In this article, Sean McAvinue explains what an Azure AD Assessment is and how it can assess and report on your Entra ID configuration, as well as plan the remediation of any discovered issues.
On the show this week, Steve, Paul and Rich are joined by Microsoft's VP Director of Identity Security, Alex Weinert, to discuss almost all things related to securing identities. We hear about what happened behind the scenes during Storm-0558, and we discuss essential steps to protect Microsoft 365. And we discuss the latest news in the world of Microsoft 365 - in particular we discuss the new Teams 2.1 client that recently became GA, and for those still running on-premises or Hybrid Exchange Servers, it is time to get patching.
Group-based licensing is a simple way to automate the distribution of licenses to members of security groups. In this article, we review how the mechanism works and show how to automate operations with PowerShell. Finally, we update the tenant licensing report to include group-based licensing and to highlight duplicate license assignments.
This blog is a recap of Sean Metcalfs TEC session on The Current State of Microsoft Identity Security: Common Security Issues and Misconfigurations.
Many questions arose from the announcement of the Microsoft 365 multi-tenant organization (MTO) feature, In this article, I examine some practical aspects of multi-tenant organizations and examine why MTO does not replace the need for tenant-to-tenant migrations.
Microsoft has long been asked to support guest account expiration, just like the functionality available for on-premises Active Directory accounts. Engineering priorities have not allowed the developers to work on the feature, but it's possible to do the job with PowerShell as we explain here.
With the move to the cloud, many organizations synchronize identities to Azure Active Directory. This makes an attacker’s job easier as they have a single point where they can attempt to compromise accounts. In this article, Thijs Lecomte walks through the protection and detection mechanisms available to repel password spray attacks.
Deleted Entra ID users enter a soft-deleted 30-day period. During this time, administrators can recover accounts. You might want to remove deleted accounts before this period lapses. As explained in this article, this is easily done using PowerShell.
