Due to the COVID-19 crisis, we (the Windows Management User Group Netherlands) were forced to move our activities to virtual events, which we call WMUG_NL Tuesdays Webinars.Read More
Due to the COVID-19 crisis, we (the Windows Management User Group Netherlands) were forced to move our activities to virtual events, which we call WMUG_NL Tuesdays Webinars.
The last couple of week we already held two webinars, the first one, on Tuesday April 21 was a session about how to maximize Windows 10 and ConfigMgr network performance presented by Johan Arwidmark. If you missed this webinar, no problem since we have a recording available on our YouTube channel for your viewing pleasure. You can find the recording here: WMUG NL Tuesdays webinar featuring Johan Arwidmark.Read More
I’m very proud to announce that I will be speaking at the Workplace Ninja Virtual Edition 2020 event. The Workplace Ninja Virtual Edition 2020 event will take place from Tuesday 25th till Thursday 27th of August 2020 and will contain 45 sessions, spread across 3 days. Each day will provide 3 tracks, with 5 timeslots. The event can be attended for free, the only thing you need to do is register via the website.
The goal of the Workplace Ninja Virtual Edition is to share knowledge and learn together. This covers topics around management of endpoints with SCCM and Intune, as well virtual desktop and the complete security stack of Microsoft. Since the event is virtual, we can’t see each other personally but we will provide a NinjaZone, where we can connect with each other.Read More
Due to the COVID-19 crisis, we (the Windows Management User Group Netherlands) were forced to move our activities to virtual events. We started this event on Tuesday April 21 with a session about how to maximize Windows 10 and ConfigMgr network performance hosted by Johan Arwidmark. If you missed this webinar, no problem since we have a recording available on our YouTube channel for your viewing pleasure. You can find the recording here: WMUG NL Tuesdays webinar featuring Johan Arwidmark.
For Tuesday May 5th we have another great speaker lined up. This time Michael van Horenbeeck will presented on the topic: “Microsoft 365 Security in the real world”.Read More
Around 5 years ago (April 2015) Microsoft announced Exchange Online Advanced Threat Protection (ATP), which was renamed to Office 365 Advanced Threat Protection around a year later.
By using Office 365 Advanced Threat Protection you can add additional protection to the email filtering service available in Office 365 called Exchange Online Protection (EOP).
In this article, I will explain the functionality of Office 365 Advanced Threat Protection, and I will share the lessons learned while implementing the solution at several of my customers. I’ll also try to include as much references to other articles or blogposts as possible hopefully providing you with enough information for you to start implementing Office 365 ATP as well.
This article covers the following topics:
- What is Office 365 Advanced Threat Protection?
- ATP Safe Attachments
- ATP Safe Links
- ATP Anti Phishing
- Other ATP functionality
- Implementation planning
Disclaimer: This post reflects the status of Office 365 Advanced Threat Protection as of April 28 2020. Functionality may change, even right after this post has been published.Read More
Due to the current COVID-19 crisis, we were forced to postpone our in- person meetings for our Windows Management User Group Netherlands community. Since this crisis is probably going to take a while we have decided to start a new initiative, called #WMUG_NL Tuesdays.Read More
One of the advantages of Microsoft having many customers using its services is that Microsoft can leverage data from those customers and apply some real fancy Machine Learning on that data, coming from Azure AD, Microsoft Accounts and even Xbox services.
Based on all that data the Machine Learning capabilities are able to identify identity risks. Based on the risk, automatic investigation, remediation and sharing of that data with other solutions able to leverage it is possible. The outcome of risk is expressed as either High, Medium, Low or No Risk. This outcome can later be used to define policies.
By leveraging Azure AD Identity Protection you are able to use the signals provided by Microsoft and trigger “actions” – the signals can also be leveraged in your conditional access policies.
This article covers the following topics:
- Examples of using Identity Protection
- How is risk determined?
- Portal Walkthrough
- Policy behavior
Disclaimer: This post reflects the status of Azure AD Identity Protection as of April 7th 2020. Functionality may change, even right after this post has been published.Read More
In this blogpost I will share my experiences with implementing Azure AD Privileged Identity Management (PIM). PIM is a service that enables you to manage, control, and monitor access to important resources in your Azure environment. These resources include resources in Azure AD, Azure, and other Microsoft Online Services like Exchange Online, SharePoint Online or Microsoft Intune.
PIM provides the following functionality:
- Just-in-time privileged access to Azure AD and Azure resources
- Assign time-bound access to resources using start and end dates
- Require approval to activate privileged roles
- Enforce multi-factor authentication to activate any role
- Use justification to understand why users activate
- Get notifications when privileged roles are activated
- Conduct access reviews to ensure users still need roles
- Download audit history for internal or external audit
This article will cover the following topics:
- Securing Privileged Access
- Accessing PIM
- Rights needed
- How to request rights using PIM
- How to configure PIM as a Privileged Role Administrator
- Adding users as Eligible to Azure AD Roles
- Modifying default role settings
- How to approve requests for administrative rights
- Reviewing all given access using Resource Audit
- Azure Resources
- Access Reviews
- Caveats and challenges
Note: This post reflects the status of Azure AD Privileged Identity Management as of March 24th 2020. Functionality may change, even right after this post has been published.Read More
On Saturday March 28th, 2020 the Windows Management User Group Netherlands (WMUG_NL) will organize a full Saturday with Workshops. Together with Peter Daalmans I will host a workshop on the topic of Conditional Access, the workshop partly be based on the blog articles I wrote about the subject earlier this year. Also Adnan Hendricks will host a session on Threat Hunting, which will be very interesting as well.
Also this year Fast Lane, a learning solutions provider located in Utrecht is hosting the location and providing us with food and drinks. See: Windows Management User Group Netherlands – WMUG Saturday 2020 on Meetup if you want to join us. Attending is free, the only thing you need to do is RSVP on the Meetup page, so that we know you are coming.Read More
On Wednesday April 1st, I have the opportunity to present at the RDW Techday. RDW Techday is a community event organized by the RDW, the goal is to stimulate knowledge sharing within the company and between companies in the same region. I had the pleasure to present at earlier events already and received some really positive feedback.
RDW is the Netherlands Vehicle Authority in the mobility chain. RDW has developed extensive expertise through its years of experience in executing its statutory and assigned tasks. Tasks in the area of the licensing of vehicles and vehicle parts, supervision and enforcement, registration, information provision and issuing documents.Read More