A while back ago Microsoft decided to default start to block end-users from being able to set up auto forwarding of emails outside the organization. This decision was partly taken due to the risk of data leakage and the common strategy to auto forward emails to an external email address when an attacker have compromised […]
When you implement Conditional Access to protect your end-users and the company data there will often be different Conditional Access frameworks for different user types and licenses.For example you might have production users within your environment, that only needs to be allowed to sign-in from a compliant device from a specific corporate network.On the other […]
Microsoft 365 Security blog by Pontus Själander