Tag: Security

Setup a good password policy in Azure AD

A good password policy is the first step on securing your environment and company data. Without a password policy in place you can be sure that a lot of users will take a password that can be easily guessed and/or brute forced in less than 5 minutes. Default Azure...

Continuous Access Evaluation (CAE) in Azure AD (GA)

Microsoft has just announced (January 2022) the General Availability of Continuous Access Evaluation as part of the Azure AD Zero Trust management portfolio. What is Continuous Access Evaluation? In short: continuous access evaluation allows for a quicker response by forcing an access token refresh in case of a certain...

Azure OMI Vulnerability

Microsoft has released multiple security updates in last Patch Tuesday. One off them fixes a high risk vulnerability (CVE-2021-38647) Also know as OMIGOD. This vulnerability can be used remotely, so exploitation is expected soon. This flaw doesn’t directly affect Windows at all, because it’s a bug in Microsoft’s open...

Microsoft announces Endpoint Data Loss Prevention (DLP) available in Preview

Microsoft has released its Data Loss Prevention tools for endpoint clients. Customers with Microsoft 365 subscriptions can now protect data on physical devices next to online services and apps. This new feature it is possible to enable Microsoft 365 policies that have been configured for apps, to be active...

Enforce (Azure) MFA with Conditional Access policies

Multi Factor Authentication (MFA) is an added security feature from Azure which I believe that should be enabled by default for everybody in Office 365 and Azure. There for this manual how to enforce (Azure) MFA for all users using Azure Multi Factor Authentication MFA can prevent unauthorized access...