Search for: conditional access policies

179 Results

TEC European Roadshow 2023 – London, Paris, and Frankfurt: Identity and Microsoft 365 Security Tips

At the end of March, Practical 365 traveled with the TEC European roadshow, traveling between three cities in Europe over a week, listening to experts talking primarily about security-focused topics aimed at improving your Microsoft 365, Azure AD and Active Directory. Read our whistle-stop tour of the most important points made by expert speakers.

Continue Reading TEC European Roadshow 2023 – London, Paris, and Frankfurt: Identity and Microsoft 365 Security Tips

Stop Using Phone-Based Responses for Multifactor Authentication

While some methods for MFA responses have security issues, people often overlook their practical advantages. Not everyone is ready to dump a valid authentication method. In this article, we take the journey to removing phone-based responses from your tenant while considering some practical implications.

Continue Reading Stop Using Phone-Based Responses for Multifactor Authentication

Practical Protection: Limiting the Damage from Local Admin Accounts

Because of the way the Windows security model works, it’s not currently possible to eliminate the use of passwords for local administrator accounts. Given that fact, the next best solution is to remediate the biggest problems with passwords for these local accounts, including weakness, reuse, and tenure. In this article, we discuss how the Local Administrator Password Solution (LAPS) helps with all of those!

Continue Reading Practical Protection: Limiting the Damage from Local Admin Accounts

Using Microsoft 365 Auditing and Alerts to Monitor Email Forwarding

Microsoft 365 auditing makes lots of data available to administrators to help them understand what happens in a tenant. When attackers try to compromise accounts, they can leave fingerprints behind in audit data. Being aware of what you might find in the data helps suppress BEC attacks.

Continue Reading Using Microsoft 365 Auditing and Alerts to Monitor Email Forwarding

Microsoft Launches Security Copilot

Microsoft's announcement of Security Copilot is more interesting in some respects than Microsoft 365 Copilot because it promises to help organizations defend themselves better. Of course, we don't know much yet about how Security Copilot will work in the real world, but if Microsoft delivers what it says, Security Copilot could be quite a tool in the battle against the bad guys.

Continue Reading Microsoft Launches Security Copilot

Practical Protection: Dr. Jekyll and Mrs. Hybrid

Hybrid work is really a mixed blessing—while it offers a lot of fantastic benefits for people who are able to take advantage of it, it can introduce some new and unpleasant security issues that you need to be prepared to deal with. This article dives into these new risks and how you can avoid them.

Continue Reading Practical Protection: Dr. Jekyll and Mrs. Hybrid

What Now for Exchange 2013 Customers as End of Support Deadline Looms?

Exchange 2013 support ends on April 11, 2023. After that, Microsoft will not make fixes for security or functionality problems available to customers. It's time to make the decision to upgrade to Exchange 2019 or move to Exchange Online. Most organizations will find that Exchange Online is the right choice. Exchange 2019 is appropriate for organizations that have the right skills, experience, and investment to run a secure Exchange service.

Continue Reading What Now for Exchange 2013 Customers as End of Support Deadline Looms?