I engaged in a conversation on the internet where it was stated that there isn’t a way to restrict FIDO2 authentication methods for specific set of users. Well, there kind of is. And in this short blog post I’m going…
I once bumped into a customer who said their Global Administrators all have the access elevation toggle switch permanently turned on, so that they all have the User Access Administrator role assigned at the root level all the time for…
Cloud security posture management (CSPM) can be a exhausting task. One would need to sleep one eye open to keep up with all the changes in the cloud and would still fall short. If your organization is in multi-cloud environment,…
As there are upcoming changes facing organizations starting July 1st 2024 when Microsoft starts the MFA enforcement rollout for user accounts (including guest users) that use Azure management logins, I thought it would be beneficial to go through the principals…
In my previous blog post, titled Microsoft enforces tenant-level MFA in July! What should I know?, we looked at the upcoming change where Microsoft is enforcing MFA upon all user accounts logging in to Azure management tools. This enforcing of…
Upcoming July, 2024 will be a big deal for securing Microsoft tenants world wide. Microsoft announced on May 14th that they will enforce tenant-level (I like to say tenant-wide) MFA requirement for all Azure users. Let’s quickly look at this…
One of the things we can do to protect our organization from account takeover attacks is to use locations as one of the conditions in our Conditional Access policies. Relying on location signal alone is not a good practice, but…
I have been recently diving head first into the world of tokens and cookies. One of my customer’s is trying to prevent token and cookie theft and it has got me digging more information and deeper. I bet you have…
This is part 4 of 4 part series. If you haven’t read previous parts of the blog series, I suggest reading them first: go to part 1 Not all authentication methods are created equal. Microsoft Digital Defense report from 2023…
This is part 3 of 4 part series. If you haven’t read previous parts of the blog series, I suggest reading them first: go to part 1 Not all authentication methods are created equal. Microsoft Digital Defense report from 2023…
