FEATURED POST

Company branding isn’t just about creating a visual identity - it’s a key security measure for reducing phishing risks. In this post, I dive into how configuring your Microsoft 365 login page with your company’s logo, colours, and even a recognisable background image can help users easily spot fake login pages. Spoiler: there are ducks involved, and you’ll have to read on to understand why!

In this final installment of the Data Strategy Breakdown series, we dive into Entra ID and why securing your identity is crucial for a strong data strategy. With a focus on practical, real-world recommendations, we cover 20 vital tips for protecting your environment, from privileged identity management to securing device join processes. While Conditional Access will be explored in future posts, this piece provides a comprehensive foundation for managing permissions, protectin

In Part 4 of the Data Strategy Breakdown Series, we explore how Defender XDR and Intune in your data strategy can transform security operations. From EDR block mode and web filtering to App Protection Policies and compliance enforcement, this post offers actionable tips for real-world data protection. No fluff, just practical, expert-level guidance.

In today’s hybrid work environment, secure collaboration is more crucial than ever. Over-sharing, under-securing, and mismanaging collaboration tools can quickly lead to data breaches and compromised security. This post provides top recommendations for securing Microsoft 365 collaboration features, helping your organization balance productivity with robust security controls. From restricting guest access to managing anonymous links, discover the essential settings that will r

A rapid-fire guide to basic security hygiene in Microsoft 365. This no-fluff checklist covers MFA, legacy auth, admin protection, spoofing prevention, and more. Perfect for IT admins who want quick wins and tighter security.

In this first post, we explore how to create a strong data security foundation using defence in depth and Zero Trust strategies. With identity now acting as the new perimeter, it's more critical than ever to secure every layer—from users and devices to data and applications. Backed by real client examples, this post unpacks why labels alone aren’t enough, and how a proactive, prioritised approach can better protect your business from both external and insider threats.

When we talk about data security, we’re essentially talking about cybersecurity at large - because data is what the bad actors are ultimately after. Whether it's for extortion or financial gain, your data is their endgame. This is why we need to rethink our approach to security perimeters. In many organisations, there's still a legacy mindset focused on the network edge, but in today's landscape, the real perimeter is your users, devices, and identities.