Yes, there’s a limit on the size of your user mailbox, but you can effectively double its size or more by leveraging your archive mailbox. And some plans offer an unlimited archive mailbox.

Office 365 plans E3 and E5 provide 100GB user mailboxes and unlimited mailbox archiving ..and then there’s the archiving that’s NOT unlimited. Office 365 plans Business Essentials and Business Premium provide 50GB user mailboxes and 50GB archive mailboxes.

In Microsoft 365, things are a bit different. The same 50GB goes for the Microsoft 365 Business user mailbox, but there’s an unlimited archive mailbox. Microsoft 365 Enterprise has the 100GB limitation on the user mailbox and unlimited on the archive mailbox, too.

“Microsoft 365 Business includes Exchange Online Archiving subscription. Each Exchange Online Archiving subscriber initially receives 100 GB of storage in the archive mailbox. When auto-expanding archiving is turned on, additional storage is automatically added when the 100 GB storage capacity is reached.”

Please bear in mind that archive mailboxes are also searchable.

Scott Abbotts – and

Too many IT providers live in a warped world when they think they should be feared and revered by the customer. And just because it’s good for that IT organization’s pocketbook does not mean it’s good for the customer.

The customer needs to perform their own due diligence – they need to become informed of the most current and correct best practices. But to assume that their current IT provider is acting in their best interest could result in the purchase of goods and services that are unnecessary and/or outdated.

When it comes time to consider the replacement of your on-premise server (or consider your first server), also consider that you might leverage cloud-based services. If your IT organization pushes back hard with unfounded or complicated objections to these alternate methods, then it’s time to get another point of view.

For example, most IT providers will tell you that an on-premise Active Directory server is an absolute neccesity for businesses with 5-10 users or more. But Microsoft now says otherwise, especially when it comes to their latest Microsoft 365 Business offering:

“To realize the full value of Windows 10, Windows 10 PCs need to be joined to Azure Active Directory. You may use Microsoft 365 Business with Windows 10 devices joined to on-premises Active Directory but it is not recommended because you won’t be able to enforce policies from the Microsoft 365 Business Admin console.”

The on-premise solution for policy enforcement has historically been Windows Server Active Directory. But Azure Active Directory is cloud-based and an on-premise *server is not required*.

To learn more, schedule 15 minutes or an hour of consultation for free: or

There was a security flaw discovered last week that exposes a vulnerability in Office 365, which splits a harmful link into two pieces, each within separate email messages, only to be reassembled into a malicious link later.

Microsoft’s response thus far is this: “Microsoft has a customer commitment to investigate reported security issues and provide resolution as soon as possible. We encourage customers to practice safe computing habits by avoiding opening links in emails from senders they don’t recognize.”

I have to agree with this stance. We cannot rely solely on technology to prevent ourselves from oursleves. This is where training is of utmost importance and it’s why I include ongoing training within the managed services plans that I offer at Resolute IT.

But back to technology, as much as there is the human factor – that one slice of cheese with the hole in just the right spot – the best practice is to have several other layers in place to mitigate that vulnerability. According to Cisco, layered security should like this:

Access control

Not every user should have access to your network. To keep out potential attackers, you need to recognize each user and each device. Then you can enforce your security policies. You can block noncompliant endpoint devices or give them only limited access. This process is network access control (NAC).

Antivirus and antimalware software

“Malware,” short for “malicious software,” includes viruses, worms, Trojans, ransomware, and spyware. Sometimes malware will infect a network but lie dormant for days or even weeks.

Application security

Any software you use to run your business needs to be protected, whether your IT staff builds it or whether you buy it. Unfortunately, any application may contain holes, or vulnerabilities, that attackers can use to infiltrate your network. Application security encompasses the hardware, software, and processes you use to close those holes.

Behavioral analytics

To detect abnormal network behavior, you must know what normal behavior looks like. Behavioral analytics tools automatically discern activities that deviate from the norm. Your security team can then better identify indicators of compromise that pose a potential problem and quickly remediate threats.

Data loss prevention

Organizations must make sure that their staff does not send sensitive information outside the network. Data loss prevention, or DLP, technologies can stop people from uploading, forwarding, or even printing critical information in an unsafe manner.

Email security

Email gateways are the number one threat vector for a security breach. Attackers use personal information and social engineering tactics to build sophisticated phishing campaigns to deceive recipients and send them to sites serving up malware. An email security application blocks incoming attacks and controls outbound messages to prevent the loss of sensitive data.


Firewalls put up a barrier between your trusted internal network and untrusted outside networks, such as the Internet. They use a set of defined rules to allow or block traffic. A firewall can be hardware, software, or both.

Intrusion prevention systems

An intrusion prevention system (IPS) scans network traffic to actively block attacks. Cisco Next-Generation IPS (NGIPS) appliances do this by correlating huge amounts of global threat intelligence to not only block malicious activity but also track the progression of suspect files and malware across the network to prevent the spread of outbreaks and reinfection.

Mobile device security

Cybercriminals are increasingly targeting mobile devices and apps. Within the next 3 years, 90 percent of IT organizations may support corporate applications on personal mobile devices. Of course, you need to control which devices can access your network. You will also need to configure their connections to keep network traffic private.


Software-defined segmentation puts network traffic into different classifications and makes enforcing security policies easier. Ideally, the classifications are based on endpoint identity, not mere IP addresses. You can assign access rights based on role, location, and more so that the right level of access is given to the right people and suspicious devices are contained and remediated.

Security information and event management

SIEM products pull together the information that your security staff needs to identify and respond to threats. These products come in various forms, including physical and virtual appliances and server software.

Web security

A web security solution will control your staff’s web use, block web-based threats, and deny access to malicious websites. It will protect your web gateway on site or in the cloud. “Web security” also refers to the steps you take to protect your own website.

Wireless security

Wireless networks are not as secure as wired ones. Without stringent security measures, installing a wireless LAN can be like putting Ethernet ports everywhere, including the parking lot. To prevent an exploit from taking hold, you need products specifically designed to protect a wireless network.

Please know that you can schedule one free hour of phone consultation by visiting or

Microsoft 365 Business includes the following device and application management features:

  • Mobile Device Management (MDM)
  • Mobile Device Management (MDM) auto-enrollment
  • Mobile Application Management (MAM) for Office apps and LOB apps
  • Windows update management, Defender, Firewall policies
  • Data protection – selective wipe
  • Security Group (SG) targeting for policies
  • Install Office apps on enrolled Windows 10 devices
  • Windows Defender configuration
  • Deploying device profiles and security configuration
  • Enterprise State Roaming for Windows 10 with Azure AD join
  • Self-service BitLocker recovery

Microsoft’s TechNet site goes on to say: “Simplified Windows 10 device management built into Microsoft 365 Business console. Full Intune capabilities for iOS, Android, MacOS, and other cross-platform device management built into Azure console, also licensed for use with Microsoft 365 Business. Third-party apps and configuration of things like WiFi profiles, VPN certificates, and so on, can be managed in the full Intune console.”

My own iOS and MacOS devices are shown above as they’re detected by Office 365’s Intune and its respective Company Portal app.

Free one-hour consultation – scheduled at your convenience at or

Many have commented on Microsoft’s redundant naming conventions, but it is what it is.

Office 365 is a subscription-based suite of productivity software and services that pertain to the office solution that we’ve known since 2011. There was just Office before that and it still remains available as a stand-alone product (thus far), but Microsoft has packaged some very valuable features and services together as an online offering of Office, as well as providing the Office software.

Microsoft 365 is a subscription-based suite of software and services that pertain to the bundling of Office 365 and its related services along with Windows 10. In addition, new security features are integrated, such as Azure Information Protection and Advanced Threat Protection. Another important feature is remote device management; for example, just the company data can be wiped clean from a phone should it become lost or stolen.

Office 365 comes in about 20 or 30 different variations (I’ve lost count), but the two most significant plans for the small business are Business Premium and Enterprise E3.

Microsoft 365 comes in three flavors: Business, Enterprise, and Education.

For more information, please visit or to find the Schedule button for a one-hour free consult.

A colleague of mine recently asked our group, “What will happen to your job or role as it relates to the IT industry in the next 5-10 years?” One of the answers from this group of peers: “Training and cloud admin work.”

Some say, “There will always be wiring in the walls.” But as 5G approaches, the wiring might eventually stop out on the street. Even now, one of the most significant trends in office infrastructure is wireless mesh networks with administration. And on the consumer side, Spectrum currently offers its “Community Solutions” managed Wifi for apartments, marinas, RV parks, and student campuses.

Some say that you still need a domain controller server for Active Directory. But look at Microsoft’s own Azure Active Directory, which is designed to work in the cloud and manage mobile devices and computers far from the confines of the office. Securing identities and company data is no longer reliant upon a local machine.

From the palm of my hand, I can access company documents on my iPhone that are stored in the cloud on OneDrive. But now that I use Microsoft 365 and its Enterprise Mobility + Security component, I’m restricted by the security measures of Azure Information Protection and Azure Rights Management, such as the inability to copy and paste company data into a Tweet.

Single-sign-on authentication and self-service password resets are also signs that the future is here.

Configuring cloud-based security and ongoing training of the remote worker are fundamental to the modern workplace experience.

Please visit or to learn more by scheduling a free one-hour consult.

I pulled the trigger on Microsoft 365 today, affectionately know as M365. I couldn’t stand the suspense, so I switched plans from my Office 365 Enterprise E3 to Microsoft 365 Business.

The cost was the same – $20 a month. With M365 I not only get Office 365, but Windows 10 and Enterprise Mobility + Security (EMS). On my MacBook Pro, I can now install Office 2016 for Mac, run a licensed copy of Windows 10 on a virtual machine, and with EMS, I can, according to Microsoft:

Control identity + access in the cloud

Centrally manage single sign-on across devices, your , and the cloud.

Get identity-driven security

Comprehensive, intelligent protection against today’s advanced attacks.

Manage mobile devices + apps

Securely manage apps and data on iOS, Android, and Windows from one place.

Protect your information

Intelligently safeguard your corporate data and enable collaboration.

Virtualize your desktops

Efficiently deliver and manage Windows desktops and apps on all devices.

When your employees install software on their own without company consent, this is called Shadow IT. They might have good intentions, but this activity can lead to unwanted results.

The answer to this is Azure Active Directory (AAD) as a part of the Enterprise Mobility + Security (EM+S) suite and Intune for remote device management. And in most cases, AAD is included in Office 365.