Microsoft is replacing confusing monitor agent army (several different agents) with a new one that is going to replace all current ones. New agent is called Azure Monitor Agent and shorter abbreviation is AMA. When you install AMA, the biggest change is that it is not anymore separately installable .msi Read more…
TL;DR; Easiest way to really secure your Break the Glass account is use FIDO2 security key and store the key in the physical safe. Having way to login to Azure AD management plane after configuration mistake or during technical hiccup is something that every organization should address and plan. Creating Read more…
Best way to prevent password leaks is to go passwordless Social engineering and technical tweaks compromise credentials every day. There have been methods to overcome these problems but they were too complicated for larger adoption until now. Does somebody remember the rise of smartcards? I do and I’m happy that Read more…
Executive summary: Do you lock your datacenter with old and poorly protected keys eg. Abloy Classic? Yup, me neither. You need to start enforcing multifactor authentication for privileged actions and/or accounts. Like yesterday. The Problem Protecting admin interfaces is crucial as we know that if someone gets to stand next Read more…
There has been a possibility to back up your Microsoft Authenticator’s multi-factor authentication accounts to iCloud for a long time. All Android users have been waiting this feature since it was published to the iOS-devices. Today my Android got a new version of Microsoft Authenticator that includes also the cloud Read more…
Once upon a time (not so long ago) Data Loss Prevention (DLP) was a feature in Exchange and Exchange Online and would only affect mail flow. Nowadays the same technology has been transferred upwards one layer and is now part of Office 365 Security & Compliance center and deployable to Read more…
Introduction In my previous post regarding planning of Conditional Access in your organization I wanted you to understand the different aspects of the policies. I would like also recommend you to read my dear colleague’s post about Conditional Access generally and for what kind of threats it will protect you Read more…
Identity thefts have been the hot topic in Microsoft 365 services during the end half of the year 2018. We have seen many customers affected with identity breaching. Here is an overview on how these breaches happen, why you need to protect your indetities and principles on how to do Read more…
Introduction Conditional Access is a powerful tool in many ways. You could easily create a chaos playing around with it and not fully understanding the consequences. This series is more of a technical approach to implementing your Conditional Access policies so please read Matti’s post about securing the cloud identities Read more…