Thijs Lecomte, Author at Practical 365

About Thijs Lecomte

Thijs is a passionate Modern Workplace Consultant. Born and raised in Belgium, he currently works at The Collective Consulting as a Senior Microsoft 365 Consultant where he focuses on Client Management, Security and Automation. In January 2021, Thijs was recognized with the MVP Award in the ‘Enterprise Mobility’ category.

During his free time Thijs is active on the Microsoft Tech Community to spread knowledge and help other people, sharing insights and tips on topics ranging from Microsoft Endpoint Manager to Azure Sentinel and Logic Apps.

Why Separate Microsoft 365 Administrator Accounts are Critical to Security Posture

January 18, 2022 by Thijs Lecomte 2 Comments

There’s a lot of debate around the need to separate Microsoft 365 administrator accounts, especially when controls such as Privileged Identity Management exist within an organization. However, even with PIM there are remaining security concerns which necessitate the operation of separate accounts. This article explains the importance of using separate accounts; details how to target different Conditional Access policies for admin and user accounts and highlights how this approach increases your security posture and limits potential attack vectors against administrator accounts.

Identifying Potential Unwanted Access by Your MSP/CSP Reseller

January 14, 2022 by Thijs Lecomte 1 Comment

Over the past few years, there’s been an escalation in supply chain attacks where an attack on a partner company (like Kaseya or Solarwinds) has a direct effect on customers. A strong security posture is more important than ever as these attacks increase in frequency and sophistication, and this applies to Microsoft partners as well. Lately The Microsoft Threat Intelligence Center has reported seeing a significant rise in the number of attacks targeting Microsoft partners with Delegated Admin Permissions (DAP). This article unpacks the major issues around DAP and provides alternative solutions that grant your partner the level of access they need, while still maintaining a strong security posture for your tenant.

Set up Microsoft Sentinel as a single pane of glass for Microsoft 365 alerts

January 3, 2022 by Thijs Lecomte Leave a Comment

Microsoft Sentinel helps organizations protect their Microsoft 365 tenants by providing insight into activity that might require investigation. This article shows how to set up Microsoft Sentinel with a basic configuration that delivers a great deal of value by enhancing your security posture. In just four simple steps, you can connect Microsoft Sentinel to other Microsoft Cloud Security products to get a single pane of glass for incidents and automate security response through playbooks.

When does enabling Microsoft Sentinel make sense?

December 9, 2021 by Thijs Lecomte Leave a Comment

While Microsoft Sentinel is certainly an excellent product, many organizations lack clear understanding around Microsoft 365 Defender and if it also provides a way to aggregate multiple security products. Microsoft MVP Thijs Lecomte explores the differentiators in this article: having a bird’s eye view across security products, automation, third-party data sources, and more importantly – why you should enable it.