My Intune Tamper Protection Checklist for CMMC Level 2
A locked security setting can save an audit, and it can also stop a bad day from getting worse. In a CMMC Level 2 environment, I don’t treat Intune tamper…
CMMC Level 2 Dormant Account Reviews in Entra ID
One forgotten account can undo months of security work. In Microsoft Entra ID, stale identities often keep old group memberships, app access, and sometimes admin rights long after a person…
Building a CMMC Level 2 macOS Intune Baseline for Small Contractors
One unmanaged Mac can punch a hole in a CUI boundary. I see that risk often in small contractors that added macOS for leaders, engineers, or field staff, then tried…
How I Prepare for a CMMC Level 2 Assessor as a Microsoft 365 Admin
A CMMC interview can expose the gap between what Microsoft 365 can do and what my tenant actually does. That gap is where many admins get into trouble. When I…
CMMC Inheritance Matrix Template for Level 2
If my evidence is scattered, a Level 2 assessment slows down fast. A strong CMMC inheritance matrix fixes that before an assessor starts asking who owns each control. By April…
CMMC Level 2 Mailbox Auditing in Exchange Online
A mailbox can hold contracts, drawings, pricing, and CUI. If I can’t prove who accessed it, who changed it, and when it happened, I have a gap in my control…
CMMC Legacy Authentication Blocking for Microsoft 365
MFA can be active across Microsoft 365, and an old mail protocol can still slip around it. That gap is why CMMC legacy authentication deserves attention now, not after an…
CMMC Level 2 Defender for Cloud Apps Setup Guide
Most CMMC pain shows up after the tool is installed. I keep seeing teams connect Microsoft 365, leave the defaults alone, and assume the job is done. Defender for Cloud…
Building a CMMC Continuous Monitoring Plan for Microsoft 365
A CMMC assessment can go sideways long before a C3PAO arrives. It usually happens when months of tenant changes, alerts, and fixes leave no clear trail. When I support a…
CMMC Level 2 Power Automate Governance Rules in Microsoft 365
A single flow can move Controlled Unclassified Information faster than most teams realize. That is why Power Automate governance matters so much when Microsoft 365 sits inside a CMMC Level…