Every Azure architect eventually realises the tenant works, but it is not engineered. Microsoft gives you the building blocks. It is your job to turn them into an identity architecture. Here are the configurations that should not remain in their default state. 1. Replace Security Defaults with Conditional Access Security Defaults are a starting baseline….
Tag: conditionalaccess
Microsoft Defender and Intune. How device risk becomes enforcement
Most descriptions of the Defender and Intune integration stop at vague phrases about improved security. That explains nothing. What actually matters is how risk signals move through the system, where decisions are made, and why this architecture is fundamentally different from traditional endpoint protection. This integration is not about antivirus management. It is about closing…
Stop treating Intune like “SCCM in the cloud”. Now add security, properly
A lit bit diff format, but lets see if you would like it my dear friends. So. Once security enters the picture, the illusion that Intune is “just SCCM with a web UI” collapses completely. In the SCCM world, security was something you layered on top. You deployed agents, configured settings, maybe pushed antivirus definitions,…
Goodbye VPN !!!? Microsoft Global Secure Access and the End of the Tunnel
For decades, VPN was the sacred cow of remote access. The one-stop solution: drop a fat encrypted tunnel over the internet and boom — your remote users are “inside.” Problem solved, right? Except no. In 2025, VPN is basically giving every intern a master key to the building. They don’t just get into the room…
🧨 SUDO, YOU HAD ONE JOB!
Hi, now any user can get root — and Microsoft told you this would happen “Don’t run as root!” — they shouted.“Use sudo, it’s secure!” — they said.Well guess what?Even a user not in sudoers can now gain full root access. All thanks to sudo‘s cozy little bug involving chroot, nsswitch.conf, and your complacency. 🧬…