banner-why-daymark.jpg

Information Technology Navigator

Tips, Advice & Insights from Technology Pros

Optimizing O365 Impossible Travel

Cloud security is a constant concern for organizations of every size. Stopping malicious actors from accessing your company’s systems and data is a top priority, but is made difficult by the number of different exploit techniques coupled with the sophistication of the attacks. One area of particular concern is legitimately compromised user credentials. For example, if a password I use frequently (maybe even a strong one) is exposed in a breach of an e-commerce company. The malicious actor located in Moscow who obtains this userID (likely an email of mine) and password then does a quick lookup on LinkedIn and finds that I work at Daymark. From here, the exploit is obvious. They now have a legitimate username and password combination and while we do employ multi-factor, there are constant threats to that.

Read More
Tue, Apr 06, 2021
Share:   

Securing Identities with Zero Trust

As COVID forced organizations around the world to send their workforce home, creating the work from home (WFH) phenomenon, IT and security teams rapidly focused on Zero Trust approaches to security to mitigate challenges of enabling secure remote work. Modern workplace employees are getting their work done any way they can these days – using personal devices, sharing data through new services, maxing out home WiFi, and collaborating outside the confines of traditional corporate network security. It has created an IT balancing act between security and WFH productivity.

Read More
Tue, Jan 26, 2021
Share:   

Conditional Access – Deployment Best Practices

Conditional Access in Azure AD provides a level of security required to maintain appropriate controls over who can access confidential and privileged information. It was the topic of discussion at our most recent “Ask the Engineer Q&A Roundtable” where attendees learned tips for a successful Conditional Access deployment and got answers to their specific questions.

Read More
Mon, Jun 15, 2020
Share:   

Teams Usage Reports – Ensure Your Employees are Leveraging Teams

It’s a crazy time out there. Businesses have been mandated by state governments to enable employees to work from home. Literally overnight, there have been massive shifts to connect people remotely. Suddenly even your grandparents know what Zoom is!

Microsoft Teams is playing an integral part in facilitating remote communication and collaboration. Most companies with Office 365 subscriptions already have licenses for this product, but just now are really rushed to enable Teams for the massive increase of remote workers.  

Read More
Fri, Apr 10, 2020
Share:   

State-Backed Hackers Targeting All Exchange Servers

On February 11 2020, Microsoft released a patch for Exchange Servers that would fix a vulnerability pertaining to unauthorized access to the backend of the Exchange Control Panel. There is now confirmation from a source at the United States Department of Defense that multiple nation-state backed actors and other ransomware gangs are actively and maliciously exploiting this vulnerability on unpatched systems. The vulnerability results from the Exchange Server failing to properly create unique cryptographic keys at the time of installation. The hackers’ sophisticated exploits circumvent encryption, granting them full access of the server.

It is imperative that the latest patches from February 11th be applied as even a single Exchange instance puts you at risk.

Read More
Tue, Mar 10, 2020
Share:   

Microsoft Ignite The Tour: Worth the Trip

Microsoft has a well-known yearly user conference in Orlando called Ignite. But did you know there is a smaller, free version of this conference? Microsoft Ignite The Tour is set to hit 30 cities around the world in 2020, including two U.S. cities: Washington DC, Feb 6-7th and Chicago, April 15-16th.

I had the benefit of attending the first 2020 event in Toronto earlier this month. In this blog, I’ll review the unique format of this event and share my personal highlights. Hopefully, I’m able to convince a few admins and business users to attend.

Format:

Read More
Mon, Jan 13, 2020
Share:   

Microsoft Teams – 10 Deployment Tips

Microsoft Teams is the cloud-based collaboration solution in the Office 365 suite that integrates business messaging, calling, video meetings and file sharing. It is Microsoft’s replacement for Skype for Business.

Read More
Thu, Nov 21, 2019
Share:   

Understanding Office 365 Impossible Travel

Impossible travel. Is it sending a human to Saturn or Venus? Well maybe, but in the context of Microsoft Office 365, Impossible Travel is a security feature that is a great indicator of potential hacking attempts. The concept is straightforward. If you login to Office 365 from your office in Boston and then 20 minutes later you try to login from Dallas, or you login from home in Chicago and five hours later from Beijing, Office 365 basically says “wait a minute, that’s impossible” and it denies login from Dallas and immediately sends an IT security alert.

Read More
Wed, Oct 23, 2019
Share:   

Cloud Solution Providers Bring Escape Velocity to O365

Why Office 365?

The speed of business is requiring IT to create, secure, and scale resilient services, prompting enterprises to move away from on-premises data centers to the cloud. Microsoft Office 365 (O365) is an attractive option for organizations that need to innovate at what feels like “escape velocity” speeds. 

Read More
Thu, Aug 08, 2019
Share:   

Nuances of Azure’s Shared Responsibility Security Model

The benefits of migrating applications to Microsoft’s Azure cloud make a very compelling business case – agility, scalability, a pay for what you use cost model, etc. But as you move workloads to Azure, don’t assume they are automatically protected, because while Azure does ensure a secure infrastructure, you are responsible for ensuring protection of your data – not Microsoft.

It’s all detailed in Microsoft’s Shared Responsibility Security Model. Understanding where the Shared Responsibility model starts and stops is critical to ensuring your data is secure and compliant. Here are some key considerations:

Read More
Wed, Feb 27, 2019
Share: