One of the most overlooked security settings in Entra is user consent for enterprise applications. By default, users may be allowed to consent to third-party apps, granting them permissions to access organizational data—often without understanding the implications. This can lead to unauthorized access, data leakage, or even malicious activity within […]
Why Restricting and Monitoring PowerShell is Essential for Security
Device Code Flow is a convenient authentication method designed for devices with limited input capabilities, like smart TVs and other IoT devices. However, attackers have found ways to exploit it for phishing attacks, making it a serious vulnerability in your Microsoft 365 tenant. Blocking DCF is a simple yet effective […]
How We Stopped a Potential Breach Before It Happened
Recently, we discovered a security vulnerability for one of our clients that could have escalated into a serious issue. The client had a VPN user portal exposed to the internet, even though it was not actively being used. This oversight created an attack vector that was being exploited by malicious […]
Administering macOS with Microsoft Intune: Best Practices
Managing macOS devices in a business environment can be challenging, especially for organizations with IT staff who are most familiar with Windows-based systems. However, with Microsoft Intune, you can effectively manage macOS devices while leveraging your existing Microsoft 365 ecosystem. Getting Started: Apple Business Manager The first step to managing […]
From Home-Grade to Enterprise: How We Modernized a Client’s Network
Picture a business running critical operations on a network designed for a small home: consumer-grade Google Access Points with spotty coverage, sluggish speeds, and no centralized security. This was the reality for one of our clients—until they partnered with us to overhaul their infrastructure with enterprise-grade Palo Alto firewalls and […]
How We Implemented Monitoring for a Small On-Premises Environment
For many businesses, IT issues often go unnoticed until they start impacting end users, and the IT Support inbox blowing up. This was exactly the case for one of our clients, who had a small on-premises footprint of around 12 servers but no monitoring or observability in place. A server […]
How We Centralized IT for a Client with Intune
Imagine a business with no centralized IT infrastructure—local user accounts on every device, no unified security policies, and even a locked-out laptop due to a fired employee withholding the PIN. This was the state of one of our recent clients. Luckily, they had existing Microsoft Intune licenses, they just weren’t […]
Strengthening Cybersecurity
In today’s digital landscape, every organization, regardless of the industry, is a potential target for cyberattacks. Sensitive data, operations, and customer trust are all at stake. A single breach can lead to significant financial losses, damage to brand reputation, and legal repercussions. To mitigate these risks, organizations must adopt a […]
Migration to M365 GCC High
What is GCC High? Microsoft 365 GCC High is a DoD cloud environment for DoD personnel, federal agencies, and cleared contractors. It meets FedRAMP High requirements and runs on Azure Government for enhanced security. Available only to U.S.-based organizations that meet strict eligibility criteria, it ensures ITAR-compliant data residency with […]
Azure Functions API
To deepen my understanding of how APIs work and to gain hands-on experience , I decided to build my own API using Azure Functions and their serverless architecture. I initially considered doing it with Azure Cosmos, but this took me a few days, and having Azure Cosmos DB running for […]