Technical

Unboxing Microsoft Defender for Business: Device-based Conditional Access

Unboxing Microsoft Defender for Business, Part 4: Integration with MEM and Conditional Access

Welcome back to this series! Microsoft Defender for Business (MDB) is a huge product with lots of ground to cover. So far we have discussed the Simplified configuration process, Threat & Vulnerability Management, and Attack Surface Reduction Rules. Since we began our series an exciting thing has happened: MDB has been...
Read more...
Unboxing MDB, part 3: ASR rules

Unboxing Defender for Business, Part 3: Attack Surface Reduction rules

If you haven't been following this series, let me catch you up. First, understand that Microsoft recently made a huge announcement: their enterprise-class endpoint security solution, known as Microsoft Defender for Endpoint, has been re-packaged and released for the SMB (and included in the popular Microsoft 365 Business Premium SKU)...
Read more...
Unboxing Defender for Business, Part 2: Threat & Vulnerability Management

Unboxing Defender for Business, Part 2: Threat & Vulnerability Management

Last time we looked at how to get started with Microsoft Defender for Business and the so-called "Simplified configuration process," which helped us onboard our first Windows devices and apply basic policies to manage antivirus and firewall settings across the organization. In this blog post, we will ask the question:...
Read more...
Multi-tenant management for Microsoft 365, and other things

Multi-tenant management for Microsoft 365, and other things

IT service providers are constantly looking for more efficiency, and better ways to manage their customers' hardware and software assets. In the Microsoft realm, we finally have Microsoft 365 Lighthouse, which is now in public preview. Some of my MSP customers have raised question marks around its current feature set...
Read more...
Fast and Free Incident Response Tools in Microsoft 365

Fast and Free Incident Response Tools in Microsoft 365

As part of the SquareOne Summer Security Series, our group recently explored the topic of Incident Response in Microsoft 365. This was a very well-received course, and I felt a blog post was in order to cover off on some of the important content from that segment, which I think...
Read more...
Simple Sensitivity Label design for the SMB

Simple Sensitivity Label design for the SMB

In the recent updates to the CIS Controls (v8), one of the most noticeable changes was the re-prioritization of Data Protection (now Control #3, up from #13 previously). This control calls out a number of safeguards: inventory of sensitive data and data classification is among them. Sensitivity labels can help...
Read more...
Updates to the CIS Controls and Free Microsoft 365 Assessment Workbook

Updates to the CIS Controls and Free Microsoft 365 Assessment Workbook

I know my community is already familiar with the CIS Critical Security Controls, as well as the free assessment workbook that I adapted from AuditScripts to apply to Microsoft 365 environments. This week, the Center for Internet Security released updates to the framework (we are now on v8). You can...
Read more...
Choosing (and implementing) your strategy for personal devices

Choosing (and implementing) your strategy for personal devices

In a recent Microsoft blog announcing some cool new discovery features in Microsoft Defender for Endpoint, there is an interesting (but hardly surprising) statistic shared: your users are 71% more likely to be infected on an unmanaged device. Now the thrust of the article is around discovering assets in your environment...
Read more...

The realities and limitations of managing personal (BYOD) devices in Microsoft 365 and Endpoint Manager

These days, I am willing to bet that I get asked about BYOD endpoints over corporate endpoints 10 to 1. Personal devices (even personal Windows devices) are creeping into the workplace more and more, especially with so many working from home. And this does present a few challenges for those...
Read more...

Helping IT Consultants Succeed in the Microsoft Cloud

Have a Question? Contact me today.