MS Cloud for IT Pro Zentralschweiz 10.04.2024

Introduction

On Wednesday, April 10, 2024, Michele and I attended the second MS Cloud for IT Pro Zentralschweiz Switzerland event of the year.

Much like the last event in January, this one was nearly fully booked and two very captivating topics were presented. A big thank you goes out to Joker IT AG for their great organization of the event, together with Microsoft MVP Yannic Graber and Goce Stoilov, as well as the sponsors TD SYNNEX Switzerland and SoftwareOne AG.

Microsoft Entra Enterprise Applications

The first topic of the evening was presented by Nico Wyss, Cloud Architect & Consultant at SoftwareOne. His presentation focused on Microsoft’s Entra Enterprise Application. He began by explaining the basic difference between App Registration and Enterprise Application in a quick ramp-up. He delved further into the subject later, discussing the pitfalls of Enterprise Applications, specifically their Graph permissions. Through a demonstration, he illustrated how quickly one can give a third-party application extensive permissions in Entra, often without being fully aware of the potential implications.

The demonstration using an AI app quickly made it clear why employees should be given limited to none permissions to Microsoft Entra Enterprise Registrations. Depending on the situation, a large amount of company data can leave the tenant very quickly, running the risk of a data leak of sensitive information.

Therefore, we recommend making the following adjustment in the Microsoft Entra tenant. This will prevent employees from being able to activate Enterprise Applications themselves. Instead, they may have to request permission through a process before activation is permitted.

User consent settings

Admin consent settings

Microsoft 365 Backup

The second topic of the evening was entirely dedicated to Microsoft 365 Backup. Ivo Bättig and Andreas Batista Teixeira from Joker IT AG gave us a deeper understanding of this subject throughout the evening.

As a bit of a break, a question was posed directly to the audience: “Do we need a Microsoft 365 backup?” We came to the conclusion that yes, we do need a backup for our company data that resides in the M365 world.

After that, the question arose, well, where and with which software provider do we want to perform the backup of our data? In order to answer these questions more accurately, the topics of RPO (Recovery Point Objective) and RTO (Recovery Time Objective) play a significant role in this discussion.

Joker IT AG has taken the time to compare several well-known players in the market that offer Backup/Restore solutions for Microsoft 365, lining them up against specific customer requirements. I don’t have this table available, so if you’re interested, please reach out directly to Joker IT AG.

In a brief demonstration, they delved into the new Microsoft 365 Backup using Syntex, which is currently in public preview. Just a few weeks ago, Michele conducted a detailed review of this, which you can find here: Microsoft 365 Backup Preview

Since this is not intended to be a sales pitch and it’s best for everyone to form their own opinions, I won’t delve into specific well-known manufacturers here. Nonetheless, I do believe it could be worthwhile to take a look at the SaaS Backup/Restore solution from Keepit. This solution may be particularly interesting for Swiss customers subject to strict security precautions and regulations, especially with the newly launch of the Swiss DataCenter.

You might also like