Microsoft Office 365 Automated

Azure AD Connect Installation Strategies

If organizations don’t properly plan the synchronization solution for their cloud identities, which Microsoft calls Azure AD Connect, users…

Where to Host Active Directory FSMO Roles

The size and complexity of the organization are critical factors when determining how and where to host FSMO roles.

4 Essential Practices for Automating the Termination of Hybrid Users

When an identity from Active Directory (AD) is synchronized with a cloud-based identity platform such as Azure AD, those identities are…

Components of a PKI, Part 5: Hardware Security Modules

Not all organizations require their own PKI solution; however, most leverage Microsoft Active Directory Certificate Services because it…

Components of a PKI, Part 4: Active Directory Certificate Services

Not all organizations require their own PKI solution; however, most leverage Microsoft Active Directory Certificate Services because it…

Components of a PKI, Part 3: Certificate Revocation

One important function of Certificate Authorities that’s mentioned briefly in Part 2 of our “Components of a PKI” blog series is the…

Components of a PKI, Part 2: Certificate Authorities and CA Hierarchies

In Part 1 of our “Components of a PKI” blog series, we defined several PKI terms that are useful for understanding Certificate Authorities…

Components of a PKI, Part 1: Digital Certificates

Digital certificates (most commonly represented by the X.509 public key certificate standard) are signed data objects that associate a…

Azure Protection

4 Best Practices for Hybrid Identity Attributes in Active Directory

User attributes are important metadata that should be treated with care. Some organizations do not take user attributes seriously enough,…

Multi-Factor Authentication

Microsoft Information Protection, Part 2: Planning Sensitivity Label Deployment

Planning for a Microsoft Information Protection deployment can seem complicated at first; however, the recommendations in this article can…

Multi-Factor Authentication

Microsoft Information Protection, Part 1: Understanding Sensitivity Labels

There are a few key terms that are critical when understanding and deploying Microsoft Information Protection (MIP). For example,…

Microsoft Intune Compliance

How to Effectively Manage Microsoft Intune Application Assignments with PowerShell and the Microsoft Graph API

In large-scale Microsoft Intune deployments, you’ll typically find both production and development tenants. For effective application…

Azure Active-Directory Health Check

Authentication Options for Automated Azure PowerShell Scripts, Part 3: Additional Considerations

In Part 3 of this blog series, we discuss some other important considerations when taking this approach to automation.

Azure Active-Directory Health Check

Authentication Options for Automated Azure PowerShell Scripts, Part 2: Create and Configure an App Registration

Part 2 of this blog series gets into the details of how to create and configure an app registration for use with an automated PowerShell…

Azure Active-Directory Health Check

Authentication Options for Automated Azure PowerShell Scripts, Part 1: Service Account vs. App Registration

Automation is a fundamental requirement for good systems administration, no matter what the platform. Being able to automate tasks ensures…

Multi-Factor Authentication

Benefits of Air-Gapped Active Directory Backups

Several high-risk events have recently highlighted the importance of a fully functional and secure Active Directory environment to a…

Azure Protection

5 Things to Watch for When Migrating SaaS Applications from AD FS to Azure AD

Migrating your Active Directory Federation Services (AD FS) integrated SaaS applications to Azure Active Directory (Azure AD) provides many…

Microsoft Intune Compliance

How to Protect Organizational Data on Mobile Devices

Do you know how to protect organizational data on mobile devices without affecting personal data? Are you aware of the policies required to…

Multi-Factor Authentication

How to Mitigate Privilege Escalation with the Tiered Access Model for Active Directory Security

One of the most important security controls in an Active Directory (AD) forest is the prevention of privilege escalation paths. The tiered…

Azure Active-Directory Health Check

Use Privileged Access Workstations to Mitigate Security Threats in Your Active Directory

The workstation an administrator uses to perform privileged tasks such as managing Active Directory (AD) is a high-value target for a…

Azure Protection

What Is an Active Directory Health Check?

Our automated AD DS health check process looks at hundreds of configuration settings, including DNS, FSMO roles, replication, sites and…

Azure Active-Directory Health Check

How To Get the MIM Synchronization Service Groups

Learn how to find out what security groups grant access to the MIM Synchronization Service

Azure Protection

Reduce Help Desk Calls with Self-Service Password Reset

Forgotten passwords are a key driver of Help desk calls for many organizations. They are also a major cost factor. Azure Active Directory…

Microsoft Intune Compliance

Three Things to Plan for When You Add Single Sign-On

Enabling single sign-on (SSO) for SaaS applications adds convenience for end users, as well as reduces security risks and enables you to…

Multi-Factor Authentication

Secure Anywhere Access to Business Applications without a VPN

With the Azure AD Application Proxy, you can provide remote access to web applications and Remote Desktop Services (RDS) farms without…

Microsoft Office 365 Automated

Automated Office 365 License Assignment with Azure AD Premium

Without a license, end users will not be able to use Office 365 services like Exchange Online or OneDrive for Business, so it’s critical…