Home

  • 10 tips to improve your administrative accounts posture in Azure AD

    10 tips to improve your administrative accounts posture in Azure AD

    General Introduction As I speak to more and more customers about the matter, I notice that a lot of companies have a questionable security posture regarding their administrative accounts. For example, many admins are using their “daily-runner” account as privileged administrators for their tenants, or synchronizing their domain admins to privileged roles in Azure AD.…


  • A vulnerability assessment solution should be enabled on your virtual machines – Azure

    A vulnerability assessment solution should be enabled on your virtual machines – Azure

    General introduction This is one of the more common alerts that may come up when you activate Defender for Cloud. This message comes up when a vulnerability assessment solution is not found in at least one virtual machine in your environment. What happens behind the curtains? Azure virtual machine servers are constantly checked for infrastructure security…


  • Configure Chrome Extensions in Intune using Administrative Templates – Intune

    Configure Chrome Extensions in Intune using Administrative Templates – Intune

    General introduction In March 2022, Intune added support for Chrome Administrative Templates. This allows for further customization of your Chrome installation without needing the custom ADMX and the OMA-URIs. This post will show how to configure the silent installation of an extension in Chrome using Administrative Templates. If you are using ADMX policies, consider switching…


  • Temporary Access Pass sign in was blocked due to User Credential Policy

    Temporary Access Pass sign in was blocked due to User Credential Policy

    General introduction Temporary Access Pass is a time-limited passcode that allows users to register passwordless methods or recover access to their accounts without knowing their password. It is enabled via an authentication method policy that you can configure in Azure Active Directory. Apart from being time-limited, the TAP can also be configured for one-time use…


  • How to enable and disable Security Defaults

    How to enable and disable Security Defaults

    General introduction Security Defaults are one of the ways to establish a fundamental identity security baseline for your tenant. Security defaults are a set of security settings to help you protect your organization from the most common security threats. They can be enabled on a tenant with just one click. Well, two, if you count the…


  • Scale AKS HCI control plane and worker nodes

    Scale AKS HCI control plane and worker nodes

    In Azure Kubernetes Service (AKS) on Azure Stack HCI, you can increase the resources available to your node pool by changing the size of virtual machines in a node pool or expanding the node count. The node count can also be increased with autoscaling methods. The worker nodes can be scaled using the command Set-AksHciNodePool, while…


  • How to configure passwordless in Azure AD connected environments

    How to configure passwordless in Azure AD connected environments

    General Introduction As we all know, passwords are a weak link in our identity processes. But, contrary to what we believe, your password length is not the main enemy when talking about Azure AD, as long as your passwords are not simple. Instead, the main enemy is that passwords can be easily gathered and reused…


  • What are Conditional Access Policies in Azure AD

    What are Conditional Access Policies in Azure AD

    What are Conditional Access Policies? Conditional Access Policies (CAPs) are identity-driven policies that govern user access to resources based on certain conditions. We can summarize them as if statements that govern what will be requested, enforced or blocked. As identity has become a key focus for security efforts, it’s essential to manage it in the best way…


  • What’s SMS Authentication and how to enable it in Azure AD

    What’s SMS Authentication and how to enable it in Azure AD

    What’s Text Message Authentication SMS-based authentication allows users to log in without needing to remember their username and password. After enabling the feature for an account, users can enter their phone number at the login prompt instead of their username. They will then receive an authentication code via text message that they can use to…


  • What is Microsoft Purview Customer Key?

    What is Microsoft Purview Customer Key?

    Microsoft Pureview Customer Key (or Customer Key for short) is an encryption service mainly aimed at resolving regulatory issues with the adoption of Microsoft 365. This is the product you need in the Microsoft Cloud environment if you have a regulatory requirement to have ownership and control over the keys used to encrypt data at…