One of the most common misconceptions is the belief that once a Microsoft 365 tenant is configured, the work is done. Many organizations assume they can set up a baseline configuration and leave it untouched indefinitely. Unfortunately, this mindset overlooks the reality of configuration drift and the evolving nature of […]
Why You Should Never Store Credentials in Plain Text
Storing credentials in plain text-whether in Excel spreadsheets, Word documents, or text files, is one of the riskiest practices a business can adopt. Yet, many organizations do this. I consistently find password files sitting in file shares or SharePoint sites, often labeled something as obvious as “passwords.xlsx.” While this might […]
Why You Should Disable User Consent and Enable Admin Consent Workflow in Entra
One of the most overlooked security settings in Entra is user consent for enterprise applications. By default, users may be allowed to consent to third-party apps, granting them permissions to access organizational data—often without understanding the implications. This can lead to unauthorized access, data leakage, or even malicious activity within […]
Why Restricting and Monitoring PowerShell is Essential for Security
Device Code Flow is a convenient authentication method designed for devices with limited input capabilities, like smart TVs and other IoT devices. However, attackers have found ways to exploit it for phishing attacks, making it a serious vulnerability in your Microsoft 365 tenant. Blocking DCF is a simple yet effective […]
How We Stopped a Potential Breach Before It Happened
Recently, we discovered a security vulnerability for one of our clients that could have escalated into a serious issue. The client had a VPN user portal exposed to the internet, even though it was not actively being used. This oversight created an attack vector that was being exploited by malicious […]
Administering macOS with Microsoft Intune: Best Practices
Managing macOS devices in a business environment can be challenging, especially for organizations with IT staff who are most familiar with Windows-based systems. However, with Microsoft Intune, you can effectively manage macOS devices while leveraging your existing Microsoft 365 ecosystem. Getting Started: Apple Business Manager The first step to managing […]
NIST 800-171 Compliance
NIST 800-171 is a set of cybersecurity standards designed to protect sensitive information within non-federal systems and organizations. Whether you’re a contractor, small business, or educational institution, implementing these 110 controls across 14 families strengthens your cybersecurity posture and ensures compliance with federal requirements. Below is a simplified checklist to […]
CMMC Compliance: A Path To Securing DoD Contracts
The Cybersecurity Maturity Model Certification, otherwise known as CMMC is a framework created by the U.S. Department of Defense to ensure that contractors and subcontractors within the Defense Industrial Base protect sensitive information, such as Controlled Unclassified Information. Achieving CMMC compliance is now a critical requirement for organizations seeking to […]
From Home-Grade to Enterprise: How We Modernized a Client’s Network
Picture a business running critical operations on a network designed for a small home: consumer-grade Google Access Points with spotty coverage, sluggish speeds, and no centralized security. This was the reality for one of our clients—until they partnered with us to overhaul their infrastructure with enterprise-grade Palo Alto firewalls and […]
How We Implemented Monitoring for a Small On-Premises Environment
For many businesses, IT issues often go unnoticed until they start impacting end users, and the IT Support inbox blowing up. This was exactly the case for one of our clients, who had a small on-premises footprint of around 12 servers but no monitoring or observability in place. A server […]