Master Conditional Access with a Zero Trust, persona-based approach. Learn how to structure policies, avoid security gaps, and keep everything organised with clear naming conventions. From discovery workshops to practical use cases, this guide helps you design scalable, secure policies that work in the real world.

Conditional Access Essentials: Naming conventions, personas, emergency access & design process

Aug 19, 20259 min read

Common mistakes you may be making with Data Loss Prevention

Mar 14, 202526 min read

Microsoft Purview permission guide

Feb 13, 202512 min read

Common mistakes you may be making with your sensitivity labels

Nov 25, 202414 min read

FEATURED POST

WELKA WONDERS...

Six people in black graphic tees and badges pose arm-in-arm in a café with yellow window frames. Smiling, casual mood.

Meet the Scholars: Incredible Voices Shaping the Future of Tech

I had the privilege of meeting these inspiring scholars in Dallas, and their passion for technology left a lasting impression. In this feature, they share their journeys into IT, what the conference meant to them, their career ambitions, and the impact they hope to make in the next five years. Meet the scholars shaping the future of tech.

19 hours ago13 min read

Microsoft MVP in Security for Microsoft Purview

Becoming a Microsoft MVP

Becoming a Microsoft MVP in Security wasn’t a straight line. From rejection on April Fool’s Day to battling imposter syndrome and self-doubt, this is the honest story behind my journey into cybersecurity and the Microsoft MVP Program. No polished highlight reel - just resilience, community, Microsoft Purview, and learning to water your own grass.

5 days ago5 min read

Diagram showing four eligible members linking to "PIM for Groups," which connects to Microsoft Entra ID roles and Azure roles. Arrows indicate flow.

How to Use PIM with RBAC Roles: Purview, Exchange, and More

Discover how to use PIM with RBAC roles to provide just-in-time access for users. Learn setup for Purview, Exchange, and more, plus the pros, cons, and gotchas.

Nov 11, 20259 min read

Hands typing on a laptop with code on screen in a dimly lit room. A blurred window view in the background creates a focused, techy mood.

How to Export Microsoft Purview Permissions (RBAC Roles) Easily

I was recently asked if I knew a way to export Microsoft Purview RBAC roles with members. I couldn’t find a ready solution, so I wrote a PowerShell script. You can get it from my new GitHub Purview repository. Perfect for auditing and managing Purview permissions easily!

Nov 3, 20252 min read

Physical Security Cards with an NFC reader to sign in securely to a laptop and access a building.

Physical Security Cards: Phish-Resistant Authentication

Explore how physical security cards combine passwordless login and building access, offering secure, simple authentication for modern workplaces.

Oct 21, 20254 min read

A blog explaining how to safely transition Conditional Access policies in Entra ID from report-only mode to enforced mode using ring-based rollouts, What If tool, Policy Impact, Log Analytics, Workbooks, and KQL.

Conditional Access Essentials: From Report-Only to Enforced Mode

Moving Conditional Access policies from report-only to enforced mode can secure your environment - or lock everyone out. This post walks through safe rollout strategies using ring deployments, the What If tool, Policy Impact, Log Analytics, Workbooks, Gap Analyzer, and real KQL queries. Learn how to monitor, test, adjust and confidently turn policies on without breaking access or business operations.

Oct 14, 202510 min read

Step-by-step walkthrough showing configuration of custom security attributes in Entra ID, including attribute sets, names, and values for Conditional Access targeting.

Conditional Access Essentials: Custom Security Attributes in Entra ID and Cross Tenant Scenarios

Learn how to use custom security attributes in Entra ID to target apps that don’t appear in Conditional Access. This step-by-step guide covers attribute sets, names, and values, plus real scenarios like legacy authentication, persona-based targeting, and enforcing MFA. We’ll also explore cross-tenant access settings to securely trust MFA and device claims from partner tenants.

Oct 7, 202513 min read