Soft (SMTP) vs. Hard (immutableID) matching with Azure AD Connect

08. June 2017 Technical 0
If you are setting up Directory Synchronization from scratch (there are no users in the cloud yet), then Azure AD Connect will be pretty straightforward–the on-premises objects (and passwords if you choose that option) will be synchronized to the cloud, and you can assign services to the user accounts from there. But what if you ...

My Essential Checklist for Settting up any New Windows 10 Pro Device

01. June 2017 Technical 0
This post features the things I do when setting up any (personal) Windows 10 Pro device, whether it’s for myself, my family members, clients, or anyone really. I usually do these things with security / compliance in mind–but some of it comes down to preference (I think the differences between these will be obvious). Let me share ...

How to manage permissions with Active Directory (the right way)

25. May 2017 Technical 0
How do most people use Active Directory groups to manage permissions?  You probably already know the answer: Global security groups. For example, if there is a directory on the file server specifically for “Payroll,” then we normally see folks creating a Global security group that corresponds to “Payroll,” populating that group with the users who ...

5 Tips to Help Tighten your Security Using BIOS/UEFI

18. May 2017 Technical 0
In the olden days of PC’s, BIOS or “Basic Input-Output System” was something only the nerdy computer geeks were aware of, and the typical user never really went in there, or ran any kind of updates for it, unless explicitly instructed to by a support professional. Usually getting into BIOS is achieved by pressing “Delete,” ...

Password best practices

04. May 2017 Business, Technical 0
Some people say passwords are dead. I don’t know if I 100% agree with that, since in actual fact and practice, we still rely on them heavily to secure access to our personal information online. The idea behind these “passwords are dead” sentiments is that a single factor of authentication is no longer “enough” on it’s own. ...

How to enable 2-factor or multi-factor authentication (2FA or MFA)

27. April 2017 Technical 1
Enabling a second factor for authentication is an important (and often very easy) thing to do.  Usually this can be accomplished in just a few clicks for most websites and cloud services. It is highly recommended that you take the time to do this, especially for any accounts that are tied to online banking, financial institutions, and ...

What is Windows Hello, and how to enable it

20. April 2017 Technical 0
Windows 10 introduced a new security feature called “Hello,” which allows a computer to be unlocked via different means than a traditional username/password prompt.  The marketing around this sells it as a more “personalized” login experience–more “human” or whatever. But it’s really just extra security in disguise. Why is a PIN better than a Password? ...

How to enable BitLocker in Windows 10, with or without TPM

13. April 2017 Technical 0
BitLocker used to require an Enterprise or Ultimate copy of Windows 7. These days, it is included with Windows 10 Pro, which many people get OEM with their computer. This is great news, because it means that you will be able to fully encrypt your hard drive, making it much safer in the event of loss ...