CMMC Entra ID KQL for Level 2 Evidence
An assessor won’t accept “we monitor Entra ID” on faith. I need records that show who signed in, what changed, when it happened, and whether the control worked. That is…
CMMC Azure Landing Zone Checklist for Small Contractors
A messy Azure tenant can turn a CMMC review into a scavenger hunt. Small contractors rarely have extra staff, spare budget, or time to clean up cloud decisions after the…
How I Remediate Intune Policy Drift for CMMC Level 2
A CMMC gap often starts as a small mismatch. The policy says one thing, the endpoint does another, and the reporting still looks fine until someone checks the real device…
CMMC Tenant Restrictions v2 for Level 2 Admin Workstations
One bad sign-in can punch a hole through an otherwise well-managed admin workstation. In a CMMC Level 2 environment, that matters because privileged devices sit close to your identity plane,…
My CMMC Internal Audit Checklist for Microsoft 365 Controls
A weak internal audit shows up late, usually when a contract is on the line and the evidence binder is thin. When I build a CMMC internal audit checklist for…
CMMC Level 2 Guide to Entra PIM for Groups
Standing admin access is the habit I find most often in CMMC gap reviews. It feels convenient, but it creates a wide attack path and weak evidence for assessors. When…
How I Design CMMC Intune RBAC for Small Teams
Too many small defense contractors fail CMMC prep before an assessor ever looks at a control. They over-grant admin rights, blur ownership, and hope good people won’t make bad changes.…
CMMC Level 2 Workload Identity Security in Entra ID
Most CMMC identity work still centers on people, yet many real exposures start with an app, script, or pipeline. When I review Entra ID for Level 2 readiness, I often…
A Practical CMMC Secure Score Roadmap for Microsoft 365
Secure Score can pull a team into point chasing when what it needs is proof. I’ve seen Microsoft 365 admins raise the number, feel better for a week, and still…
Entra ID Cross-Tenant Access for CMMC Level 2
External collaboration is often the quietest hole in a CMMC boundary. A tenant-to-tenant trust that looks harmless can let weak identity assumptions cross into your environment. When I review Microsoft…