Automated Governance: Supplier Security
Automated governance is about taking manual, error-prone processes for managing third-party access and replacing them with efficient, repeatable systems. It ensures consistency in policy enforcement, faster identification of risks, and streamlined compliance efforts.
Verifying Your Entra ID MFA and Conditional Access Setup
Transitioning to M365 and Entra ID offers scalability and modern identity management, but ensuring correct configuration is critical to prevent vulnerabilities and compliance gaps.
Non-MS Use Cases: Identifying and removing users from non-Microsoft applications after they leave your company
In the realm of IT management, overseeing user accounts and access to company resources is a fundamental task. While it's common practice to have robust processes for provisioning and de-provisioning users within Microsoft's suite of applications, such as Microsoft 365 (M365), the same diligence often does not extend to non-Microsoft applications.
Tracking changes in user consented applications with Microsoft M365 E3
In today's interconnected digital landscape, user consented applications have become an integral part of our work environments. These applications often enhance productivity and functionality by integrating with platforms like Microsoft 365 (M365).
Identifying, evaluating and tracking user created email forward rules with Microsoft M365 E3
In the digital age, communication flows effortlessly through emails, connecting individuals and businesses across the globe. Microsoft 365 (M365), a comprehensive suite of productivity tools, has revolutionized the way we collaborate.
Discovering and Reporting on DLP Alerts Older than 7 Days with Microsoft M365 E3
As we discussed in the sharing blog, your organization relies on sharing and working with information both internally and externally.Some of that data will be business and customer sensitive. Detexian’s CTO Adrian Kitto has some suggestions about how to get visibility of the DLP alerts beyond the Microsoft Purview defaults of 7 days.
Keeping Abreast of Changes in User Permissions, Configuration, and Access with Microsoft M365 E3
Today Detexian’s CTO Adrian Kitto dives into the risk of privilege creep in M365. He highlights the dangers and the reasons for continuous monitoring which is vital for the modern IT admin to get a handle on changes in user permissions, configuration and access.
Identifying, Evaluating, and Tracking Open Shares for External Users with Microsoft M365 E3
“To share or not to share” is not the question this week, because we all know that your organization relies on sharing and working with information both internally and externally. So this week Detexian’s CTO Adrian Kitto is enabling you to identify and track the risks that external shares in Microsoft M365 are introducing into your organization.
Privileged Access Management in non-SCIM apps with Microsoft M365 E3
Here’s a hard one, how do you track privileged access inside of non-SCIM provisioned applications? Detexian’s CTO Adrian Kitto has a few tips and tricks for you.
Calculating inferred or effective MFA for non-Microsoft applications
Detexian’s CTO Adrian Kitto is delving into a topic that not many will think of; Working out the effective MFA status for non-Microsoft SaaS applications in your organization.
Identifying and removing inactive users with Microsoft M365 E3
Detexian’s CTO Adrian Kitto explores a little understood topic of Inactive Users in M365. These users present security risk and cost wastage so vital for the modern IT admin to get a handle on.
Discovering user consented apps with Microsoft M365 E3
This time Detexian’s CTO Adrian Kitto gets into the nitty gritty of this blog series, tackling discovering user consented applications. He even includes some code samples for you!
How does Microsoft M365 E3 work with the non-Microsoft ecosystem applications?
Detexian’s CTO Adrian Kitto continues with part 2 of his 12 part blog series on tackling some hard productivity and SaaS application security use cases with Microsoft’s M365 E3 product suite.
Why does the mid-market all have Microsoft M365 E3 licenses
Detexian’s CTO Adrian Kitto starts off a 12 part blog series on tackling some hard productivity and SaaS application security use cases with Microsoft’s M365 E3 product suite.
The hidden human risk in your organization
One of the most popular sayings in cyber security is "Hackers target humans, not computers."
Contrary to the Hollywood stereotype of a cloaked hacker 'cracking into the mainframe', most cyber attacks are done using simple trickery and human-based scams.
Why flexibility is crucial for modern IT management
The role of IT management isn't what it used to be. As business technology continues to evolve more rapidly by the year, the responsibilities of IT managers are constantly in motion.
One month, IT managers may find themselves setting up standardized computers and hardwares for an office, only to shift to creating work-from-home ecosystems and decentralizing their IT infrastructure the next.
Why businesses are picking up more SaaS
The turn of the decade has marked another era defined by technological developments.
In 2021, Meta marked its landmark name change and functional pivot towards virtual reality, NFTs became wildly popular after seven years in relative obscurity, and monopolistic companies such as Google and Apple continued on their streaks of incredible profits and technological developments. In 2022, ubiquitously popular apps such as TIkTok have further cemented their global presence, and Uber reported their first ever positive cash flow.
The History of IT Management in 5 minutes
IT Management is infamous for requiring constant upskilling, adaptation and innovation. It's a role that is dictated by rapidly changing technological norms, and demands that even the most storied professionals either keep up with the cutting edge or fall into obscurity.
Many of us who initially got into IT simply because we were good at computers may find that, between security policies, software licensing, networking, and project management, physical computers have turned out to be the least of our concerns.
Three common types of SaaS misconfiguration (and how to fix them)
Cyber security is often boiled down to a couple of cliches. Strong passwords, a sturdy firewall, and anti-virus softwares. And while all of these measures are crucial components of business security, they do not adequately represent the most prevalent threats in modern cybercrime.
In a recent survey from The Cloud Security Alliance (CSA), it was revealed that 43% of organizations had experienced one or more security incidents resulting from a SaaS misconfiguration. This refers to when a 'Software As A Service' (SAAS) has suffered a data breach on account of poorly configured security settings and/or lacking security practices.
Proactively Managing the selection and implementation of SaaS tools for the Workplace
Businesses have well and truly invested in SaaS tools to scale and enable their business. Businesses can centralize or decentralize the process in SaaS solutions. IT leaders have a key role to play as to how a business operates when it comes to process and technology. SaaS can alter a business’s security posture and change how the business operates.
IT can play a key role in helping teams select the right tools forming a greater level of trust. The end game is IT becoming the trusted advisor and proactively being involved in the process early.