Security

One of the main reasons that application governance is often overlooked, as it relates to an organization’s cloud security posture, is because the topic is not fully understood. . However, it is vitally important to understand the fundamentals of Microsoft Entra ID (formerly Azure Active Directory)  – tenants, app registrations, enterprise apps, and consent –…

Advanced password attacks, like brute force and those launched by malicious insiders, are devastating the security of today’s enterprises and cloud services. ADSelfService Plus from ManageEngine can protect web properties from such attacks with multi-factor authentication (MFA). Multi-factor authentication is the best way to protect Active Directory and cloud-based user accounts As the impacts of…

Purple Knight is a free security assessment tool for Microsoft Active Directory that scans the AD environment for indicators of exposure (IOEs) and indicators of compromise (IOCs), provides an overall security score, and offers remediation guidance from identity security experts. This article is sponsored by Semperis. Recently, Petri interviewed several organizations in North America to…

Microsoft Entra ID, formerly Azure Active Directory (AD), is Microsoft’s cloud-native identity management platform. It only takes one compromised Entra ID user account to consent to a rogue app that siphons all the user’s Microsoft 365 data or to take over their mailbox. Business Email Compromise (BEC) amounts to $8 million in losses on a…

Russell explain what multi-factor authentication is and why you should enable it.

Conditional Access is a security feature that allows organizations to control corporate resource access based on certain conditions. Common reasons for utilizing this technology include the enforcement of multifactor authentication (MFA), requiring stronger authentication measures during authentication, and more. Learn more about how to use Conditional Access to protect your data and devices. What is…

An access control list (ACL) is a fundamental component of computer security. ACLs help to control and manage access permissions to organizational resources. In this article, I will explain in detail what an access control list is and how you can use them to secure access to local and networked resources. ACLs are an integral part…

Sjoukje Zaal gives an overview of the different flavors of Azure Active Directory.

Microsoft is planning to make changes to LDAP security settings in Windows Server. In today’s Ask the Admin, I show you how to audit for unsigned LDAP traffic hitting Windows Server Active Directory.