Moving away from passwords with Windows 10, Windows Hello for Business & Microsoft Intune

In 2004, long before we went online massively concepts like phishing or ransomware were on the rise, Bill Gates, predicted at the RSA Conference that year the demise of passwords saying “they just don’t meet the challenge for anything you really want to secure.”

For years, we’ve been discussing the vulnerabilities of passwords (80 percent of security breaches are down to stolen passwords & credentials) and the need to ditch them for more robust & secure solutions. Many initiatives have been launched like Microsoft’s CardSpace, the Higgins project, the Liberty Alliance, NSTIC, the FIDO Alliance and various Identity 2.0 proposals. All with the explicit goal of eliminating passwords.

Continue reading “Moving away from passwords with Windows 10, Windows Hello for Business & Microsoft Intune”

Improve your endpoint security /w Windows Defender Advanced Threat Protection

Last week Microsoft announced the public preview of Windows Defender ATP Windows 10 Fall Creator update. I’m quite excited – we’ll should – of the new capabilities which allows you to better protect your endpoints from threats.

I had the opportunity to work with this for a while and like to highlight my personal favorite feature – Security Analytics Dashboard. Why? It’s because this feature gives me insights of my current endpoint (Windows 10, Windows Server, Linux* & Mac OS*) security posture and what it takes to utilize the full potential.

For a complete overview of all Windows Defender ATP preview features please read the official announcement here. Continue reading “Improve your endpoint security /w Windows Defender Advanced Threat Protection”

Secure your SaaS & On-premises applications with Azure AD Conditional Access

Last week Microsoft announced the public preview of Azure AD Conditional Access to protect Azure AD SaaS applications based on device-based policy rules. Conditional Access (CA) is already available for a quite long time for those who are using Microsoft Intune, but was scoped to Microsoft cloud services such as Dynamics CRM Online, Exchange Online, Exchange on-premises, SharePoint Online and Skype for Business Online.

With the introduction of CA for Azure AD SaaS applications it’s a great step forwards raising the security bar in a mobile first cloud first world securing your SaaS applications and how they being accessed.


In this blog I will not elaborate the detailed operation of CA but will show you how easily it is to configure and apply Azure AD Conditional Access for an on-premise web application which we have published by Azure AD Proxy. Continue reading “Secure your SaaS & On-premises applications with Azure AD Conditional Access”

Unlock your Windows 10 PC with your Windows Mobile Phone Sign-in App

image

As Windows 10 expert you probably know there are many ways to log on to your Windows 10 device. Windows 10 already does a lot to spare you from typing in your password. Windows Hello and Microsoft Passport are technologies are part of the Windows 10 operating system and help mitigate threats from conventional credentials. With Phone Sign-in app (Beta) Microsoft releases a new way of logging on to your Windows 10 device.

Continue reading “Unlock your Windows 10 PC with your Windows Mobile Phone Sign-in App”

How secure is Microsoft Intune? Keep calm and reassure your cloud security manager!

computer-security-14

Perhaps you noticed yourself but customers are asking more often how secure Microsoft clouds services are(Microsoft Azure, Office365 & Windows Intune)?  Valid questions like “What- and where my corporate data is stored? How my corporate data is protected in Microsoft datacenters? What security controls in place and what about backup, disaster recovery and data retention policies? Do I have control on what data is going synced to the cloud?” And so we can still go on…

By informing customers and providing them guidelines and best practices it is more clear what the impact of using Microsoft cloud services is for their organizations. This will eliminate possible restraints (rightly or not), increases confidence of cloud service as platform & accelerates the adaption as such.

This post might help you to get better understanding on what terms and conditions Microsoft clouds services performed and enables you to inform your cloud security officer! Continue reading “How secure is Microsoft Intune? Keep calm and reassure your cloud security manager!”

Microsoft releases update for System Center Endpoint Protection

Microsoft has made available a significant Hotfix for Endpoint Protection when it is integrated with Microsoft System Center 2012 Configuration Manager or Microsoft System Center Configuration Manager 2007. More specifically, the Hotfix is a platform update for Microsoft System Center 2012 Endpoint Protection Service Pack 1 (SP1) clients and Microsoft Forefront Endpoint Protection 2010 clients.

The platform update provides the following additions, enhancements, and fixes:

  • Update to the network real-time behavior monitoring functionality.
  • Provides Manageability support through the WMIv2 provider.
  • Anti-tampering improvements.
  • Performance improvements.
  • Configurable option for sending harmful samples to Microsoft.
  • More languages supported.
  • Fixes Exchange Server 2003 problems.
  • Fixes a problem where duplicate environment variables are created during installation.
  • Fixes the ability to install on an alternate drive letter.

The Hotfix, 2865173, replaces both 2828233 and 2827684.

The KB Article is here:  An anti-malware platform update for Endpoint Protection clients is available from Microsoft Support

source

MBSA 2.3 Preview Release is available for download!

MBSA 2.3 Preview has been released on the Client Management Connect site to the ConfigMgr Open Beta community.

image

MBSA 2.3 release adds support for Windows 8, Windows 8.1, Windows Server 2012, and Windows Server 2012 R2. Windows 2000 will no longer be supported with this release. The final release of MBSA 2.3 is expected to be available in Fall 2013.

You can download MBSA 2.3 Preview here.