If there's one topic all administrators can agree on, it's that security is something every organization should work to improve in 2022. In this two-part article series, we explain ten different ways to improve tenant security that every administrator should consider. The first part reviews five ways to harden tenant security without the need for extra licenses, using controls that every organization can implement.
As many organizations adapt legacy scripts to use app authentication instead of traditional service account credentials, security can be compromised if certain risks are overlooked. While app secrets can be great for testing code, there’s a reason they have an enforced expiry date - the longer a secret exists in production, the higher the risk it will become compromised. The methods described in this article will help build a good foundation for app authentication while keeping security top of mind when creating or updating automation scripts.
Attack Simulations are Microsoft’s foray into a crowded field of competitors who provide a service that trains users to recognize dangerous email with simulated Phishing or malware-infested messages. Microsoft has continually added features and functionality since they released Attack Simulations, including additional simulation types, different payloads, custom payloads, customizable training and more. The most recent upgrades are RBAC permissions and end user notifications. These two additions to Attack Simulation Training are a great incentive to deploy and adopt this functionality, as End User communications are the key enhancement that make this feature worthwhile for an organization.
The number of guest accounts in Azure AD keeps growing, largely due to usage in Microsoft Teams. In this article, we describe five basic management steps to control where guests come how, how they connect, what they can do and access, and removing inactive guests. It's the kind of thing all Microsoft 365 tenants should do.
Conditional Access policies provide many security benefits, from the implementation of MFA in a user-friendly way, to the controls that can limit what data users access or download. However, the process of setting up CA policies is daunting to some at first. This article provides some thought processes and best practices to make this security initiative more manageable.
Join myself and Paul Robichaux for this week's latest episode of the podcast to discuss a plethora of updates in Microsoft 365. Plus we're joined by Microsoft MVP Theresa Miller to discuss all things VDI with Microsoft 365. We chat about Azure Virtual Desktop, Citrix, VMware and much more, from the point of view of Microsoft 365 IT pros.
Azure Automation runbooks can run Exchange Online PowerShell code on sandbox machines. Is this a good way of getting work done? In this article, we examine how to create an Azure automation account, a RunAs account, and some runbooks for PowerShell code to run against Exchange Online and other Microsoft 365 data.
There’s a lot of debate around the need to separate Microsoft 365 administrator accounts, especially when controls such as Privileged Identity Management exist within an organization. However, even with PIM there are remaining security concerns which necessitate the operation of separate accounts. This article explains the importance of using separate accounts; details how to target different Conditional Access policies for admin and user accounts and highlights how this approach increases your security posture and limits potential attack vectors against administrator accounts.
With an increasing number of companies moving to Intune for endpoint management, more applications must be deployed via Intune to ensure users can access the applications they need to perform job functions. This article walks you through the steps to deploy a legacy application and guides you through converting an .exe installer into an import-ready format for Intune.
Microsoft launched the preview of Azure AD custom security attributes on December 1. Custom attributes are well known to Exchange administrators. In this article, we look at how to create and add Azure AD custom security attributes, how to transfer data from Exchange to Azure AD, and how to retrieve information from the attributes. Azure AD custom security attributes have some advantages, but they also have some downsides.
Microsoft Sentinel helps organizations protect their Microsoft 365 tenants by providing insight into activity that might require investigation. This article shows how to set up Microsoft Sentinel with a basic configuration that delivers a great deal of value by enhancing your security posture. In just four simple steps, you can connect Microsoft Sentinel to other Microsoft Cloud Security products to get a single pane of glass for incidents and automate security response through playbooks.