Tag: Conditional Access
-
Microsoft is auto-enabling passkeys in Entra: configuration, sync and deployment best practices
Microsoft is automatically enabling passkeys in Entra, accelerating the shift to passwordless authentication. This technical deep dive explains configuration, device sync behaviour and best practices for deploying passkeys securely with Conditional Access.
-
Exploring Conditional Access Bypasses in Microsoft Entra ID
Conditional Access is the backbone of Zero Trust in Microsoft Entra ID, yet real world attacks increasingly demonstrate how it can be bypassed. From device and token abuse to built in exclusions and misunderstood session controls, attackers exploit gaps that many organisations assume are protected. Triggered by Microsoft’s upcoming change in February 2026, where session…
-
Require Risk Remediation: The Game-Changer for Conditional Access Policies
Discover the game-changing ‘Require Risk Remediation’ control in Microsoft Entra Conditional Access. This preview feature simplifies risk management by handling both password and passwordless users in one policy, reducing complexity and misconfigurations. Get a step-by-step guide, real-world benefits, and pragmatic insights into its limitations for enhanced security.
-
Is Your Guest Access in Entra Putting Your Organisation at Risk?
Many organisations assume Microsoft Entra ID handles guest users securely by default—but it doesn’t. In this post, we uncover the top 5 common mistakes in guest access management, from excessive directory visibility to perpetual access without lifecycle controls. Learn how to lock down your tenant with practical fixes, ensuring secure B2B collaboration without the risks.
-
Step-by-Step: Build a Copilot Agent for Smarter Intune Alerts in 15 Minutes
Every IT professional knows the struggle: an Intune notification pings with a vague error code or cryptic alert about a device compliance issue, failed update, or potential security threat. You’re left scratching your head, wondering, “What does this even mean?” These unclear messages can bury critical issues, like non-compliant devices or malware risks, in a…
-
OneDrive File Picker Vulnerability: What You Need to Know
A critical flaw in Microsoft’s OneDrive File Picker could allow third-party apps to access files across Microsoft 365 tenants without user interaction. Learn what happened, the risks involved, and how your organisation can stay protected.
-
Introducing Microsoft Entra’s “Request on Behalf”: A Better Way to Manage Temporary Access Passes
Discover how Microsoft Azure AD’s new “Request on Behalf” feature revolutionises the management of Temporary Access Passes (TAPs). This feature simplifies access workflows for IT admins and Managed Service Providers (MSPs) by enabling requests to be made on behalf of others, enhancing efficiency, governance, and security across multiple tenants. Learn how to configure and implement…
-
Microsoft 365 DSC: Automate, Configure, and Monitor Like a Pro
Discover how Microsoft 365 Desired State Configuration (DSC) empowers IT professionals to automate, monitor, and maintain tenant configurations with ease. This blog dives into the benefits of DSC, including drift prevention and multi-tenant synchronization, while providing a step-by-step guide for deployment. Learn from real-life examples covering Exchange Online, Intune, and Entra, and explore additional resources…
-
Comprehensive Guide to Setting Up Microsoft Entra Global Secure Access (GSA) with Internet Access, Licensing, and Key Differences with SSE
Learn how to implement Microsoft Entra Global Secure Access (GSA) for secure internet access. This step-by-step guide covers everything from activating GSA for your tenant to configuring web content filtering, security profiles, and conditional access policies. Understand the key differences between GSA and Security Service Edge (SSE) and how to improve your organisation’s security posture.…
-
Entra ID Conditional Access Baseline
Every spring, as fresh interns arrive, they’re tasked with creating a Conditional Access baseline. While the concept may seem simple, these young minds continually surprise with innovative approaches to security, reminding us that building a robust foundation is an ever-evolving process.