Azure Active Directory

Latest Articles

Performing a Conditional Access Assessment with PowerShell

Conditional access policies grow and change as the tenant grows and changes, but not all of the old policies, groups and assignments are not always tidied up, leaving complex web of policies that target different groups or apps. To gain insights into this mess, I created a PowerShell script to document not just Conditional Access policy settings, but also detail who is impacted by each policy and why.

June 20, 2022

Using Microsoft Defender for Cloud Apps to Manage Third-Party Apps Better

I used Microsoft Defender for Cloud Apps in a project with Microsoft 365 E5 licenses and realized it’s a handy and powerful tool at a reasonable price even if purchased as a standalone product. This post will outline practical use cases for using it to monitor and enforce restrictions on Microsoft 365 apps and some third-party apps to reduce the likelihood of information leakage.

June 15, 2022

When You Should Disable Azure AD Security Defaults

Security Defaults is a control in Azure Active Directory which has been around since 2019 and is enabled by default on new tenants created after October 2019. Microsoft recently announced they will now start turning on Azure AD security defaults for existing tenants. Throughout this blog we will explore what this means and if Security Defaults is the right fit for your organization.

June 13, 2022

Microsoft Plans Big Security Improvement for Unprotected Office 365 Tenants

Microsoft plans to enable Azure AD Security Defaults for Office 365 tenants created prior to October 2019. The move will protect an additional 60 million Azure AD accounts against common attacks by enforcing MFA more broadly. It's a big deal in terms of improving the overall security posture of Office 365. If you don't want to use Security Defaults, tenant administrators can switch them off.

June 1, 2022

Three Steps to Securing Microsoft Teams

Any discussion about securing Microsoft Teams can rapidly descend into a detailed debate about different policy settings. But when you focus on what really needs to be done, it's all about making sure that user access is secure, external access is controlled, and individual teams are managed. Easy!

May 23, 2022

Using Cross-Tenant Access Settings for Azure B2B Collaboration

When Microsoft released cross-tenant access settings into preview, the natural focus was on how this capability enabled external access to Teams shared channels. However, the story is deeper because cross-tenant access settings are also available for Azure AD B2B Collaboration (aka guest user access). A different blocking mechanism is used and it delivers better results, once you're used to the new method.

April 18, 2022