-
February 26: To The New Second Line Manager
Beauty will save the world. All happy families are alike; each unhappy family is unhappy in its own way. What is effective management? I see two schools: one that empowers people and fosters a great culture and… another one. As a new second line manager, a manager of managers, you have the unique opportunity to…
-
January 21: How To Achieve CJIS Compliance With M365
“It is my ambition to say in ten sentences what others say in a whole book.” Friedrich Nietzsche In my work with state and local government trying to achieve CJIS compliance with M365, I’ve found the security requirements needlessly complex. Take the Criminal Justice Information Services (CJIS) Security Policy section covering authentication – “IA-5 AUTHENTICATOR…
-
November 29: How to Deploy Phishing Resistant Authentication
“Those who cannot remember the past are condemned to repeat it.” George Santayana As I’ve said here, here, and here, the best way to protect your organization is with phishing-resistant MFA. I’ve collected lessons from recent engagements and Microsoft updates into an eBook that may help you. Here is the table of contents. Provide your…
-
February 12: New Ways to Secure Multi-Tenant GCC High
“Everything should be made as simple as possible, but no simpler.” Albert Einstein 2024.02.17 Update: Patrick Abel from Summit 7 has this great post on Cross-Cloud B2B and Teams Cross-Cloud Guest Access in GCC High. This post is an unofficial elaboration of the official Microsoft guidance to Defense Industrial Base companies operating in multi-tenant Microsoft…
-
January 29: New Lessons Learned From Microsoft’s Security Breach
when faced with multiple explanations for a phenomenon, the simplest one that adequately explains the observed evidence is likely to be the most accurate The Principle of Parsimony The three lessons below should be considered a supplement to 25 Simple Ways To Secure Your Apps. Secure by Design: Beyond User Vigilance The root cause of…
-
January 15: Identity Bridge – Now With Secure US Gov Support
Below is a 73-second video covering 3 Identity Bridge improvements: Understanding CMMC compliance, cybersecurity best practices, and collaboration between Defense Industrial Base (DIB) organizations can be difficult. I am attending Microsoft’s DIB Day tomorrow (1.16.2024). This is a free 4-hour online event to share lessons learned by those closest to cyber requirements coming from DoD.…
-
October 30: 25 Simple Ways To Secure Your Apps
He that is without sin among you, let him first cast a stone… go, and sin no more. Jesus Christ, John 8:7-11 2024.01.29 update: Microsoft’s Midnight Blizzard breach prompted three more simple ways to secure your apps, bringing the total to 28. 2024.01.31 update: CISA Director Jen Easterly’s statement before Congress: “The technology underpinning our…
-
October 17: Identity Bridge – Open for Business At Last!
If you prefer to watch rather than read, here is a 6-minute video describing the problems the Identity Bridge is designed to solve (1 minute) and how to configure and run a sync (5 minutes). Feel free to watch at double speed or just skip to the last minute at 5:15 to see the system…
-
August 22: Structure of the Identity Bridge
The Inspiration His hands descended, transitioning from palms-down to palms-up, as though cradling a ball. “We want to use the cloud to bring everything together and manage it in one place.” he explained through translators. Over the next weeks and months, I would come to understand this recurring gesture that expressed his clear and simple…
-
August 15: Authenticating Apps in 2023 – A Closer Look
How to create an Azure-hosted React app authenticating to Azure AD. I start with dotnet new react and add Vite, Typescript, and Azure AD authentication.