Practical configuration guidance for IT Managers and Sysadmins hardening Microsoft 365, Entra ID, Intune, Exchange Online, and Copilot.
A practical priority order for hardening Entra ID: legacy authentication, MFA, Conditional Access, PIM, guest accounts, and app registrations.
Topics: Entra ID hardening, legacy authentication, Conditional Access, PIM, MFA
How to move from SPF and DKIM basics to DMARC enforcement with p=reject, including monitoring, third-party senders, MTA-STS, and DANE.
Topics: DMARC enforcement, SPF, DKIM, p=reject, email authentication
What to harden before Microsoft 365 Copilot goes live: overshared data, sensitivity labels, SharePoint permissions, guest access, and governance.
Topics: Microsoft 365 Copilot security, Copilot readiness, SharePoint oversharing, sensitivity labels
A practical Conditional Access framework for Microsoft 365 covering break-glass accounts, MFA, device compliance, location, risk, and policy testing.
Topics: Conditional Access architecture, Microsoft 365 Conditional Access, device compliance, risk-based access