Microsoft Cloud App Security (MCAS) has the capability to monitor user activity, manage cloud applications, detect suspicious activity, discover shadow-IT and force security and compliance policies for Microsoft and non-Microsoft applications. In this blog post my focus is mainly on the policies to control data exfiltration from an IT-environment. It is described how to prevent … Continue reading Block downloads with Cloud App Security and Conditional Access
Category: Azure
New ‘My Profile Experience’
Recently Microsoft made it possible to give users an overview in which they can manage their own security information, authentication methods (Security key & MFA), identity and devices etc. This is called the enhanced security info registration experience (figure 1). Figure 1. Overview of security features from the enhanced security info registration page. Not enabled … Continue reading New ‘My Profile Experience’
Passwordless Sign-in Azure AD with FIDO2
As indicated in my previous blog post about passwordless sign-in via the Microsoft Authenticator, passwordless sign-in is becoming more and more popular. Using paswordless sign-in it is possible to authenticate with a fingerprint, face recognition or a Universal 2 Factor (U2F) open authentication standard such as the Yubikey FIDO2 (Fast IDentity Online) key, rather than … Continue reading Passwordless Sign-in Azure AD with FIDO2
Passwordless Sign-in Azure AD
Multifactor Authentication (MFA) can be used to make login more secure. In addition to MFA, passwordless sign-in becomes increasingly popular lately. Using passwordless sign-in, a password is not required at the time of logging into, for example, the Microsoft Online services. Passwordless sign-in ensures that the password is replaced by notifications that are received and … Continue reading Passwordless Sign-in Azure AD
Protect your data with Microsoft Intune – Part II
Introduction In the previous blog post the implementation and configuration of Intune on Windows devices was explained. In this part of the blog post I will describe the possibilities that Intune has, regarding to Mobile Application Management (MAM) and Mobile Device Management on Apple devices, including modern authentication. Like Part I of this blog post, … Continue reading Protect your data with Microsoft Intune – Part II
Protect your data with Microsoft Intune – Part I
Introduction Microsoft Intune is part of Enterprise Mobility + Security (EMS). Intune is known for its capabilities to manage PC’s, laptops, mobile devices and applications in large and small companies. Working with Microsoft 365, Intune facilitates securing access to applications and company data and keeps data protected, both inside and outside the company network. Intune … Continue reading Protect your data with Microsoft Intune – Part I
Protect your data with Azure Information Protection
Data protection should always get priority and must be on top of mind in organizations that store and transfer sensitive data. Especially in these days, when it’s more important than ever before to protect data. Also, after May 25th, 2018 organizations needs to be compliant and must follow the standards of the General Data Protection … Continue reading Protect your data with Azure Information Protection
Create a Site-to-Site VPN with Azure Resource Manager
Introduction Site-to-site Virtual Private Network (VPN) is used to establish connections between different locations of companies, amongst others. This way the different locations can exchange data with each other through a secure connection. In Azure, Site-to-Site VPN is used to establish connections between the Azure tenant and the on-premises environment. Making use of the Site-to-Site VPN connection … Continue reading Create a Site-to-Site VPN with Azure Resource Manager
Everything Cloud 