Ransomware security awareness video by cyber.gov.au
As spam, and more importantly, phishing and other malicious emails are becoming a more and more serious issue, companies are installing email filters such as TopSec Blockmail or Barracuda.
These mail filters scan the emails on many levels and use AI, keyword triggering, blacklist lookup and many other ways to determine if an email is safe to deliver or not.
One of the most basic checks, yet not well understood, is the SPF record (Sender Policy Framework). (more information at WIKI as well)
SPF basically says “email from email@example.com, MUST come from one of these IP addresses or email servers. If it comes from somewhere else, don’t trust it!” This stops ne’er do wells in far off countries sending emails to your partners disguised to look like they are coming from your company saying, “please pay us money” or “our bank details have changed” “please provide your security details”.
Think of it like telling all your clients, “If someone from our company calls on the phone, the caller ID number will be one of these phone numbers. If someone rings saying they are one of us, but have a different caller ID phone number or number blocked, don’t trust them.”
The SPF record is the responsibility of each company sending email to configure correctly, so their email is accepted by other receiving mail filters. When any company sets up an email domain and website, they will pay a hosting company for the use of their email hosting (Currently Microsoft365 is the most common one, but others include Smartservers, Googleapps, etc) When your internet web and email guru sets up your DNS records (www, MX record etc) they should also set up your SPF records at that time to say “all email from email firstname.lastname@example.org must come from this email host or it should be treated as suspicious.”
It is possible to add a sender to a whitelist which says “accept all emails from @thiscompany.com”. This is extremely dangerous as this will bypass the virus filters, the checking against known spammers, the checking if the email is hacked or fraudulent pretending to be from that company (Spoofed). IF that company gets hacked and the hacker sends email to all their partners with malicious intent, it wont be caught by the email filter because you have whitelisted them.
So it really is up to the sender to correctly set up their sending security records (SPF) , it is not the responsibility of the receiver to change their security to allow you in.
If emails from xyz.com are being blocked by your email filter, then they are being blocked by countless other companies filters too, so they are having trouble left right and centre, and are open to hijack exploits.
I cant imagine a large corporation like Toyota, Microsoft BHP or the government opening their filters every time an organisation has troubles sending to them.
“Hey Westpac, please change your filter so mum&dad.com.au can send you an email”
In other words.. You dont change lock to fit the key, you get a key that fits the lock.
At Sterling IT have the expertise and experience to advise, configure, implement and support your domain and records as well as advising of and configuring an anti-spam and email security system that fits your needs. Please get in touch and we can design and enable the correct bespoke solution for your company.
by James Cullen
Have you tried to click a link in an email and it does nothing?
However you can right click and COPY and PASTE into a browser and works ok?
The problem seems to be google chrome doing something in the registry to stop it from working.
You may also get the following error messages
This operation has been cancelled due to restrictions in effect on this computer. Please contact your system administrator.
Your organization’s policies are preventing us from completing this action for you. For more info, please contact your help desk.
The easiest fix is to change the default browser otherwise can reinstall Chrome.
I found even though I use chrome as default, I made Microsoft Edge (or can do Internet Explorer as well but old now) the default browser.
This is how:
Click WINDOWS button and type DEFAULT and your should see CHOOSE A DEFAULT WEB BROWSER
Click this and your should get the next screen
Scroll down to WEB BROWSER and change to Microsoft Edge
Try this and will fix your issues.
Any comments please let us know
MARCH 30, 2020
Today, we announced the Microsoft 365 Personal and Family Subscriptions, the first consumer offerings from Microsoft 365. I’m pleased to follow up here to announce related changes to our Office 365 subscriptions for small and medium-sized businesses—
This is a natural evolution. Microsoft 365 began in 2017 as a licensing bundle for enterprise customers—
New product names
The new product names go into effect on April 21, 2020. This is a change to the product name only, and there are no pricing or feature changes at this time.
- Office 365 Business Essentials will become Microsoft 365 Business Basic.
- Office 365 Business Premium will become Microsoft 365 Business Standard.
- Microsoft 365 Business will become Microsoft 365 Business Premium.
- Office 365 Business and Office 365 ProPlus will both become Microsoft 365 Apps. Where necessary we will use the “for business” and “for enterprise” labels to distinguish between the two.
Note that the changes to these products will all happen automatically.
Today, we’re simply announcing name changes. But these changes represent our ambition to continue to drive innovation in Microsoft 365 that goes well beyond what customers traditionally think of as Office. The Office you know and love will still be there, but we’re excited about the new apps and services we’ve added to our subscriptions over the last few years and about the new innovations we’ll be adding in the coming months. For questions, please refer the FAQs below and then head to the What is Microsoft 365 page for more details.
Frequently asked questions
Q. What Office 365 plan names aren’t changing?
A. The following Office 365 plans will have no changes:
- Office 365 for Enterprise
- Office 365 E1
- Office 365 E3
- Office 365 E5
- Office 365 for Firstline Workers
- Office 365 F1
- Office 365 for Education
- Office 365 A1
- Office 365 A3
- Office 365 A5
- Office 365 for Government
- Office 365 G1
- Office 365 G3
- Office 365 G5
Q. Why are you making these changes?
A. First, we want our products to reflect the range of features and benefits in the subscription. Microsoft 365 is an integrated set of apps and services that puts AI and other cutting-edge innovations to work for you. And for small and medium-sized businesses, that includes new capabilities in Microsoft Teams to help you host rich meetings and events online; cloud file storage and sharing capabilities so you can collaborate from anywhere; and security and identity solutions to safeguard your businesses. Second, we’re always looking for ways to simplify. This new approach to naming our products is designed to help you quickly find the plan you need and get back to your business.
Q. How does Office fit into Microsoft 365? Will I still be able to use Word, Excel, and PowerPoint?
A. The Office suite is core to the Microsoft productivity experience, and that’s not changing. But over the last several years, our cloud productivity offering has grown well beyond what people traditionally think of as “Office.” Word, Excel, and PowerPoint are more important than ever before. But in Microsoft 365 we’re breathing new life into these apps with the help of the cloud and AI, and we’re adding new, born-in-the-cloud experiences like Teams, Stream, Forms, and Planner. All of this is underpinned by a set of common services that keep your data safe and secure. It’s Office and a whole lot more.
Q. Is there anything new or different in Microsoft 365 Apps for business or Microsoft 365 Apps for enterprise plans that wasn’t in Office 365 Business or Office 365 ProPlus plans? Any new features?
A. There are no price or feature changes to plans at this time.
Q. When will the Microsoft 365 Business and Microsoft 365 Apps for enterprise plans be available?
A. All plans will become available for customers on April 21, 2020.
Q. Are all of the Office 365 plans going away? What isn’t changing?
A. None of the plans are going away. The same plans are available, only with updated names. And in the case of Office 365 Enterprise, the name will remain the same and there will be no changes.
Q. I’m an existing SMB or ProPlus customer. Do I need to take any action?
A. Customers with the Office 365 Business, Office 365 Business Essentials, Office 365 Business Premium, or Microsoft 365 Business plans do not need to take additional action. The above changes will happen automatically.
Q. My company uses Office 365 ProPlus, and I have questions about this change. Where can I learn more?
A. Customers with the Office 365 ProPlus plan should consult this site for further details.
Set up 2-step verification for Office 365
Once your admin enables your organization with 2-step verification (also called multi-factor authentication), you have to set up your account to use it.
By setting up 2-step verification, you add an extra layer of security to your Office 365 account.
When you sign in with your password, a code sent to your phone as a second verification that it is you and not someone else with your stolen password.
- You will need to check if your admin has turn on multifactor authentication.
If they haven’t, when you try to do these steps you won’t see the options in Office 365.
- Sign in to Office 365 with your work or school account with your password like you normally do.
The quickest was is https://portal.office.com
After you choose Sign in, you’ll see this page:
- Check whether your Office 365 admin has turned on multi-factor authentication for your account. If they haven’t, when you try to do these steps you won’t see the options in Office 365.
Sign in to Office 365 with your work or school account with your password like you normally do. After you choose Sign in, you’ll see this page:
Choose Set it up now.
- Select your authentication method and then follow the prompts on the page. Or, watch the video to learn more.
- After you verify your alternate contact method, choose Next.
- You’ll get an app password that you can use with Outlook, Apple Mail, etc. Choose the copy icon to copy the password to your clipboard. You won’t need to memorize this password.
- Once you complete the instructions to specify how you want to receive your verification code, the next time you sign in to Office 365, you’ll be prompted to enter the code that is sent to you by text message, phone call, etc.To have a new code sent to you, press F5
We strongly recommend setting up more than one verification method. For example, if you travel a lot, consider setting up Microsoft Authenticator for your verification method. It’s the easiest verification method to use, and a way to avoid text or call charges.
To use the app password in Outlook
You’ll need to do these steps once.
- Open Outlook, such as Outlook 2010, 2013, or 2016.
- Wherever you’re prompted for your password, paste the app password in the box. For example, if you’ve already added your account to Outlook, when prompted paste the app password here:
- Or, if you’re adding your Office 365 account to Outlook, enter your app password here:
- Restart Outlook.
Tip: You can have more than one app password for your Office 365 account, for example, if you want one for Outlook and another for a different application. To generate another app password, see Create an app password.
Sterling IT has been providing clients in Wetherill Park, Smithfield, surrounding suburbs, as well as the whole of Australia, Managed Services before it become a buzz word.
How do you check if your company’s and personal passwords have been breached and are for sale on the dark web?Continue reading “Managed Services , cyber security and data protection”