Using Device Control in Defender for Endpoint to Block USB Drives
Copying data from Windows endpoints to USB storage devices is one of the largest sources of data leakage. In this article, we discuss two simple solutions to avoid this problem.
Copying data from Windows endpoints to USB storage devices is one of the largest sources of data leakage. In this article, we discuss two simple solutions to avoid this problem.
Terminating employees is never fun, but it does happen. And when it happens, you need to know the necessary steps for removing their access. This blog serves as a checklist for removing employees with Microsoft 365 Accounts,
Defender for Endpoint gathers system information to support operation and detection needs. We can then leverage that data to build a custom report to show the deployment status. This blog walks through that process using KQL.
Microsoft recently released a revamped version of LAPS that can store the local admin password in Entra ID to work with cloud-managed endpoints. In this blog, we dive into deploying LAPS and how to use it to further enhance the security of Windows endpoints.
In this blog, James Yip reviews how to use PowerShell to examine details of managed devices and installed apps on endpoints.
In this article, we discuss how to enhance mobile security in MAM, focusing on the Defender for Endpoint functionality and features related to mobile devices, specifically for BYOD scenarios.
Over time, Microsoft 365 tenants often grow and the number of devices and users increases. Instead of adding groups one by one whenever an additional user is added, dynamic groups will simplify your work. In this article, we explain some good reasons to use dynamic groups and some points to keep in mind when using them.
Security is not a one-time thing. We must improve configurations as products evolve and new situations arise. In this blog, James Yip dives into his top five security topics for Microsoft 365 Projects.
In this blog, James Yip explains how to Configure Enterprise SSO in Apple Devices when conducting a macOS deployment.
In this blog, James Yip reviews Microsoft's Entra ID Cross-Tenant Sync feature, and how it can make things a lot easier when deploying a M&A project.
In this Blog, James Yip explains how to conduct sensitive file inventory and background labeling using the Purview Information Protection Scanner.
When it was first available, Microsoft 365 Data Loss Prevention (DLP) policies could only process Microsoft 365 data. Over the last few years, Microsoft expanded the scope for DLP to support these additional environments. In this article, we focus on implementation details around applying DLP to endpoint devices.