Learn about Microsoft’s cloud security concepts to secure your organization with Microsoft 365 and Azure built-in products and features. The way to secure your digital assets such as identities, infrastructures, platforms, apps and data. These are the official Microsoft security sources. On my blo…

Recently I was in contact to an official Microsoft employee, talking about cybersecurity in general and of course the modern workplace. I found that topic so interesting, that I decided to dedicate a blog post to my personal opinion and some details about it. In the past I have already

Launch your business with Microsoft 365. Increase productivity, run and manage workloads, gurantee security & compliance.

In mid 2021, Microsoft offers a lot of security oriented products and services in their cloud portfolio. But what are they capable of? Where do they even take place or protect you? I want to explain this landscape to you, mention some real world intentions and talk about their relationship

Fundamentals of the product All identities come somewhere together with access management. This is Azure Active Directory. It is the central cloud based service to ensure users have access to resources. As soon as you start with Azure Active Directory, you have a tenant or a subscription. This is b…

Understanding processes in any type of system or orchestration is central to future adaptation and change. It helps to see if everything works fine or determine interruptions or problems. Also, for investigation purposes, past events are stored and are accessible to understand an event. And visualiz…

Microsoft Entra: Secure access for a connected world Microsoft just set a new product available: Microsoft Entra: a modern identity and access solution. Accessible on the URL: https://entra.microsoft.com/ - it is designed as identity supersolution platform with a signle-pane of glass experience that…

Windows Hello for Business (WHfB) is a modern attempt to go passwordless, reinforce security and increase end user usability. It leverages Windows account authentication services to get access to resources, or in the simplest scenario: login to your device. Key facts WHfB is an authentication metho…

Introduction New Microsoft technology was released! Microsoft recently announced Microsoft Entra Security Service Edge. I want to briefly summarize whats new as part of my learning. 💡At this time these features are in an early stage and most of it is in public/private preview.SASE The concept of S…

Identity protection describes concepts of securing identities for authN- (authentication) needs. Common identity provider offer federation or SSO (single sing-on) as known strategies. But all this is so much more, think of ways to secure this work flows with different signals that could be processed…

So Conditional access is one of the most fundamental and key products in any Microsoft cloud environment regarding security. Let’s be honest, if you don’t use it, you should implement it as soon as possible, together with MFA. It’s one of the easiest way to achieve a high effectiveness in

Prerequisites Before we start, I would like to mention that there are currently already two posts online, that deal with Conditional Access: Important aspects to Conditional Access, introduction to the topic and thoughts from the field Conditional Access examples field based Conditional Access poli…

Information technology applications are moving to the public cloud. We call this SaaS software as a service, that rely on a multi-tenancy architecture and provide the same instance of a software to multiple customers or users.

Base concepts Federation services have found their journey to the cloud. Known on-premises Active Directory Federation Services (ADFS) was the origin way to provide local identities for authentication and authorization purposes. But this is not the recommended way anymore, instead using AzureAD. Th…

Introduction Nowadays and with Azure, many resources interact with each other and therefore need some type of authentication. As credentials through passwords is no longer considered as safe, we need other secrets to provide authorized access. This is where Managed Identities come to play - they al…

Once again, it is time to talk about application management in Azure AD. If you haven’t read my older post, I would recommend doing that, before continuing with this post. The use & concept Official documentation Azure AD Application Proxy can help you provide on-premises applications to the …

If we talk security, we always need secrets and passwords. Though the challenge is, to use secure passwords, ideally not including public, or wide-used words. Such datasets of passwords are found in the Internet (example GitHub). Future password-less authentication The future is password-less. You …