#Modern Workplace

Source credits: Microsoft This one has been long coming and I am glad that I have finally been able to implement Defender for Office 365 in my tenant and write about it. Implementing Defender for Office 365 may seem like a herculean task, and while it can involve many moving parts, organizations can actually set it up quickly using the preset security policies and build over it. What are preset security policies? Preset security policies are Microsoft's recommended starting point for all customers when it comes to their security configuration. Like all changes, it's important to understand any potential impact. They provide a simplified method to apply all of the recommended spam, malware, and phishing policies to users across your organization. As Microsoft adds new threat protection capabilities, preset policies through the templates will automatically stay up to date and continue to enforce ever so evolving recommended settings. More importantly, organizations that are looki...

I recently encountered an issue as part of a project involving Entra hybrid join for existing domain joined devices and Co-management where devices stopped connecting to corporate wireless access points automatically. The devices would complain about missing credentials, resulting in authentication errors and eventually give up on connecting to the corporate Wi-Fi. Here is a snapshot of one such error - The environment is configured with Cisco ISE as the RADIUS solution with an authentication policy relying on PEAP MSCHAPv2 as the authentication protocol. The logs on the Cisco side reflected the same ' Internal authentication error ' as seen in the event viewer of the endpoints. This was strange at first because there was nothing set up in Intune or otherwise as part of the Co-management configuration that would interfere with the WiFi settings in general. On further investigation, it was discovered that the issue could very well be related to Credential Guard on the devices. ...

While attempting to upgrade my Surface device to 25H2 in my tenant, I constantly encountered issues. The error in the default Windows Update report was not really helpful. The error just indicated that the installation was being cancelled by the user and that it needed attention. Which is quite bizarre, because I had the device kept switched on and connected to the internet for a long period of time so the error didn't make sense to me. I started investigating this and realized that I needed more information to get to the bottom of the error. That is when I realized that I hadn't configured the collection of the Windows diagnostic or telemetry data correctly. While this is not a necessity, nonetheless highly recommended. Here is why.. Windows telemetry helps in improving security and compatibility, identifying and troubleshooting issues, monitoring device performance and reliability through collection of specific data points. These are classified across - Service-based data fro...

Back in January, 2024, when I first wrote about my experience working with Global Secure Access (GSA) for Android OS, GSA was still in preview. Since then, most of the configuration in GSA has been moved into GA, including support for macOS, and this is what I will be covering in this blog. First a quick refresher on what GSA is really all about. Global Secure Access (GSA) is Microsoft’s unified Security Service Edge (SSE) solution that combines Microsoft Entra Internet Access and Microsoft Entra Private Access, giving identity-aware access control (for internet, SaaS, and private resources) without relying solely on VPNs. Using GSA one can guard against threats like token replay by leveraging a combination of compliant network and conditional access policies. A compliant network check is a conditional access control that one can configure so that access to resources is only allowed when the client is connected via the Global Secure Access infrastructure (i.e. traffic is routed throug...