Blog stories

In this short blog I will show you how to look into if users are using Multifactor Authentication based on earlier posts on how to monitor and collect logging for your Azure AD. So first of all – You need to setup Azure AD logging. Have a look at this blogpost to se how easy…

Pre-requisitesQueryAction GroupAlertConclusion and result Pre-requisites A pre-requisites for monitoring sensitive accounts in Azure AD is to have setup a Log Analytics Workspace and your Azure AD logs sent to Log Analytics. If you want to know how that`s done then have a look at this blog post to se how easy it is to enable…

So now a days many have enabled MFA for their accounts. And that’s great!It show`s that what we have been working on the last years is working. According to Microsoft, MFA can prevent 99,9% of attacks to your accounts. But there is a attack vector that not many think of. Do you have full control…

Main goalLog AnalyticsAzure AD configurationTest query in Log Analytics Main goal Main goal for this blogpost is to gain more knowledge on how to collect logs from Azure AD. By default you`ll get 30 days audit and sign-in logs stored within Azure AD. To be able to interact / automate on the logs we need…

In order to optain a secure infrastructure you need to have controll over your MFA settings. There are several settings you need to configure and know how it works. In this post I`ll go through all settings like NotificationsFraud AlertAccount LockoutBlock/Unblock users Notifications Maybe the easiest setting but yet som important.You need to configure who…

So these day`s we all uses MFA right? But not all MFA methods are as good as we think. There have been several cases where “SIM Swapping” or “SIM Hijacking” has been the case and therefor – can we trust using SMS for Multi-Factor Authentication? In short notes this is how SIM Swapping is done….

Ever thought about your end-users really think before clicking? How often does your end users (who have local administrator rights in some way) just install stuff without thinking? To start with, your end-users should not be local administrators on their machines, but many still are. If they are not all the time lot`s of companies…

Ever stubled over the need of changing a guest`s sign-in information on one or more guest accounts?Well, this has been a issue for several companies and the way forward was to delete the guest accounts and re-invite them. When doing this all access to Teams, SharePoint Online and OneDrive for business for that guest account…

After two years of “blog silence” from me, i`m no working on several new blog posts and are accelerating my community work again! 2020 and 2021 was two years where the work presure was very very high and automaticaly community work was not prioritized due to high prio on family life on all ours available…

From when ever there is need to rotate access keys to your CosmosDB or any other storage service using Access keys this is the best practis method to do so. So for CosmosDB these are the steps needed to be used. Head into Azure portal and navigate to your CosmosDB and select “keys” from the…

Windows365Let`s first talk about licenses.Provisioning the beauty! De-provisioning and cleanup Windows365 Windows365 is a Cloud pc for all users and it`s so easy to start using! In this post I will go through a setup of Windows365 Business in a cloud only tenant and show you how fantasticly easy this is! There are some pre-requisites…

So! I`m back again after not blogging, speaking or “anything” for the community for the last one and half year (since the pandemic started in Norway 12.03.2020)! I have been spending the summer in paternity leave at home with my 1 year old son and been been recharging my batteries to full and from now…

The new built-in admin consent workflow within AzureAD Enterprise Application is amazing! This feature will give you the control that you need to take care of your companies sensitive information like user id`s, files, email accounts etc. Did you know that malicious applications is often a start of a sophisticated phising attack? If a malicious…

If your Microsoft 365 tenant like mine is located in a region that not`s include your country then this is how you should configure your tenant to get the data as close to you as posible! (if Microsoft has opened a Datacenter in your country of course :)) Why move your data? There are several…

In this post I want to go through some steps that I think is quickest method to get started with Microsoft Endpoint Manager. This will not cover ALL the features but it will give you an quickstart to the service. For instance, what shold you start with? To be honest, start with something easy and…