5 reason to visit Semperis at Microsoft Ignite

The tech conference Microsoft Ignite is right around the corner. If you’re attending the conference this September 24th-28th in Orlando, you’re most likely starting to build out your schedule thinking about which sessions to attend and which booths to visit. Whether you’re an enterprise developer, IT implementer, IT decision maker, or data professional, Microsoft Ignite […]

Trees Falling in a Forest: Chronicles of a Data Breach

“If a tree falls in a forest and no one is around to hear it, does it make a sound?” Although the sub-title for this article is a philosophical question, asked by George Berkeley in 1710, it proved to be completely relevant over 300 years later, while I was working with Azure Security Center. A […]

Kerberos at the Company Party

Back in 1999, I wrote a book on Windows 2000 Server in general, and Active Directory in particular. I try not to look back at what I wrote about AD back then compared to what I know now, but I remain fond of a passage that explained how the Kerberos security protocol works – using […]

How Do I Protect Against Ransomware?

Guest column by Joseph Carson, Chief Security Scientist at Thycotic. “Ransomware” is on the rise using “targeted phishing attacks” and is being used for financial blackmail and poison or corrupt data. No one is excluded from these threats and no company or individual is too small to be a target. Ransomware has become such a […]

5 Security Policies Every CISO Must Enforce Now

Guest column by Joseph Carson, Chief Security Scientist at Thycotic. Chief Information Security Officers, CISOs, bear some of the heftiest weights on their shoulders of anyone in an organization. Single-handedly, depending on their security policies and the enforcement of them, they can be responsible for the success or downfall of an entire company. It is, […]

When you should use Azure MFA and when you should use MFA Server

One of the most common security-related trends I’m seeing with customers is an interest in adding multifactor authentication (MFA) to both their new and existing solutions. This trend is usually driven by a need to increase overall security, or to satisfy regulatory requirements. As a hybrid service, Microsoft’s Azure Multifactor Authentication (MFA) service has both […]

Microsoft upends traditional password recommendations with significant new guidance

Based on research gleaned from literally billions of login attempts to its Azure cloud service, Microsoft updates its password recommendations – and throws out several long-held industry best practices. Microsoft has recently published a white paper, “Microsoft Password Guidance” that explains their new password guidance, based on the massive amount of data they’re collecting at […]

SaaS Passwords Are Like Cockroaches

And in the case of passwords, each one – especially each forgotten one – is a little security risk scurrying around in the shadows. You may think you have gotten rid of them (or at least reduced them to a manageable amount), but they still keep popping up. And as we all know, SaaS applications, […]

IdFix – discovery and remediation of Active Directory objects

As I help companies connect their on-premises Active Directory Domain Services (AD DS) to Azure AD in order to use Microsoft services like Office 365, I’ve found that a critical step is often overlooked. Skipping this step can potentially set your deployment back by weeks! Fortunately, Microsoft has provided a tool to help speed your […]