What if there is something 100% secure than passwords but doesn't have too much weight on the configuration and still a phishing resistant authentication method? Passkeys are your answer. Passkeys are not new as you have seen it's been used pretty much everywhere these days. Why Passkeys is the Future of Passwordless Authentication?How Passkeys Satisfy … Continue reading A Beginner’s Deep Dive Guide to Entra Passkeys
Tag: Security
Disable User Enrolling Personal Windows Devices in Intune
What Happened Earlier? If the Windows device is not Entra Joined or Entra Hybrid Joined, meaning in a BYOD scenario, the user has the option of register the device or the specific app they are trying to sign-in to the organization's Entra. This is typically called a Workplace Join. Workplace Joined device will typically create … Continue reading Disable User Enrolling Personal Windows Devices in Intune
Browser Extensions – How to Take Control Before It’s Too Late?
This may seem a bit of an obvious topic. Organizations are managing a lot of aspects of the Edge browser but leaving the browser extensions section unmanaged or let the user to install extensions as they wish. The outcome of this can be critical as browser extensions are the starting point of many coordinated attacks. … Continue reading Browser Extensions – How to Take Control Before It’s Too Late?
10 EasyEntra Features That Simplify Daily IT Tasks
I was using EasyEntra for the last couple of weeks and was impressed by its usability and security. In a situation where you have to manage a few Entra ID tenants at the same time in an organization or in a legit MSP type scenario, rather than opening a few browser sessions to jump from … Continue reading 10 EasyEntra Features That Simplify Daily IT Tasks
My Most Viewed Blog Posts in 2025
Now that I have posted 180 blog posts here and end of 2025 is just around the corner, I thought it would be best to list down my most viewed blogs. I believe they are most viewed for a reason. Specially in an era where everything is AI and GPT based, I do believe there … Continue reading My Most Viewed Blog Posts in 2025
Controlling Web Sites Connecting to Local Network
🚦Read below before you hit Allow or Block! Have you seen this annoying little messge popping up all over Edge browser (and other Chromium based broswers) lately? This is a recent update came into Chromium based browsers and noticed it in Edge with the Edge December 2025 update - Version 143 and in Chrome 142 … Continue reading Controlling Web Sites Connecting to Local Network
Breaking the Habit: Moving Privileged Accounts Out of AD. How to Transfer User SOA to Entra ID?
While Security frameworks suggest admin accounts that uses to manage privileged tasks in Entra and Azure must NOT be synchronised from the local AD, many organisations still sync them as usual accounts. Mostly because these accounts carry admin weight where recreating these accounts are nearly impossible. This blog looks at one practical use case of … Continue reading Breaking the Habit: Moving Privileged Accounts Out of AD. How to Transfer User SOA to Entra ID?
Device Risk Meets Conditional Access: The Real Power of Unified Endpoint Security
Device compliance is one of the things that should be on top of the list of any organization's Cybersecurity activities. This enforces the next steps that can be taken by the device management solution from reporting to block access to resources immediately if the configured device policies are not meeting a certain standard. For an … Continue reading Device Risk Meets Conditional Access: The Real Power of Unified Endpoint Security
Guest User Access: A High-Level Checklist
The Guest User access dilemma in Entra is real. Balancing collaboration and security without distracting productivity is a challenge, but that's something you can't put on the back burner, because it can be the "Silent Insider Threat" you’re ignoring.🚩If you block Guest access completely, that can possibly degrade end user productivity. So how to balance … Continue reading Guest User Access: A High-Level Checklist
How Office Macros Expand the Attack Surface
Regardless the size of the organization. There is always one or few macros setup in excel files that does some tasks for the users. These macros are so critical to the business, and most of the time employees' tasks are evolving around them.And most of the time, people who create the macros in the organization … Continue reading How Office Macros Expand the Attack Surface
Securing LSASS – Controls to Minimise Attack Surface
LSASS, one of the most important pieces in an OS - say Windows 11, and one of the pieces that a threat actors are very tempted to keep their hands on. LSASS - Local Security Authority Subsystem Service, the process which is responsible for handling authentication, logon and security policies on Windows. Often, organizations don't … Continue reading Securing LSASS – Controls to Minimise Attack Surface
From Blind Spots to Control: Governing Conditional Access Policies
There are millions of signals passing through Entra every day, some of which are legitimate and some malicious. Having a strong set of Conditional Access (CA) Policies will help you make sure malicious requests do not slip through the cracks and that every access request is verified before access is granted. As your CA Policy … Continue reading From Blind Spots to Control: Governing Conditional Access Policies
Getting Started with Windows Autopatch in 2025 (cheat sheet)
Windows Autopatch have come a long way to become the new normal of updating your Windows endpoints, M365 apps, device drivers and Edge browser with Intune whether the devices are physical (workstations/ laptops/ kiosks/ billboards) or virtual (AVD/ W365). Microsoft Learn documentation will have more detailed info into the services, but this is a short … Continue reading Getting Started with Windows Autopatch in 2025 (cheat sheet)
Converting AD Group SOA to Govern On-Prem Access via Entra ID
Microsoft recently introduced the Group SOA convert option. At the time of writing, this is in Preview, but with this feature, you can change the AD group's Source of Authority (SOA) to be Entra. HOW COOL? This can help IT admins in many ways. Moving to cloud is the buzz word, but some options are … Continue reading Converting AD Group SOA to Govern On-Prem Access via Entra ID
Windows Quick Machine Recovery With Microsoft Intune
We all witnessed the incident where Windows devices worldwide got hammered by the AV update that caused Windows to go BSOD. Machine recovery was one of the top things probably the IT admins did post incident to get their endpoints fleet up and running ASAP again to support day to day and all the critical … Continue reading Windows Quick Machine Recovery With Microsoft Intune
5. Cloud-Native Endpoints – Group Policy Analytics
Previously.. https://emsroute.com/2025/06/13/4-cloud-native-endpoints-from-config-manager-to-intune/ Group Policies are a major piece of the Cloud-Native Endpoints puzzle and it's not always easy to track back and remove the legacy policies and now you are planning on policy push via Intune and it's vital to add the GPOs in to the mix. Chances are there are GPO settings you still … Continue reading 5. Cloud-Native Endpoints – Group Policy Analytics
3. Cloud Native Endpoints: Building a Plan
Previously.. https://emsroute.com/2025/06/09/2-cloud-native-endpoints-why-are-you-on-entra-hybrid-joined-today/ Strategizing the Cloud-Native journey is important. Many organizations have the local Active Directory (AD) as the source of truth for identities, and most systems depend on this mechanism. Most organizations are in a hybrid setup, at least for user identities. You can still build Cloud-Native Endpoints without harming the local AD being the … Continue reading 3. Cloud Native Endpoints: Building a Plan
2. Cloud Native Endpoints: Why are You on Entra Hybrid Joined Today?
If you missed the blog roll, check below 👇🏼 https://emsroute.com/2025/05/09/cloud-native-endpoints/ Before moving to Cloud-Native, let's discuss the current phase where many organizations are possibly in at the moment. Entra Hybrid Joined state. This is the most common state I've seen in the organizations. What usually starts out as a PILOT or a POC to test … Continue reading 2. Cloud Native Endpoints: Why are You on Entra Hybrid Joined Today?
Why Defendnot is a Wake-up Call? A Ground Level Analysis
TL;DR If you are in the Security world, I believe you have heard all about Defendnot and how lethal it can be. The TL;DR is, Defendnot is a research project (by es3n1n), which is a tool that silently disables Defender AV when a 3rd party AV is not installed in the endpoint. When it's successfully … Continue reading Why Defendnot is a Wake-up Call? A Ground Level Analysis
1. Cloud-Native Endpoints: Intro
This is article 1 of the Cloud-Native Endpoint Series. This is a nugget-sized how-to series where I want to showcase how to unlock capabilities to achieve the full cloud-native end goal. 💡Value of going Hybrid? ➡You have the immediate opportunity to use Entra and Intune-related policies and settings.➡You are already making an effort to move … Continue reading 1. Cloud-Native Endpoints: Intro
EMS Route 