- Видео 50
- Просмотров 87 090
SecureCRC
США
Добавлен 4 дек 2018
Hi everyone. Welcome. This channel deals with many security-related issues and topics within the Microsoft 365 cloud.
Entra New Guest Access Options
Conditional Access with guest access has newer options. No longer do we need to exclude/include all guests in a policy. There are new options!
01000011 01010010 01000011
Subscribe: ruclips.net/channel/UCS4FI0Hc4nmAjSsRsOP0Gbg
01000011 01010010 01000011
Subscribe: ruclips.net/channel/UCS4FI0Hc4nmAjSsRsOP0Gbg
Просмотров: 79
Видео
DLPoptions
Просмотров 552 месяца назад
Let's take a high-level view of DLP options. What's the difference between Defender for Cloud Apps DLP and Endpoint DLP? Hint: It's tricky! 01000011 01010010 01000011 Subscribe: ruclips.net/channel/UCS4FI0Hc4nmAjSsRsOP0Gbg
Copilot365SecurityTips
Просмотров 2842 месяца назад
Copilot for Microsoft 365 has access to everything that a licensed user has access to. You can limit the knowledge of this access by limiting Teams/sites indexing in SharePoint. Labels can also be used to some extent. If a document is labeled using encryption (Rights management) that does not include the "Extract" permission, then Copilot cannot extract information to be used to answer prompts ...
Bullshittery
Просмотров 132 месяца назад
The epidemic of liars and exaggerators in the IT industry is shocking! Don't let it worry you, though. Keep learning and demonstrate honesty and your work-product will shine through the BS. 01000011 01010010 01000011 Subscribe: ruclips.net/channel/UCS4FI0Hc4nmAjSsRsOP0Gbg
Crowdstrike Destroys the World
Просмотров 213 месяца назад
Did you have, "Crowdstrike brings down the whole world" on your BINGO card for this week? Yeah, me neither, and yet here we are. Let's talk about what happened and do a little irresponsible speculating on the root cause. 01000011 01010010 01000011 Subscribe: ruclips.net/channel/UCS4FI0Hc4nmAjSsRsOP0Gbg
Securing Sites from unmanaged devices using Labeling
Просмотров 323 месяца назад
Sensitivity Labels can be used to secure individual sites with app-enforced restrictions. Don't want to use app-enforced restrictions globally but also don't want to deal with the hassle of PowerShelling your way through each new site? Use Sensitivity Labels! 01000011 01010010 01000011 Subscribe: ruclips.net/channel/UCS4FI0Hc4nmAjSsRsOP0Gbg
Windows MAM End User Experience
Просмотров 1593 месяца назад
01000011 01010010 01000011 Subscribe: ruclips.net/channel/UCS4FI0Hc4nmAjSsRsOP0Gbg
Protecting O365 Data with App Enforced Restrictions
Просмотров 1093 месяца назад
What is the end user's experience using Windows MAM? It's actually pretty good! Let's take a look. 01000011 01010010 01000011 Subscribe: ruclips.net/channel/UCS4FI0Hc4nmAjSsRsOP0Gbg
Windows MAM
Просмотров 603 месяца назад
Windows Mobile Application Management provides a way to secure Office 365 access from a personal Windows device. 01000011 01010010 01000011 Subscribe: ruclips.net/channel/UCS4FI0Hc4nmAjSsRsOP0Gbg
DUO MFA with Microsoft
Просмотров 4819 месяцев назад
How Duo MFA products work with Microsoft products including Entra ID Conditional Access, SSO, and RDS 01000011 01010010 01000011 Subscribe: ruclips.net/channel/UCS4FI0Hc4nmAjSsRsOP0Gbg
Entra Application Proxy and Private Access
Просмотров 1,2 тыс.10 месяцев назад
Entra ID Application Proxy and Private Access are two ways to offer remote access to on premises applications. Both work through the Application Proxy connectors. Private Access is part of Global Access. 01000011 01010010 01000011 Subscribe: ruclips.net/channel/UCS4FI0Hc4nmAjSsRsOP0Gbg
AutoForward Glitch in the Matrix
Просмотров 2311 месяцев назад
There is a glitch in the Microsoft outbound MDO anti-spam policies that could allow automatic forwarding of all users even if it is set up to block forwarding. I have recreated this glitch in one of my dev tenants and it is real! Watch now for the details and avoid this glitch!!! 01000011 01010010 01000011 Subscribe: ruclips.net/channel/UCS4FI0Hc4nmAjSsRsOP0Gbg
Privileged Identity Management
Просмотров 4011 месяцев назад
01000011 01010010 01000011 Subscribe: ruclips.net/channel/UCS4FI0Hc4nmAjSsRsOP0Gbg
Microsoft 365 Defender Overview
Просмотров 12011 месяцев назад
01000011 01010010 01000011 Defender does not describe a product. "Defender" describes a brand that contains several products. "Microsoft 365 Defender" is a sub-brand that contains security products for the Microsoft Modern Workplace, or Office 365, cloud services. There are four main products within this brand: -Defender for Endpoint -Defender for Office -Defender for Cloud Apps -Defender for I...
Privileged Identity Management in Azure AD
Просмотров 45Год назад
01000011 01010010 01000011 Subscribe: ruclips.net/channel/UCS4FI0Hc4nmAjSsRsOP0Gbg
Mobile Application Management: What's if for?
Просмотров 139Год назад
Mobile Application Management: What's if for?
Secure Boot, Trusted Boot, Measured Boot, ohmy!
Просмотров 1,5 тыс.Год назад
Secure Boot, Trusted Boot, Measured Boot, ohmy!
Blocking Personal Windows Devices in Azure AD
Просмотров 2,7 тыс.2 года назад
Blocking Personal Windows Devices in Azure AD
Windows Devices and Azure AD Authentication
Просмотров 2213 года назад
Windows Devices and Azure AD Authentication
Thank you for this detailed and clear explanation of the AD Sync process and how to fix this issue. Enjoy your new sub. Can you briefly explain what happens if an AD hybrid sync that hasn't happened in a while, happens? Recently found that while the AD password hash sync has been working, the directory sync has not been syncing for months.
Awesome, so grateful that you put this out !
Great video. Sadly this behavior is in ALL industries. Bought a car lately?
Nice vid! thanks.
Great video! Love the content!
But how do I know the corporate or office laptop as device per user into the Windows AD or AAD?
This is the best and most in-depth explanation I've heard. Thank you sir.
The video i just needed after finding this great channel! -trinity ?😅
how do I contact you to engage in a project?
Hello, thank you for this video. We have some staff members who have used their personal laptops to access corporate data (Emails/Onedrive) and these are now appearing as 'Registered' laptops in Azure. I would like the policy to block all personal devices. Once I enable the settings you mentioned in the RUclips video, will it block those personal devices even though they have been previously 'Registered' in Azure?
Sir, I appreciate it. keep it up...
Pls make similar kind of tutoriuls. Nice explanation .
Thank you. I'll try. I have to be the Jack of All Trades, so sometimes they're not that detailed. I appreciate it!
Thank you for sharing. AWESOME explanatrion
Thank you this is great!
IdFix in settings have a SearchBase but how use a space for OU, ex: ou=!HQ Poland,ou=Corpo,ou=local ? I try ' or " in differ forms and not work.
how would you block Windows endpoint from registering to AAD (not intune) ?
Thank you so much. Great Video.
You're Very welcome. Sorry for the delayed response. You probably don't remember commenting! ;)
First 5 minutes have been better explanation than I've found in last 2 hours! Thank you!
This was an extremely good overview of App Protection Policies. Thank you!
Thanks for these explanations. I better understand now what my colleages are doing. And by the way the guitars on your wall triggered me to do myself a pleasure. So I just bought me a Fender Vintera 60s Telecaster.
Does this work inaddition to the 2FA that a bank or credit card service uses. My bank and cc uses such over my phone now. So would an authenticator app do a second verification after the bank does theirs? Or am I not understanding this?
Do you have to get authenticator apps for different devices, or will one authenticator work on all devises? Android cell, tablets, PC desktop, etc????
Thanks for this tutorial !
Thank u!
What happens to devices that are already enrolled as personal devices in my environment after I set the personally owned Windows(MDM) to block? Can't seem to find anything concrete about that online.
The block only applies to devices at the time of enrollment. So, if they're already there, you're fine. But if you wipe them and they come in as personal again, they'll be blocked. Easy fix is to add them to the Autopilot device list by making sure all your existing devices (especially non-autopilot) are assigned an Autopilot profile that has the "Convert all devices to autopilot" checked.
@@SecureCRC Thank you so much for the quick response, much appreciated! Subscribed
@@SecureCRC would this block also affect OOBE Personal use or Setup for an Organisation without Deploying auto pilot? I just want to block azure Ad join and schoo/ work join from inside the windows under accounts for windows 10 and 11. Can it be done using your video?
Thanks for the share. I use AD registered devices in many use cases for example consultants that require access to a particular application, also with registered device you can use conditional access to limit access to only what is required.
thanks Darren. How are you distinguishing the AzureAD Registered devices in the CA Policies. By Azure AD attribute?
Great explanations!
Great video thanks very much!
Hi I’m having some issues with synchroniza, so when I create an user on ad it’s should show on office 365 but it’s not I can’t add any user into group through ad because of synchroniza any solution.
There is a sync services tool on the AD Connect server. look for sync errors. you can see these in the Entra portal also under the Hybrid node. It's probably a sync issue because of more than one account that has a duplicate property like email address.
Excellent demonstration and explanation.
You're Very welcome. Sorry for the delayed response. You probably don't remember commenting! ;)
Excellent explanation. Thank you!
Awesome video, thank you!
You're Very welcome. Sorry for the delayed response. You probably don't remember commenting! ;)
Excellent video
You're Very welcome. Sorry for the delayed response. You probably don't remember commenting! ;)
I can see my local AD users in Azure AD but Azure AD users are not synced in local AD
AD Connect is a one-way sync. from AD to EntraID (azure AD)
AD Connect is a one-way sync from AD to EntraID (Azure AD). it does not sync backward.
Thank you so much for taking the time to advise us on Authenticator Apps, but theory sometimes can be confusing. An example is way much better and solves many, if not all, questions.
My Microsoft Authenticator App is producing an 8 digit token instead of a 6 digit token…I need this 6 digit token to finalize my global entry card activation. This is very frustrating. Does anyone know how I can get my Microsoft Authenticator to produce the 6 digit code instead of this 8 digit codes that I’m getting?
Cannot log i to MS365. Getting message to protect my account and leading me to MS Authenticator. So annoying.
helpful explanation, thanks!
Can We sync the ad group from azure ad group as it is easy to add users in azure ad group. And then sync with ad group on-premise.
you can turn on group-writeback in AD Connect wizard
Great video, though correct term is 'on premiseS' ...
You're Very welcome. Sorry for the delayed response. You probably don't remember commenting! ;)
Someday it will take us longer to "authenticate" with lots more "layers" than the time spent on the apps...
Was stuck, followed so many sites. Came across you're really insightful video. Fixed my issue in a flash. Also what an awesome ImmutableID tool. Thank you so much!
You're Very welcome. Sorry for the delayed response. You probably don't remember commenting! ;)
Thank you for doing this amazing video. You’re brilliant!!! 😃
thanks!
You're Very welcome. Sorry for the delayed response. You probably don't remember commenting! ;)
4 mins of explanation cleared my doubts I was trying to clear since 4 days....just wow. Why cant everyone explain like this....
My thoughts exactly.
Thanks a lot for this awesome video, very informative. Question: is that possible to reverse the process where we get our users from azure for example 20 of them and get it synced to on premise?
Microsoft has a process called SMTP mapping that might work.
Well explained!!!!
Hello ! I have project about Azure AD Users and On-premises users should sync both Environment like Same users in Cloud and On-premises ! and they will be able to log in different environment with same usermane and password . have any solution for that!
AD Connect will create the users in both places. user password hash and they'll have the same password. However, the sync is one-way from AD to Entra ID. Not backwards to the on-prem domain.
Please provide the difference between ms-dsi-consistancy-guid and source anchor and immutable ID. Also it's working
the guid is the attribute name within on-prem AD. the Immutable ID is the attributes name in Entra ID (Azure AD). the two systems just call it something different. So, Joe's MS-DS-Consistency-GUID (or just Object-GUID) has the same value as his Immutable ID. Since the AD attribute can be one of several things including object guid or ms-ds...guid, we refer to the attribute that we choose for this purpose as the Source Anchor. MS-DS-Consistency-GUID is the most flexible and widely used attribute.
Thanks for great explanation
Exactly what I needed. Thank you.
You're Very welcome. Sorry for the delayed response. You probably don't remember commenting! ;)