Tag - security

No more excuses: 5 Tips & tricks to make Office 365 MFA easier on people

As I'm sure you are aware by now, Multi-factor Authentication reduces your risk of identity compromise by 99.9%. Requiring so called "strong passwords," by contrast, doesn't make that much difference at the end of the day. And yet, we're still beneath 10% of even just admin accounts in Azure AD...
Read more...

Removing local admin: a game of compromise (and some tips and tricks)

Look, I am a realist. Yes: from a security perspective it would be ideal if we could take away local admin privileges on every corporate owned Windows 10 workstation. But that still isn't very easy to do for many organizations. Some orgs do need to maintain a bit more flexibility, with...
Read more...

Introducing the Windows 10 Business Secure Configuration Framework

Update March 2023: This publication has been updated significantly and renamed as well. It is now called The SMB Guide to Threat Defense and Microsoft Defender in Microsoft 365 Business Premium Plans. This guide describes implementation of Microsoft Defender for Office 365 as well as Microsoft Defender for Business, and...
Read more...

Devices still matter, Part 2: How attackers can use YOUR device

So based on our last post, we now know that MFA and Conditional Access can help prevent a lot of different scenarios involving "any old" devices. That leaves one other avenue for attackers then... Why bother trying to gain new access through any device when there are perfectly...
Read more...

Devices still matter, Part 1: Why you need a device management strategy

The Center for Internet Security (CIS) publishes 20 controls in their cyber-security framework. If you want to understand what good management looks like, then start here. The first six controls are considered the "basics"--the first and most important steps that any organization should be taking as they work to secure...
Read more...

Revisiting Baseline Policies in Microsoft 365

Microsoft has been doing more to make secure configurations easier to implement for admins. But, from my testing and experience, I still have reservations about some of them. Let's review. Conditional Access Baseline Policies There are presently four baseline policies available under Azure AD > Security > Conditional Access. Require MFA for admins...
Read more...

How to prevent users from circumventing MAM by going through OWA on mobile devices

One of my smart co-workers pointed out that my Conditional access baseline policies, as written, actually leave open the possibility that users could simply use OWA on their mobile devices, instead of using the Outlook app. And that means a user could bypass your protections such as encryption of app data,...
Read more...

Poser alert: Do you think this may be leveraged for Social engineering? Or what…?

Interesting thing appeared in my WordPress comments over the weekend: it appears that someone lifted content from my blog and re-posted it as their own. Why or how WordPress picked up on this and alerted me via my comments is unknown at this time (maybe some WordPress geeks out there...
Read more...

Updated: Exchange Online baseline / best practices scripts

I recently updated the scripts that I use to provision new Exchange Online tenants and configure them according to best practices, and I just uploaded these edits to GitHub. The main script is Baseline-ExchangeOnline.ps1--this is like a "master" script that contains almost all of the others (with a couple of...
Read more...

Helping IT Consultants Succeed in the Microsoft Cloud

Have a Question? Contact me today.