Author: Arvind Suthar
-
February 12: New Ways to Secure Multi-Tenant GCC High
“Everything should be made as simple as possible, but no simpler.” Albert Einstein 2024.02.17 Update: Patrick Abel from Summit 7 has this great post on Cross-Cloud B2B and Teams Cross-Cloud Guest Access in GCC High. This post is an unofficial elaboration of the official Microsoft guidance to Defense Industrial Base companies operating in multi-tenant Microsoft…
-
January 29: New Lessons Learned From Microsoft’s Security Breach
when faced with multiple explanations for a phenomenon, the simplest one that adequately explains the observed evidence is likely to be the most accurate The Principle of Parsimony The three lessons below should be considered a supplement to 25 Simple Ways To Secure Your Apps. Secure by Design: Beyond User Vigilance The root cause of…
-
January 15: Identity Bridge – Now With Secure US Gov Support
Below is a 73-second video covering 3 Identity Bridge improvements: Understanding CMMC compliance, cybersecurity best practices, and collaboration between Defense Industrial Base (DIB) organizations can be difficult. I am attending Microsoft’s DIB Day tomorrow (1.16.2024). This is a free 4-hour online event to share lessons learned by those closest to cyber requirements coming from DoD.…
-
October 30: 25 Simple Ways To Secure Your Apps
He that is without sin among you, let him first cast a stone… go, and sin no more. Jesus Christ, John 8:7-11 2024.01.29 update: Microsoft’s Midnight Blizzard breach prompted three more simple ways to secure your apps, bringing the total to 28. 2024.01.31 update: CISA Director Jen Easterly’s statement before Congress: “The technology underpinning our…
-
October 17: Identity Bridge – Open for Business At Last!
If you prefer to watch rather than read, here is a 6-minute video describing the problems the Identity Bridge is designed to solve (1 minute) and how to configure and run a sync (5 minutes). Feel free to watch at double speed or just skip to the last minute at 5:15 to see the system…
-
August 22: Structure of the Identity Bridge
The Inspiration His hands descended, transitioning from palms-down to palms-up, as though cradling a ball. “We want to use the cloud to bring everything together and manage it in one place.” he explained through translators. Over the next weeks and months, I would come to understand this recurring gesture that expressed his clear and simple…
-
August 15: Authenticating Apps in 2023 – A Closer Look
How to create an Azure-hosted React app authenticating to Azure AD. I start with dotnet new react and add Vite, Typescript, and Azure AD authentication.
-
August 8: How to sync multi-forest managers to Azure AD
How to sync multi-forest managers to Azure AD. This solution does not require an intermediate forest and uses supported Azure AD Connect functionality.
-
August 1: Authenticating Enterprise Apps in 2023
(If you want to get right to coding, you can go here.) I created the Identity Bridge to make it easier for IT admins to set up user access across cloud systems. My Microsoft Identity background led me to believe this would be simple (the value prop and product screenshots are). Yet, I was taken…
-
July 11: Mindline Identity Bridge UI Walkthrough
This walkthrough introduces the Identity Bridge: a single pane of glass where tenant admins can manage multi-tenant syncs. Here an admin configures a two-way sync between two tenants (mindline.site and Mindline1). Step 1 – Sign In: Clicking “Sign In” prompts for credentials and then for consent to login and discover other tenants. 1.1 Initial Sign…