Tag: Data Security
-
Microsoft Dumps OTP Authentication for SharePoint Online Sharing with Entra ID B2B
Microsoft is phasing out One-Time Passcode (OTP) authentication for SharePoint Online and OneDrive external sharing, replacing it with Entra ID B2B Collaboration, effective July 1, 2025 (MC1089315). Legacy OTP links will stop working, requiring users to re-share content to restore access for external collaborators, who must also register for mandatory MFA. Prepare now by notifying…
-
OneDrive File Picker Vulnerability: What You Need to Know
A critical flaw in Microsoft’s OneDrive File Picker could allow third-party apps to access files across Microsoft 365 tenants without user interaction. Learn what happened, the risks involved, and how your organisation can stay protected.
-
New OneDrive Feature Poses Data Leak Risk for Businesses
Microsoft’s new OneDrive feature, launching in May 2025, lets users sync personal accounts on work devices—a convenience that could spell trouble for businesses. This opens the door to data leaks and compliance risks. Our post dives into these security concerns and offers IT administrators practical solutions using Group Policies and Intune. Learn how to lock…
-
Key Updates to OneDrive Retention Policies: What You Need to Know
Microsoft is updating OneDrive retention policies starting 27 January 2025, offering organisations more flexibility while addressing compliance needs and storage concerns. Learn what’s changing, why, and how to prepare
-
Comprehensive Guide to Setting Up Microsoft Entra Global Secure Access (GSA) with Internet Access, Licensing, and Key Differences with SSE
Learn how to implement Microsoft Entra Global Secure Access (GSA) for secure internet access. This step-by-step guide covers everything from activating GSA for your tenant to configuring web content filtering, security profiles, and conditional access policies. Understand the key differences between GSA and Security Service Edge (SSE) and how to improve your organisation’s security posture.…
-
Unlocking DUDE: A Guide to Dynamic User and Device Enumeration
DUDE (Dynamic User and Device Enumeration) is a powerful tool for IT administrators to automate the process of retrieving and managing user and device data from Azure AD. Leveraging Microsoft Graph API and PowerShell, DUDE streamlines security monitoring, compliance reporting, and device management. This guide covers its architecture, setup, common use cases, and real-world applications…
-
Mastering NIS 2 Compliance with Microsoft Purview Compliance Manager
Mastering NIS 2 Compliance with Microsoft Purview Compliance Manager Navigating the complex requirements of NIS 2 compliance is crucial for CISOs. Microsoft Purview Compliance Manager offers a powerful tool to streamline and automate compliance within Microsoft 365. This guide explores how to use the platform to assess data protection risks, implement necessary controls, and stay…
-
Streamlining Security Operations with Microsoft Purview: A Role-Based Daily and Weekly Guide
Introduction So, you’ve just installed Microsoft Purview, and you’re probably wondering, “What’s next?” and “Who’s going to handle this?” Well, don’t worry; you’ve made a fantastic choice! Microsoft Purview is a brilliant data governance solution that helps your organisation classify, protect, and manage sensitive data across different platforms. But simply installing it isn’t enough; you’ve got…