Scan file servers, network shares, and SharePoint with Azure Information Protection Scanner

  With GDPR just around the corner (May 2018), organizations are heads down identifying data, creating compliance processes, and hiring additional resources to lead the compliance and reporting required by GDPR. In a previous post I reviewed GDPR as well as the technologies and services Microsoft offers to assist with discovery, managing, protecting, and reporting…

0

Windows update compliance – Querying Azure Log Analytics data using PowerShell

  With the abundance of data across services it’s important to have a method (API) to access the data for export.  Most organizations I speak with have some sort of SIEM to aggregate data and analyze it for informational and alerting purposes.  Microsoft also offers a service called Microsoft Operations Management suite and within that…

0

Intune app protection diagnostics and managed browser bookmarks

  Many of the organizations I work with have deployed or are deploying Microsoft Intune to manage devices as well as applications. Microsoft Intune offers application protection (aka Mobile Application Management (MAM)) where policies manage applications. Application protection may be used with or without MDM enrollment. If you already have an MDM solution, Intune application…

0

Microsoft Flow and Azure AD – let’s automate!

  When I speak with organizations we often discuss scenarios such as having an onboarding process that is in need of a front-end utility and automation.  Many organizations have cloud services and on premises applications where the user onboarding process in some cases is still a manual procedure.  To assist with these processes and many…

0

Azure AD B2B…how to work with partners and subsidiaries

  Azure AD Business-to-Business or Azure B2B is a topic of interest among nearly every organization I speak with. Today many organizations either have a 3rd party IDPs (identity providers) or ADFS deployed and federate with their business partners. Federation establishes a trust whereby providing two-way or one-way access to company resources and applications. However,…

0

Regulations and data management in a hybrid world

  I speak with a lot of organizations and often they’re interested in locating, tagging, and controlling data for various reasons such as legal, regulatory, or protecting personal and proprietary information. However, there’s one regulation that keeps popping up and it’s the new EU General Data Protection Regulation or GDPR.  GDPR will be enforced on…

0

Azure AD + 3rd party MFA = Azure AD Custom Controls

  During Microsoft Ignite there were lots of announcements across a variety of Microsoft offerings including Azure Active Directory. An interesting feature was released in preview called Custom Controls. Custom Controls allow integration of 3rd party security solutions and in this case, 3rd party multi-factor authentication providers. I speak with many organizations throughout the year…

0

Azure AD Premium Conditional Access and Session Controls

  Whether your end users are using Windows, MacOS, Chromebook, iOS/Android, etc. Azure Active Directory Premium conditional access with session control will limit access to data for SharePoint Online. What are Session controls? “Session controls enable limiting experience within a cloud app. The session controls are enforced by cloud apps and rely on additional information…

0

Microsoft Intune Data Warehouse

  When demonstrating Microsoft Intune I’m often asked about reporting and historical data.  Microsoft Intune now offers the ability to connect to Intune data and create reports either in Power BI or in your own reporting service or tool.  There’s even an Intune Data Warehouse API.  More details here: https://docs.microsoft.com/en-us/intune/reports-nav-create-intune-reports Fortunately there’s not a whole…

0

Windows 10: Intune + Windows BitLocker management? = Yes

  This week’s post is all about Windows BitLocker management with Microsoft Intune. When it comes to data protection, internal and external drive protection is important in the event a device is lost or stolen. In the past to manage Windows BitLocker we typically needed to create Group Policies or use System Center Configuration Manager…

0