Emergency Access Account Use Alerting in Azure Active Directory

When implementing broader security controls in Azure Active Directory, it is a best practice to create an “emergency access” or “break the glass” account that is not subjected to those controls. The purpose of this account is to use for remediating issues with those controls. If Azure MFA is broken, for instance, a privileged account … Continue reading Emergency Access Account Use Alerting in Azure Active Directory

Pester for Infrastructure Validation

I have been using Pester and integrated it with my dxExchange.WebServices module following HDD/TDD practices. I have wanted to start incorporating Pester testing into cloud configuration validation and management for some time, but never really got around to it. A couple of weeks ago, I participated in a Network DevOps course facilitated by Nick Russo … Continue reading Pester for Infrastructure Validation

The Time for MFA is NOW

During Microsoft Ignite 2017, Microsoft was promoting the #DeathToPasswords hash tag rather aggressively and socializing the problems that exist with passwords. Many of the highlights focus on the ineffectiveness of passwords, policies, and updated guidelines from NIST. One very interesting session involved a demo showing a Password Spray tool. Password Spraying is a nuanced means … Continue reading The Time for MFA is NOW