Enable users to request access to auto forward emails outside the organization
A while back ago Microsoft decided to default start to block end-users from being able to set up auto forwarding of emails outside the organization. This decision was partly taken…
Keep reading
How to implement OATH TOTP Hardware tokens to Azure AD
When we start to implement MFA or Conditional Access to larger Azure AD environments with many different user types, you some times come across end-users that simply don’t have any…
Keep reading
How to enable MFA Code Matching & Context in Azure AD Portal (Public Preview)
Microsoft have now released a new(ish) MFA method that will be available for both users running Passwordless and regular authentication combined with MFA/Conditional Access, currently in Public Preview.With the new…
Keep reading
Block Access for all non-Intune MDM enrolled mobile devices in Conditional Access
During last week an customer had the need to make sure that all mobile devices that weren’t MDM enrolled into intune should get blocked for accessing Azure AD resources using…
Keep reading
Detect when compromised end-user connects to Azure-AD for reconnaissance
In the recent investigations of compromised Microsoft 365 tenants I’ve been involved in, we have seen that one of the first actions the attacker make is connecting to Azure-AD as…
Keep reading
Keeping track of Conditional Access changes
Conditional Access is an amazing feature within Azure-AD and is more or less the zero trust engine in the Microsoft 365 platform.It lets us gather a lot of signals from…
Keep reading
Find changes in end-users MFA authentication methods
Not too long ago I where involved in a security incident where the attacker used phishing to gain access to several end-users Microsoft 365 credentials.In this case, the customer didn’t…
Keep reading
Setup and monitor emergency Azure-AD accounts
All organizations who is utilizing workloads within Azure Active Directory should always make sure to have an emergency account within their tenant, so the organization always have a way into…
Keep reading
Manage Azure-AD logs with Azure Monitoring
Many organizations is starting to understand the power of using Azure-AD as an idP (identity provider) for both SaaS applications and on-prem applications these days. During the last year i’ve…
Keep reading
Tracking excluded Conditional Access users with Identity Governance
When you implement Conditional Access to protect your end-users and the company data there will often be different Conditional Access frameworks for different user types and licenses.For example you might…
Keep reading
Why you need to take care of Legacy Authentication, RIGHT NOW!
Microsoft first announced that they would disable legacy authentication in the Exchange Online Service 13th of October 2020. Due to the COVID-19 pandemic, they decided to postpone this to the…
Keep reading
About Me
Pontus Själander is a highly dedicated IT-specialist at the age 32 with 10+ years of experience in the IT-Industry. The last six years specialized in the Microsoft 365 platform
Subscribe to My Blog
Get new content delivered directly to your inbox.
Microsoft 365 Security blog by Pontus Själander 