Tag - security

Free Microsoft 365 Security Assessment Tool based on CIS Controls

Note: I have updated this workbook to reflect changes in v8 of the CIS Controls framework. Please see this post for more details. Update: I also offer a course on implementing the CIS Controls. Included with this course is an expanded assessment workbook (to include...
Read more...

Updated! Checklist co-developed with Microsoft: Set up your SMB customers for secure remote working

I had the great pleasure to participate in a webinar today with David Bjurman-Birr (Partner Architect) and Jon Orton (Director of Product Marketing for Microsoft 365 SMB). David and I recently developed a checklist together for Microsoft 365 Business Premium, aimed at helping partners who work in the SMB space...
Read more...

Inventory and Control of Apps within and beyond the perimeter with Microsoft 365

Managing devices is a topic I have probably burnt my readers out on by this point, so it's time we move into the next stage: wrangling all those crazy third-party applications hiding out in your environment! To build up a foundation of good security, we must identify our apps and...
Read more...

Limiting privilege is a process, not an event

In some past blogs I have highlighted the importance of devices in your security, management and compliance journey. Why do I harp on that? Because it is the starting point. The mantra takes various forms, but basically you cannot protect what you cannot see. This applies to devices of course, but...
Read more...

New Updates to the Office 365 Security Checklist and Guide, including Free eBook

With more years comes more wisdom (and more reader feedback helps)! As such, it was time to polish up the guide that kicked off this whole journey. This is a big update, and in a much more consumable format, I think. I am even renaming it to "The NEW Office...
Read more...

Why you should take a real hard look at upgrading from Office 365 to Microsoft 365 this year

Readers of this blog are probably already familiar with the differences between Office 365 and Microsoft 365 plans. But I still run into plenty of folks out there who think these are the same thing, or who believe this is for "cloud only" customers, and there are still others who...
Read more...

2020 Edition of the Recommended Conditional access policy design guide is available now

I just finished updating the Conditional access design guide, part of the Microsoft 365 Best practices checklists. The new updates reflect some carefully considered feedback from my clients (real-world scenarios), as well as some new additions and...
Read more...

From Ignite 2019: Office 365 ATP Best Practices Analyzer, and other actions MS is taking to democratize security

I haven't had time to write an overall review of Ignite and all the various announcements that were made. And honestly, I might just skip that because there are so many others out there doing the same. They probably did an even do a better job than I would. So...
Read more...

Helping IT Consultants Succeed in the Microsoft Cloud

Have a Question? Contact me today.