Protect the network from Shadow IT oAuth
Good application tracking and hygiene is a critical part of security management and yet many businesses have missed these critical configurations and maintenance tasks
M365
35 posts
Why buy E5 Security for Business Premium?
Business Premium is the biggest gift to small business since Small Business Server. It's a modern take on a total solution for a small business network. Every small business should be using it.
Defender XDR + Intune Continuing Education
Experience continuous learning with our monthly newsletter and teaching webinar on Defender XDR + Intune. Enhance your knowledge and stay up-to-date!
Blocking a mass spam attack (updated)
Recently a new trend has emerged where criminals are attempting to hide their activity behind a barrage of spam email to the compromised mailbox or to any popular mailbox in the domain.
Attack Surface Reduction = Zero Day Protection
Attack Surface Reduction (ASR) rules have expanded to include a full range of zero-day protections. If you aren't using them today or haven't tried to use them recently, then it's time to look again. If you aren't locking down Windows natively then you're missing out on critical security features.
What is Defender Anti-Virus Troubleshooting mode?
The real purpose of Troubleshooting Mode, then is for you to document changes that you need to make to the organizational policy for Defender for the affect machines.
Don’t change the threat actions in anti-virus policy
Students in the Defender XDR course were advised not to alter threat actions in their anti-virus policy, leaving them as Not configured. This allows Defender to use its default behaviors, local device settings, signature-defined actions, and automatic remediation. Relying on Microsoft's security expertise ensures optimal threat management.
Understanding Standard and Strict Preset policies in Defender for Office
Defender for Office has a new way of making it easy for you to deploy policies. Instead of […]
Receive an alert when a message is released from quarantine
Even though quarantine management has been assigned outside of IT you should still monitor when an email has been released from quarantine because phishing is the #1 method that criminals use to gain a foothold in your network.
Assign email quarantine management responsibility
It is determined that a user outside of normal IT operations should be given the ability to manage the email quarantine for the company.
Blocking and monitoring generative AI in your network
Oh, my AI, what can be done? There’s lot of FUD (fear, uncertainty, and doubt) being spewed from […]
Where do you reset MFA for a user?
This is as much for me as it is for you, because I’m constantly forgetting where this is […]