dcsimg

What All Admins Must Know About Microsoft Active Directory

Azure AD is the directory for your Microsoft 365 tenant, as well as the Identity as a Service (IDaaS) platform for your Azure PaaS and SaaS deployments. Read the post here: What All Admins Must Know About Microsoft Active Directory … [Read more...]

How to Secure Your Apps and Data with Azure Active Directory

Do you know how OAuth attacks work? Learn how to use Multi Factor Authentication and Conditional Access to help protect your business. Read the post here: How to Secure Your Apps and Data with Azure Active Directory … [Read more...]

Managing Identities and Passwords in Azure Active Directory

In the hybrid cloud world we live in today, using Identity Protection (IdP) and Privileged Identity Management (PIM) can help you lower your security risks. Read the post here: Managing Identities and Passwords in Azure Active Directory … [Read more...]

How Conditional Access Makes MFA Easy for Your Company

Microsoft's Conditional Access allows admins to tread the line between security and ease-of-use with next-generation identity services in the cloud age Read the post here: How Conditional Access Makes MFA Easy for Your Company … [Read more...]

Configure ‘Break Glass’ Emergency Access for Azure Active Directory

In cloud computing generally and in Microsoft Azure specifically, the shared responsibility model means that both Microsoft and you (the customer) have a role to play in ensuring service high availability. … [Read more...]

Explained: the strengths and weaknesses of the Zero Trust model

In a US court of law, the accused are deemed to be innocent until proven guilty. In a Zero Trust security model, the opposite is true. Everything and everyone must be considered suspect—questioned, investigated, and cross-checked—until we can be absolutely sure it is safe to be allowed. Zero Trust is a concept created by John Kindervag in 2010 during his time as Vice President and Principal … [Read more...]

Threat spotlight: Phobos ransomware lives up to its name

Ransomware has struck dead on organizations since it became a mainstream tool in cybercriminals’ belts years ago. From massive WannaCry outbreaks in 2017 to industry-focused attacks by Ryuk in 2019, ransomware’s got its hooks in global businesses and shows no signs of stopping. That includes a malware family known as Phobos ransomware, named after the Greek god of fear. Phobos is … [Read more...]

When can we get rid of passwords for good?

Or perhaps I should have asked, “Can we ever get rid of passwords for good?” The security world knows passwords are a problem. Products ship with default passwords that are never changed. People reuse old passwords or adopt easy-to-guess passwords that hackers easily defeat via brute force. Or users simply can’t keep up with having to remember 27 different passwords for … [Read more...]

Why Balancing Access Controls for Managed File Transfer Matters

If you're using secure file transfer tools, chances are you're security conscious. Maybe you're working in a highly-regulated industry, or perhaps you don't want your company on the front page of the newspaper for getting hacked. Whatever the case, if you're securing file transfers, that means you should lock down access to your secure file transfer tool as tightly as possible, right? Maybe not. … [Read more...]