CryptoLocker Preventative Measures

If you haven’t heard of CryptoLocker, it is a form of Ransomware which basically means locking down your files in an attempt to get you (the victim) to pay a sum of money to get access to those locked files.

CryptoLocker isn’t the first of its kind and nor will it be the last. It is just another one out of the thousands out there, except this one has been more cleverly engineered to infect more machines and thus gain more media attention.

Below is some advice to take in a corporate environment – this advice is purely my own and is not meant to be some extensive ‘go-to’ for all your sys admin problems when dealing with these issues 🙂


Setting Office 365 User Passwords to Never Expire

The default policy for Office 365 user accounts is to automatically expire their passwords after 90 days.

Some of our users experienced this today and the most annoying thing about it was that they were not warned beforehand about it. They were simply locked out their account until they changed it there and then; unlike the Windows OS counterpart which gives you a comfortable 15 day warning before forcing you to change your password.

Anyway, this article will tell you how to set the password expiry from 90 days to never.
Office 365 already enforces a strong password policy BUT I do not recommend you change this setting if your users often use public terminals or are prone to writing their passwords on sticky notes and keeping them under their keyboards 🙂


Archiving a User’s Mailbox on Office 365

So an employee has left the company and you now need to archive the mailbox due to legal and/or company policies.
This article will give you a quick overview on how you can achieve this goal on an Office 365 mailbox while maintaining the integrity and security of your organisation’s 365 account.
Although not necessary, I recommend (as a pre-requisite) disabling account ‘sign-in’ capabilities and resetting the user account password.
This will prevent the user from logging in to the account and messing around with it whilst you are attempting to archive their mailbox.


Add E-mail Aliases to Your Office 365 Distribution Groups

If you’ve set up distribution groups on Office 365, you will notice a section in the DG ‘details’ page titled ‘E-Mail Options’… under this title is the following text:
“The group can receive messages sent to the following addresses.”

From this, you can safely assume that it is possible to add e-mail aliases to the group so that the group can receive e-mails sent to several different e-mails.
Sadly, there is no easy way of actually doing this via the UI so it must be done via a PowerShell command…


Grant and Revoke Access to Mailboxes – Office 365

There may be times where you may need to grant an IT administrator or other employees access to another user’s mailbox.
Below I will demonstrate how to:

  • Grant an Admin access to a single mailbox
  • Grant an Admin access to all mailboxes
  • Revoke the above permissions (recommended cause of action after the Administrator has finished his/her tasks)