As you probably know now, you can connect to Azure virtual machines using either remote desktop (RDP) or SSH without being obliged to allow such management ports to be opened with network security group using Azure Bastion. Until then you could authenticate to the virtual machine running Windows using either password from a key vault […]
Starting January 2026, Microsoft Teams is going to introduce a new process – ms-teams_modulehost.exe – in addition of the existing ms-teams.exe. This new process – ms-teams_modulehost.exe – is going take charge of the calling capabilities. If you are using any security products (such as Defender App Control, group policy or Threatlocker….) to manage authorized processes
Teams – Get ready for a new Teams process Read More »
If you are using Microsoft cloud services, such as Azure and/or M365, you already know that authentication and access control is based on Entra ID. You also then probably know that you can register custom applications to integrate with Entra ID authentication and access control capabilities. Entra ID can also be used for segregating corporate
If you use Microsoft Entra ID, you most likely already know you can also use it for external identities management, and I’m not talking about guest account in your M365 tenant for collaboration. This feature, used to be called B2C (business to consumer) tenant, now called External Identities tenant is used to use a dedicated
Entra ID – You can now use a username instead of email for external identities (preview) Read More »
As you know if you use Entra for managing identity and access controls to Microsoft Cloud services, such as Entra ID or M365, you have corresponding Entra ID administration roles to delegate the least privileges permissions to allow users, mostly IT peoples, to execute their tasks. This means when there is no capabilities or features
Entra ID – New administration roles for Copilot and agents Read More »
As part of a correct Azure governance, you need to implement alerts to be alerts in case something wrong arise. As part of such alerts, you need to implement service health alerts too. However, unfortunately you had to set such health service alerts for every single Azure subscription and do it all over again for
Azure – You can now create tenant level service health alerts (preview) Read More »
If you are using M365 services, you most likely are using Microsoft Teams too. Microsoft Teams allows end-users to communicate/collaborate with external users from other tenant. While external collaboration/access to Teams is by default widely open, this can raise security concern due to raising fake/rogue tenant. Teams administrators can manage communication with external users by
Teams – You can now delegate your security team to manage Teams blocked domain Read More »
If you use Azure services, especially storage account, you already know that most services provide a failover capability – mostly unmanaged/unexpected – in case the primary location is becoming unavailable for various reasons. Well, for storage account, until now only unexpected unavailability would triggered an automatic failover, depending of the storage account redundancy. This is
Azure – You can now managed storage account failover Read More »
If you have been using M365, you probably already know that you are able to recover some deleted objects. Until now, deleted group recovery was only possible for M365 Groups (including Teams) but not for security, mail-enabled or synchronized groups. After the recent recovery feature update to recover deleted Conditional Access policies and locations (see
Entra ID – You can now recover deleted cloud security groups (preview) Read More »
