Everywhere you look, people are hawking various security products. The struggle for many is first, knowing what will work best for their environment and next, what fits in the budget. Throwing a ton of money and products at the issue should help harden the world, but most places lack that financial means and furthermore lack [...]
With the adoption of MFA (multi-factor authentication) ramping up significantly to help thwart BEC (Business Email Compromise), some people have noticed that the end-user experience isn’t quite what they expected when using their PC. They aren’t getting prompted the first time each day they use their browser for Office 365, or even when their password [...]
I frequently reference a conversation I had with a client a while back. It went something like this: Client: I thought we had redundant firewalls! Why are we down?!? Me: You do have redundant firewalls, and it has worked great for the past 9 months while one of the units was failed. However, the second [...]
As mentioned in a few of my previous blogs, periodic review of settings, available options and logs can help protect or identify possible issues in your world. We offer a couple of solutions that help tackle these items for Office 365. The Security Health Check for Office 365 is a “one-time” review of several key [...]
A frequent topic of my blogs is the need to confirm that what you did 6 months ago is still valid today. While there are improved methods for protecting your domain from being spoofed (such as DKIM/DMARC), one of the core methods is using the Sender Policy Framework (SPF) record. This DNS record essentially defines [...]
Microsoft keeps adding and enhancing features in Office 365 and Azure which help simplify and reduce the dependency of on-premises resources. A few recent enhancements have made it possible to replace ADFS in many of our client’s environments. There are a number of other features to take advantage of such as conditional access, risk-based authentication, and Azure AD Application Proxy.
Were you an early adopter of Windows 10? Are you wondering why you’re not receiving security updates anymore? This issue is related to the Windows Lifecycle, and Windows 10 is a bit different due to the frequency at which releases are occurring. Windows 10 “RTM” (version 1507, build 10240) had its last round of security [...]
We’ll continue the conversation about what else to make sure you have on your radar after you moved resources to Azure. In part 1, we talked about AD Sites & Services and Backup & DR planning. In this part, we’ll touch on protecting resources in Azure. Network Firewalls If you deploy a virtual machine in [...]
We’ve been assisting a lot of clients as they move some or all workloads up to Azure. They’re taking advantage of the improved security and availability being offered by those services. But as they are moving things up to Azure, sometimes they are forgetting a few basic things. These are some of the things that [...]
Microsoft is constantly adding more features to their product offering. Some are to enable features & capabilities to your end users, while some are to help admins secure and audit their environment. I know when organizations were first starting to embrace Office 365, some admins were concerned about job security. However, I always have looked [...]
