security
Browse posts in this collection.
Checking and removing public access on Azure Storage accounts using Azure Cloud Shell
After receiving a warning about publicly accessible Azure Storage accounts, I demonstrate how to quickly identify and secure them using Azure Cloud Shell commands. I walk through querying for exposed accounts and provide a simple Bash loop to disable public blob access across all storage accounts in a subscription. This practical guide helps ensure your data remains private while highlighting the importance of proactive security configurations.
Discovering and blocking legacy authentication in your Azure and Microsoft 365 subscriptions
If you are concerned about the security risks posed by outdated authentication methods, this post explains why disabling legacy auth is crucial for enforcing multi-factor authentication and protecting your cloud identities. I will guide you through identifying these vulnerable protocols in Azure Portal and outline the steps to effectively block them, helping you secure your organization against credential exposure.
Goodbye, SharePoint 2010 and thanks for everything
I want to help you understand the implications of Microsoft ending mainstream support for SharePoint 2010 this October, clarifying that while your farm won’t crash, complimentary support and new features will cease. In this post, I break down what this means for your security updates and migration strategy, particularly regarding the upcoming release of SharePoint 2016.
Governing Generative AI with Data Security Posture Management
If you are worried about the security risks associated with adopting generative AI tools like ChatGPT or Copilot, this post explains why Data Security Posture Management (DSPM) is becoming essential for protecting your organization's data. I explore how DSPM differs from traditional cloud security management and demonstrate how solutions like Microsoft Purview can help govern AI workloads, assess data risks, and ensure compliance in today’s rapidly evolving technological landscape.
How to lock down a single confidential Resource Group in Azure
I discovered the hard way that standard Azure IAM features cannot block inherited permissions at the Resource Group level, making it impossible to restrict access for specific users without revoking their rights across the entire subscription. In this post, I share the trial-and-error process of finding a workaround to lock down confidential resource groups while maintaining broader access, ultimately revealing why common solutions like deny assignments or Blueprints fall short.
Jussi Roine
Microsoft MVP and consultancy founder with 30+ years of experience, passionate about Microsoft security, AI governance, and sharing what I learn along the way.