4 Reasons Why the Recycle Bin Can’t Fully Protect Azure Active Directory

Let’s face it, user errors are a reality, and the threat of malicious actors breaching Active Directory –both on-premises and in Azure – is on the rise.  Protecting your data has never been more important, yet no native tooling exists to tracks changes, store previous values or enable administrators to rollback those changes immediately. Microsoft […]

Azure Active Directory Security Defaults—not for everyone

Microsoft’s powerful array of cloud offerings—Microsoft Azure, Dynamics, and Office 365—offer paths to business growth without the huge capital investment. Most organizations on the cusp of implementing and experimenting with those services may not make security  the first priority in the quest for productivity. The first phase of the exciting journey into the cloud is to […]

Microsoft Azure AD Single Sign-on Now Free to Customers

Microsoft announced any customer using a subscription of a commercial online service can connect all their cloud applications to Azure AD for single sign-on (SSO), and protect this access with multi-factor authentication (MFA) as a security default at no extra cost.  SSO reduces the number of sign-in prompts for employees and enables one-click access to popular apps, and it should […]

How to Recover an Azure Conditional Access Policy

According to Microsoft, “Conditional Access is the tool used by Azure Active Directory (AAD) to bring signals together, to make decisions, and enforce organizational policies.”  Conditional Access policies are an effective replacement and improvement over user login restrictions provided in on-premises Active Directory (AD). Conditional Access Policies are also present in Azure AD. How do […]

3 Reasons The Recycle Bin Won’t Always Protect You Against Accidental Deletions to Azure Active Directory and Hybrid AD

The Active Directory and Azure AD Recycle Bins exist as tools for protecting you against the accidental deletion of directory objects…but not all of them. If an administrator accidentally deletes an Active Directory user account, for example, it is possible to retrieve the deleted user from the Recycle Bin. Even so, the Recycle Bin has a number of inherent limitations, and there is […]

8 Truths and Tips: Avoiding Outages in Azure Active Directory and Hybrid AD

Unfortunately, Active Directory data loss (in Azure, on-premises and in hybrid environments) is a harsh reality for many organizations, especially as threat of malicious actors breaching AD is on the rise. These business-critical services must be protected from costly outages and threats, which can stop users from getting to email, important documents and applications. While […]

A New Major Version of Azure AD Connect Has Been Released

Integrating your on-premises directories with Azure AD makes your users more productive by providing a common identity for accessing both cloud and on-premises resources. With this integration users and organizations can take advantage of the following: Organizations can provide users with a common hybrid identity across on-premises or cloud-based services leveraging Windows Server Active Directory […]

Is your Active Directory security relying on a single check-box?

Don’t trust your Active Directory Security to a single check-box! Trusting the disable check box in Active Directory is risky if additional steps are not taken to ensure the the user account will not be re-enabled with unintended (possibly disastrous) consequences. Often the best practice steps are overlooked or not followed because of the additional […]

Are You Still Manually Provisioning New Users in Hybrid Active Directory/Office 365?

Are You Still Manually Provisioning New Users in Hybrid Active Directory/Office 365?   Microsoft estimates that 70% of organizations will run a hybrid environment of AD/Office 365 for at least some period of time.   Many of these hybrid organizations will move to hybrid mode with the thought that they will manually provision new users.  In Hybrid environments, this strategy deserves a second look because on-boarding accounts is […]