Skip to Content

Category Archives: Security

Security

Valimail Monitor for Office 365: Your Free DMARC Reporting Tool

Written on July 11, 2019 at 3:56 PM, by

On their security blog on the 3rd of June 2019, Microsoft announced that Valimail Monitor for Office 365 is available. This option enables organizations using Exchange Online from Office 365 for their company mail to leverage DMARC. The Road to securing E-Mail Cyberattacks are common these days. These attacks can be actively targeting your organization […]

HOWTO: Disable Unnecessary Services and Scheduled Tasks on AD FS Servers

Written on July 4, 2019 at 10:02 PM, by

Most Microsoft-based Hybrid Identity implementations use Active Directory Federation Services (AD FS) Servers, Web Application Proxies and Azure AD Connect installations. In this series, labeled Hardening Hybrid Identity, we’re looking at hardening these implementations, using recommended practices. In this part of the series, we’ll harden the AD FS Server installations, by disabling unnecessary services running […]

HOWTO: Disable Unnecessary Services on Web Application Proxies

Written on July 2, 2019 at 10:04 PM, by

Most Microsoft-based Hybrid Identity implementations use Active Directory Federation Services (AD FS) Servers, Web Application Proxies and Azure AD Connect installations. In this series, labeled Hardening Hybrid Identity, we’re looking at hardening these implementations, using recommended practices. Let’s harden the Web Application Proxy installations, by disabling unnecessary services running on it. This way, we lower […]

HOWTO: Disable account enumeration in Azure Active Directory

Written on June 11, 2019 at 6:21 PM, by

To celebrate the availability of the Active Directory Administration Cookbook, I decided to write a blogpost in the typical structure of a recipe in this book:     Disabling account enumeration Use this recipe to disable account enumeration for an Azure Active Directory tenant. After completing this recipe, people with user accounts in the tenant will […]

HOWTO: Install CensorNet’s SMS PASSCODE AD FS Agent

Written on January 9, 2019 at 5:18 PM, by

Today, I had the pleasure of installing and configuring the AD FS Agent that is part of CensorNet’s SMS PASSCODE product., version 2018 (version 10). Here’s how to perform this task yourself.   About the Extensible Authentication Framework Active Directory Federation Services (AD FS) offers the Extensible Authentication Framework (EAF). Leveraging this functionality, multi-factor authentication […]

I will be speaking at IT/Dev Connections 2018!

Written on October 8, 2018 at 4:22 AM, by

Next week I will be speaking at the IT/Dev Connection conference in Dallas (TX) during 16-18th October 2018, which is particularly exciting for me as it is the first time I will present in the USA! The session title is “Securing, Protecting, and Managing the Flow of Corporate Communications”. The session abstract tells you a […]

I’m staffing a Community Booth at two Community Social events at Microsoft Ignite 2018

Written on September 21, 2018 at 7:49 AM, by

Community Central at Microsoft Ignite is bigger, better and stronger, compared to last year’s Ignite, and I’m proud to share that I’m part of it! Besides my two theater sessions on Identity and Access Management (IAM) at Ignite, I will also be staffing a Community Booth at two Community Social events.    About Community Central […]

Configuring Account Lockout throughout a Hybrid Identity Environment

Written on June 29, 2018 at 9:10 AM, by

Denial of Service attacks on identity and access systems are common place. When you think you’re done when you’ve covered all the bases with account lock-out in your on-premises Active Directory Domain Services (AD DS) environment, you’re wrong. Hybrid Identity requires more effort and Microsoft only made the tools you need generally available this month. […]

I will be speaking at the European Collaboration Summit 2018

Written on March 30, 2018 at 3:03 PM, by

Some exciting news! I’ll be speaking at the European Collaboration Summit 2018 in Mainz, Germany on May 28-30. My session is “Securing Exchange Online” and during that hour I will go through the capabilities of Exchange Online (Office 365) to further secure your email data and mail flow based on up-to-date know-how. It’s a topic […]

Starting October 31st 2018 Office 365 will only allow TLS 1.2

Written on January 10, 2018 at 10:51 PM, by

Update 5 September 2018 I got confirmation that SMTP also requires TLS1.2, see also this support article. Be sure to check all of you incoming/outgoing SMTP connections. That might be a good time to review those SMTP connections with this and this Microsoft article.   Update 10 February 2018* So, Microsoft announced a new date […]