My thoughts and ideas

  • Common Challenges to MFA Adoption and Enforcing Protection With Conditional Access

    Modern authentication utilizing Identity Providers within the cloud creates a unique set of challenges. The most apparent of these is that users are utilizing their personal or work email addresses across multiple websites and applications on the public Internet. This is generally done without a complete understanding of where these identities are stored and who has access to them.


  • How to Achieve Zero Trust Identity Protection with Microsoft Entra

    Apply Zero Trust to Identity When you apply Zero Trust to your identity and access management strategy, you should have a plan in place. This planning includes the deployment objectives, federation with multi-cloud and on-premises identity providers and systems, applying policies for conditional access, and security operations that will remediate issues and review analytics for gaps in controls.

    Let’s review...

  • How to Protect Multi-Cloud Identities with Zero Trust in Microsoft 365

    The traditional way of securing identities does not provide the business agility, user experiences, and protections needed for a rapidly-evolving digital estate. Many organizations are implementing Zero Trust to alleviate these challenges and enable the new normal of working anywhere, with anyone, at any time.

    However, the expanded ecosystem of remote users with multiple devices creates more attack surfaces to...

  • 5 Common Pitfalls of Migrating to a Cloud-Only Environment

    From the moment that a company makes a business decision to no longer contribute to leases on large and expensive data centers, the plan to migrate and modernize begins. The process of exiting a data center is not one without challenges, however. Most companies require outside assistance from a service provider that specializes in cloud adoption.

    Whether the company is...

  • AWS Service Control Policies (SCP) uses for the Security Specialty Exam

    This is part of a series of posts to use as a study guide for the AWS Security Specialty exam

    What is SCP?

    SCPs are Service control policies. These are types of organization policies to manage permissions in your organization. SCPs provide central control over the maximum available permissions that can be provided for all accounts within the organization. SCPs...