An access control list (ACL) is a fundamental component of computer security. ACLs help to control and manage access permissions to organizational resources. In this article, I will explain in detail what an access control list is and how you can use them to secure access to local and networked resources. ACLs are an integral part...
Last Update: Feb 07, 2024
Sjoukje Zaal gives an overview of the different flavors of Azure Active Directory.
Last Update: Jan 30, 2024
Microsoft is planning to make changes to LDAP security settings in Windows Server. In today’s Ask the Admin, I show you how to audit for unsigned LDAP traffic hitting Windows Server Active Directory.
Last Update: Jan 30, 2024
In this guide about Active Directory security, we’re going to detail five steps that IT admins need to follow to secure Active Directory environments in an organization. There are many best practices you’ll need to be familiar with to ensure Active Directory security, including restricting the use of privileged accounts, monitoring Windows Event Log for…
Last Update: Jan 08, 2024
This short guide will provide a top-level overview of the crucial Azure cloud security controls and best practices to be aware of. The highlighted suggestions will provide you with options worth considering for deployment across your estate to strengthen your security posture and mitigate the evolving number and severity of cloud-based threats and risks that…
Last Update: Dec 19, 2023
Microsoft has detailed its efforts to enable phishing-resistant authentication methods for organizations. The company is implementing several security features, including device-bound passkeys, FIDO2 support for iOS and macOS apps, and Certificate-Based Authentication updates, to enhance the overall protection for all Entra ID customers. Microsoft has announced that it will soon introduce a new feature for…
Last Update: Dec 08, 2023
PowerShell is considered secure by default due to various design principles and features that Microsoft incorporated into its architecture. These measures aim to ensure that PowerShell provides a robust, yet safe, scripting environment for system administration tasks. One feature of PowerShell that contributes to this are known as execution policies, which can be set using…
Last Update: Nov 10, 2023
One of the main reasons that application governance is often overlooked, as it relates to an organization’s cloud security posture, is because the topic is not fully understood. . However, it is vitally important to understand the fundamentals of Microsoft Entra ID (formerly Azure Active Directory) – tenants, app registrations, enterprise apps, and consent –…
Last Update: Nov 09, 2023
Microsoft Entra ID, formerly Azure Active Directory (AD), is Microsoft’s cloud-native identity management platform. It only takes one compromised Entra ID user account to consent to a rogue app that siphons all the user’s Microsoft 365 data or to take over their mailbox. Business Email Compromise (BEC) amounts to $8 million in losses on a…
Microsoft has announced that enterprise IoT (eIoT) security capabilities are now available for organizations with Microsoft 365 E5/E5 security subscriptions. This release makes it easier for enterprise customers to monitor unmanaged enterprise IoT devices, detect anomalies, and improve security posture. Enterprise IoT (eIoT) security offers visibility and security for internet-connected devices and networks in business…