Opinion

Hybrid Azure AD Join or not?

Should I use Hybrid Azure AD Join or not?

I consulted with an MSP recently about one of their larger customers, and whether or not to implement Hybrid Azure AD Join for existing Windows workstations (joined to traditional Active Directory). The classic consultant answer of course is, "It depends." In certain cases, perhaps. But in truth and in practice,...
Read more...
The three opportunities for MSP's moving forward

The three opportunities for MSP’s moving forward

The writing has been on the wall a while now; with a mass exodus to cloud services such as Microsoft 365 from traditional on-premises infrastructure, it was only a matter of time before those selling MSP services had to either evolve or die off. And with recent high-profile attacks against...
Read more...
Moving to Microsoft 365 means getting to know your data (and your business)

Moving to Microsoft 365 means getting to know your data (and your business)

Through my website's contact form, I still hear about botched migrations to Microsoft 365 on a regular basis. This is usually due to exactly one problem: ignorance about the process, as well as ignorance about the datasets being migrated, as well as ignorance about the various tools that we have...
Read more...
There is no panacea, there is no silver bullet

There is no panacea, there is no silver bullet

I had a really interesting question come up during one of my recent online courses. One of the participants asked whether device management, and even MAM (application-based management) were necessary anymore, now that we have stuff like MIP and Sensitivity Labels. I was taken aback by this question and I...
Read more...

Reader question: Do you recommend Defender in place of third-party antivirus or security tools?

It feels like it has been a while since I addressed a reader question on the blog. This is one I get frequently, all the more so in recent months since Microsoft Defender for Endpoint (formerly Microsoft Defender ATP) became available as a standalone subscription via CSP. Previously, it was...
Read more...

Cloud vs. On-prem and the future of Managed Services

Is the on-prem model (e.g. legacy AD with file shares, Windows Server-based apps, etc.) 'better' in some cases than SaaS alternatives like Microsoft 365, GSuite, Ping, Okta, Salesforce, DropBox, or whatever? In the SMB space, I really struggle to advocate for on-prem anymore, and I mean REALLY struggle. And that's...
Read more...

Behold: The Power of Sensitivity Labels

Even though some people are aware of the concepts of Data Classification and tools such as Microsoft 365 Sensitivity Labels, I do not think that many of us out there have yet grasped the full implications, or taken the long view, so to speak. Note: this is a longer read....
Read more...

My opinion on Microsoft Threat Protection for the SMB

Since I released my guide on Microsoft 365 E5 Security and Microsoft Threat Protection, I have been getting a lot of questions and comments about my stance on the use of these products for SMB customers. I left it too neutral, I guess, in the original publication. So, let me...
Read more...

Helping IT Consultants Succeed in the Microsoft Cloud

Have a Question? Contact me today.