DHS to Require Federal Agencies to Set Vulnerability Disclosure Policies

The Cybersecurity and Infrastructure Security Agency (CISA) publishes a draft document mandating a vulnerability disclosure policy and a strategy for handling reports of security weaknesses. The US government will require each civilian agency to create a public policy for software-vulnerability disclosure, as well as a strategy for handling any potential security weaknesses reported by researchers. 
Read more
1 Comment

How to set up Microsoft Cloud App Security

If you are running Microsoft Office 365, someone is probably out to get you. One way to investigate questionable Office 365 and other cloud sign-in activity is to use Microsoft’s Cloud App Security add on. To enable Cloud App Security, you must have an E5 license or purchase the Cloud App Security add-on.   To
Read more
3 Comments

6 Security Scams Set to Sweep This Summer

Experts share the cybersecurity threats to watch for and advice to stay protected. 1 of 7 (Image: hd3dsh – stock.adobe.com) We look forward to summer’s warm weather, travel plans, and maybe some added relaxation. Cybercriminals look forward to summer’s new opportunities for scams and targeted attacks. Seasonal threats aren’t new; for example, the holiday season
Read more
68 Comments

How to set up password policies in Azure AD Password Protection

If you are like most IT administrators, you have long had a mandate to change passwords on a regular basis. You’ve mandated a minimum length of passwords. Yet your users still select guessable passwords. As noted in the Windows 10 1903 security baseline policies, password policies that mandate frequent password changes actually encourages poor password
Read more
29 Comments

How to set Microsoft Office 365 ATP policies to block malicious URLs

A key recommendation to ensure a secure Office 365 implementation is to scan your Outlook implementation to check for malicious links using Office 365 ATP Safe links and Office 365 ATP safe attachments. Before a user clicks on a link, the URL is rewritten to be scanned first by Microsoft scanning filters. You might have
Read more
156 Comments

How to set up multifactor authentication for Office 365 users

This Microsoft Office 365 security tip covers one of the best settings you can do, but might get you in the doghouse with your users: multifactor authentication (MFA). Face it, using passwords alone can be dangerous. If a single password is cracked, attackers could have their way in your system and you’d probably not be
Read more
66 Comments

How to set up data loss prevention rules in Microsoft Office 365

Email is one of the easiest ways that information can leak out of your organization. Microsoft Office 365 has data loss prevention (DLP) policies for certain subscription levels that, if set up properly, can help prevent data leakage. If you have an E3 or E5 license, you can set policies and show tips reminding users
Read more
22 Comments