With many institutions reassessing their virtualisation strategy in light of recent VMware licensing changes, conversations across the sector increasingly focus on alternative platforms, long‑term resilience and the future balance between on‑premises and cloud infrastructure. For some, this is also a natural moment to step back and rethink architectures that have been in place for more […]
As we begin a new year, it’s the perfect moment to look back at how OCRE 2024 has shaped cloud adoption across UK research and education since its launch last year. OCRE 2024 officially launched on 3 February 2025, marking the third iteration of GÉANT’s cloud procurement frameworks and the second under the OCRE branding. […]
If you are looking for a free way to monitor for emergency account usage, and you have A3/A5, you can use Defender for cloud apps. Note this isn’t as realtime as sentinel or Azure Monitor. Before creating the alert policy, you will need to turn on the additional app connector options for Defender for Cloud […]
Overview Microsoft is retiring the legacy MFA and SSPR policies by 30th September 2025 as part of its modernisation path. Migrating to the new Authentication Methods policy offers more precision, central control, and futureproof cloud environment. The new Microsoft Entra ID authentication method policy offers a unified, modern way to manage your organisation’s authentication methods, […]
Introduction Break glass accounts are your emergency lifeline, providing privileged access when the identity system fails and no one can sign in to access organisation resources due to outages, breaches, lockouts, or misconfiguration. These accounts are critical for maintaining control and continuity but must be tightly secured, rarely used, and continuously monitored. ⚠️ Why They […]
Security Best Practices Using Only the Org Settings Portal Microsoft 365 provides robust tools for businesses of all sizes, but with this power comes responsibility. Securing your tenant doesn’t always require premium licenses or access to multiple admin portals. You can significantly improve your organisation’s security posture using only the Microsoft 365 Admin Centre’s “Org […]
Introduction In today’s threat landscape, cloud based VM hardening is a best practice that’s actively recommended by industry frameworks and security tools, including CIS Benchmarks, vulnerability scanners like Nessus, cloud-native tools/frameworks such as AWS Inspector, Azure’s Defender for Cloud and more! Just to clarify, virtual machine hardening is essentially the process of securing virtualized environments […]
Categories
Road to CE: eduroam
In an ideal world we’d be using certificates to authenticate to eduroam, but without that you can make the experience a lot easier for managed users, when their laptop sees eduroam it will ask them just for their username (email/upn) and password, and will not ask for the certificate to valid. Hopefully I’ll have another […]
Unlocking the full potential of your AWS environment: the case for third-party management in public sector organisations The UK public sector increasingly uses cloud technology to deliver services efficiently and securely. AWS is popular for government departments, educational organisations, and non-profit organisations because it offers scalability, security, and innovation. However, managing an AWS environment at […]
We are thrilled to announce the launch of the OCRE 2024 Framework, a significant initiative designed to transform the procurement of public cloud services for research and education institutions across the UK and Europe. Starting from 3rd February 2025, this new framework offers a comprehensive suite of cloud solutions tailored to the evolving needs of […]