security

Updated Intune Scripts and a Security Profile for the SMB

Updated Intune Scripts and a Security Profile for the SMB

Some years ago, Microsoft published a repo on GitHub describing how to use PowerShell to interact with the Microsoft Graph and create/manipulate objects within Intune. This was soon followed by another project, where they published three "Security profiles" as pictured below: Image credit: Microsoft Most of the configurations required...
Read more...
Turn your MFA up to 11

But have you turned multifactor authentication ALL the way on?

Do you remember just a short time ago, Microsoft would claim that switching on Multi-factor Authentication (MFA) prevents 99.9% of identity-based attacks? Well, the times they are a-changin. I do not know what they would report today for a percentage of attacks which are thwarted by MFA alone, but...
Read more...
Unboxing MDB, part 3: ASR rules

Unboxing Defender for Business, Part 3: Attack Surface Reduction rules

If you haven't been following this series, let me catch you up. First, understand that Microsoft recently made a huge announcement: their enterprise-class endpoint security solution, known as Microsoft Defender for Endpoint, has been re-packaged and released for the SMB (and included in the popular Microsoft 365 Business Premium SKU)...
Read more...
Introducing Microsoft Defender for Business: you heard that right... it's *included* with Business Premium

Introducing Microsoft Defender for Business: you heard that right… it’s *included* with Business Premium

Remember a couple of months ago when Microsoft announced Microsoft Defender for Endpoint P1? Many critical eyes in the community quickly pointed out that Business Premium customers were apparently left out to dry, even though the SMB is where we need the most help when it...
Read more...
Announcing the Microsoft 365 SMB Data Protection Toolkit

Announcing the Microsoft 365 SMB Data Protection Toolkit

Update March 2023: This product has been updated significantly, and renamed too. It is now called The SMB Guide to Data Protection and Microsoft Purview in Microsoft 365 Business Premium Plans. It still contains the written guide as well as supporting materials such as scripts and templates to help you...
Read more...
There is no panacea, there is no silver bullet

There is no panacea, there is no silver bullet

I had a really interesting question come up during one of my recent online courses. One of the participants asked whether device management, and even MAM (application-based management) were necessary anymore, now that we have stuff like MIP and
Read more...

The realities and limitations of managing personal (BYOD) devices in Microsoft 365 and Endpoint Manager

These days, I am willing to bet that I get asked about BYOD endpoints over corporate endpoints 10 to 1. Personal devices (even personal Windows devices) are creeping into the workplace more and more, especially with so many working from home. And this does present a few challenges for those...
Read more...

Why aren’t you charging your customers to take care of Microsoft 365?

This is a simple question. The way I see it, there are many opportunities to provide Managed Services for SMB customers with regard to their Microsoft 365 subscriptions. Yet to this day, hardly anyone is doing it. Why? I suspect some folks have difficulty...
Read more...

How much security is ‘enough’ security? Looking at Microsoft 365 Defender vs. Azure Sentinel

How much security is 'enough' security? This is in fact a trick question, I just threw it in there to get your attention. When it comes to security, one can never be 'safe,' but only 'safer' (even with the most expensive of cybersecurity tools and talented, dedicated humans to back...
Read more...

Helping IT Consultants Succeed in the Microsoft Cloud

Have a Question? Contact me today.