Sending an email securely requires more moving parts than most people expect, you don’t notice when it works. You really notice when it doesn’t! Email is still one of the most critical, and most abused, communication channels in modern IT environments. While most organizations rely on email every day, not enough people knows how emails, and the security surrounding it, actually works under the hood. This post breaks down the core building blocks of modern email security, fro

Today I want to walk through how to configure Azure App Service Authentication when your App Service sits behind Azure Front Door and is accessed through a Private Link. On a dreadful day in october 2025, I received something that most IT people fear - a request from a client! The request included information from the client, that they were struggling with authentication on a Web App deployed behind Azure Front Door using Private Link. What looked like a straightforward setup

We’ve covered what Authentication Contexts are, why they matter, and how they help us strengthen access and data security in Microsoft 365. Now it’s time to answer the next question - how do we monitor and report on their usage? Unfortunately, there’s no built-in way to gain that visibility today. Neither Entra ID nor Microsoft 365 provides a simple method to inventory or audit Authentication Contexts across our estate including Conditional Access, PIM and Sensitivity labels

With identities and access strengthened in part 2 , it’s time to turn our focus to real-world data protection  with Authentication Contexts. One of the more underused capabilities of Authentication Contexts is their power to secure data across the environment, whether through direct enforcement using Sensitivity Labels or by protecting user sessions via Microsoft Defender for Cloud Apps. In this post, we’ll explore exactly that: how to secure organizational data using Authent