So, for the ones who thought that MFA was the holy grail, bad news has arrived. Microsoft is seeing a rise in attacks based on AiTM – Adversary in The Middle. Unfortunately, these attacks have proven that MFA is not enough to protect users against credential theft, because they leverage
Microsofts latest addition to the Information Protection ecosystem, allows for total control over corporate data and could for some companies allow for critical data to flow through the Office365 platform. But there are some caveats and before immersing into the solution we recommend being very aware of these. From the
Governance and compliance in Office365 is more relevant than ever and Microsoft has a few tools in the toolbox that helps companies get compliant when it comes to documents in SharePoint Online, Teams, OneDrive for Business and Exchange Online. While GDPR shone a light on a lot of issues, it
One of my top recommendations is to always encrypt fixed drives. This recommendation is even more relevant in a world where a large percentage of the workforce is mobile and carries around laptops with access to corporate data, or even worse has corporate data on their laptops. For this
As I have mentioned earlier, I believe and hope that Microsoft will be implementing more and more self service features in Azure. This is because I believe that automation and self service are key components in a secure infrastructure, simply because manuel processes often are bypassed or not followed correctly.
Intro As a security consultant I have been working for several companies over the years and have dealt with numerous issues surrounding Identity Management. One of the recurring challenges has always been granting the right amount of access for the right amount of time. Especially the latter part has been
Administrating resources and services in a company has always been a challenge and most companies struggle with assigning the right level of access. On one hand administrative privileges are needed to ensure productivity and implementation of new services, while on the other hand these privileges are under attack from adversaries.
Securing cloud services against attacks requires a strong focus on identities. This is because cloud services, normally, is available from anywhere and access is often based on the login only. To address this threat, it is possible to implement extra layers to the login process, like Multi Factor Authentication. This
Identity as a security perimeter When using services available from anywhere, like cloud services, the security risk associated with user credentials increases drastically. In an on-premise infrastructure, companies are protected by the physical perimeter and attackers are forced to either physically connect to the on-premises network or overcome obstacles like
Infrastructure architect with focus on Modern Workplace and Microsoft 365 security.
Cloud & security specialist with focus on Microsoft backend products and cloud technologies.
Cloud & Security Specialist, with a passion for all things Cybersecurity
Cloud and infrastructure security specialist with background in networking.
Infrastructure architect with focus on design, implementation, migration and consolidation.
Infrastructure consultant with focus on cloud solutions in Office365 and Azure.
