Security Archives

Boost Security and Transform Conditional Access with Entra ID’s Authentication Strengths

Leave a Comment / Blog, Identity, Identity Management, Security / Josh Goben

Microsoft Entra ID is a critical component of modern identity and access management. It acts as a front door to your applications and data by providing secure and auditable identity management. One of Entra ID’s key capabilities is Conditional Access (CA). CA allows you to require specific authentication controls. It also lets you make policy […]

Boost Security and Transform Conditional Access with Entra ID’s Authentication Strengths Read More »

Azure Automation and SQL Server

Leave a Comment / Blog, Security / Andy Schneider

Microsoft Azure Automation is a service that is designed to automate operational tasks across Azure and on-premises environments. It provides a way to create, test, and manage runbooks, which are scripts written in PowerShell or Python. Runbooks can perform a wide range of tasks, from starting a virtual machine to complex operations such as orchestrating

Azure Automation and SQL Server Read More »

6 Tips to Harden Your Windows LAPS Deployment

Leave a Comment / Active Directory, Blog, Security / Thomas Garrity

In a previous blog post, we covered how to migrate to Windows Local Administrator Password Solution (LAPS). With Windows LAPS deployments gaining traction, it’s important to review configuration items and implement policies that can harden your endpoints and mitigate attacks from bad actors. Secret encryption, secret history, access control list (ACL) monitoring, and more play

6 Tips to Harden Your Windows LAPS Deployment Read More »

Migrating to Windows LAPS

Leave a Comment / Active Directory, Blog, Security / Thomas Garrity

Windows Local Administrator Password Solution (LAPS), now integrated into the OS, is the replacement for Microsoft LAPS, which was a separate installation. Windows LAPS is a native, built-in solution with increased functionality and security features. It also provides an emulation mode to help you migrate from legacy LAPS. Now is the time to migrate to

Migrating to Windows LAPS Read More »

Securing On-Premises Access Is Easier Than You Think: Utilizing the Entra Application Proxy

Leave a Comment / Active Directory, Blog, Security / Tony LaGrassa

In a previous blog post , we discussed taking advantage of Entra (formerly Azure Active Directory) Application Proxies to allow access to on-premises applications without a dependency on traditional tools such as a VPN. That blog includes a few great points that should be highlighted again. For example, in most organizations an Entra Application Proxy:

Securing On-Premises Access Is Easier Than You Think: Utilizing the Entra Application Proxy Read More »

Win32 App Deployment with Intune Supersedence Rules

Leave a Comment / Blog, Security / Adam Zucker

There are several ways to deploy applications to users or devices that are managed by Microsoft Intune. In addition to application types, you must also take into consideration the method of assignment and how it will affect you long term from a management and maintenance standpoint. Deploying an application installer via Intune is usually accomplished

Win32 App Deployment with Intune Supersedence Rules Read More »

Manage Entra Groups with the Graph API

Leave a Comment / Blog, Security / Adam Zucker

In my previous blog [Win32 App Deployment with Intune Supersedence Rules] I explained how to update Win32 applications deployed within Microsoft Intune by using the supersedence feature. Although the process is typically straightforward and simple, the requirement of keeping a security group populated with all user or device objects can make the task time-consuming. This

Manage Entra Groups with the Graph API Read More »

Active Directory Forest Recovery: Plan to Eliminate Downtime

Leave a Comment / Active Directory, Blog, Security / Brian Britt

Microsoft Active Directory (AD) is still the predominant identity and management platform for tens of thousands of organizations worldwide. Larger organizations with hundreds to even thousands of applications continue to rely on AD, even as they transition to a cloud-first or AD-minimized environment. The reason? Unraveling all the AD-related technology and applications an organization has

Active Directory Forest Recovery: Plan to Eliminate Downtime Read More »

How to Connect to Microsoft Exchange Online PowerShell with Certificate Authentication in Azure Functions

Leave a Comment / Blog, Security / David Conners

In a previous blog series, I discussed how to use certificate authentication for PowerShell scripts running in a standard Windows environment. (See “Authentication Options for Automated Azure PowerShell Scripts, Part 1: Service Account vs. App Registration,” as well as Part 2 and Part 3.) In this blog, I discuss remediating basic authentication in a different

How to Connect to Microsoft Exchange Online PowerShell with Certificate Authentication in Azure Functions Read More »

Get Started With LDAP Security

Leave a Comment / Active Directory, Blog, Security / Thomas Garrity

You may recall that in March 2020 Microsoft was planning to configure a couple of Lightweight Directory Access Protocol (LDAP) security settings on behalf of its customers. The company ended up not pulling the trigger, even though vulnerabilities still exist with the default implementation of LDAP. These security holes allow man-in-the-middle (MITM) attacks and replay

Get Started With LDAP Security Read More »