![]() ![]() ![]() Like a latch on a public toilet stall, a username and just a password do not secure an account from compromise. You can read more about how MFA has failed in the real world in “ All your creds are belong to us!” But there are some enhancements to combat the failures and so it’s not all doom and gloom.įigure 1 Verification methods from weakest to strongest The cyber criminals are getting smart to the MFA thing and there is such a thing as "not all MFA is equal" when it comes to security. Good! Now that you’ve done that, there’s some bad news. Really, it’s the single most effective way to “reduce” 99.9% of cyberthreats.Įnabled for all users now?. If you have not enabled MFA for all your users yet, stop reading this, go and enable it and come back. I have seen some great new features and security related functionality rollout over the past year that I think needs discussing simply to bring awareness to them. Since identity is at the foundation of a large percentage of security assurances, I always start with Azure Active Directory, or AAD, because that’s Microsoft’s cloud-hosted identity and access provider to most things in the Microsoft cloud, be it Microsoft 365, Azure or even Dynamics 365. Today I write this as a recap on my posts from last year (2020) but also to tell you about some of the enhancements Microsoft has made to it’s cyber-security features and products. With hybrid work, the attack surface has grown. Over the past year, significant changes have been seen in the threat landscape, threats impacting organizations of any size. ![]() ![]() Last year I wrote "Microsoft 365 Security Assessment" Part 1 and Part 2, where I provided a list of actions one should perform or check in one’s Microsoft 365 environment as a security assessment. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |