Skip to content

Security

Bulk dismiss risky users with Power Automate or Logic Apps

Update 08-10-2020: Microsoft released an official connector for Azure AD Identity Protection. This would be much easier to use, since you don’t have to create a service principal to authenticate the custom connector. However, at the time of writing the official connector does not have the action to get all the risky users. Will keep an eye on things. This blog was inspired by an Azure AD Mailbag blog about Azure AD Identity Protection. In the article, Microsoft provided a… 

Prepopulate phone methods using a Custom Connector in Power Automate

Part 2 – Automation In the previous blog post of this series, I’ve shown you the use of the Graph API and how you could manually populate the phone methods for your users. Today, we are going to take it a step further. We’re going to add some automation with Power Automate by using a custom connector. What are we building? Today we are going to add a phone method for all your users using Power Automate and a custom… 

Prepopulate phone methods for MFA and SSPR using Graph API

Part 1 – Graph API What is the number one task if we want to protect our identity? Right. Turn on MFA.What is the number one task our helpdesk is busy with all day (and night)? Right. Password Resets.What is the number one struggle when we want to implement security? Right. User experience.So, what are you gonna get by reading this blog post? Some light at the end of the tunnel. Buckle up! What’s the case here? I start at… 

Use Power Automate as your Conditional Access Police Department

Last week, I was working on a new blog for the Secure Score Series regarding global admin and break glass accounts. I came to the point where I was thinking of possible scenarios that could go wrong with these accounts. What if someone accidentally added these users to a certain group? What if that group would be triggered in some policy or maintenance tasks? A lot of these actions can be discovered using Microsoft Cloud App Security and Azure Monitor.… 

Microsoft Secure Score Series – 14 – Designate more than one global admin

Designate more than one global admin Having more than one global administrator helps if you are unable to fulfill the needs or obligations of your organization. It’s important to have a delegate or an emergency account someone from your team can access if necessary. It also allows admins the ability to monitor each other for signs of a breach. Having too many global admins is no good. But having only one global admin is even worse. Let’s talk about global… 

Microsoft Secure Score Series – 13 – Set automated notifications for new and trending cloud applications in your organization

Set automated notifications for new and trending cloud applications in your organization With Cloud Discovery policies, you can set alerts that notify you when new apps are detected within your organization. And again, we’re back at Cloud App Security. Earlier I showed how MCAS can help you to discover shadow IT in your organization by ingesting your firewall and proxy log files. Today, we take a look at the app discovery policies that are available. If you are new to… 

A first look at Administrative Units and My Staff in Azure Active Directory

Recently, Microsoft introduced Administrative Units in Azure Active Directory. At the time of writing, this feature is in preview. Today we take a first look at how this is going to help organizations managing users and groups in Azure Active Directory. But to understand why this feature is such a big deal, we need to know what the difference is between the “classic” Active Directory and the “modern” Azure Active Directory structure. Active Directory To illustrate this, I created a… 

Microsoft Secure Score Series – 12 – Turn on customer lockbox feature

Turning on the customer lockbox feature requires that approval is obtained for data center operations that grants a Microsoft employee direct access to your content. Access may be needed by Microsoft support engineers if an issue arises. There’s an expiration time on the request and content access is removed after the support engineer has fixed the issue. Today we are going to talk about the Customer Lockbox feature in Office 365. Some privacy regulations like HIPAA and FEDRAMP require procedures…