Category: Compliance

Power Platform and customer-managed encryption key (preview) with some HSM

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 02/04/2023 0 Comments on Power Platform and customer-managed encryption key (preview) with some HSM
Posted in Azure, Compliance, IAM, Managed HSM, Security

This is huge for all the Power Platform users. Now you can use Key vault to store your key, if you aren’t familiar with concept of Key vault, let me open it a bit. What features will be supported? Power…

Continue Reading Power Platform and customer-managed encryption key (preview) with some HSM

Microsoft 365 Defender role-based access control

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 29/01/2023 0 Comments on Microsoft 365 Defender role-based access control
Posted in Azure, Azure AD, Compliance, Defender, IAM, Microsoft 365, Security

The new Microsoft 365 Defender RBAC model makes it simple to migrate existing permissions from the individual supported RBAC models to the new RBAC model. All permissions listed within the Microsoft 365 Defender RBAC model align to permissions in the…

Continue Reading Microsoft 365 Defender role-based access control

SQL Server 2022 and Azure ARC with Azure subscription model

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 28/11/2022 0 Comments on SQL Server 2022 and Azure ARC with Azure subscription model
Posted in Azure, Azure AD, Azure ARC, Compliance, Defender, IAM, Identity, Identity Platform, Microsoft Purview, On-premises, Powershell, Security, SQL

SQL 2022 has arrived and in this post I will try out the new setup that should have Azure ARC install embedded. Why to use Azure ARC with SQL 2022? One reason could be security, you will get these features…

Continue Reading SQL Server 2022 and Azure ARC with Azure subscription model

Do’s and don’ts concerning security for Identity part 6

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 13/11/2022 0 Comments on Do’s and don’ts concerning security for Identity part 6
Posted in Azure, Azure AD, Compliance, Conditional access, Identity, Identity Platform, Microsoft Authenticator, Security

Continuing with the do’s of Identity and supposing that you are in part of your journey that you have either Hybrid or fully cloud-based identities. In the last part I covered how you can create your own roles and use…

Continue Reading Do’s and don’ts concerning security for Identity part 6

Section 4 – Evaluate Governance Risk Compliance (GRC) technical strategies and security operations strategies – Design a regulatory compliance strategy

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 17/08/2022 0 Comments on Section 4 – Evaluate Governance Risk Compliance (GRC) technical strategies and security operations strategies – Design a regulatory compliance strategy
Posted in Azure, Compliance, Microsoft Purview, Security

This is the fourth section to my SC-100 study guide and it will cover the following topics: Interpret compliance requirements and translate into specific technical capabilities (new or existing) Evaluate infrastructure compliance by using Microsoft Defender for Cloud Interpret compliance…

Continue Reading Section 4 – Evaluate Governance Risk Compliance (GRC) technical strategies and security operations strategies – Design a regulatory compliance strategy

Section 2 – Design a Zero Trust strategy and architecture – Design a security operations strategy

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 03/08/2022 0 Comments on Section 2 – Design a Zero Trust strategy and architecture – Design a security operations strategy
Posted in Azure, Compliance, ESLZ, Security, Zero trust

And time for the second section for my SC-100 study guide: Design a logging and auditing strategy to support security operations Develop security operations to support a hybrid or multi-cloud environment Design a strategy for SIEM and SOAR Evaluate security…

Continue Reading Section 2 – Design a Zero Trust strategy and architecture – Design a security operations strategy

How handle security in a Power BI environment?

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 22/04/2022 0 Comments on How handle security in a Power BI environment?
Posted in Azure, Compliance, Data Loss Prevention, Identity, Microsoft 365, Microsoft Purview, Power BI

Data platforms are used in many places and Power BI is one solution to generate visual reports from different sources refined in Data platform. In this post I will cover some of the security solutions for Power BI but first…

Continue Reading How handle security in a Power BI environment?

Microsoft Compliance rebranded as Microsoft Purview

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 20/04/2022 0 Comments on Microsoft Compliance rebranded as Microsoft Purview
Posted in Azure, Azure Information Protection, Compliance, Data Loss Prevention, Identity, Information Barriers, Microsoft Information Protection, Microsoft Purview, Retention, Security

What? Microsoft rebranded Microsoft 365 compliance to Microsoft Purview and the solutions within the compliance area. Azure Purview is now Microsoft Purview, which makes a lot of sense as they all belong under Compliance offering. How to access? Open the…

Continue Reading Microsoft Compliance rebranded as Microsoft Purview

Some of my personal favorites for auditing Microsoft environments

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 24/03/2022 0 Comments on Some of my personal favorites for auditing Microsoft environments
Posted in AAD Connect, ADFS, AIP, Azure, Azure AD, Azure B2B, Azure Information Protection, Compliance, Conditional access, Data Loss Prevention, Identity, Microsoft 365, Security

Professionals are always finding out ways to report M365 or Azure environments, automating activities or remediating threats. There is insane amount of content available to achieve these goals but I want to list some of my favorites in this post….

Continue Reading Some of my personal favorites for auditing Microsoft environments

Information barriers, the GUI experience (Public preview)

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 02/02/2022 0 Comments on Information barriers, the GUI experience (Public preview)
Posted in Azure, Compliance, Identity, Information Barriers, Security

This pic above is exactly the opposite of how information barriers work. So how it works? When information barrier policies are in place, people who should not communicate or share files with other specific users won’t be able to find,…

Continue Reading Information barriers, the GUI experience (Public preview)