MS Oddity . Edge style security for Office 365

Forum Moderators: open

Message Too Old, No Replies

MS Oddity . Edge style security for Office 365

tangor

6:58 am on Nov 7, 2019 (gmt 0)

Amid the flood of news from Microsoft's Ignite conference in Florida this week, Redmond dropped word of several new features and additions to its cloud services aimed at protecting user data.

Office 365 will be getting additional security protections through Application Guard, the sandboxing tool Microsoft debuted with its Edge browser. The idea is that Application Guard will isolate documents, preventing malicious code from escaping the app and damaging the rest of the system. The feature is currently in limited preview.

[theregister.co.uk...]

Posted as a heads up for those who use 365 for any development purposes (I suspect many of us use word processing of some kind in the process of creating web pages) and that SaaS has continuing growth pains in the security sense. While in the formative stage at the moment, keep an eye out for finals as the LAST thing anyone wants is a malicious actor getting involved!

IanCP

5:32 pm on Nov 7, 2019 (gmt 0)

I suspect many of us use word processing of some kind in the process of creating web pages

Good grief, a word processor?

I've used an ASCII editor NoteTab Pro for nearly 20 years, it has everything you need - especially the ability to "Search and Replace" across an entire hard drive. I've used that feature for many, many different things.

No connection beyond being a very satisfied customer.

There is/was a FREE light version without some features.

tangor

6:29 am on Nov 8, 2019 (gmt 0)

I compose/write in a word processor ... I CODE with a text editor, Notepad ++, which has all the features needed to address sitewide etc ...

Different strokes for different folks. :)

That said, I am NOT an Office 365 user as I don't believe in SaaS and my Word 2002 still works perfectly fine. :)

SaaS removes one's ability to control the content, storage, and protection of one's work, and for me that is a big caveat. Others might not feel the same way, or are more trusting of corporations than I am.

YMMV

.

not2easy

12:55 pm on Nov 19, 2019 (gmt 0)

I ran into one of their 'security features' yesterday and found it to be poorly designed and highly frustrating for the user. Their Office 365 Outlook interface blocks harmless email by default until the sender jumps through an array of hoops to "delist" their IP address. No clue of how they decide to "list" the IP address unless it is due to using private email vs. ISP email (?). I am quite certain the domain I sent from has never been accused of sending spam.

They use a monochrome captcha of distorted letters and numbers and best guess is repeatedly "wrong" which produces an apparent fail. But No0Oo0Oo. You've guessed correctly and they've sent you a pass to "step 2" of the process, just showing you a new captcha to see how you'll guess at it.

When they finally let me know on screen that I had guessed correctly, I had already received 4 emails from them approving my response (while the interface says "fail!"). I had even clicked on the "Audio" option in case it was clearer than the image. My speakers clearly said, "instant" but no, that was wrong as well. At least the next image I saw used a mix of outlines and solid characters to help decide what I was seeing.

Believe me, they are trying hard to keep spam away from their users, though it may also defeat your best customers unless they are extremely patient.

tangor

9:35 am on Nov 20, 2019 (gmt 0)

That's gotta be an "OUCH!" kind of thing!

Sadly, the zillions of bad actors have made this kind of "check and re-check" necessary ... and when using SaaS (instead of a virus/malware scanner in house) these things will change on a constant basis.

Either way one does NOT want bad stuff to happen!

One should have the correct response when an irate client makes a query. (sigh)