Category: advisory
-
January 21: How To Achieve CJIS Compliance With M365
“It is my ambition to say in ten sentences what others say in a whole book.” Friedrich Nietzsche In my work with state and local government trying to achieve CJIS compliance with M365, I’ve found the security requirements needlessly complex. Take the Criminal Justice Information Services (CJIS) Security Policy section covering authentication – “IA-5 AUTHENTICATOR…
-
November 29: How to Deploy Phishing Resistant Authentication
“Those who cannot remember the past are condemned to repeat it.” George Santayana As I’ve said here, here, and here, the best way to protect your organization is with phishing-resistant MFA. I’ve collected lessons from recent engagements and Microsoft updates into an eBook that may help you. Here is the table of contents. Provide your…
-
February 12: New Ways to Secure Multi-Tenant GCC High
“Everything should be made as simple as possible, but no simpler.” Albert Einstein 2024.02.17 Update: Patrick Abel from Summit 7 has this great post on Cross-Cloud B2B and Teams Cross-Cloud Guest Access in GCC High. This post is an unofficial elaboration of the official Microsoft guidance to Defense Industrial Base companies operating in multi-tenant Microsoft…
-
January 29: New Lessons Learned From Microsoft’s Security Breach
when faced with multiple explanations for a phenomenon, the simplest one that adequately explains the observed evidence is likely to be the most accurate The Principle of Parsimony The three lessons below should be considered a supplement to 25 Simple Ways To Secure Your Apps. Secure by Design: Beyond User Vigilance The root cause of…
-
October 30: 25 Simple Ways To Secure Your Apps
He that is without sin among you, let him first cast a stone… go, and sin no more. Jesus Christ, John 8:7-11 2024.01.29 update: Microsoft’s Midnight Blizzard breach prompted three more simple ways to secure your apps, bringing the total to 28. 2024.01.31 update: CISA Director Jen Easterly’s statement before Congress: “The technology underpinning our…
-
August 8: How to sync multi-forest managers to Azure AD
How to sync multi-forest managers to Azure AD. This solution does not require an intermediate forest and uses supported Azure AD Connect functionality.