Author: Nick Schmitz
-
Conditional Access Boot Camp
Read more: Conditional Access Boot CampConditional Access is one of the best tools in your Microsoft environment for securing access. With it, you can control who, what, where, when, someone or something tries to get…
-
AiTM attack mitigation in M365 – Part 1
Read more: AiTM attack mitigation in M365 – Part 1AiTM attacks have always been that annoying mosquito that just won’t go away. In 2025 and into 2026, that mosquito got a lot bigger. AiTM phishing attacks grew 146% over…
-
Why Scoping Phishing-Resistant MFA to the Admin Portal Isn’t Enough
Read more: Why Scoping Phishing-Resistant MFA to the Admin Portal Isn’t EnoughWoohoo! You implemented phishing-resistant MFA for access to the admin portal. That’s great! But… did you actually improve your situation at all? It depends. Do you still have other MFA…
-
Guest Access in Entra ID: The Tenant’s Junk Drawer
Read more: Guest Access in Entra ID: The Tenant’s Junk DrawerHave you ever looked at your tenant, seen all the guest accounts, and had this reaction? Well, it’s not your fault…. Mostly. There are some default settings within the M365…
-
Token Protection Conditional Access Won’t Save You From AiTM
Read more: Token Protection Conditional Access Won’t Save You From AiTMA while back, Microsoft released a feature called Token Protection in Microsoft Entra ID. It’s a Conditional Access policy designed to help reduce token theft replay attacks, and if you’re…
-
Why EDR alone is not enough for a Domain Controller
Read more: Why EDR alone is not enough for a Domain ControllerAhh EndPoint Detection and Response (EDR), the thing that solves everything… oh wait. Oftentimes when I’m meeting with customers, whether they’re big or small, I always ask one question when…
-
The whacky behavior of Intune’s retire option (Part 2)
Read more: The whacky behavior of Intune’s retire option (Part 2)In my previous article, we explored what happens when you retire an Entra Joined device from Intune. If you didn’t read it, here’s a quick spoiler: it caused some seriously…
-
The whacky behavior of Intune’s retire option
Read more: The whacky behavior of Intune’s retire optionIntune offers a handful of ways to offboard a device, whether it’s being booted out of the company for good or just getting repurposed for another user or task. The…
-
Strings and Win32 deployment in Intune
Read more: Strings and Win32 deployment in IntuneToday, we’re going to talk about “Strings” and how they can simplify deploying Win32 apps. Strings have been a lifesaver for me when dealing with applications that lack proper documentation.…