Prevent bad actors from maintaining persistence in Microsoft 365
In a previous article, I discussed initial user compromise with cookie hijacking and the subsequent attacks we could see after. This week, I wanted to zoom in on persistence techniques…
How attackers can bypass phishing-resistant MFA | Use these protections!
In previous articles, I’ve talked about how Passkeys are one of the strongest forms of MFA that you could roll out in an organization given that they are considered phishing…
How to Manage Secrets securely in PowerShell | Azure Key Vault
In this guide, we’ll explore how you can leverage Azure Key Vault to securely manage secrets in your single-tenant or multi-tenant PowerShell scripts. This will enable you to securely access…
What’s New in Microsoft 365 | May Updates
Below are all of the latest feature updates coming to Microsoft 365 Editable Versions available If you would like editable versions of this documentation so that you can white-label it…
The strongest form of MFA? | Why your MFA may need an upgrade
MFA methods have evolved greatly over the years to accommodate shifts in the attack surface as well as new attack methods. In this article, I wanted to cover the evolution…
How to secure access on personal devices across your customers
As a general principle, you should always try to institute a strict policy of requiring managed devices to access corporate resources across your customers. You would think selling a customer…
Navigating Microsoft 365 Security Baselines: A Strategic Approach with the CIS Controls
Checklist do not equal compliance One of the major gaps I hear when talking to MSPs about security and compliance is a lack of understanding the “why” behind the security…
What’s New in Microsoft 365 | April Updates
Below are all of the latest feature updates coming to Microsoft 365 Editable Versions available If you would like editable versions of this documentation so that you can white-label it…
Is Teams no longer part of my Microsoft 365 licensing? | Licensing Update
In April 2024, Microsoft announced it was looking to standardize its licensing model for Teams to align with the changes made in October 2023 for the European Economic Area (EEA)…
Your Conditional Access Policies Suck
For most of us out there, conditional access is something we still either struggle with or have extreme inconsistencies when it comes to implementing policies across our customer environments. I…