CMMC Level 2 eDiscovery And Legal Hold Setup In Purview
If you’re handling CUI in Microsoft 365, you don’t get to treat retention and holds like a “set it once” task. Under CMMC Level 2, I’ve found auditors and incident…
CMMC Level 2 Email Forwarding Controls In Exchange Online
Email forwarding looks harmless until it isn’t. One inbox rule can copy Controlled Unclassified Information (CUI) to a personal mailbox, a vendor, or a compromised account. In March 2026, I…
CMMC Level 2 Secure Admin Workstations Using Intune And Defender
If you administer Microsoft 365 or servers for a defense contractor, you already know the weak spot: admin credentials. One phish, one token theft, one reused browser session, and an…
CMMC Level 2 O365: Microsoft Defender For Office 365 Baseline Setup
Email is still the easiest door into a contractor’s environment. One good phish can turn into stolen credentials, mailbox rules, and quiet data theft that nobody spots for weeks. When…
CMMC Level 2 Retention Policies In Microsoft Purview Setup Guide
If you handle CUI, retention can’t be a vague “we keep stuff for a while” promise. In a CMMC Level 2 assessment, I want to show what’s kept, for how…
Microsoft Defender For Business Setup Guide For Small Teams
If you’re a small team, security can feel like trying to lock every door in a busy building while still letting customers in. The good news is that Microsoft Defender…
Restaurant POS Security Checklist for 2026, stop shared logins, weak manager PINs, and back-office exposure
If your POS is the heartbeat of service, security is the pulse check you can’t skip. In January 2026, I’m seeing the same root problems show up across single locations…
CMMC Level 2 Secure Email for CUI Using Microsoft Purview
If CUI can move by email, it can leak by email. That’s the hard truth I plan for when I build CMMC Level 2 secure email in Microsoft 365. In…
CMMC Level 2 Entra ID Access Reviews Setup Checklist
Access piles up quietly. A user changes roles, a vendor leaves, a temp account stays, and suddenly your CUI environment has “ghost access” nobody meant to approve. For CMMC Level…
CMMC Level 2 Risk Assessment Template For Microsoft 365 Shops
If you run Microsoft 365 for a defense contractor, risk assessment can’t be a once-a-year box check. In February 2026, CMMC Level 2 is in the enforcement phase for many…