through the same feature (labels) in the Security & Compliance Center.

Below are some of the other Security & Compliance Center features and how they relate to collaboration:

Using DLP, you can setup policies to search through content (no matter where it lives in Office 365) for sensitive information like credit cards, SSNs, drivers, licenses, etc. You can then complete some sort of action such as display a tool tip, send an incident report, block sharing, etc. when sensitive information is discovered.

eDiscovery allows you to complete searches across all Office 365 services to find content that may be related to a litigation or specific worker. Once discovered, you can then place that content on hold (and export) in the event it needs to be preserved for legal reasons or potentially as part of a worker termination.

Alerts utilize the Office 365 audit log to trigger messages when certain events occur in the environment. These can be used to notify administrators or compliance officers when workers complete an action (i.e. create/delete eDiscovery hold) so that they can follow-up.

Identity Protection with Azure Active Directory (AAD)

AAD has a plethora of features and tools that can be used to help secure your Office 365 environment.  Some that you should consider as part of your collaboration services design are:

  • Conditional Access Policies – using conditional access policies, you can alter the experience for workers based on certain conditions, including which device the worker is connecting with (Windows, Mac, iOS, etc.), the location (corporate network, public network), the app being used (browser, Office app), or even the device state (compliant, non-compliant). This can be paired with Multi-Factor Authentication (MFA) and even Azure Identity Protection to force workers to use a 2nd form of authentication when accessing from certain scenarios, including outside a trusted network, on a non-trusted device, or even from situations considered “risky” (i.e. anomalous).
  • Privileged Identity Management (PIM) – PIM is an administrative feature that allows you to create a request/approval workflow process for obtaining administrator access in Office 365. This means that your administrators could be standard workers most of the time and elevate their permissions only when needed – to complete a help desk ticket, for example.
  • Office 365 Group Policies – Office 365 Groups are becoming the backbone of the modern collaboration experience. They are created with any new SharePoint team sites, Yammer groups, Outlook Groups, Planners, or Microsoft Teams. To prevent these features from becoming unmanageable, consider using governance controls including naming policies, expiration policies, classifications, usage guidelines, and provisioning.
  • Idle Session Timeouts – these timeouts can be configured to warn and then eventually sign workers out of SharePoint and/or OneDrive if there has been no browser activity in a pre-defined period.

Many of the AAD features above require you to have either Office 365 E5 or EM&S E3/E5 licenses.

Tools with Linkages to Collaboration Apps

Below are a few other security and compliance tools with specific tie-ins to the Office 365 collaboration apps are particularly noteworthy.

  • Office 365 Secure Score – this tool provides a calculated score for your Office 365 tenant based on services in use and features available for securing the environment. Note that not all the security recommendations within this tool are applicable to every organization due to differing requirements and licensing. However, this it can be used to find some collaboration related recommendations and assistance on how to configure them.
  • Office 365 Cloud App Security (CAS) – CAS is a tool that can be used to monitor and take action on all of the cloud apps used across the organization. It has features that can alert an administrator of anomalous and potentially risky behavior, block usage of certain cloud apps (to fight “shadow IT”), or even apply conditional access policies or AIP labels to content that lives in other collaboration apps such as Box, Dropbox, and G-Suite.
  • Office 365 Advanced Threat Protection (ATP) – ATP is primarily focused on protecting workers from cyber-threats in email; however, the Safe Links and Safe Attachments features can also work with content stored in SharePoint and/or OneDrive. These features will scan the link (within a file) or the file itself in a “detonation chamber” to ensure it is not malicious before allowing the worker to open it on their device.
  • Compliance Manager – this tool helps you create and manage your compliance against certifications including GDPR, NIST 800-53, ISO 27001, etc. You can create assessments to document and test your implementation plans against all the controls in each of your compliance policies.

Note that Office 365 CAS and ATP require either Office 365 E5 or add-on licenses.

Adopt Cloud Collaboration Services with Confidence

As with any release that impacts the features and functionality for your workers, ensure you have a communication and education plan in place – or adoption will suffer. Most of these features will impact your workers. They need to understand what’s coming, why it is important, and where they can go for education and help. Dell EMC offers services for every step of your Office 365 journey, so if you need assistance planning or deploying Office 365 security, reach out to your Dell EMC representative to learn how we can help.  Or if you prefer, leave a comment here and I’ll be happy to respond.

The post Office 365 Security and Compliance Tools for Collaboration Apps – Are You Covered? appeared first on InFocus Blog | Dell EMC Services.


Update your feed preferences


   

   


   


   

submit to reddit
   

Related:

  • No Related Posts

How to Manage Employee Permissions in ShareFile

How to Manage Permissions

  1. Go to People > Manage Users (or Browse Employees or Browse Clients)
  2. Browse or search for your user. Click the user or the Manage icon on the right, to open the user profile.
  3. Modify permissions as needed, then Save.

Default Employee Permissions

When creating a new employee, the following permissions are granted by default. You can modify these settings during the user creation process.

Note: A grayed setting indicates a permission that the creating user does not have access to or is not permitted to give to others – therefore, they cannot grant that permission to another user.

User Access

Basic Information:

  • Date Created
  • Email Address
  • First Name & Last Name
  • Company name.

Notifications

Modify the user’s default Notification Frequency settings.

Default Email Language

Modify the user’s default Email Notification Language.

Bandwidth Limit

You may select a maximum monthly bandwidth allowance for the employee. This limit will prevent the employee from personally uploading and downloading more data than you allow them. It will also apply to all of their folders, so that they may not share files with others more than you would like for them to.

Note: Employee bandwidth limits can also affect clients that the employee works with by limiting how much they may download from the employee’s folders. This is used by some accounts where employee use may need to be limited to prevent bandwidth overages.

Authentication

Whether the customer is utilizing ShareFile Credentials or Two-Step Verification.

User Access:

General

Change their password

If a user may change their password, they can use the ‘Forgot Password’ link on the login screen if they ever forget the password. If this is not marked, they will need to contact an employee who can manage employee permissions for help logging in.

Access Personal Settings

In personal settings, a user can manage their name, company name, and avatar. They will be able to update or change their password on this page if they have the permission to change their password.

Access Company Account Permissions

Advanced Preferences are account wide settings that can be turned on or off by an employee user granted the Access Company Account Permissions permission. These settings can be found at Admin Settings > Advanced Preferences.

Files and Folders

Use personal File Box

The File Box is a personal storage space where employees may store files for a limited period of time. This space is not generally a collaborative or shared space, although some users may be given access to see other employee’s File Boxes. If you do choose to take away a user’s access to the File Box, they will not be able to use any email plugin tool or add files from their computer when creating a Share message or Link.


Be added to file drops

This will only be available if File Drop is enabled on your account. This will allow users who create new file drops to list this employee as a contact that clients may select to send files to through a form.

People

Manage Clients

This will allow the employee to see the People tab in the navigation bar and to add new users to the account. They will also be able to edit settings for any clients that they create.

Note: Editing a client user’s email address requires the Manage Employees permission.

Edit the shared address book

The Shared Address Book is available to employee users on the account so that they may quickly and easily pull up contact information for users on the account. If this is checked, the employee will be able to add users to the Shared Address Book to allow others to see their contacts on the system.


Share distribution groups

If this permission is enabled, the employee user will be able to create a Shared Distribution group.


Edit other users’ shared distribution groups

When setting up a new Distribution Group, users will have the option to share the group with all employees. If this permission is enabled, the employee user will be able to add more users to a group that has been created on the system and shared with others.

Company Account Info

Edit account appearance

Allow the user to configure account branding and appearance settings.

Billing


View receipts and billing notifications

The Receipts & Billing Notifications link in the Admin Settings > Billing section will allow any user with this permission enabled to download copies of any receipt or invoice for the account.

*You may or may not see the below settings on your user page. These settings will display only if you have the feature enabled on your plan type.


Advanced Preferences

Connectors

Create Network Share Connectors

This permission grants the user the ability to create and manage new Network Share-type Connectors. This permission is only available to ShareFile users on select plans.

Create SharePoint Connectors

This permission grants the user the ability to create and manage new Sharepoint-type Connectors. This permission is only available to ShareFile users on select plans.


StorageZones

Select StorageZone for root-level folders

In order to change another user’s default storage location, membership to the Super User Group is required. This permission is only available to ShareFile users on select plans.


Related:

  • No Related Posts

Error – “Cannot start Microsoft Outlook. Cannot open the Outlook Window”

Disabled Windows Search Indexing for any outlook items.

METHOD 1

1. To resolve this issue, add the following key to the Registry to prevent indexing of any Microsoft Outlook items

Root: HKEY_LOCAL_MACHINE

Data type: REG_DWORD

Key: SoftwareMicrosoftWindowswindows SearchPreferences

Value name: PreventIndexingOutlook

Value data in Hex: 0x00000001

outlook1

Restart the Outlook client and Windows Desktop Search Service.

METHOD 2

While Outlook is still running, open Control Panel, find Index Options and open it. Then click Modify button and uncheck Microsoft Outlook from the list and click OK.

OUTLOOK2

METHOD 3

Enable the below GPO to Prevent Indexing Microsoft Office Outlook.

Computer ConfigurationAdministrative TemplatesWindows ComponentsSearchPrevent Indexing Microsoft Office Outlook.​

outlook3

Related:

Avamar: Unable to open ItemPoint on Exchange 2013 with Outlook 2007 32 bits — Error: The MAPI subsystem could not be initialized.

Article Number: 499291 Article Version: 3 Article Type: Break Fix



Avamar Client for Windows

Opening ItemPoint on a newly configured Avamar client, returns a windows error popup message:

User-added image

This is an Exchange 2013 with Outlook 2007 32 bits installed.

According to Kroll support, this issue is caused by an incompatibility between Exchange 2013 and the current Outlook version installed, in this case, Outlook 32 bits.

In order to resolve this issue:

1) Apply all available service packs to the current installed version of Outlook.

NOTE: ItemPoint 8.1 doesn´t support Outlook 2007.

or

2) Install another version of Outlook, higher than the current one.

In this particular environment, installing Outlook 2010 32 bits was the solution to taken to get ItemPoint working as expected.

Related: