By leveraging Privileged Access Management as part of your organization’s layered security strategy, you can effectively eliminate any bad actor’s ability to move laterally, access data and resources, and pretty much do anything malicious on your network. In this eBook we will help you to define what “privileged” means for your organization and understand how a PAM solution can help you get control over your privileged credentials and significantly enhance your security.

In this book, you will learn about:

• How the threatscape has changed and why privileged accounts are vital to hackers.

• What Privileged Access Management is and how it can protect your privileged accounts.

• How to define and discover the privileged accounts in your organization’s networks.

Conversational Geek - Conversational Privileged Access Management

Read More

The value proposition for the services in the EM+S E5 suite does not seem like it has been convincing to customers for a while now. Over the last year or so, Microsoft has been putting a lot of work into the Defender services to improve that value proposition, and to provide a better technical security solution for Microsoft 365 customers.

In the last year or so Microsoft has rebranded and reorganized the Defender applications into Defender for Cloud Apps, Defender for Office 365, Defender for Endpoint, and Defender for Identity. While those four services are a good start, there are still gaps in the protection they provide.

To that end, Microsoft has added a new product in public preview to the Defender Suite, Microsoft Defender Vulnerability Management (DVM). DVM is targeted at improving vulnerability management in the following areas:

Read More

One situation I see often with customers is the desire to control and monitor file downloads from the cloud. For most organizations in most industries, it’s important to control your organization's data, and that data is often contained in files. The proprietary nature of information in files makes them very valuable to many organizations, and thusly important to control.

In this blog post, I’m going to start looking at the features that Microsoft Defender for Cloud Apps has available to help your organization better control and monitor file downloads.

Read More

Microsoft 365, formally Office 365, is maturing. It has been more than 10 years since the launch of Office 365, and the type of migrations I see as a consultant are changing.

10 years ago, I was doing migrations into Exchange Online one after another. Office 365 started off as a place to put your email with maybe some limited SharePoint and Skype for Business services attached. As Office 365 matured into Microsoft 365 with much more functionality from SharePoint Online, Teams, added services like Endpoint Management (Formerly Intune), a whole host of security and compliance tools, the sort of projects I have been doing has evolved.

Now a fair amount of the migrations I am doing involve tenant consolidations and splits. Companies and other organizations that use Microsoft 365 are subject to all the standard economic forces that cause legal entities to realign themselves. These organizational changes mean that more and more organizations need ways to collaborate between separate Microsoft 365 tenants. Those organizational consolidations and splits often require a higher level of cross-tenant access between tenants either before or after the tenant migrations, but Microsoft 365 is just not built to support this kind of cross tenant collaboration.

Read More

Recently I’ve been doing a lot of work to secure Microsoft 365 tenants and the data stored within them. To that end, I have been doing a bit of work with Microsoft defender for Cloud Apps, and the protections it provides.

With the end of the 2020 pandemic insight (maybe?), people are returning to offices around the world. That being said, we can expect that “the new normal” will include a lot of people either working hybrid office schedules or in permanent work-from-home roles. These changing workplace landscapes mean that organizations need to be more careful about managing the data stored in their Microsoft 365 tenants.

Read More

Formerly known as “Cloud App Security”, Microsoft Defender for Cloud Apps is a Cloud Access Security Broker (CASB) that is part of the Microsoft 365 Defender suite of products. Defender for Cloud Apps (DCA) is built to help IT departments control the data that their organizations have hosted in multiple cloud services including but not limited to Office 365.

In this blog post, I’m going to look at DCA and what it does. I’ll explore how to use it, and what it can do to help make your organization more secure.

Read More

On-premises Exchange servers are still a thing, and with future versions of Exchange coming on-premises we can assume they still will be for some time to come and on-premises Exchange monitoring is recommended. If your organization still runs on-premises Exchange servers, then Datacenter Activation Coordination (DAC) is a feature you need to understand.

According to Microsoft DAC mode is " used to control the database mount on startup behavior of a DAG. This control is designed to prevent split brain from occurring at the database level during a datacenter switchback. Split brain, also known as split brain syndrome, is a condition that results in a database being mounted as an active copy on two members of the same DAG that are unable to communicate with one another. Split brain is prevented using DAC mode, because DAC mode requires DAG members to obtain permission to mount databases before they can be mounted."

In this blog post I will explain what DAC mode is, how it works, and how it should be used for on-premises Exchange deployments.

Read More

Lightweight Directory Access Protocol (LDAP) is a directory service protocol that is used to search for information within your Active Directory and a useful tool that can better assist you with Active Directory Monitoring. LDAP is used to search your active directory for information about users, computers, and groups within your Active Directory database. LDAP queries can be run from multiple different tools including PowerShell, ldapsearch, VB Scripts, and the saved queries feature in Active Directory Users and Computers.

In this blog post, we are going to talk about what LDAP queries are, how they work, and how you can ensure that your Active Directory is properly setup to support the quickest and most accurate LDAP queries possible. We will also cover some of the troubleshooting steps you can take when you find your getting slow results with LDAP queries in your Active Directory.

Read More

I imagine that about a week after the first customer was on-boarded into Office 365 they decided that they needed to do a tenant-to-tenant migration. While that is probably not how it went, I suspect I am not too far-off reality with that one.

There are many reasons why an Office 365 customer may need to move some or all users to a new Office 365 tenant. In my experience the most common reason organizations need to do tenant to tenant migrations is because of mergers, acquisitions, or divestitures. These are complicated migrations for a whole bunch of reasons that have nothing to do with the technology of Office 365. I am not a corporate lawyer, so I am not here to address all the legal and political challenges of these migrations. What I can do is talk about the new tools that Microsoft is making available within Office 365 to help with these migrations.

Microsoft first talked about mailbox tenant to tenant migration tools at Ignite 2017. The tool is now available as a public preview. Great progress, but there is a long way to go.

Read More

The following blog post is a paid review for FileWall expressing the opinion of the author.

FileWall is a 3rd party Cloud Email Security solution for Exchange Online. In general, I am not a huge fan of adding 3rd party solutions into Exchange Online for several reasons…

First, Microsoft does a decent job of virus protection for your mailboxes within Office 365, and that protection is included in the licensing fee for every mailbox. Exchange Online Protection (EOP) is not a flawless system, but I find it to be adequate for most mailboxes in most circumstances. I do find that some customers do not trust Microsoft anti-virus protection, and probably never will. I am not sure if that lack of trust is justified or not, and that is not really the point here.

Read More

IT departments in organizations of all sizes can expect to be moving resources to one cloud or another in the very near future. This is becoming a fact that all IT professionals are going to need to deal with in the coming years.

One factor that can impact the success of migrations to cloud services is the overall health and preparedness of your on-premises Active Directory. In my experience this is a step that many organizations overlook in their move to cloud resources.

In this blog post, we are going to look at some of the steps an organization can take to prepare an on-premises Active Directory forest before moving resources to the Microsoft cloud. I assume many of these steps will also be relevant for migration to other cloud services, but my focus here is going to be Microsoft cloud services.

Read More

This blog post is part 3 in a series. If you have not seen parts 1 and 2, you should go back and read those first.

Now we are really on that ladder! For me, MFA should be the default level of security for all Azure AD accounts as I stated in the last post in this series. Now we are getting into “advanced” features that you should consider. The rest of the features we will talk about in this series are going to require high license levels, and more administrative work to implement and maintain. Many accounts in many organizations may not need the higher levels of protection that we will talk about from this point forward.

Read More

There really are a lot of features within Azure Active Directory that are there to secure you authentication. Makes sense that Microsoft would invest heavily in security, but I think a lot of IT professionals do not take the time to think of authentication deeply enough, I know I have been guilty of that.

This “Climbing the Auth Ladder” series of blog posts I am doing is my attempt to rectify that, at least for myself.

Rung 1 on the Azure AD auth ladder is Multi-Factor Authentication, so that is where this blog post is going to focus.

Read More