Browsed by
Category: Microsoft 365 Business

Guardians of the Local Admin rights

Guardians of the Local Admin rights

Granting your users local admin permissions when deploying Windows 10 is really really best practice…I’m joking, no it’s not! I must be saying this a lot lately. You need to be certain all of your endpoints are managed, so you can make sure your users don’t have local admin permissions. You don’t believe me that your endpoints need to be managed? Take a look at these two examples (Alex Fields): Removing local admin permissions mitigates a lot of critical Microsoft…

Read More Read More

The never-ending Command Prompt

The never-ending Command Prompt

Some time ago I showed you the options you have to block the administrative tools like CMD and Regedit. Within the latest insider preview 20185 I noticed a new ADMX file So? We can block cmd and regedit by configuring a CSP, right? I enrolled a new Window 10 Enterprise VM and updated to the last insider preview update. After my new VM was configured, I tried to configure this CSP by creating a new device configuration profile like this:…

Read More Read More

Interview with the ASR rules

Interview with the ASR rules

Protecting your devices with Windows Defender ASR rules is best practice but… make sure you’re aware of the caveats. The sun was probably shining when you configured your ASR rules! And after you decided you wanted to use Solarwinds for monitoring your devices, you pushed the agent to your endpoints. Then suddenly the weather changed… If like me, you configured a new Solarwinds Win32 with the packaging tool. After you start deploying it to some test devices. You’ll notice a…

Read More Read More

The Fellowship Of Group Labeling

The Fellowship Of Group Labeling

Labelling your data with sensitivity labels is the way to go. Confidential data within your organization needs to be labelled with a proper sensitivity label. You can do this manually or automatically. But there is more, labelling your teams/Microsoft 365 groups itself is the next best thing. There are 3 options you can define, when setting up your Sensivity group labels. Setting your team privacy Allowing external users Non-compliant settings: You shall not pass(block access), full access and limited access)…

Read More Read More

No Country For Not Monitoring

No Country For Not Monitoring

SIEM (security information and event management) is a set of tools used to monitor, identify, analyze and record security events. Of course, you could use Azure log analytics and Azure Sentinel as your SIEM. But for small businesses (SMB) I’d recommend starting with Solarwinds as your Microsoft 365 SIEM moving forward! But who’s checking all these security events? That’s why you probably need a SOC (Security operation center). SMB don’t necessarily need to set up a full-blown SOC. So why…

Read More Read More

Microsoft and Solarwinds, the holy grail

Microsoft and Solarwinds, the holy grail

Solarwinds announced a collaboration with Microsoft to enhance monitoring and management. And since we use Solarwinds as our RMM solution, I think that’s really nice. In this blog, I will try to explain why I think it’s useful to use Microsoft and Solarwinds together! When you have multiple customers, you want to have a single monitoring dashboard. You can simply create a template and attach it to a customer site. When you enrol a new device, the custom made  Solarwinds…

Read More Read More

Lock, Stock and Office 365 ATP Automation

Lock, Stock and Office 365 ATP Automation

Securing your email with Office 365 ATP is like putting a cage around your email. You might ask yourself: Why have we got that cage?  Security!  So, what’s included in Office 365 ATP Cage?  *Safe Attachments   Protects against unknown malware and viruses, and provides zero-day protection to safeguard your messaging system. All messages and attachments that don’t have a known virus/malware signature are routed to a special environment where ATP uses a variety of machine learning and analysis techniques to detect malicious intent. If no…

Read More Read More

The forgotten fruits of securing your Windows 10 Endpoint

The forgotten fruits of securing your Windows 10 Endpoint

Step 1: Least Privilege (No local admin)   *ONLY using Autopilot? You also denied the registering personal devices? Good, if not… You need a solution to make sure your users are not admins.   Step 2: Applocker  *Nice…  users are no longer admins. Why not implement an Applocker policy?  Step 3: Bitlocker  *Make sure you enable Bitlocker. You can do this through the Intune portal or with a custom made Intunewin app based on a PowerShell script. Your choice…   Step 4: Windows Defender with ASR rules (Got money? Enable Windows Defender ATP)  *Please turn on Windows Defender and configure the ASR Rules.  You can automate the deployment like I did with the Applocker policy.  Step 5: Baseline policies  *Take a look at…

Read More Read More

My first blogpost :)

My first blogpost :)

I have been thinking a lot about creating a website and to start blogging. The time is now. This a video (in dutch…) how I configured one of my test office365 tenants. The setup of this tenant took about a half-hour. Below the video are some details of what I have done in about a half-hour (after waiting a long time for the Microsoft 365 Business License to be activated on the tenant) Some stuff I had to do manually….

Read More Read More