Jerry 🦙💝🦙My extended cat family grew by one today. Welcome gnocchi! 🐈
| Blog | https://www.lazymind.nz/ |
Greg Thomson
- 25 Followers
- 22 Following
- 16 Posts
@jerry Oh the pitter pat of tiny feet. Until you get attacked.
@jerry Living the life!
@jerry @lerg Frequently we focus on news about things people get wrong in security. Here's an article about how to get things right.
https://practical365.com/four-practical-tools-and-strategies-for-success-with-conditional-access-policies/
Love the show #defendsivesecuritypodcast
https://practical365.com/four-practical-tools-and-strategies-for-success-with-conditional-access-policies/
Love the show #defendsivesecuritypodcast
Four Practical Tools and Strategies for Success with Conditional Access Policies
Many organizations still find it challenging to implement Conditional Access effectively. Luckily, there is a solution for this. In this blog, we share a new open-source framework, introducing 4 tools to help create and validate access policies and strategies, ensuring that security measures are effective and efficient.
First post to my old blog in a while. Enjoy.
https://www.lazymind.nz/2024/06/entra-id-sso-for-those-other-apps.html
@riskybusiness Cool. It's one of those win/win technologies. Relatively easy and cheap for small orgs to implement. Not to be scoffed at in these fiscally constrained times. It also provides great visibility into what your domain is sending that large orgs wouldn't normally see. Spotting shadow IT email campaigns gets really easy.
As you might have guessed it's a personal mission to get as many orgs as possible using DMARC. The more orgs that implement it the more everyone benefits.
As you might have guessed it's a personal mission to get as many orgs as possible using DMARC. The more orgs that implement it the more everyone benefits.
@riskybusiness Any thoughts on implementing DMARC for your domain? Seems strange to have a security podcast with a domain that doesn't. I've done it for the small org I work for and it's relatively easy and the tools to do the reports are mostly free.
@seanthegeek @SwiftOnSecurity DMARC certainly is a test of an orgs domain governance.
There are some quick wins.
1) Just getting the report set up without enforcement provides great visibility.
2) Slapping a simple reject policy on any parked domains protects them from being abused.
There are some quick wins.
1) Just getting the report set up without enforcement provides great visibility.
2) Slapping a simple reject policy on any parked domains protects them from being abused.