24Nov2023
31Jan2023
A friendly reminder about least privilege access and other simple stuff
I just spent an exhausting 36 or so hours helping a customer out of a really bad situation. Well, technically they aren't out of the woods yet, but things are clearing up anyway. And I am at the point now where I exit, handing off the bulk of remaining tasks...
19Aug2022
Reader Question: How can I set up a “Deny-by-Default” Conditional Access Policy?
It has been a while since I took a question from a reader and turned it into a blog post. It is one of my favorite things to do here on ITProMentor, but the “busy-ness” of life has taken me away from the keyboard a lot in recent months. Now...
16Jun2022
Selling the Digital Transformation Journey: Security & Compliance
When I talk to customers about their Digital Transformation Journey, I always like to give them the "10,000 foot view" so to speak. I suggest that we explore two different angles or "big pictures" in order to paint an image that customers can then imagine themselves into. The first picture...
09Mar2022
Unboxing Microsoft Defender for Business, Part 4: Integration with MEM and Conditional Access
Welcome back to this series! Microsoft Defender for Business (MDB) is a huge product with lots of ground to cover. So far we have discussed the Simplified configuration process, Threat & Vulnerability Management, and Attack Surface Reduction Rules. Since we began our series an exciting thing has happened: MDB has been...
01Feb2022
Unboxing Defender for Business, Part 2: Threat & Vulnerability Management
Last time we looked at how to get started with Microsoft Defender for Business and the so-called "Simplified configuration process," which helped us onboard our first Windows devices and apply basic policies to manage antivirus and firewall settings across the organization. In this blog post, we will ask the question:...
30Jul2021
The three opportunities for MSP’s moving forward
The writing has been on the wall a while now; with a mass exodus to cloud services such as Microsoft 365 from traditional on-premises infrastructure, it was only a matter of time before those selling MSP services had to either evolve or die off. And with recent high-profile attacks against...
09Jul2021
Fast and Free Incident Response Tools in Microsoft 365
As part of the SquareOne Summer Security Series, our group recently explored the topic of Incident Response in Microsoft 365. This was a very well-received course, and I felt a blog post was in order to cover off on some of the important content from that segment, which I think...
20May2021
Updates to the CIS Controls and Free Microsoft 365 Assessment Workbook
I know my community is already familiar with the CIS Critical Security Controls, as well as the free assessment workbook that I adapted from AuditScripts to apply to Microsoft 365 environments. This week, the Center for Internet Security released updates to the framework (we are now on v8). You can...
16Apr2021