Getting started with email security in Microsoft 365 | Phishing protections
The Nigerian price scam is probably one of the most well known phishing emails out there today but all memes aside, over 90% of all cyberattacks begin with phishing. In…
How to Protect against Token Theft | Conditional Access
In today’s digital age, cyberattacks are constantly evolving, and one of the fastest-growing threats in the Microsoft 365 ecosystem is token theft, also known as token replay attacks. This attack…
Level up your cybersecurity assessments with this framework
I’ve spoken to countless MSPs looking to elevate their security game and provide a stronger offering for their clients. Yet, many find themselves stuck—unsure where to begin or what roadmap…
Automate Travel Request in Microsoft 365 | Secure Travel
Many of us have set up a geo-blocking conditional access policy to prevent sign ins from unapproved countries. If you haven’t already, look to implement this as it gives you…
Manage Local Admin Accounts Securely | Top Tips
In today’s digital landscape, securing local admin accounts is paramount. Mismanagement of these accounts can lead to severe security breaches, compromising sensitive data and systems. What are your standards when…
Share Documents Securely | SharePoint
Securing SharePoint Online is a multi-layered approach and can get highly complex due to the nature of permissions. I would say most of the settings in SharePoint online are not…
Cybersecurity Insurance | MFA Reporting in Microsoft 365
As cybersecurity insurance continues to evolve, I believe we are going to continue to see stricter requirements in reporting as it relates to common questionnaire topics such as organizations requiring…
Prevent bad actors from maintaining persistence in Microsoft 365
In a previous article, I discussed initial user compromise with cookie hijacking and the subsequent attacks we could see after. This week, I wanted to zoom in on persistence techniques…
How attackers can bypass phishing-resistant MFA | Use these protections!
In previous articles, I’ve talked about how Passkeys are one of the strongest forms of MFA that you could roll out in an organization given that they are considered phishing…
The strongest form of MFA? | Why your MFA may need an upgrade
MFA methods have evolved greatly over the years to accommodate shifts in the attack surface as well as new attack methods. In this article, I wanted to cover the evolution…