18May
02Apr
Moving to Microsoft 365 means getting to know your data (and your business)
Through my website's contact form, I still hear about botched migrations to Microsoft 365 on a regular basis. This is usually due to exactly one problem: ignorance about the process, as well as ignorance about the datasets being migrated, as well as ignorance about the various tools that we have...
09Mar
There is no panacea, there is no silver bullet
I had a really interesting question come up during one of my recent online courses. One of the participants asked whether device management, and even MAM (application-based management) were necessary anymore, now that we have stuff like MIP and Sensitivity Labels. I was taken aback by this question and I...
09Feb
The realities and limitations of managing personal (BYOD) devices in Microsoft 365 and Endpoint Manager
These days, I am willing to bet that I get asked about BYOD endpoints over corporate endpoints 10 to 1. Personal devices (even personal Windows devices) are creeping into the workplace more and more, especially with so many working from home. And this does present a few challenges for those...
29Jan
Devices or Users: When to target which policy type in Microsoft Endpoint Manager (Intune)
A new reader question came across my desk the other day. In truth, it is not the first time I have answered this question, but I realized that I could probably repeat myself less if I simply write an article and publish it. The question is: When working in Microsoft Endpoint...
22Dec
Reader question: Do you recommend Defender in place of third-party antivirus or security tools?
It feels like it has been a while since I addressed a reader question on the blog. This is one I get frequently, all the more so in recent months since Microsoft Defender for Endpoint (formerly Microsoft Defender ATP) became available as a standalone subscription via CSP. Previously, it was...
16Nov
How much security is ‘enough’ security? Looking at Microsoft 365 Defender vs. Azure Sentinel
How much security is 'enough' security? This is in fact a trick question, I just threw it in there to get your attention. When it comes to security, one can never be 'safe,' but only 'safer' (even with the most expensive of cybersecurity tools and talented, dedicated humans to back...
01Sep
A simpler Conditional Access baseline
Some folks have written to me about the "complexity" of my Conditional Access guide and were hoping to find something a bit simpler. This surprised me, and initially I shrugged it off. But I have heard this feedback more than once now, so I decided to take this thought experiment...
28Jul
Is “Best Practices” a myth?
I often find myself musing over this question these days. Granted, I actually do publish something called The Microsoft 365 Best Practices Checklists--but really these are more like recommendations. In fact, I recently updated them to include governance decisions around collaboration (e.g. affecting apps such as OneDrive for Business, Teams...
14Jul