[blog]

The authority on identity and security in Microsoft

Does securing your business keep you up at night? Sleep better staying in the know – read our experts unique takes on trends in cybersecurity. 

In the past few years, we’ve seen a rapid expansion in remote and remote-hybrid workforces. Remote employees primarily use cloud-native services to manage their daily workloads from the comfort of [...]

In my previous blog post we reviewed why time synchronization is important, as well as proper time synchronization configuration of domain controllers (DCs) holding the Primary Domain Controller Emulator (PDCe) [...]

Microsoft Active Directory (AD) is still the predominant identity and management platform for tens of thousands of organizations worldwide. Larger organizations with hundreds to even thousands of applications continue to [...]

Are you tired of seeing the Windows Admin Center (WAC) prompt from Microsoft Windows Server Manager (as shown in Figure 1) and not knowing what to do about it? Do [...]

Passwords have long been the de facto authentication mechanism for identities. Length and complexity plagued us as we struggled to produce an acceptable password that we could easily remember and [...]

Microsoft is disabling Basic authentication in an effort to improve data security in Exchange Online. Starting October 1, 2022, Microsoft will begin turning off Exchange Online Basic authentication. (For more [...]

Are you ready to make the move to Entra (formerly Azure Active Directory) single sign-on (SSO)? Do you want to avoid the complications of federated authentication for Microsoft 365? Are [...]

In a previous blog series, I discussed how to use certificate authentication for PowerShell scripts running in a standard Windows environment. (See “Authentication Options for Automated Azure PowerShell Scripts, Part [...]

You may recall that in March 2020 Microsoft was planning to configure a couple of Lightweight Directory Access Protocol (LDAP) security settings on behalf of its customers. The company ended [...]

In Part 1 of this blog post, we looked at what goes into thinking about and designing your automated access policies. As discussed, we want to first think about our [...]

Many organizations control access to internal systems by simply relying on whether or not an account is enabled. However, users often change roles throughout their careers within a single organization. [...]

Web application owners need to generate and submit certificate requests to secure traffic to their websites. Application owners often use IIS to generate or renew these requests. Occasionally, the original [...]