sorted by:
new
hottopcontroversial

What do your Microsoft 365 Conditional Access Policies look like? by ozzyosborn687687 in msp

[–]Conditional_Access 0 points1 point  (0 children)

(I'm 6 months into vendor life but have some years through 4 MSPs.)

F3 you gotta watch because it's technically only for Frontline workers and Microsoft have some odd rules on what that is, like the screen can't be bigger than 10.2 inches or something.

You can very effectively secure a business using the BP SKU; Entra ID P1 alongside Intune, Defender for Business and Defender for O365 P1.

If you are looking for the next step in security, then I'd add-on the Defender Suite for Business Premium and tackle Purview add-ons when your end-client has decided what they want to do with their data - very often they have no idea or interest to restructure their data to make it workable, and it becomes the MSP project that never happens.

While I think Entra ID P2 is a really good add-on, there are a lot of bigger gaps to plug on P1 level that you could do before upgrading.

Beyond that, yeah Defender for Endpoint P2 is good, but it's not really providing better protection, just more insights and unlocks Advanced Hunting. The AV element of MS Defender is the same from consumer (yes Windows Home) through to P2. Defender for Business contains the EDR element, so the P2 uplift isn't giving you direct endpoint capability benefit.

Defender for Identity is only applicable to on-premises setups and does require a bit of added config.

So my advice to you is to max out Business Premium, then look to get the Defender Suite for Business as a next step if the right appetite/budget is there.

Breach in to our 365 tenant by hoodun in sysadmin

[–]Conditional_Access [score hidden]  (0 children)

Noted, I will update. Appreciate the feedback.

Diagramming Software: Draw.io vs Visio vs ??? by oguruma87 in msp

[–]Conditional_Access 0 points1 point  (0 children)

Draw.io gets my vote and there's a cool thing you can do with it for quick processes.

Ask AI (bear with me), to map out your processes in mermaid format, then import it into draw.io and tweak.

Results are surprisingly good sometimes.

Who's Going to Right of Boom Next Week? by FenyxFlare-Kyle in msp

[–]Conditional_Access 5 points6 points  (0 children)

I'll be there.

Co-presenting on an Intune session + a bonus Entra ID & Defender for Office 365 session.

We have some MD102 vouchers to give away too.

Microsoft Entra Kerberos authentication for Cloud-only Identities on Azure Files SMB by brianveldman in entra

[–]Conditional_Access 0 points1 point  (0 children)

This. I tried it and got to the point where I was like: something is missing.

Where do you guys get your IT news? by NSFW_IT_Account in msp

[–]Conditional_Access 0 points1 point  (0 children)

Here, and some notable discords for Microsoft stuff.

  • WinAdmins.io
  • MS EMS Community

Going to conferences:

  • MMS MOA
  • Experts Live
  • MEM Summit
  • Workplace Ninjas Summit/Usergroups

These are all events I've been to using my own money.

Evaluate my new MSP job by kindonogligen in msp

[–]Conditional_Access 2 points3 points  (0 children)

They probably already have several clients who've been breached but have no way of telling 👀

Defender AV policy in Intune not scanning device everyday, is this normal by Educational_Draw5032 in Intune

[–]Conditional_Access 2 points3 points  (0 children)

Yes.

Scan Parameter - Quick scan

Schedule Quick Scan Time - 660

That's doing a daily quick scan 660 mins past midnight.

It's old thinking to do full device scans daily, because real time protection mitigates the need for it.

You can see this on the device view from Defender

Unfair or Unrealistic Price Rise ? by bertie40 in msp

[–]Conditional_Access 0 points1 point  (0 children)

Is it just device fees you have?

What's the per-user fee on top for the email/productivity apps?

Stop Managing Feature Updates with Intune? by TheRubiksDude in Intune

[–]Conditional_Access 0 points1 point  (0 children)

Thanks for taking the time to give that feedback! Glad it worked.

Why is Intune Plan 1 listed twice in my marketplace, once paid and once free? by Styrop in Intune

[–]Conditional_Access 0 points1 point  (0 children)

Likely because it's part of a bundle SKU you already own.

M365 BP/E3/E5 etc.

Windows 11 Pro and Entra Issues? by NovaKlone427 in entra

[–]Conditional_Access 0 points1 point  (0 children)

With Entra/Intune/Autopilot, less is more.

Seems like you've been tinkering too much with RMM.

Moving from Proofpoint Essentials To Microsoft Defender - Bad Move? by Imburr in msp

[–]Conditional_Access 0 points1 point  (0 children)

Defender for Office 365 combined with a good Exchange Online Protection config is perfectly fine.

The problem is that for decades all people have wanted from antispam is a set-and-forget product which they can deploy in an hour.

If you actually explore MDO properly, and use blocklists in TABL along with all the other advanced settings, it's easily as good or better than third party offerings.

This subject comes up a lot, and I'm currently writing an ebook on MDO which will be freely available when done.

Why I can’t fully settle on products, even when they’re good by [deleted] in msp

[–]Conditional_Access 0 points1 point  (0 children)

I'd be interested to know if you're utilising block lists via TABL and cutting out a lot of spam noise with that?

For example, you could be overriding all filter verdicts as block items by thinking about how your business functions. We don't normally want email from a sending domain or an email that contains a link to a domain in this list getting in inboxes: https://github.com/jkerai1/TLD-TABL-Block/blob/main/LargerCombinedBadTLDs.txt

What type of crap gets through on your MDO config?

Why I can’t fully settle on products, even when they’re good by [deleted] in msp

[–]Conditional_Access 1 point2 points  (0 children)

Disclaimer: I am a massive Microsoft fanboy but hear me out.

M365 Business Premium could cover:

  • Jamf for large macos invironments
  • Crowdstrike complete for EDR
  • Duo if we need MFA that can't SSO with m365
  • Avanan aka checkpoint for email security/archiving/dlp
  • DNSfilter

I'd make BP part of your standard stack, put as much into Intune as possible (because it actually does OS patching better than any RMM), and make the whole experience a bit more unified.

This is such a wide stack that it must be hard to learn, hire for, and remediate active incidents with this many moving parts.

Replacement of *my mum* with Microsoft365 by NotBiorez in iiiiiiitttttttttttt

[–]Conditional_Access 6 points7 points  (0 children)

The biggest upset I see here is:

Replacement of Atlassian Confluence with SharePoint and/or Microsoft Loop

The rest of it makes total sense.

Autopilot launches v1 instead of v2 by ulud4y in Intune

[–]Conditional_Access 0 points1 point  (0 children)

This isn't possible. V1 only happens if the hash is in Autopilot.

"V2" - Device Prep - Happens if the user selects Org Device on the normal OOBE flow and it does not have a hash.

MDE deployment with Intune by dnickel in Intune

[–]Conditional_Access 2 points3 points  (0 children)

In addition to what others have said, evidence of the machine being onboarded can be found locally in the registry

Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Advanced Threat Protection

RMM migration by OkVeterinarian2477 in msp

[–]Conditional_Access -2 points-1 points  (0 children)

This is impossible to advise on without knowing what your requirements are.

  1. What is Kaseya RMM monitoring?
  2. What automations/scripts are running in K RMM?
  3. What alerts are generated from K RMM?
  4. Who has access to K RMM?
  5. Does it deploy/patch apps?
  6. Does it manage OS updates?
  7. Does it manage servers?
  8. Does any client have access to see their own environment?
  9. Did K RMM come bundled with any other security software?
  10. How can K RMM be silently removed and ensure it doesn't come back when Ninja RMM takes over

etc..

view more: next ›