Practical Protection: Who Watches the Watchers?
Are you on watch for data breaches? This Blog talks about how soft skills, trainings, and investments can be used as tools to minimize the harm from data breaches.
Are you on watch for data breaches? This Blog talks about how soft skills, trainings, and investments can be used as tools to minimize the harm from data breaches.
Most of us don’t spend much time poking around in the unified audit log, but all of us probably should. In this article, we dive into 5 things you need to know about Microsoft 365 auditing.
Recently, security researchers at JumpSec labs identified a vulnerability in Teams that allows malware delivery through Teams chat. Microsoft Acknowledged the vulnerability but didn't release any immediate remedies. In this blog, we will discuss two practical methods to avoiding malware delivery within Teams.
You can’t disrupt a chain if you can’t identify the links. In this blog, Paul Robichaux goes over some of the ways you can break a Kill Chain in your environment. And it all starts with asking yourself the right questions.
Recycling is not only good for the planet, but it's also good for the security of your organization. In this article, Paul Robichaux discusses how to properly dispose of your devices so that you stay protected.
Whether you like it or not, MFA is coming for you! You can either deploy and support MFA for your users, or Microsoft is going to do it for you. The choice is yours. Learn more about how Microsoft will be enforcing MFA in the future, and what you should do.
Because of the way the Windows security model works, it’s not currently possible to eliminate the use of passwords for local administrator accounts. Given that fact, the next best solution is to remediate the biggest problems with passwords for these local accounts, including weakness, reuse, and tenure. In this article, we discuss how the Local Administrator Password Solution (LAPS) helps with all of those!
Implementing zero trust in the world is a big hassle, often uncomfortable, and frequently dorky—plus, it can be expensive. At the same time, moving closer to a zero trust model helps harden your network significantly, and you may already have many of the tools and techniques you need available without much extra cost. In this article, we discuss how to take baby steps toward Zero Trust.
A writeup about the MERCURY attack by the Microsoft Threat Intelligence team reveals how a nation state actor linked to the Iranian government compromised an Azure AD tenant by using the AADConnect tool. In this article, we discuss how the attack developed and what you can do to prevent the same attack techniques being used against your tenant.
In this edition of Practical Protection with Paul Robichaux, we dive into understanding what multi-tenant applications are, what they can do, and how to manage them in order to keep your tenant and users safe.
Conditional Access policies are one of Microsoft's most versatile and flexible security features ever built. However, there’s one area that Conditional Access can help you protect that isn’t as well known—using IP restrictions to control where a specific app can be used.
Managing Office updates is one of those thankless tasks, like taking out the recycling, that is sometimes wearisome but contributes to making the world a better place. This article covers how you can keep track of these updates, and what can go wrong if you don't.