As cyberattacks grow more frequent, protecting your infrastructure more important than ever. A key part is the enforcement of mandatory multifactor authentication (MFA) for all Azure sign-ins. MFA adds an essential layer of protection to your data, blocking over 99% of account compromise attempts.
Starting October 16, 2024, Microsoft will enable IPv6 for all customer Accepted Domains using Exchange Online. This upgrade offers improved security, scalability, and performance by utilizing IPv6.
Organizations need to update their network allow-lists (Firewall) to permit Exchange Online IPv6 endpoints and modify any IP-based inbound connectors referencing IPv4 (Connector, Rules). It is possible to stay with IPv4-only traffic, domains can be opted out over a PowerShell cmdlet. After October 16, if no preference is set, IPv6 will be enabled by default, potentially affecting inbound email traffic.
Microsoft is going to retire Audit Log cmdlets from the 'Exchange Online PowerShell' module starting from September 2024. Instead, they recommend using the Unified Audit Log (UAL) for auditing.
Search-AdminAuditLog and New-AdminAuditLog (New-AdminAuditLogSearch), will retire on September 15, 2024. It's recommended to use Search-UnifiedAuditLog instead.Since June 2024, a new option has become available for transitioning legacy PowerShell scripts away from the deprecated AzureAD module. Below are examples and thoughts on which option might suit your path to solving this challenge. The 'Entra PowerShell' module, currently in Public Preview, shows great potential to soon be ready for production environments.
Over the years, we've been familiar with SSH key-based authentication, deploying a restricted set of FIDO2 Security keys, and experimenting with certificate-based authentication (CBA). However, due to complexity and platform limitations, we've faced challenges in widespread implementation, resulting in a reliance on extensive MFA through Authentication Apps or even SMS (considered weak). The introduction of the new Passkey holds the promise of rewriting this history.