Locking down device access to Azure AD
entities. Two of them are particularly good ideas to limit how a domain can be accessed and will create significant hurdles for criminals
Security
27 posts
How did I end up with Device Encryption? And how …
Remember when people stood on their soapbox and said that Microsoft should make things secure by default for everyone? That's device encryption.
Using user agent string to block USA based attacks
Recently, we've noticed more USA based attacks. Using MCAS we can block those attempts
If they are attacking this website, then they are attacking …
If you're mhklassen@aol.com, your account has been compromised and is being used by criminals to attack my website. I do hold you responsible because you've ignored that message to change your password to something more complex and use two-factor authentication.
Split an MCAS Alert to get the notification you need
What if we want both low and high severity alerts from a policy? Technically MCAS can't do this.
Hafnium Mitigation: Surgical Restore
do I dare ignore what I see in the logs if my AV is giving me a clean bill of health? Can I really afford to rebuild this server when things seem mostly ok?
Exchange server vulnerability summary
There's been a lively discussion with "breaking news" about the extent of the intrusion into networks and the solution to it over on our Ransomware and Security group. Now that it seems to have reached a stable information point I thought I would summarize that you need to know.
Block Untrusted Devices from Downloading Data
A couple of situations have given rise to the need to prevent the downloading of data to untrusted devices.
New method for blocking autoforward and making exceptions
Preventing the AutoForwarding of email off of your domain is a security staple. But now we need to do it with Theat Management policy instead of exchange transport rules
MSP Security Survey
In this survey Acronis has partnered with Third Tier to gather some information on how MSP's are progressing in addressing security, what's holding them back and what their plans are.
The most common question about email security is…
...do you use a third party filtering service in front of M365? No, I don't and here's why.
M365 Admin: Don’t miss this setting! March recording now available
This month I covered a whirlwind of email security settings.