04Jan2024
08Jul2023
Should I use Hybrid Azure AD Join or not?
I consulted with an MSP recently about one of their larger customers, and whether or not to implement Hybrid Azure AD Join for existing Windows workstations (joined to traditional Active Directory). The classic consultant answer of course is, "It depends." In certain cases, perhaps. But in truth and in practice,...
06Jun2023
Can I use Windows 365 as a Privileged Access Workstation?
It has been a while since we did a question from a reader. This one has been in my inbox for a while now, but since I just recently covered Windows 365 with our peer group, my offline conversation from a few months ago came to mind again, and I...
19Aug2022
Reader Question: How can I set up a “Deny-by-Default” Conditional Access Policy?
It has been a while since I took a question from a reader and turned it into a blog post. It is one of my favorite things to do here on ITProMentor, but the “busy-ness” of life has taken me away from the keyboard a lot in recent months. Now...
02Jun2022
What are the limitations with Microsoft Defender for Business Standalone?
Most of my readers will already be familiar with Microsoft Defender for Business (MDB), which is included with Microsoft 365 Business Premium. And a majority of those will be deploying MDB as one part of a broader security solution which includes other services within the Business Premium bundle. But a...
18May2022
Making sense of the many DLP options for Microsoft 365
One of my readers wrote to me recently about an article that I penned a couple of years ago, on the topic of Data Loss Prevention in Microsoft 365. They pointed out that my breakdown was a bit dated now, and that the Microsoft universe seems to have become more...
02Apr2021
Moving to Microsoft 365 means getting to know your data (and your business)
Through my website's contact form, I still hear about botched migrations to Microsoft 365 on a regular basis. This is usually due to exactly one problem: ignorance about the process, as well as ignorance about the datasets being migrated, as well as ignorance about the various tools that we have...
09Mar2021
There is no panacea, there is no silver bullet
I had a really interesting question come up during one of my recent online courses. One of the participants asked whether device management, and even MAM (application-based management) were necessary anymore, now that we have stuff like MIP and Sensitivity Labels. I was taken aback by this question and I...
09Feb2021
The realities and limitations of managing personal (BYOD) devices in Microsoft 365 and Endpoint Manager
These days, I am willing to bet that I get asked about BYOD endpoints over corporate endpoints 10 to 1. Personal devices (even personal Windows devices) are creeping into the workplace more and more, especially with so many working from home. And this does present a few challenges for those...
29Jan2021