Security

Datacenter networking servers

What Is an Access Control List (ACL)?

An access control list (ACL) is a fundamental component of computer security. ACLs help to control and manage access permissions to organizational resources. In this article, I will explain in detail what an access control list is and how you can use them to secure access to local and networked resources. ACLs are an integral part...

LATEST

Security hero image

Azure Active Directory Flavors

Last Update: Feb 07, 2024

Sjoukje Zaal gives an overview of the different flavors of Azure Active Directory.

View Article
Cloud Computing

How to Audit LDAP Signing in an Active Directory Domain

Last Update: Jan 30, 2024

Microsoft is planning to make changes to LDAP security settings in Windows Server. In today’s Ask the Admin, I show you how to audit for unsigned LDAP traffic hitting Windows Server Active Directory.

View Article
Security hero image

Active Directory Security – 5 Steps to Secure AD

Last Update: Jan 30, 2024

In this guide about Active Directory security, we’re going to detail five steps that IT admins need to follow to secure Active Directory environments in an organization. There are many best practices you’ll need to be familiar with to ensure Active Directory security, including restricting the use of privileged accounts, monitoring Windows Event Log for…

View Article
Azure Cloud Hero

Top Azure Cloud Security Controls to Understand

Last Update: Jan 08, 2024

This short guide will provide a top-level overview of the crucial Azure cloud security controls and best practices to be aware of. The highlighted suggestions will provide you with options worth considering for deployment across your estate to strengthen your security posture and mitigate the evolving number and severity of cloud-based threats and risks that…

View Article
microsoft security hero approved

Microsoft Details FIDO2 Security and Certificate-Based Authentication Updates

Last Update: Dec 19, 2023

Microsoft has detailed its efforts to enable phishing-resistant authentication methods for organizations. The company is implementing several security features, including device-bound passkeys, FIDO2 support for iOS and macOS apps, and Certificate-Based Authentication updates, to enhance the overall protection for all Entra ID customers. Microsoft has announced that it will soon introduce a new feature for…

View Article
PowerShell

Set-ExecutionPolicy – Mastering PowerShell Execution Policy

Last Update: Dec 08, 2023

PowerShell is considered secure by default due to various design principles and features that Microsoft incorporated into its architecture. These measures aim to ensure that PowerShell provides a robust, yet safe, scripting environment for system administration tasks. One feature of PowerShell that contributes to this are known as execution policies, which can be set using…

View Article
Azure Cloud Hero

Microsoft Entra ID App Registration and Enterprise App Security Explained

Last Update: Nov 10, 2023

One of the main reasons that application governance is often overlooked, as it relates to an organization’s cloud security posture, is because the topic is not fully understood. . However, it is vitally important to understand the fundamentals of Microsoft Entra ID (formerly Azure Active Directory)  – tenants, app registrations, enterprise apps, and consent –…

View Article
Security

How to Properly Secure and Govern Microsoft Entra ID Apps

Last Update: Nov 09, 2023

Microsoft Entra ID, formerly Azure Active Directory (AD), is Microsoft’s cloud-native identity management platform. It only takes one compromised Entra ID user account to consent to a rogue app that siphons all the user’s Microsoft 365 data or to take over their mailbox. Business Email Compromise (BEC) amounts to $8 million in losses on a…

View Article
Security

Microsoft Expands Protection: Enterprise IoT Security Now Part of Microsoft 365 E5 and E5 Security Plans

Microsoft has announced that enterprise IoT (eIoT) security capabilities are now available for organizations with Microsoft 365 E5/E5 security subscriptions. This release makes it easier for enterprise customers to monitor unmanaged enterprise IoT devices, detect anomalies, and improve security posture. Enterprise IoT (eIoT) security offers visibility and security for internet-connected devices and networks in business…

View Article
Go to page