Browsed by
Month: July 2020

The return of the Azure ad Portal

The return of the Azure ad Portal

Looking back at my blogs, I realized I didn’t tell you the whole story concerning restricting user access to the Azure AD portal. Last night I was talking to Nicola Suter about this and he made me realize there are some additional steps you can take to further improve security. Preventing access to the Azure AD portal itself should be the first step. But there are more ways an attacker can get the information stored here.  The attacker can open…

Read More Read More

Gone with the emails

Gone with the emails

Are you also tired of explaining to your user’s how to restore their e-mails? Or even logging in to their devices to restore it yourself. Microsoft just released a feature enabling admins to recover emails for their user’s without taking over their device or having to explain a lot. Login to the preview portal https://admin.exchange.microsoft.com/#/mailboxes Select the mailbox in which you want to restore messages. That’s nice… now you’ll be able to click on “recover deleted items”. That’s convenient, you…

Read More Read More

The Azure AD portal strikes back

The Azure AD portal strikes back

Reconnaissance is the first phase in hacking. It’s a systematic approach to gather information about your target. It’s up to you to prevent access to the Azure AD administration portal. It’s very easy to implement within the GUI. Search for the Azure AD/user settings, you’ll find the option to restrict access.   Alternatively, you could add this to your tenant enrollment scripts: When a naughty user wants to access the Azure ad portal, the setting you defined kicks in. Conclusion It’s…

Read More Read More

Back to the passwordless sign in.

Back to the passwordless sign in.

Why do your user’s still need to enter their password every time they log in? Why? I say, go passwordless! Implementing passwordless MFA is the right choice for securing your identity without having to use passwords anymore. What MFA options do you have? *Approve a request on my Microsoft authenticator app *Use a verification code from my mobile app *Text phone number *Call phone number *Email What do all options have in common? You will need to enter your password…

Read More Read More

Once upon a time in the automount of OneDrive team sites

Once upon a time in the automount of OneDrive team sites

In this blog, we’ll be talking about how to make sure your team site sync automatically to all your devices within a few minutes. Microsoft offers this option as well, only their solution might take up to 8 hours! Today I’ll show you how to speed up this process.  For anyone who wants to sync the team site libraries automatically, you can configure it in Intune.   Okay, not my cup of tea. I feel users should be able to decide which team sites are important for them. Also, It’s…

Read More Read More

Lock, Stock and Office 365 ATP Automation

Lock, Stock and Office 365 ATP Automation

Securing your email with Office 365 ATP is like putting a cage around your email. You might ask yourself: Why have we got that cage?  Security!  So, what’s included in Office 365 ATP Cage?  *Safe Attachments   Protects against unknown malware and viruses, and provides zero-day protection to safeguard your messaging system. All messages and attachments that don’t have a known virus/malware signature are routed to a special environment where ATP uses a variety of machine learning and analysis techniques to detect malicious intent. If no…

Read More Read More

The forgotten fruits of securing your Windows 10 Endpoint

The forgotten fruits of securing your Windows 10 Endpoint

Step 1: Least Privilege (No local admin)   *ONLY using Autopilot? You also denied the registering personal devices? Good, if not… You need a solution to make sure your users are not admins.   Step 2: Applocker  *Nice…  users are no longer admins. Why not implement an Applocker policy?  Step 3: Bitlocker  *Make sure you enable Bitlocker. You can do this through the Intune portal or with a custom made Intunewin app based on a PowerShell script. Your choice…   Step 4: Windows Defender with ASR rules (Got money? Enable Windows Defender ATP)  *Please turn on Windows Defender and configure the ASR Rules.  You can automate the deployment like I did with the Applocker policy.  Step 5: Baseline policies  *Take a look at…

Read More Read More