Want to avoid embarrassing or expensive data breaches? Check SSW's Security consulting page.
Watch the best security videos on SSW TV for free.
Authentication and authorization are complicated, and it is risky to try and implement them yourself. Use this rule as a guide on choosing the right service or framework for your situation.
Web security patterns are a lot like fashion trends. What looked sharp ten years ago now feels outdated, and the styles everyone thought would last forever sometimes vanish in a season. Cookies, tokens, proxies, they’ve all had their runway moment.
Let’s take a light-hearted but practical tour of how browser security has evolved - from the early days of cookies, to the heyday of SPAs, to the modern approaches.
Passwords are a traditional technology that create security vulnerabilities through reuse, breaches, and phishing attacks. Passwords remain a weak point in your security chain.
Passkeys represent the next evolution in authentication, providing phishing-resistant, seamless integration with biometric technology, and passwordless security that's both more secure and more convenient than traditional methods.
Protecting your Remote Desktop connections is crucial in today's cybersecurity landscape. One effective way to enhance security is by using Azure MFA (Multi-Factor Authentication) in conjunction with the Azure MFA NPS (Network Policy Server) extension. This setup ensures that even if an attacker obtains a user's credentials, they still need a second form of authentication to gain access, significantly reducing the risk of unauthorized access.
Do you know who is entering your premises, when, and how? Keys or key-cards can be expensive, they can be lost, and people can loan them to one another without any restriction.
As developers when we think security we commonly become fixated with issues in the code, out of date software versions or incorrectly configured firewalls. However, we miss one glaring vulnerability which there is no patch for: Users.
Social engineering is a technique which mixes art and science to exploit common human behaviours to compromise information systems. The following is a classic example of social engineering performed over the phone.
The following checklist is a good example of areas to focus on:
There is a more comprehensive list here on GitHub: A practical security guide for web developers.
Did you know that you can stop your users from logging into any of your Azure or Office365 resources based on the location they are in? What about the types of devices that they can connect from or only allowing connections that use MFA? These things are all possible to restrict.
This seriously limits the attack surface and also helps to stop compromised devices and accounts from being used.
Microsoft Defender XDR is an enterprise endpoint security platform designed to help enterprise networks prevent, detect, investigate, and respond to advanced threats. It is managed at https://security.microsoft.com/
In today's complex digital landscape, managing user access to resources can be a daunting task for organizations. Entra Access Packages emerge as a game-changer in this scenario, offering a streamlined and efficient approach to identity and access management.
By bundling related resources into cohesive packages, they simplify the process of granting, reviewing, and revoking access. This not only reduces administrative overhead but also enhances security by ensuring that users have the right permissions at the right time. Furthermore, with built-in automation features like approval workflows and periodic access reviews, organizations can maintain a robust and compliant access governance structure. Adopting Azure Access Packages is a strategic move for businesses aiming to strike a balance between operational efficiency and stringent security.