There are a few ways to grant external access to an internal application without doing any port forwarding. The way to do this in Microsoft’s world is through an Entra Application Proxy. The name is a bit of a mess, as Microsoft renamed the Microsoft Entra application proxy program to Microsoft Entra private network connector.…
Microsoft 365 supports hardware security keys with passkeys. Passkeys are sometimes called FIDO2. Passkeys are one of many ways you can secure your accounts. In this post, I will show you step-by-step how to set up a passkey in Microsoft 365, including configuring a passkey with a break glass emergency access account. Prerequisites The Process…
The way I manage my email might seem a bit strange. Due to working in IT, I get lots of emails. Some emails need action, some are regular emails, and some are notifications I want to know about as soon as they happen. I feel like a normal person would make an Outlook rule to…
Microsoft recently introduced the public preview of External Authentication Methods in Microsoft Entra ID. I am very excited about External Authentication Methods as they finally allow third-party MFA providers like Cisco Duo to integrate better with Microsoft Entra ID (formerly Microsoft Azure AD). Microsoft has supported third-party MFA providers for years. The original method for…
Microsoft 365’s Stay signed in option is designed for user convenience but can increase security risks when used on public or non-corporately owned devices. The risk is due to the potential for unauthorized access to the user’s account and the resources they have access to. The stay signed in option, also known as KMSI (Keep…
A while back, Microsoft added a feature to SharePoint Online called Add shortcut to OneDrive. This feature adds a shortcut to the file or folder in another SharePoint site directly in your OneDrive. The Add shortcut to OneDrive feature is on by default. Depending on your setup, you may want to turn the Add shortcut…
A custom-themed Microsoft 365 sign-in page can augment the user experience by making it easier to tell if it is a phishing sign-in page, as it will help users recognize whether the login page is legitimate or not. It also adds a nice custom tweak to your Microsoft 365 tenant. In this post, I will…
Cloudflare Access is a wonderful tool that can add MFA (Multi-Factor Authentication) to applications that don’t support it. I’ve previously covered Setting Up Cloudflare Access using email OTP (One-time PIN). What I didn’t cover in that post was how to set up Cloudflare Access with an IdP (Identity Provider). In this post, I will show…
Microsoft has stopped deploying the original version of Microsoft Teams (now called Microsoft Teams Classic) with new Microsoft 365 apps installs. I’ve been using New Microsoft Teams for quite a while now and I honestly can’t tell the difference between the two anymore. An issue I do have with New Teams is that it doesn’t…
New Teams is a UWP (Universal Windows Platform) app and that presents its own challenges when it comes to system-wide mass installs. If you download the MSIX directly and install it, it actually tricks you into thinking it’s installed for all users but in reality, it is only installed for the user that downloaded and…
