Conditional Access is one of, if not the, strongest tools in our kit for securing access to our organizations. And it seems to be on the cusp of becoming even stronger. Some time ago, while scrolling through LinkedIn, I came across a post by fellow MVP Daniel Bradley. He highlighted a new property that appeared when experimenting with the beta Graph APIs for Conditional Access: a new condition called Time. After waiting far too long, I finally got the chance to sit down and e

Emergencies happen every day. Most of the time, they happen to someone else. Until the day they happen to you - then what? We all know things can go wrong, but most organizations do not spend much time thinking about what happens when they lose access to their own environment. That is understandable right up until the moment a misconfiguration, outage or any other emergency turns it from a theoretical problem into a very real one. That is why emergency access matters. In this

Have you ever felt that the native reporting options in the Microsoft Cloud are lacking? Well, you’re not alone - let’s talk about it. Visibility into your Microsoft Cloud identity and security configurations has never been more important… or more fragmented. While Microsoft offers native reporting options for specific parts of our environments, they are often too narrow, incomplete, or difficult to use without significant additional processing. That gap led to the creation o

Sending an email securely requires more moving parts than most people expect, you don’t notice when it works. You really notice when it doesn’t! Email is still one of the most critical, and most abused, communication channels in modern IT environments. While most organizations rely on email every day, not enough people knows how emails, and the security surrounding it, actually works under the hood. This post breaks down the core building blocks of modern email security, fro