The Practical 365 Podcast

Join Steve Goodman, Paul Robichaux, and Bastiaan Verdonk as they delve into the critical security vulnerabilities affecting on-premises SharePoint servers, including the "ToolShell" exploit chain (CVE-2025-49704, CVE-2025-49706, CVE-2025-53770, CVE-2025-53771) which enables unauthenticated remote code execution. They discuss the scale of the problem, the threat actors involved, and the crucial need for immediate patching and robust operational practices for any remaining on-premises deployments.The conversation then shifts to the overwhelming challenge of managing the constant stream of updates and changes within Microsoft 365. Special guest Tom Arbuthnot shares insights from his work with Empowering Cloud and their "Change Pilot" service, detailing how they use AI and expert review to help organizations navigate the deluge of Message Center notifications, prioritize impactful changes, and manage the communication around them. Discover practical strategies for staying ahead of the curve in the fast-paced world of Microsoft 365.Want to stay up to date on all things Practical 365? Follow us on Twitter, Facebook, and Linkedin to stay up to date on all things Microsoft!

Dive into the surprising world of AI security as hosts unravel the Microsoft 365 Copilot exploit, known as Echo Leak, and its potential risks. They discuss the chaos of a global outage that impacted major cloud services, highlighting resilience in tech. Discover Microsoft's fresh approach to compliance in Europe with containerized M365, ensuring data sovereignty. The conversation wraps up with insights into new reasoning agents and their significance in business, alongside a witty critique of Apple’s technology.

Victor King, the Technical Product Manager for Security Guardian at Quest, shares his expertise on Active Directory security. He emphasizes identifying misconfigurations in AD setups and the importance of effective privileged access management. King advocates for continuous environmental monitoring to maintain system integrity and prevent vulnerabilities. The conversation also touches on establishing a solid cybersecurity foundation, highlighting the need for basic monitoring tools before tackling advanced solutions. His insights aim to bolster defenses in an increasingly complex cyber landscape.

Steve and Paul dissect Microsoft's latest financial report, explore Viva Engage's future, and discuss the role of AI in project management. Adam Banks shares insights on cybersecurity, accountability, and the mindset shifts needed for IT leadership.Want to stay up to date on all things Practical 365? Follow us on Twitter, Facebook, and Linkedin to stay up to date on all things Microsoft!

Janice Ricketts, a Product Manager for Global Secure Access at Microsoft, shares insights into implementing zero trust security frameworks. She delves into the significance of micro-segmentation and communication audits in enhancing remote work security. The discussion also highlights the challenges of rising on-premises licensing costs and the persistence of legacy systems like Skype. Additionally, Janice explores the role of customer collaboration in refining products and the impact of modern innovations like Copilot Studio on development practices.

Louis Mastelinck, a Microsoft MVP in identity and access management, joins the discussion to help navigate the complexities of security and Access policies. The talk dives into the new limits on Exchange Online, shedding light on the need-to-know info amidst countless Message Center notifications. Mastelinck also emphasizes the importance of practical workshops for understanding conditional access, highlighting how tailored policies can improve both security and user experience. Insights into AI in coding and the latest features for Teams add an innovative twist to the conversation.

Paul Robichaux and Steve Goodman discuss Exchange Server's 2025 H1 update and cut through the hype around AI agents, questioning whether they're living up to the marketing. Then, cybersecurity expert Paula Januszkiewicz shares fascinating red team stories, including modifying a water cooler to gain network access, and offers practical security advice for organizations of all sizes. Paula explains how AI is transforming both sides of the cybersecurity battlefield, warns about "productive script kiddies," and emphasizes why even small businesses need basic security measures like MFA. A must-listen for IT pros concerned about modern security threats.Want to stay up to date on all things Practical 365? Follow us on Twitter, Facebook, and Linkedin to stay up to date on all things Microsoft!

It's the last Practical 365 podcast starring Rich Dean, as he departs for pastures new in the next chapter of his career, but we aren't ending with a damp squid of an episode - on the show this week, we do a bit of a lessons learnt: We chat about some of the top guests we've had on the show, and what interesting nuggets of information are still relevant today, and in some cases what has changed.Rich  also introduces Steve to our new co-host, Bastiaan Verdonk, and on the show you'll get to know Bastiaan a little better. Thankfully Steve got all manner of Bastiaan Host cybersecurity jokes out of the way prior to recording, so you can look forward to another enjoyable episode free from terrible jokes, and remaining as informative as ever.Want to stay up to date on all things Practical 365? Follow us on Twitter, Facebook, and Linkedin to stay up to date on all things Microsoft!

Steve and Paul discuss Microsoft's decision to make Copilot Chat free for all Microsoft 365 users. They also delve into the upcoming changes to Exchange Online audit logging and the new Outlook's deployment via Windows Update. The hosts explore advancements in chat-based AI, document summarization, and the implications for enterprise efficiency. Additionally, they analyze Microsoft's AI reorganization and its effects on workflows and software development. Lastly, they touch on improving MFA resilience and transitioning to WhatsApp for notifications.

Microsoft's latest announcements shake up the cloud landscape, including the retirement of Viva Goals. The hosts dive into the implications of these changes for IT professionals. They express skepticism about the updates to Microsoft 365 Copilot and discuss the upcoming Outlook overhaul, raising concerns about user experience. Additionally, they explore the challenges organizations face with adopting Viva Goals and highlight innovations in security, from phishing protection to ethical tech responsibilities. The episode wraps up with insights on the future of AI.