Microsoft is rolling out Phase 2 of Azure services MFA enforcement starting October 1, 2025. This update requires MFA for all Azure Resource Manager operations. In this article, we dive into what you need to do to comply with the new enforcement requirements.
In this episode of Practical Protection, we discuss Microsoft’s Secure Future Initiative and what their latest progress report reveals about improving identity protection, reducing privileged access, and accelerating vulnerability response—and what you can take from it to strengthen your own environment.
In this episode of Practical Protection, we discuss the recent On-premises SharePoint ToolShell exploit and what you need to know and do to protect your environment.
In the grand scheme of things, tracking your Office application updates may not seem of critical importance, but unpatched apps can turn into an attack surface. In this installment of Practical Protection, we highlight two free tools in the Microsoft 365 Apps admin center that help you track and manage Office updates.
In this episode of Practical Protection, we explore securing Power Platform environments, covering the basics of environment isolation, governance strategies, and lifecycle management.
In this episode of Practical Protection, we dive into the basics of Threat Hunting, tools you can use, and even some DIY hunting advice.
In this installment of Practical Protection, we look at Microsoft’s new OneDrive feature that prompts users to sync personal accounts on managed devices. While intended to reduce shadow IT, it risks exposing corporate data. With no option for admins to opt-out, we provide some advice on what you should do to prepare.
Any time you allow a third-party application to run in a system you own or control, you’re assuming risk. In this episode of Practical Protection, we discuss how to reduce that risk by managing app consent in Microsoft Entra ID, as well as a few other alternatives.