Microsoft 365 Security Basics: Exchange Online

In this video, we’ll cover some key points you need to know to secure your Exchange Online environment. We’ll discuss topics such as disabling legacy authentication, identifying risky email overrides, enabling audit logging, blocking outbound forwarding, help users quickly identify external emails, and enabling an easy way for your users to report phishing attacks. By the end of this video, you’ll have a solid understanding of how to protect your organization’s systems and data within Exchange Online.

C H A P T E R S
00:00 Video Intro
01:22 Disabling Legacy Authentication
07:57 Identifying Risky Email Overrides
13:00 Enabling Audit Logging
19:07 Blocking Outbound Forwarding
23:09 External Email Tagging
26:27 Enable Report Phishing Button
29:05 Video Wrap Up

L I N K S
Find EOP – MDO Misconfig with KQL
https://dougsbaker.com/2021/06/16/find-eop-mdo-misconfig-with-kql/

Audit All Mailbox Activity
https://dougsbaker.com/2021/06/21/audit-all-mailbox-activity/
https://learn.microsoft.com/en-us/microsoft-365/compliance/audit-mailboxes?view=o365-worldwide#mailbox-actions-for-user-mailboxes-and-shared-mailboxes

Control automatic external email forwarding in Microsoft 365
https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/outbound-spam-policies-external-email-forwarding?view=o365-worldwide

Report Phishing Button
https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/submissions-users-report-message-add-in-configure?view=o365-worldwide