Categories
Cloud advice

Azure Active Directory – Issues with User Consent

This blog has been written in collaboration with the Jisc Trust & Identity and Cyber Security teams. Jisc has recently become aware of a potential security risk associated with the default Azure Active Directory (AAD) security settings that are commonly in place across our membership. If your organisation uses AAD (or plans to use it), […]

Categories
Cloud advice

Remote access and Zero Trust

Zero Trust is a concept which has been around for at least the last decade. Whilst organisations were aware of it and implementing aspects of a Zero Trust architecture, it was not until 2020, for obvious reasons, that pretty much every organisation was forced into thinking about its adoption; responding to a distributed and fragmented […]

Categories
Cloud advice

ADFS – Moving away from federated 365 authentication

Single sign-on (SSO) plays a key part in providing a secure authentication solution. However, the architecture and authentication flow of these solutions are paramount in ensuring that your identity broker retains its availability and integrity. IAM makes up a core component of the NCSC Cloud Security Principles. Therefore, when implemented it is important that the […]

Categories
Cloud advice

Top 10 security tips for deploying and using Teams

Unsurprisingly, the world and its dog appear to be shifting large amounts of their collaboration activity (team chat, shared documents, meetings and telephony) into Microsoft Teams right now. Here are our top 10 tips for rolling-out Teams securely. This is particularly important given the large number of people now working from home. Whilst some of […]