Last Update: Jul 09, 2026
Microsoft 365’s new Baseline Security Mode is an opt-in, secure-by-default bundle of 18 configuration settings across authentication, files, and room devices, exposed in Org settings → Security & privacy. It’s a better attempt at secure-by-default than Security Essentials. But this convenience hides some judgment calls you can’t outsource to a wizard. Don’t get me wrong…
Last Update: Jul 01, 2026
You quoted finance $35,000. Then you found 400 archive mailboxes you hadn’t scoped, a handful of Litigation Holds, and a coexistence window that stretched from two weeks to six. Now you’re back in front of leadership explaining why the number moved. Most Exchange migrations don’t go over budget because the tools are expensive but because…
Microsoft’s desktop virtualization ecosystem is a cornerstone of modern IT infrastructure, allowing organizations to deliver secure and scalable access to applications and desktops. However, the terminology surrounding this ecosystem – Remote Desktop, Remote Desktop Services (RDS), Azure Virtual Desktop (AVD), and Virtual Desktop Infrastructure (VDI) – can sometimes be confusing, even for seasoned IT professionals….
If your Windows PCs or servers are running low on storage and you cannot tell what is actually consuming the space, WinDirStat is one of the easiest tools to use. It scans a drive or folder and shows the results as a directory list, file type breakdown, and visual treemap, making it easier to spot…
AD site topology is the way Active Directory (AD) models your physical network using sites, subnets, and site links. It helps clients find nearby domain controllers and helps replication follow efficient network paths. But the most common Active Directory performance problems are caused by bad site topology, not AD itself. In many environments, administrators spend…
Hybrid IT has become the default operating model for most organizations. Not by design, but through years of incremental decisions driven by business needs. In a recent Petri Dish interview, Brad Cline, Vice President of IT Operations at SolarWinds, shared a frontline perspective on how infrastructure complexity emerged, why it continues to grow, and how…
Implementing passkeys in Microsoft Entra is far more than simply enabling a new authentication method. A successful passkey rollout requires careful planning and coordination. One of the most important aspects of a passkey deployment is using Conditional Access to enforce their use. This article isn’t about how to turn passkeys on but about what tends…
Last Update: Jul 01, 2026
A 2026 Forbes article reported that the previous year’s credential-theft wave exposed 2.86 billion compromised credentials, with infostealers tied to roughly 3.9 million infected machines and 347.5 million stolen logins; business cloud and authentication services accounted for more than 30% of targeted data, while sensitive corporate access points such as Active Directory/ADFS and RDP frequently…
Last Update: Jul 09, 2026
Microsoft is increasingly making security‑critical decisions on behalf of organizations and not through policy, but through defaults. The “Require compliant device or hybrid-joined device” Conditional Access template is one of the clearest examples of security without a rulebook. The no-brainer policy that gets complicated fast Microsoft’s Require compliant or hybrid-joined device Conditional Access (CA) template seems like…
It isn’t hard to guess why Microsoft Intune is a common first choice for Windows device management. For enterprises already using Microsoft 365 and Entra ID, it offered a logical way to extend modern management to Windows devices while keeping administration aligned with the broader Microsoft ecosystem. But as device estates grow and operational demands…