Ru Campbell MVP

When we talk about Microsoft 365 security, we are talking about two things: - Securing Microsoft 365 the platform, such as Exchange Online, SharePoint Online, Microsoft 365 Copilot; ensuring they are hardened and monitored in proportion to risk appetite. - Us...

April 1, 2024, seen the release of Microsoft Copilot for Security to general availability (GA). It is a generative AI solution integrating with Defender XDR, Entra, Purview, and Intune. Just over a month later, it's time to write down some thoughts. In cybers...

Finally, it's time for a refresh.  It's been a while!  Due to personal circumstances, I haven't been able to keep the Ultimate Comparison of MDE by OS updated.  I've had time to dive into the changes since v5 and it's really been amazing to see MDE grow in sco...

Defender for Cloud Apps (MDA) is such a hidden gem. When talking with Microsoft 365 E5 customers, it's amazing how few of them really grab MDA and squeeze all they can out of it. It's often classified as a cloud access security broker (CASB) but that's an over...

Signals from across Microsoft's services and ecosystems inform Entra ID Protection to detect risk. The risk detections can alert administrators or, better still, combine with other Entra and Defender XDR capabilities to perform remediation and prevention. The...

It's a trope in IT circles: users forget their passwords. The greater your scale, the more time this can occupy with tickets, service desk calls, and so on. If you use Microsoft Entra ID (previously Azure Active Directory), self service password reset (SSPR) i...

Microsoft Defender Vulnerability Management (MDVM) is an often overlooked service that can be licensed standalone or is included in other Microsoft Defender licenses. In my experience, I've never seen it licensed standalone, but customers with Defender for End...

Exchange Online Protection (EOP) and Microsoft Defender for Office 365 (MDO) are the email and collaboration security services native to Microsoft 365. EOP is included at all levels of licensing for Exchange Online, with MDO bringing additional security capabi...

Entra ID's P2 license (previously Azure AD Premium P2) unlocks the Privileged Identity Management (PIM). PIM is part of broader identity governance features, and is most known for enabling just-in-time admin rights. For example, you are eligible to become an a...

Conditional Access (CA) is front and center of any attempt to secure Microsoft 365. If you've spent any time securing your tenant and Entra resources, you'll know what Conditional Access is by now, so we'll assume at least a level 200 understanding, skip the i...