Omar Kudović is a senior system engineer and a long-time (Most Valuable Professional) with over 15 years of IT experience. He holds expert-level certifications, including Cybersecurity Architect Expert and Azure Enterprise Expert . His work specializes in the practical application of security and compliance solutions for government and enterprise-scale organizations. Resource Availability
for data retention, lifecycle management, and risk challenges. Hands-on Management: Practical techniques for using both the GUI and PowerShell to perform administrative tasks. O'Reilly Media Availability & Formats
Broadly applied to mailboxes or sites to ensure content is kept for a mandatory period (e.g., 7 years for financial data) or deleted after its utility expires.
Security is an ongoing process, not a one-time configuration. Administrators must regularly audit their environment to maintain compliance. Unified Audit Logging Omar Kudović is a senior system engineer and
Sensitivity labels add permanent metadata directly to files and emails.
and Sasha Kranjac. Released in 2024, this guide provides a deep dive into the security posture of Microsoft 365 environments.
By staying informed and up-to-date on Microsoft 365 security and compliance, administrators can ensure a secure and compliant environment for their organization's data. Security is an ongoing process, not a one-time configuration
Inspect configuration drift on primary Conditional Access policies. Monthly Tasks
Some of the key configuration tasks include:
Securing Microsoft 365 begins with robust identity controls. Administrators should require phishing-resistant multi-factor authentication for all users, enforce Conditional Access policies based on risk signals (location, device compliance, login behavior), and follow the principle of least privilege for all administrative roles. The book's extensive coverage of Entra ID (Azure AD) provides the detailed configuration steps to implement these controls effectively. and Sasha Kranjac. Released in 2024
Use this central platform to manage identities, guest access, and application permissions.
Utilizing on-premises Active Directory signals to track lateral movement, brute-force attempts, and credential dumping techniques within hybrid infrastructures.
If you are responsible for securing your organization's data in Microsoft 365, this book, written by two leading experts in the field, is an excellent investment in your professional development.