Here is the next part of our series on authentication. In our previous post, we talked about MFA: how this is used to strengthen the use of credentials, and the different methods available to secure user accounts and identities. In this post, we’ll dive deep into how passkeys work, how...
Read MoreWelcome back after Ignite, to the next part of our series on authentication. In our previous post, we talked about credentials: what they are and how they are stored. In this blogs we will step back and look at Multi Factor Authentication (MFA) and how this is used to strengthen...
Read MoreWelcome to the next part of our series on authentication. In our previous post, we covered hashes: what they are, how they are calculated and stored. In this blogs we will step back and look at credentials as a whole and see how these are used, stored and protected When...
Read MoreWelcome to the next part of our series on authentication. In our previous post, we covered passwords: the foundation of most authentication systems. Now, we’ll delve into a critical aspect of authentication security—hashing. This blog will explore how operating systems like Windows, Linux, and macOS use hashing to protect passwords,...
Read MorePasswords are the guardians of our digital lives. From unlocking our phones to accessing bank accounts, they’ve become a universal mechanism for proving identity in the digital age. But where did they come from, and how do they work? In this first entry of a multipart series on authentication, we’ll...
Read MoreI first wrote a 7 part series blog on Kerberos back in 2018. With the advent of Windows Server 2025 and the demise of RC4 in Active Directory, I thought it was worth refreshing this blog and talk about any differences in how Kerberos works in the new server OS....
Read MoreWe are proud to release our first version of the GeekWolf.Migration PowerShell module! It is very early days for us on this, and we have lots of ideas to expand on this module with other useful cmdlets to help those of you doing mergers, acquisitions and divestiture related migrations. If...
Read MoreMicrosoft are going to start enforcing MFA in the Azure portal, Entra admin center, and Intune admin center from October 2024. This is generally a good thing, however it has implications… This is an enforced MFA with no exceptions. So this will include service accounts and break glass accounts too....
Read MoreTransitioning from on-premises infrastructure to a cloud-native environment using Microsoft Entra ID (formerly Azure AD) and Microsoft 365 is a strategic move that can enhance security, improve scalability, and streamline IT management. However, this process can be complex, especially when it comes to moving users, applications, and Active Directory (AD)...
Read MoreAs organisations move to Microsoft Entra ID (formerly Azure Active Directory), it’s crucial to understand the implications for device management, particularly how the local administrators group is handled when transitioning from AD-joined or workgroup-joined devices to Entra joined devices. This blog explores what changes occur during this process, including the...
Read MoreIn the business world today, effective communication and collaboration are crucial. Three popular tools designed to facilitate these aspects are Microsoft Teams, Slack, and Google Workspace Chat. Each platform has its strengths and unique features, making them suitable for different organisational needs. Here’s a detailed comparison to help you choose...
Read MoreIn the landscape of identity and access management (IAM), two prominent players are Okta and Microsoft Entra ID (formerly Azure Active Directory). Each offers a suite of features designed to manage user identities, access, and security, but they cater to different needs and technological environments. This blog will provide an...
Read MoreAs the digital landscape evolves, organisations face increasingly sophisticated threats that target various aspects of their infrastructure. Microsoft 365 (M365) offers a comprehensive suite of security products designed to protect identities, data, devices, and networks in both cloud and hybrid environments. While M365’s security tools provide robust protection, organisations may...
Read MoreIn an increasingly digital world, securing access to corporate resources is more critical than ever. As organisations embrace remote work and cloud-based services, the need for robust security solutions to protect data and ensure seamless access has surged. Two prominent players in this domain are Global Secure Access (GSA) from...
Read MoreIn today’s digital world, as organisations continue to embrace hybrid work models and cloud-based solutions, ensuring secure access to resources across a global workforce has become a critical challenge. Microsoft’s Global Secure Access (GSA) aims to address this by offering a comprehensive solution designed to protect users, devices, and data....
Read MoreAs organisations increasingly adopt cloud-first strategies, hybrid environments have become the norm. Azure Active Directory (Azure AD), now part of Microsoft’s Entra product family, is the identity platform for managing users, devices, and access to resources across cloud and on-premises environments. One critical aspect of this integration is ensuring seamless...
Read MoreIn today’s cybersecurity landscape, robust authentication methods are crucial to protect sensitive information and ensure that only authorised users can access critical systems. Microsoft offers a range of strong authentication options tailored to meet diverse security needs, categorised into three key areas: multifactor authentication (MFA), passwordless authentication, and phishing-resistant authentication....
Read MoreIn today’s rapidly evolving digital landscape, securing both infrastructure and user authentication is critical to reducing the attack surface of an organisation’s IT environment. Traditionally, on-premises authentication has played a central role in managing access to applications, services, and servers. However, as threats have grown more sophisticated, it has become...
Read MoreIn the realm of device management and security, Entra and Intune are critical tools that serve different but complementary roles. Understanding their distinct functions and how they interact can help organisations better manage their IT infrastructure. Let’s dive into what each service does and how they interrelate. What is Entra...
Read MoreIntroduction In today’s cybersecurity landscape, strong password policies are crucial for protecting against unauthorised access and cyberattacks. Entra ID Password Protection extends Azure Active Directory’s robust password security features to on-premises Active Directory environments. This integration helps organisations enforce consistent password policies across both cloud and on-premises systems. This blog...
Read MoreWhen recommending that Multi-Factor Authentication (MFA) be configured for all users in Entra ID (formerly Azure Active Directory), one of the most common concerns you’ll encounter is, “How often will users be prompted to complete MFA?” This question often stems from a fear that MFA will disrupt daily workflows by...
Read MoreWith the rise of remote work and the increasing complexity of cyber threats, maintaining robust security without disrupting user productivity is a significant challenge for IT administrators. Microsoft’s Entra ID Continuous Access Evaluation (CAE) is a powerful solution designed to meet this challenge, providing a dynamic security posture that adapts...
Read MoreIn the realm of identity management, organisations often face the challenge of synchronising on-premises directories with cloud environments. Microsoft provides two primary tools to achieve this: Microsoft Entra Connect Sync and Microsoft Entra Cloud Sync. Both are designed to synchronise user identities between on-premises Active Directory (AD) and Microsoft Entra...
Read MoreWhen it comes to managing identities, access, and directory services within an organisation, Microsoft’s Active Directory (AD) and its variant, Active Directory Lightweight Directory Services (AD LDS), have been pivotal tools for IT professionals. With the evolution of cloud computing, Entra ID (formerly known as Azure Active Directory) has emerged...
Read MoreIn Active Directory we are used to seeing Security Identifiers (SIDs) in Access Control Lists (ACLs) and they are made up of S-1-5-12-- where the RID for non system objects is a number above 1000. Now in Azure AD that wouldn't work as the RID part would quickly exhaust and...
Read MoreIn the world of Microsoft 365 (M365) and Azure Entra ID (formerly Azure Active Directory), managing user access and roles is crucial for both security and collaboration. Two important terms you’ll often come across are “guest” and “User.” These terms have specific meanings both as a user type value in...
Read More