https://campbell.scot/categories/news/ Recent content in News on Ru Campbell MVP Hugo en-gb Sat, 30 Jan 2021 22:13:50 +0000 https://campbell.scot/understanding-application-guard-for-office-now-generally-available/ Sat, 30 Jan 2021 22:13:50 +0000 https://campbell.scot/understanding-application-guard-for-office-now-generally-available/ <p><strong>Application Guard</strong> first appeared in Windows 10 1709 (&ldquo;Fall Creators Update&rdquo;) to isolate Edge browser activity within a Hyper V container.  Microsoft now extends that same idea to Word, Excel, and PowerPoint in Office 365 ProPlus Microsoft 365 Apps for Enterprise on Windows 10&hellip;</p> <p>&hellip; if you have Microsoft 365 E5 or E5 Security.  You knew that was coming!</p> <p>With <strong>Application Guard for Office</strong>, your files can open in a sandbox without access local or network storage.  This provides an additional layer of protection against threats such as ransomware, for which Office apps are infamous as an attack surface.  There&rsquo;s a significant catch: a standard configuration of Application Guard <em>will</em> allow users to bypass it if they say they trust the file, therefore executing it in the normal way; resource access included.  You can change this default behaviour though, so keep reading.</p> https://campbell.scot/microsoft-365-updates-from-build-2020/ Thu, 21 May 2020 17:55:43 +0000 https://campbell.scot/microsoft-365-updates-from-build-2020/ <p>Build 2020 had some nice bits of M365 related news.  Microsoft deserves commendation for sticking to the schedule and pulling this off (remotely) during the COVID-19 lockdown - Apple has delayed WWDC and Google just gave up on I/O.  I&rsquo;ve summarised (bullet points!) my favourite updates below.  I will update it I find I&rsquo;ve missed something good.</p> <p><strong>Azure AD</strong></p> <ul> <li><a href="https://aka.ms/publisherverification">Publisher Verification</a> lets developers verified through the Microsoft Partner Center stick a verified badge on their AAD apps.  There is a new setting in <strong>AAD</strong> &gt; <strong>Consent and permissions</strong> to <strong>Allow for apps from this organisation and verified publishers</strong>, which is Microsoft&rsquo;s recommendation (as opposed to allowing user consent for all/none).</li> <li><a href="https://azure.microsoft.com/en-us/services/active-directory/external-identities/">External Identities</a> is now in public preview.  This allows invited external users to &lsquo;bring their own identity&rsquo; (BYOI) and sign in with a federated service like Google, Facebook, or another SAML2/WS-Fed IdP.</li> <li>Microsoft Authentication Libraries (MSAL) <a href="https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-v2-angular">now support Angular</a> and the <a href="https://github.com/AzureAD/microsoft-identity-web/wiki">ASP.NET web libraries are in public preview</a>.</li> </ul> <p><strong>Development</strong></p>