Select Page
Combatting Risky Sign-ins in Azure Active Directory

Combatting Risky Sign-ins in Azure Active Directory

It is almost inevitable your organization will be targeted with malicious sign-in attempts to cloud apps. It is often the case an employee uses the same password for their work account as they do for their personal accounts. Password leaks ... continue reading
Bar graph showing showing how password-related attacks have been constantly growing between 2018 and 2022.

​​Microsoft Entra: 5 identity priorities for 2023

Welcome to 2023. After the pandemic upended how we work, learn, play, and manage our lives, we find ourselves more connected than ever, with more convenient access to an ever-wider range of online tools and experiences. But as our global ... continue reading
End user passwordless utopia

End user passwordless utopia

With all the different technologies available in Azure and Azure Active Directory (Azure AD), it’s easy to miss the bigger picture and how they all play into the end user experience.  This includes:  Azure AD Multifactor authentication (MFA) Passwordless authentication ... continue reading
A geographical map that presents the countries where the devices affected by the botnet are located. Countries with affected devices are highlighted on the map in blue.

MCCrash: Cross-platform DDoS botnet targets private Minecraft servers

Malware operations continue to rapidly evolve as threat actors add new capabilities to existing botnets, increasingly targeting and recruiting new types of devices. Attackers update malware to target additional operating systems, ranging from PCs to IoT devices, growing their infrastructure ... continue reading

Microsoft brings FIPS 140 Compliance to Authenticator supporting Federal Agencies

Many customers work in environments with security and compliance concerns requiring authenticators to use cryptography validated by the Federal Information Processing Standards (FIPS) 140 (reference NIST SP 800-63B). We're excited that Microsoft Authenticator on iOS is now FIPS 140 compliant (Android ... continue reading
Training, guides & assistance snippet from Microsoft 365 tenant

Creating MFA Policies with Zero Trust Advanced Deployment Guide in Microsoft 365

Overview of Advanced Deployment Guides & Assistance As you most probably know, there are Advanced deployment guides available for you on your Microsoft 365 tenant. These are basically deployment guides that help you to configure different settings and onboard services ... continue reading
Flowchart for Azure Active Directory issuing tokens.

Token tactics: How to prevent, detect, and respond to cloud token theft

As organizations increase their coverage of multifactor authentication (MFA), threat actors have begun to move to more sophisticated techniques to allow them to compromise corporate resources without needing to satisfy MFA. Recently, the Microsoft Detection and Response Team (DART) has ... continue reading
Utilizing Zero Trust architecture principles for External Identities

Utilizing Zero Trust architecture principles for External Identities

As hybrid work environments become normal and we continue to collaborate, the importance of adopting zero-trust architecture principles is more vital than ever. Zero trust architecture puts emphasis on three key principles:    Verify explicitly: Always authenticate and authorize based ... continue reading
Illustration of two circles coming together to illustrate two approaches to integrating the Acquisition within the organization’s IT environment. This can be to either directly connect to the IT environment of the acquisition and keep existing systems or migrate all information into the Parent organizations environment.

Microsoft Security tips for mitigating risk in mergers and acquisitions

Sixty-two percent of organizations that undertake mergers and acquisitions face significant cybersecurity risks or consider cyber risks their biggest concern post-acquisition.1 Threat actors that focus on corporate espionage often target the acquiring company, which we will refer to as the ... continue reading
Azure AD Certificate-based Authentication (CBA) on Mobile

Azure AD Certificate-based Authentication (CBA) on Mobile

At Ignite 2022 we announced general availability of Azure Active Directory (Azure AD) Certificate-Based Authentication (CBA) as a part of Microsoft’s commitment to Executive Order 14028, Improving the Nation’s Cybersecurity. Now, we’re thrilled to announce the public preview of Azure ... continue reading