About the Author
Paul is a former Microsoft MVP for Office Apps and Services. He works as a consultant, writer, and trainer specializing in Office 365 and Exchange Server. Paul no longer writes for Practical365.com.
You may withdraw your consent at any time. Please visit our Privacy Statement for additional information
Ransomware protection isn’t about a single solution; it’s a layered defense strategy. In this article, we explore a few recommendations that organizations can use to significantly reduce risk and combat ransomware in their tenant.
Any time you allow a third-party application to run in a system you own or control, you’re assuming risk. In this episode of Practical Protection, we discuss how to reduce that risk by managing app consent in Microsoft Entra ID, as well as a few other alternatives.
App secrets are used to authenticate registered apps with Entra ID. App secrets (or passwords) are convenient and easy to use, but they're relatively insecure. The default app management policy for the tenant can block app secrets while custom app management policies can allow selective apps to use app secrets for testing or other well-defined purposes. All explained here.