Best Practices for Break Glass Accounts
Image Generated by Copilot 🙂 I get a lot of questions around best practices for break glass accounts in Microsoft 365 so wanted to document them in this article. To…
Cybersecurity Insurance | MFA Reporting in Microsoft 365
As cybersecurity insurance continues to evolve, I believe we are going to continue to see stricter requirements in reporting as it relates to common questionnaire topics such as organizations requiring…
What’s New in Microsoft 365 | June Updates
Below are all of the latest feature updates coming to Microsoft 365 Automated Security Assessments mapped to the CIS Controls I am excited to announce the soft-launch of an automated…
Prevent bad actors from maintaining persistence in Microsoft 365
In a previous article, I discussed initial user compromise with cookie hijacking and the subsequent attacks we could see after. This week, I wanted to zoom in on persistence techniques…
How attackers can bypass phishing-resistant MFA | Use these protections!
In previous articles, I’ve talked about how Passkeys are one of the strongest forms of MFA that you could roll out in an organization given that they are considered phishing…
How to Manage Secrets securely in PowerShell | Azure Key Vault
In this guide, we’ll explore how you can leverage Azure Key Vault to securely manage secrets in your single-tenant or multi-tenant PowerShell scripts. This will enable you to securely access…
What’s New in Microsoft 365 | May Updates
Below are all of the latest feature updates coming to Microsoft 365 Editable Versions available If you would like editable versions of this documentation so that you can white-label it…
The strongest form of MFA? | Why your MFA may need an upgrade
MFA methods have evolved greatly over the years to accommodate shifts in the attack surface as well as new attack methods. In this article, I wanted to cover the evolution…
How to secure access on personal devices across your customers
As a general principle, you should always try to institute a strict policy of requiring managed devices to access corporate resources across your customers. You would think selling a customer…
Navigating Microsoft 365 Security Baselines: A Strategic Approach with the CIS Controls
Checklist do not equal compliance One of the major gaps I hear when talking to MSPs about security and compliance is a lack of understanding the “why” behind the security…