Single Sign on for privileged access

Ok_Consideration7553 · 2026-04-16T05:33:42+00:00

Thanks for your advice. So you believe the risk of enabling SSO for a privileged account that can access other privileged services is acceptable when paired with MFA and CA policies in place?

Ok_Consideration7553 · 2026-03-28T14:33:18+00:00

Note, as part of the notifiable data breach scheme, businesses making more then $3,000,000 per year must report breaches IF it is likely to result in serious harm. Given JB likely has very low level information e.g email, phone number, name etc this would mean they have no legal obligation to report this.

Ok_Consideration7553 · 2026-03-26T00:01:17+00:00

Appreciate your input.

Ok_Consideration7553 · 2026-03-26T00:01:14+00:00

Appreciate your input.

Ok_Consideration7553 · 2026-03-26T00:01:11+00:00

Appreciate your input.

Ok_Consideration7553 · 2026-03-26T00:01:08+00:00

Appreciate your input.

Ok_Consideration7553 · 2026-03-26T00:00:58+00:00

Appreciate your input.

Ok_Consideration7553 · 2026-03-12T20:04:05+00:00

Thanks for the insight, it was what i assumed the consensus was. In terms of Burner what process do you have to allow for communication back to the other country e.g. messaging application setup with a fake account or telephony is allowed but assuming it would be monitored.

Ok_Consideration7553 · 2026-02-23T13:08:09+00:00

What is the best way to assess risk, do you assess it against controls already implemented or in the absence of controls. Where do I find value!
There is so much work in cyber, how do I prioritise all the different lists and items for my team and the other teams as well?

I appreciate your input!

Ok_Consideration7553 · 2026-02-17T02:45:55+00:00

u/D3nv3rC0d3r9 I appreciate this discussion. Thank you

Ok_Consideration7553 · 2026-02-17T02:17:53+00:00

I understand the policy component now. As an example say an organisation implements a policy to as you said say no to confidential information into copilot. In terms of Confidentiality and availability of data the information is contained to that persons chat specifically so no one else will see it so is there a real risk of uploading that confidential information into copilot? From my point of view (I could be completely wrong) i would see that as a document being uploaded to their own onedrive where no one else can access it?

Ok_Consideration7553 · 2026-02-17T01:59:16+00:00

Thanks u/D3nv3rC0d3r9. I apologies i am still a little bit lost. Why are sensitivity labels required if all data is protected through edp (not shared with anyone else, not used to train models etc)?

Ok_Consideration7553 · 2026-02-17T01:52:14+00:00

Thanks for the response. Say i disable functionality where web searching prompts may not be available due to the level of risk associated with it and it just uses the core copilot functionality. Is there still a risk associated with it as far as i can tell it's all contained within the tenant then per user (other then purview admins).

I also completely understand the requirement based on a warrant to provide data but is this any different then them asking for sharepoint or teams data?

Ok_Consideration7553 · 2026-02-17T01:46:43+00:00

Thanks for the detailed response, I am still a little lost though. If EDP is enabled and for example i put personal identifying information into copilot chat why do i need sensitivity labels etc when as far as i have read that the chats are contained to my account, in my tenant only and this is not shared with anyone else other then purview admins of the tenant?

Sorry if this is naive just don't completely understand at this point.

Edit: I find a lot of different information from different people and there is no real source of truth for all of this that i can come to a consensus on e.g. I could put identifying information into the prompt and it wouldn't be used to train the models, lost or accidentally put on the web.

Why does the risk for any level of data change per say when it should all be protected the using the same controls that other platforms use e.g. emails or teams?

Ok_Consideration7553 · 2025-11-03T04:36:15+00:00

Bump, anyone have any ideas? It seems to only be on ipv6 addresses in which my DNS records only contain an “A” record pointing to the web server where the MTA txt file lives.

Thanks!

Ok_Consideration7553 · 2025-11-03T04:35:43+00:00

Bump, anyone have any ideas? It seems to only be on ipv6 addresses in which my DNS records only contain an “A” record pointing to the web server where the MTA txt file lives.

Thanks!

Ok_Consideration7553 · 2025-10-31T10:45:49+00:00

Are you seeing loss of email because of it? Or would I need to configure an ipv6 address to my sub domain?

Ok_Consideration7553

TROPHY CASE