Category: Purview & Compliance
-
Require Risk Remediation: The Game-Changer for Conditional Access Policies
Discover the game-changing ‘Require Risk Remediation’ control in Microsoft Entra Conditional Access. This preview feature simplifies risk management by handling both password and passwordless users in one policy, reducing complexity and misconfigurations. Get a step-by-step guide, real-world benefits, and pragmatic insights into its limitations for enhanced security.
-
Is Your Guest Access in Entra Putting Your Organisation at Risk?
Many organisations assume Microsoft Entra ID handles guest users securely by default—but it doesn’t. In this post, we uncover the top 5 common mistakes in guest access management, from excessive directory visibility to perpetual access without lifecycle controls. Learn how to lock down your tenant with practical fixes, ensuring secure B2B collaboration without the risks.
-
Unlocking Stronger Security: A 2025 Guide to Microsoft’s Baseline Security Mode for Microsoft 365
A practical look at Microsoft’s Baseline Security Mode: what it does, where it helps, and how it supports essential cyber hygiene under standards like Cyber Essentials and NIS2.
-
Microsoft Entra Consent Changes Coming July 2025: A Guide for Admins
Get ready for Microsoft Entra ID’s app consent changes starting 16 July 2025! This guide explains the new Microsoft-managed policy, how it impacts admins, and steps to avoid disruptions, including enabling the Admin Consent Workflow and auditing app permissions. Stay ahead with key dates and tips to ensure compliance and security.
-
OneDrive File Picker Vulnerability: What You Need to Know
A critical flaw in Microsoft’s OneDrive File Picker could allow third-party apps to access files across Microsoft 365 tenants without user interaction. Learn what happened, the risks involved, and how your organisation can stay protected.
-
New Outlook Feature: Managing Shared Mailboxes as Accounts
Microsoft is enhancing shared mailbox management in Outlook for Windows, rolling out from May to August 2025. Users with Full Access can now add shared mailboxes as accounts to manage settings like Rules and Signatures directly. No admin action is needed, but preparation can ensure a smooth transition. Learn how this update impacts your organization…
-
New OneDrive Feature Poses Data Leak Risk for Businesses
Microsoft’s new OneDrive feature, launching in May 2025, lets users sync personal accounts on work devices—a convenience that could spell trouble for businesses. This opens the door to data leaks and compliance risks. Our post dives into these security concerns and offers IT administrators practical solutions using Group Policies and Intune. Learn how to lock…
-
AI Governance in 2025: Protecting Against Data Exfiltration
As Artificial Intelligence (AI) transforms industries with unparalleled innovation, it also brings serious security risks like data leaks and malicious attacks. A staggering 57% of organisations report rising AI-related incidents, yet 60% lack basic controls. This blog explores the top AI threats, including data exfiltration and malicious prompt injection, and outlines a Zero Trust framework…
-
How to Enhance Microsoft 365 Auditing: Beyond the Unified Audit Log
Discover how to strengthen your Microsoft 365 auditing strategy in this practical guide. Learn the strengths and limitations of the Unified Audit Log (UAL) and explore actionable steps to go beyond its basics—using Audit (Premium), SIEM integration, PowerShell automation, and more. Perfect for IT professionals aiming to boost security and compliance with advanced auditing techniques.…
-
Master SharePoint Version History: Your Ultimate Guide to Limits, Storage, and Security
Take control of SharePoint version history! This guide shows you how to set limits, cut storage (e.g., 1TB to 106GB), and enhance security for NIS2 compliance with easy steps and PowerShell tips. Optimize your site now—read on!