By now, we should have all received the news: Passwords are no longer enough. With faster and more powerful devices in the hands of determined cybercriminals, and the relative ease in which even "secure" password policies can be compromised by phishing attacks, the costs now outweigh the benefits of using predictable and vulnerable passwords. The... Continue Reading →
Cloud-enabling your users & groups with Azure AD Connect Sync
Azure AD Connect is Microsoft's secure integration and synchronisation tool, designed to help sites adopt hybrid identities. The solution has a number of different components that can be enabled, and can manage everything from enabling secure Pass-Through Authentication (PTA) via your existing Active Directory (AD) Domain, or by synchronising your users, groups, and even devices,... Continue Reading →
Is Password Hash Synchronisation safe?
I’ve seen a lot of confusion around this feature, and some people pointing at it as a weak point in identity security because they believe the synchronised content can be intercepted, replayed, or otherwise compromised. I’m here to say, this is not the case at all. I'm going to make this blog post really short:... Continue Reading →
Macs Paving the Way to Modern Windows (Part 2)
In part 1, which was posted a long time ago now (oops), I discussed how there's a push to move more workloads to the cloud, and for sites to switch the Modern Desktop via Mobile Device Management (MDM) solutions. In this part, I'll cover what I've recently learned and implemented, in the hope that others... Continue Reading →
Macs Paving the Way to Modern Windows (Part 1)
Preface: We’re currently planning the next phase of modernisation for our fleet of Windows devices. In our case, the environment already ticks a number of "best practice" boxes, and is already up-to-date according to Microsoft's definition of "Modern Desktop"... but there is always more to learn, and new features which can help you and your... Continue Reading →
Targeting Devices for software and licensing, based on Security Groups
In almost all Active Directory (AD) environments, access to resources will be managed via security groups, and group emails handled by distribution groups. While it is also possible to add devices to security groups, and use these to perform some pretty useful functions, it’s mostly all about the users. Managing Active Directory on-premises is an... Continue Reading →
Use Surface MSIs to deploy driver and firmware updates
In 2015, I had the privilege of attending the Microsoft Ignite conference on the Gold Coast. While I loaded up my schedule with plenty of sessions on Azure and Office 365, I also made sure to attend as many Surface-centric events as possible: And I managed to get to quite a few. One of the... Continue Reading →
You must be logged in to post a comment.