What is the Microsoft Graph Activity Log?
In this installment of Practical Protection, we look at Microsoft’s new OneDrive feature that prompts users to sync personal accounts on managed devices. While intended to reduce shadow IT, it risks exposing corporate data. With no option for admins to opt-out, we provide some advice on what you should do to prepare.
With Microsoft Power Platform on the rise with over 56 million monthly active users, governance is vital to reduce potential risk. In this first installment of Practical Power Platform, we discuss essential areas Microsoft 365 admins should focus on, including the Power Platform Admin Center, Data Loss Prevention (DLP) policies, tenant isolation, and Microsoft Purview auditing.
Microsoft Sentinel is based on the Azure stack and thus billed as part of your Azure consumption. It is important to be wary of the monthly cost as it can quickly expand if it is not being watched carefully. In this blog, we provide practical advice on how to manage and optimize your costs in Sentinel.
In this episode, Steve and Paul dissect Microsoft's latest financial report, explore the evolving landscape of Viva Engage, and discuss the rise of Copilot agents. Plus, former Maersk CTO Adam Banks joins to share insights on cybersecurity leadership and the mindset shifts needed in IT.
Model Context Protocol (MCP) is available for use with Microsoft Copilot Studio, enables powerful integrations with external systems—but also introduces new security challenges. This article explores how to securely deploy MCP with Copilot Studio Agents.
I usually reach for the Microsoft Graph PowerShell SDK when I need to automate Microsoft 365 processes. But sometimes, the Graph doesn't work. PnP PowerShell is a great tool for interacting with SharePoint Online, in this instance to check document libraries to find how many have a default sensitivity label configured. The code works, it's reasonably quick, and it's an example of how flexible PowerShell can be in dealing with Microsoft 365.
Microsoft recently announced a breaking change for all Android-based Teams devices. Teams Administrators must prepare some required policies in Microsoft Intune and also check and validate Conditional Access policies. If the changes aren’t made, Teams Android devices cannot log in after the automatic update installation.
A surprise announcement brings the news that the Exchange Online High Volume Email (HVE) solution will only deliver messages to internal recipients from June 2025. Azure ECS is now the sole offering for sending large volumes of email to external recipients. On the upside, HVE will support basic authentication until September 2028 to give tenants the chance to upgrade devices and apps.
Ransomware protection isn’t about a single solution; it’s a layered defense strategy. In this article, we explore a few recommendations that organizations can use to significantly reduce risk and combat ransomware in their tenant.
Any time you allow a third-party application to run in a system you own or control, you’re assuming risk. In this episode of Practical Protection, we discuss how to reduce that risk by managing app consent in Microsoft Entra ID, as well as a few other alternatives.
App secrets are used to authenticate registered apps with Entra ID. App secrets (or passwords) are convenient and easy to use, but they're relatively insecure. The default app management policy for the tenant can block app secrets while custom app management policies can allow selective apps to use app secrets for testing or other well-defined purposes. All explained here.
In the second part of this series on Controlling Access to Microsoft 365 Entra ID Apps, Ingo dives into the process of creating custom Role-Based Access Control (RBAC) to Improve Security in your tenant.
