Security

In this guide about Active Directory security, we’re going to detail five steps that IT admins need to follow to secure Active Directory environments in an organization. There are many best practices you’ll need to be familiar with to ensure Active Directory security, including restricting the use of privileged accounts, monitoring Windows Event Log for…

This short guide will provide a top-level overview of the crucial Azure cloud security controls and best practices to be aware of. The highlighted suggestions will provide you with options worth considering for deployment across your estate to strengthen your security posture and mitigate the evolving number and severity of cloud-based threats and risks that…

Microsoft has detailed its efforts to enable phishing-resistant authentication methods for organizations. The company is implementing several security features, including device-bound passkeys, FIDO2 support for iOS and macOS apps, and Certificate-Based Authentication updates, to enhance the overall protection for all Entra ID customers. Microsoft has announced that it will soon introduce a new feature for…

PowerShell is considered secure by default due to various design principles and features that Microsoft incorporated into its architecture. These measures aim to ensure that PowerShell provides a robust, yet safe, scripting environment for system administration tasks. One feature of PowerShell that contributes to this are known as execution policies, which can be set using…

Microsoft has announced that enterprise IoT (eIoT) security capabilities are now available for organizations with Microsoft 365 E5/E5 security subscriptions. This release makes it easier for enterprise customers to monitor unmanaged enterprise IoT devices, detect anomalies, and improve security posture. Enterprise IoT (eIoT) security offers visibility and security for internet-connected devices and networks in business…

Nudge Security provides a simple and easy to implement solution to a challenging problem for organizations managing compliance, security, and governance of third-party cloud apps and services. Its simplicity encourages governed use of SaaS apps and the ability to monitor new apps and user signups. Nudge Security is a powerful alternative to complex products like…

In this article, I look at Azure VMware Solution, a Microsoft virtual machine (VM) service, verified by VMware, that runs on Microsoft Azure infrastructure. And specifically, how you can add a second layer of encryption to your datastore and ensure Microsoft cannot read or write any data within your private cloud. Data security is a…

Security researchers have discovered that hackers are now employing a new zero-point font obfuscation technique to target Microsoft Outlook users. Unlike traditional phishing emails that try to evade automated detection, this novel approach aims to deceive recipients by making emails appear more trustworthy. In a recent report published by the SANS Internet Storm Center, cybersecurity…

Russell shows you how to audit access to LAPS passwords in Active Directory and how to establish a process for managing access to local administrator passwords.

Microsoft announced September 25th on its Security blog that Azure Sentinel has reached general availability. Based on Azure Monitor Log Analytics, Sentinel adds a cloud-native Security Information and Event Management (SIEM) solution to Azure’s already long list of services.