It’s that time of the year again! 🌱

As we step into the new year, it’s the perfect moment to reflect on the progress we’ve made. 2024 was a year of collaboration and growth for Microsoft 365 admins. Together, we tackled common hurdles and turned challenges into opportunities for learning and progress. This roundup of our top blogs will help Microsoft 365 admins stay ahead in the coming year.

It highlights the most insightful blogs for Microsoft 365 admins, featuring the best advice, tips, and strategies from 2024:

Cybersecurity Awareness Month & Our 31-Day Blog Series

Each year, during Cybersecurity Awareness Month (October), we dedicate 31 days to share blogs that assist admins in navigating cybersecurity challenges. This year, our Cybersecurity blog series primarily focused on improving Microsoft Secure Score, along with other key security guidelines to help strengthen your organization’s overall security posture.

Let’s take a moment to revisit the standout posts from this series—while each one is important, these blogs were particularly helpful and well-received by our community.

1. Top Microsoft 365 Password Settings to Improve Secure Score

One of the most common challenges for Microsoft 365 admins is maintaining robust password security while balancing user convenience. To tackle this, Microsoft recommends a set of password practices to enhance your Secure Score:

  • Set the ‘password expiration policy’ to ‘Set passwords to never expire.’
  • Use custom banned passwords lists.
  • Enable ‘self-service password reset’ for all users.
  • Turn on password hash sync for hybrid deployments.
  • Ensure password protection is enabled for on-prem Active Directory.

Implementing these password recommendation settings can boost security and protect your organization from password threats.

2. Reset MFA for Microsoft 365 Users Using PowerShell

When a user loses their MFA device, resetting MFA is crucial for account recovery. This blog covers when and how to reset MFA for users using both the Entra Admin Center and Microsoft Graph PowerShell. It includes a PowerShell script covering various use cases, such as resetting MFA for single or multiple users, MFA service accounts, guest users, admin accounts, etc.

Learn how to reset MFA for users so that you can quickly restore access while maintaining secure and seamless account management.

3. Critical Practices for Securing Microsoft 365 Admin Accounts

With cyber threats like Midnight Blizzard targeting critical infrastructure and admin accounts, the importance of securing admin credentials has never been greater. This article highlights key best practices to protect Microsoft 365 admin accounts, from multi-factor authentication to zero trust and privileged access workstations (PAWs).

Discover 15 essential security practices to protect Microsoft 365 admin accounts from unauthorized access and potential breaches.

📢 Exciting Feature Launches of 2024

Microsoft rolled out several impactful updates designed to streamline workflows, enhance security, and boost productivity. Below are some of the exclusive features we covered in our blogs.

1. New Chat and Channel Experience in Teams

Managing team communication often becomes overwhelming with cluttered messages and limited controls. The new chat and channel experience introduce sections, new messaging features, filters, and additional controls. These updates help users organize conversations, filter relevant messages, and manage notifications, making communication more focused.

2. New Message Trace in Exchange Online

Tracking email delivery issues can be difficult with limited search capabilities. The new message trace in Exchange Online allows you to query up to 90 days of historical data, filter emails by subject, and provides improved delivery status filtering.

3. New License Utilization Portal in Microsoft Entra

Lack of transparency in license usage creates challenges for organizations looking to optimize their Microsoft Entra licenses. The new Entra license utilization portal provides insights into Entra ID Premium licenses, showing detailed usage data for top features in Entra ID P1 and P2 licenses.

  • It helps optimize costs by identifying underutilized licenses, ensures compliance with licensing agreements, and enables more effective license assignment.

4. High Volume Email Account in Exchange Online

Organizations often face throttling when sending large volumes of email through Exchange Online, disrupting communication. High volume email in EXO allows sending up to 100,000 recipients per day and removes per-minute message limits, enabling smooth bulk email operations.

5. External Authentication Methods in Microsoft Entra

Limiting authentication to Entra’s native methods hindered flexibility for organizations with varied security needs. The External authentication methods in Microsoft Entra were introduced, allowing users to select third-party providers for multifactor authentication like Cisco Duo, Ping Identity, RSA, etc. This offers a more customizable and adaptable approach to multifactor authentication.

6. Native Authentication for Microsoft Entra External ID

Traditional sign-in methods often lacked personalization, leading to a generic user experience. Native Authentication for Microsoft Entra External ID gave developers full control to create custom, visually integrated sign-in flows that matched their app’s design.

Stay informed with our M365 Upcoming Changes blog, updated monthly with all the latest updates. Additionally, our End of Support blogs will help you navigate crucial product updates and support deadlines—don’t miss out!

2024 Microsoft Highlights: Big Changes and What They Bring

Here’s the scoop on the major changes Microsoft has introduced in 2024.

1. Microsoft Auto-Archive Unlicensed OneDrive Accounts

Starting from late January 2025, Microsoft will automatically archive any OneDrive accounts left unlicensed for more than 90 days. Microsoft will also begin charging for Microsoft OneDrive storage after 90 days of an account being unlicensed.

Know more ▶ https://blog.admindroid.com/microsoft-auto-archives-unlicensed-onedrive-accounts/

2. Platform SSO for macOS Out in Public Preview

The much-awaited Platform SSO for macOS via Microsoft Intune is now in public preview as of 2024! The Microsoft Enterprise SSO plug-in enables Entra ID users to achieve device-wide single sign-on for all apps and websites on their Apple devices.

Know more ▶ https://blog.admindroid.com/platform-sso-for-macos/

3. Mandatory MFA for All Users’ Entra Sign-ins

To enhance security and safeguard user accounts, Microsoft mandated MFA for all users in May 2024. The initial rollout started on October 15, 2024, requiring MFA to access the Azure portal, Microsoft Entra admin center, and Microsoft Intune admin center.

Moving forward in early 2025, MFA will also be required for access to the Microsoft 365 admin center, starting February 3rd, 2025. Additionally, Azure CLI, Azure PowerShell, Azure mobile app, and Infrastructure as Code (IaC) tools will require MFA.

Know more ▶ https://blog.admindroid.com/how-to-set-up-mandatory-mfa-for-all-users-entra-sign-ins/

Advanced Tools for Microsoft 365 Administration & Automation

Throughout the year, we’ve covered some powerful tools that can streamline Microsoft 365 administration and enhance automation. These include Microsoft Entra Workbooks, Microsoft365DSC, and Password Expiration Flow using Power Automate. Let’s get a glimpse of each.

1. Microsoft Entra Workbooks

We’ve detailed how to use Microsoft Entra Workbooks to monitor and analyze various aspects of your Microsoft 365 environment in our blogs. These posts cover the following Workbooks:

Each of these Workbooks provides in-depth guidance and actionable insights to enhance your security and monitoring capabilities.

2. Microsoft365DSC Tool

We’ve explored various aspects of the Microsoft365DSC tool, which automates the management of Microsoft 365 tenant settings.

  • Export Microsoft 365 settings – Export detailed configurations and generate reports to track and understand your tenant settings and compliance.
  • Sync Microsoft 365 settings – Ensure alignment across tenants, reducing the risk of configuration drift and simplifying multi-tenant management.

3. Password Expiration Notification Tool

Statistics show that password-related issues are some of the most common queries received by IT support teams. By automating password expiration notifications, organizations can reduce these calls and save valuable resources.

To help you address this challenge, we’ve created two Power Automate flows that make password expiration management a breeze. The best part? You can easily import our pre-built package into your Power Automate environment and have the flow running in no time, sending email notifications to users before their passwords expire.

  1. Learn how to create password change reminders using Power Automate and streamline password management and reduce support requests.
  1. Discover how to set up password expiry notifications with 7-day follow-up emails, ensuring users stay informed and never miss a password update deadline.

🔐 Microsoft 365 Security Settings

Last year, we placed a strong emphasis on enhancing Microsoft 365 security and compiled a series of blogs to help you strengthen your organization’s protection. Some of the most important ones are listed below.

1. Microsoft Teams Security Settings

Securing Microsoft Teams is no easy feat, with aspects like meetings, messaging, and guest access to manage. It’s not just about tweaking a few settings; it’s a process that requires time to ensure full security.

In our Teams security settings guide, we have covered setting up security for Teams meetings to control who joins and what’s shared. Additionally, we have shared best practices for secure messaging to protect sensitive communications and prevent data leaks.

2. Disable Self-service Purchases using M365 Admin Center

Managing self-service purchases in Microsoft 365 was a challenge for admins, as they had to disable the capability for each product individually using the MSCommerce PowerShell module. This process was time-consuming and often led to unnecessary costs and compliance risks.

However, in mid-September 2024, Microsoft introduced disabling self-service purchase from the M365 admin center, making it easier for admins to manage self-service purchases and trials.

3. Microsoft Entra Private Access and Internet Access

Securing access to both internal and external resources remain a challenge. We covered two separate blogs on Microsoft Entra Private Access and Entra Internet Access.

  • Microsoft Entra Private Access – This identity-centric Zero Trust Network Access (ZTNA) solution enables users to securely access private company resources like applications and data. Whether they’re working from home, remotely, or in the corporate office, users are protected.
  • Microsoft Entra Internet Access – This secure web gateway protects users, devices, and data by monitoring and controlling online activities. It simplifies decision-making by combining identity and network access solutions, eliminating the need for organizations to manage separate tools.

4. Manage Device Identity and Application Security in Microsoft 365

Unauthorized devices accessing company resources is a growing security concern. In this blog, we’ve covered how device identity security settings in Entra ID empower admins to regulate device registrations, helping reduce security risks by preventing unauthorized devices from accessing sensitive information and ensuring only trusted devices are granted access.

Similarly, managing application security and preventing unauthorized access to sensitive data is crucial for compliance. In this blog, we’ve explored how configuring application security for Microsoft 365 apps, and third-party applications can prevent unauthorized access and reduce the risk of breaches

5. Use Privileged Access Management and Just-in-Time Access

Leaving administrative access unchecked puts critical resources at risk. We’ve discussed how to create and manage Privileged Access Management (PAM) using the M365 Admin Center. By creating PAM, you can reduce security risks by limiting admin access to critical resources.

6. Block Uploading Specific File Types in SharePoint Online

Blocking risky file types like .exe, .bat, and .rar helps protect Microsoft 365 environments from malicious content. Therefore, restrict specific file type uploads in SharePoint and OneDrive to maintain security and control, as explained in this blog.

Recommended Security Practices for Microsoft 365 Admins

The importance of strong security best practices in Microsoft 365 cannot be overstated. Throughout 2024, we have compiled numerous best practices blogs to help admins strengthen their security posture. Here, we present some of the most carefully curated best practices blogs, found helpful by various admins across the community.

1. Best Practices for Break Glass Accounts

Break glass accounts in Entra ID are essential for maintaining access during emergencies. By following best practices, such as creating two emergency access accounts, adopting strategic names, etc., you can ensure you’re never locked out of your tenant.

Explore best practices for managing break glass accounts to keep your organization prepared for any crisis.

2. Top 5 Microsoft 365 Features Every Admins Should Disable

While Microsoft regularly rolls out exciting features, not all are universally welcomed. Some have sparked debates among admins, leading to efforts to disable or deactivate them.

This blog reveals the top 5 Microsoft 365 features that have caused a stir and explains why disabling them might be beneficial.

3. Top 15 Vulnerabilities in Microsoft 365

Even with robust security systems, vulnerabilities can emerge due to misconfigurations, human error, or insufficient security practices.

Uncover 15 hidden vulnerabilities in Microsoft 365, helping you identify and mitigate potential risks to your organization’s security.

4. Safeguard Ex-employee Data Using Inactive Mailboxes

Storing former employee data in Shared Mailboxes (SMBs) or inactive mailboxes has been a long-discussed topic, especially concerning security and compliance. When ex-employee data is mishandled, both security and compliance can be jeopardized.

We discussed how using Inactive Mailboxes for employee-departing offers a secure solution for retaining ex-employee data, preventing risks linked to improperly handled offboarded accounts.

PowerShell Solutions for Efficient Microsoft 365 Management


Not only have we helped you improve Microsoft 365 management, but our PowerShell scripts also take it a step further, automating processes for greater efficiency. These solutions cover areas that lack direct native reports, helping to streamline and automate your Microsoft 365 management tasks.

Behind the Scenes of Microsoft 365: The Memes Edition

This section is dedicated to bringing some lighthearted fun to your Microsoft 365 journey. Check out our curated collection of memes that humorously capture the everyday challenges and wins of managing Microsoft 365—because even admins need a good laugh!

We believe these memes speak for themselves and you don’t require a caption! 😌

We hope this roundup gave you a comprehensive glimpse into the latest updates, best practices, and insightful solutions within Microsoft 365. Thanks for reading and stay tuned for more!🤩

In 2025, we promise to bring even more valuable blogs, packed with practical insights and solutions. Stay tuned and continue following us for the latest in Microsoft 365 management!