Azure AD system-preferred authentication means that users must use their strongest authentication method when they sign-into Azure AD. The change emphasizes the desirability of strong authentication methods over weak. Now in preview, Microsoft plans to make the policy effective for everyone in July 2023.
Microsoft 365 security is a big topic. Focus is important when it comes to getting things done. In this article, we suggest five areas that administrators could work on during 2023 to improve the security posture of their tenant. You might already have established full control over some of these areas. Even if you have, it's still good to consider if you can improve security.
In this article, Julian Stephan reviews the most common user experience scenarios to consider in your tenant-to-tenant migration planning and how to add in the adoption of security and productivity features.
Tips and Techniques to Avoid Common Issues In a previous post, I discussed how to leverage the Microsoft Tunnel solution to control access to your Microsoft 365 environment. In this article, I discuss deploying the Microsoft Tunnel VPN gateway in an enterprise environment. Basic Deployment The basic steps to deploy the Microsoft Tunnel VPN gateway […]
Control Your Configuration as Migrations Unfold It can be quite a challenge to maintain workload configurations in a Microsoft 365 tenant. Small to medium size organizations might have administrators responsible for the management of the entire tenant. Large enterprise organizations might assign different people to manage different workloads. All share a common responsibility of keeping […]
Microsoft plans to enable Azure AD Security Defaults for Office 365 tenants created prior to October 2019. The move will protect an additional 60 million Azure AD accounts against common attacks by enforcing MFA more broadly. It's a big deal in terms of improving the overall security posture of Office 365. If you don't want to use Security Defaults, tenant administrators can switch them off.
As many organizations adapt legacy scripts to use app authentication instead of traditional service account credentials, security can be compromised if certain risks are overlooked. While app secrets can be great for testing code, there’s a reason they have an enforced expiry date - the longer a secret exists in production, the higher the risk it will become compromised. The methods described in this article will help build a good foundation for app authentication while keeping security top of mind when creating or updating automation scripts.
The number of guest accounts in Azure AD keeps growing, largely due to usage in Microsoft Teams. In this article, we describe five basic management steps to control where guests come how, how they connect, what they can do and access, and removing inactive guests. It's the kind of thing all Microsoft 365 tenants should do.