Skip to content

Enterprise Mobility + Security


6 steps to building a holistic security strategy

Today’s business and IT leaders have quite a balancing act on their hands when it comes to security. Between managing a wide universe of devices and applications, the need for innovation and agility, and an ever-evolving landscape of threats, companies need a holistic approach to security. You need a multi-faceted security approach that helps protect...

Read more


Microsoft 365: A complete, secure solution that brings together Office 365 and EMS

In this era of digital transformation, companies are reimagining how technology can help their people collaborate, communicate, and innovate more effectively. Through specific solutions, using IT resources differently, and optimizing processes, companies can achieve the essential flexibility and efficiency to transform the way they work and create more value for their customers. However, successful digital...

Read more

When to use Intune for Education versus full Intune console for schools

For many schools, regardless of size, device deployment poses significant challenges, as it is during deployment that group policies are set, data is secured, devices are readied, and essential applications are enabled. Historically, this task has taken a disproportionate amount of time. As a result, schools interested in using educational technology to improve student learning...

Read more

Introducing support for Cryptography: Next Generation (CNG) certificates in Configuration Manager

We have added limited support for Cryptography: Next Generation (CNG) certificates in Update 1710 for System Center Configuration Manager Technical Preview. Now Configuration Manager clients can use PKI client authentication certificate with private key in CNG Key Storage Provider (KSP). With KSP support, Configuration Manager clients can now support hardware based private key such as...

Read more

New Azure Active Directory resilience features: action required

Howdy folks, If you are federating a separate identity system with your Azure Active Directory tenant, such as Active Directory Federation Server (ADFS), this blog post is for you! We’re totally committed to maximizing Azure Active Directory service availability. As part of that commitment we’re adding more resilience features over the coming months. For most...

Read more


Intune’s new Troubleshooting Portal makes diagnosing and resolving end user issues easier

This post is authored by Jon Lynn, Service Engineer, Intune Customer Experience team. Having the right data at your fingertips is a must when you’re troubleshooting issues with your end users. Intune’s new Troubleshooting Portal provides a “single pane of glass” for reviewing device status, assignments and policies affecting a user, eliminating the need to click...

Read more

cloud 1

Extended email security and compliance with Azure Information Protection

We made some exciting announcements at Ignite that help you protect your sensitive information regardless of where it’s stored or shared. For detailed information on new capabilities in Office 365 Message Encryption (OME), please read this Office 365 blog and watch this Ignite session. We’re also hosting an Ask Me Anything (AMA) session on OME on...

Read more

This one is important: Time to migrate your v1.0 Conditional Access policies to v2.0!

Howdy folks, Azure AD Conditional Access policies in the new Azure portal offer a powerful integrated experience to meet your organization’s security and compliance needs. As we approach the sunset date of Azure AD in the classic Azure portal, it’s important that you move from policies at an app level in the classic portal to...

Read more

How Microsoft Advanced Threat Analytics detects golden ticket attacks

If you’re in the business of threat detection, you are probably familiar with the term “golden ticket”. For those less familiar, a golden ticket is the name of a Kerberos ticket that is manually created by an attacker after gaining access to your environment’s encryption “master key”. A golden ticket allows an attacker to masquerade...

Read more


Active Directory Access Control List – Attacks and Defense

Recently there has been a lot of attention and a few different blog posts (references at the end of the post) regarding the use of Discretionary Access Control List (DACL) for privilege escalation in a Domain environment. This potential attack vector involves the creation of an escalation path based in AD object permissions (DACLs). For...

Read more