-
September 14: Device Management in GCC High for Secure, Compliant Access
“Trust, but verify.” Ronald Reagan Government contractors moving to Microsoft 365 GCC High face unique device management challenges. IT directors and MSPs must balance compliance, user productivity, and simplicity. This post explores how organizations can manage devices for GCC High environments confidently – whether by leveraging existing Commercial cloud devices, creating a secure virtual enclave, or…
-
September 7: Simple, Reliable Cross-Cloud Teams Collab in GCC High
“Less but better” Dieter Rams Two years out of Microsoft, I’m more convinced than ever of the power of simple, coherent design. Cross-cloud collaboration between Commercial and GCC High offers many paths, but, in my experience, only one is worth your time — and even that path is strewn with small but critical quirks. I’ve…
-
February 26: To The New Second Line Manager
Beauty will save the world. All happy families are alike; each unhappy family is unhappy in its own way. What is effective management? I see two schools: one that empowers people and fosters a great culture and… another one. As a new second line manager, a manager of managers, you have the unique opportunity to…
-
January 21: How To Achieve CJIS Compliance With M365
“It is my ambition to say in ten sentences what others say in a whole book.” Friedrich Nietzsche In my work with state and local government trying to achieve CJIS compliance with M365, I’ve found the security requirements needlessly complex. Take the Criminal Justice Information Services (CJIS) Security Policy section covering authentication – “IA-5 AUTHENTICATOR…
-
November 29: How to Deploy Phishing Resistant Authentication
“Those who cannot remember the past are condemned to repeat it.” George Santayana As I’ve said here, here, and here, the best way to protect your organization is with phishing-resistant MFA. I’ve collected lessons from recent engagements and Microsoft updates into an eBook that may help you. Here is the table of contents. Provide your…
-
February 12: New Ways to Secure Multi-Tenant GCC High
“Everything should be made as simple as possible, but no simpler.” Albert Einstein 2024.02.17 Update: Patrick Abel from Summit 7 has this great post on Cross-Cloud B2B and Teams Cross-Cloud Guest Access in GCC High. This post is an unofficial elaboration of the official Microsoft guidance to Defense Industrial Base companies operating in multi-tenant Microsoft…
-
January 29: New Lessons Learned From Microsoft’s Security Breach
when faced with multiple explanations for a phenomenon, the simplest one that adequately explains the observed evidence is likely to be the most accurate The Principle of Parsimony The three lessons below should be considered a supplement to 25 Simple Ways To Secure Your Apps. Secure by Design: Beyond User Vigilance The root cause of…
-
January 15: Identity Bridge – Now With Secure US Gov Support
Below is a 73-second video covering 3 Identity Bridge improvements: Understanding CMMC compliance, cybersecurity best practices, and collaboration between Defense Industrial Base (DIB) organizations can be difficult. I am attending Microsoft’s DIB Day tomorrow (1.16.2024). This is a free 4-hour online event to share lessons learned by those closest to cyber requirements coming from DoD.…
-
October 30: 25 Simple Ways To Secure Your Apps
He that is without sin among you, let him first cast a stone… go, and sin no more. Jesus Christ, John 8:7-11 2024.01.29 update: Microsoft’s Midnight Blizzard breach prompted three more simple ways to secure your apps, bringing the total to 28. 2024.01.31 update: CISA Director Jen Easterly’s statement before Congress: “The technology underpinning our…
-
October 17: Identity Bridge – Open for Business At Last!
If you prefer to watch rather than read, here is a 6-minute video describing the problems the Identity Bridge is designed to solve (1 minute) and how to configure and run a sync (5 minutes). Feel free to watch at double speed or just skip to the last minute at 5:15 to see the system…