Ru Campbell MVP

Understanding Modern vs. Legacy Authentication in Microsoft 365

January 24, 2021

Since October 2019, Microsoft has enabled Security Defaults by default in new Microsoft 365 tenants. Security Defaults are a group of best-practice security settings, and one of note is the disablement of all legacy authentication, which itself has been off i...

Store BitLocker Recovery Keys in Azure AD for Devices Already Encrypted

January 15, 2021

As you move from on-premises or third-party infrastructure to Microsoft 365 and Azure AD, you will want to keep those BitLocker recovery keys safe. You can store those keys either in on-premises Active Directory or in the cloud with Azure AD. The behavior of...

The 10 Technical IT Books of Most Influence on Me

October 28, 2020

In the name of transparency, or maybe stating the bleeding obvious, I confess I am that guy who can happily read an IT reference book or something like docs.microsoft.com or Practical 365 in the way someone else would read a popular fiction book. It's partly...

PowerShell: Run Cmdlet If Another Was Successful (And Keep Trying Until It Is)

October 23, 2020

Today I'm sharing a useful bit of PowerShell I gracelessly punt from script to script whenever I need to make sure a prerequisite it met before running something and to keep checking until it's met, then run what I need: "do X when Y is ready and keep checking...

The Difference Between Cloud App Security Discovery (CAD), Office 365 Cloud App Security (OCAS), and Microsoft Cloud App Security (MCAS)

September 7, 2020

Microsoft Cloud App Security (MCAS), Redmond's cloud app security broker (CASB) offering, is a powerful tool for investigating and pro-actively controlling your SaaS estate. It includes tools such as reverse proxying to control sessions and sits inside the Mi...

Protecting Sensitive Information in Windows 10 with Microsoft Endpoint Data Loss Prevention (DLP)

August 23, 2020

After being released to Public Preview last month (July 2020), I have finally had a chance to test out Microsoft Endpoint DLP. The management of endpoint DLP - that is, preventing sensitive information from leaving the host computer - comes up frequently in m...

Getting Started with Azure AD Identity Governance – Part 3: Privileged Identity Management (PIM)

August 16, 2020

This blog is the last in a small series on Azure AD Premium P2's Identity Governance toolkit. - Part 1: Entitlement Management - Part 2: Access Reviews - Part 3: Privileged Identity Management (PIM) (this post) PIM is an Azure AD P2 feature that enables just...

Getting Started with Azure AD Identity Governance – Part 2: Access Reviews

August 2, 2020

This blog is the second in a small series on Azure AD Premium P2's Identity Governance toolkit. - Part 1: Entitlement Management - Part 2: Access Reviews (this post) - Part 3: Privileged Identity Management (PIM) Historically, the apps, groups, and rights a...

Getting Started with Azure AD Identity Governance - Part 1: Entitlement Management

July 26, 2020

This blog is the first in a small series on Azure AD Premium P2's Identity Governance toolkit. - Part 1: Entitlement Management (this post) - Part 2: Access reviews - Part 3: Privileged Identity Management (PIM) Azure AD entitlement management is a bit of an...

Microsoft Defender for Endpoint Web Content Filtering - Migrate Rules from Existing Security Software

July 4, 2020

In my last blog, I wrote about web content filtering in MDATP and how it now allows you to block website categories on the client across all apps. Category blockers are great because, with one easy checkbox, you ban hundreds of thousands of dangerous on inapp...