Category: Security

How to deploy Entra ID Application Proxy (Manual)

Entra ID Application Proxy is a service that enables remote access to applications from any device with a web browser without the need for a VPN. It provides secure access to on-premises applications by proxying requests through the Azure cloud. One of the other features is that Entra secures...

Windows Hello for Business and changing security policies (lessons learned)

Last weeks I had some challenges with a customer requiring more strictive PIN permissions for Windows Hello For Business. My initial thought was, I’ll just change the Intune Policy, and people will receive the new policy settings and job done. During the test phase with my own tenant, and...

Microsoft Managed Entra ID Conditional Access policies are coming to eligible tenants

In November last year, Microsoft announced the “auto-rollout of Microsoft Entra Conditional Access policies that will automatically protect tenants based on risk signals, licensing, and usage.” This means that all tenants with at least Entra ID P1 license will receive the Microsoft Managed conditional access policies with the intention to...

Deploy Azure Firewall with Azure virtual WAN (Manual)

In the past blog I showed you how to deploy Azure Virtual WAN with a HUB (Deploy Azure Virtual WAN with Virtual HUB (Manual) | 2 Azure). Today we will continue the journey with the deployment of the Azure Firewall. Prerequisites: STEP 1: Deploy Azure Firewall policy From the...

How to create an applocker policy (Manual)

Windows AppLocker is a technology first introduced in Windows 7 that allow you to restrict which programs users can execute based on the program’s attributes. In enterprise environments it is typically configured via Group Policy, however we can leverage the XML it creates to easily build our own custom...

Azure VM cannot connect to RDP (NLA, Manual)

Today I had to restore a virtual machine from a backup from 2 weeks ago. Once booted I received the error message that I was not able to connect because of the following error: The remote computer that you are trying to connect to requires Network Level Authentication (NLA),...

CSP: Granular Delegated Admin Privileges (GDAP) explained

Microsoft has been working on improving security. In the last few years every CSP customer has had the request to grant Delegated Admin Privileges (DAP) at least once. Without it is hard for the CSP Partner to grant and assign licenses, however not impossible. Of course it is convenient...

How to setup Azure Priviliged Identity Management (PIM) – Manual

Privileged Identity Management is a service in Azure that enables you to manage, control, and monitor access to important resources in your organization. These resources include resources in Azure AD, Microsoft 365 or Microsoft Intune. Why should you use it? Organizations want to minimize the number of people who...

Setup a good password policy in Azure AD

A good password policy is the first step on securing your environment and company data. Without a password policy in place you can be sure that a lot of users will take a password that can be easily guessed and/or brute forced in less than 5 minutes. Default Azure...

Continuous Access Evaluation (CAE) in Azure AD (GA)

Microsoft has just announced (January 2022) the General Availability of Continuous Access Evaluation as part of the Azure AD Zero Trust management portfolio. What is Continuous Access Evaluation? In short: continuous access evaluation allows for a quicker response by forcing an access token refresh in case of a certain...

Azure Administrative Unit, what is it? And how to use it!

Remember the good old days with Active Directory Organizational Units? We where missing this in Azure AD, but it has finally arrived in Azure AD. Especially in bigger organizations you want to divide the organization in different units. Within each administrative unit you can delegate permissions to administrators of...

Office 365 implement Safe Links Policy (Manual)

Safe links is part of Defender for Office 365 that scans and rewrites URL’s in inbound email messages, Teams and other locations. Safe Links is an additional security layer on top of anti-spam and anti-malware protection. Safe Links scanning can help protect your organization from malicious links that are...

Azure OMI Vulnerability

Microsoft has released multiple security updates in last Patch Tuesday. One off them fixes a high risk vulnerability (CVE-2021-38647) Also know as OMIGOD. This vulnerability can be used remotely, so exploitation is expected soon. This flaw doesn’t directly affect Windows at all, because it’s a bug in Microsoft’s open...