How I Set Up Entra ID Authentication Strengths for CMMC Level 2
If one stolen password can still open SharePoint or Exchange Online, the identity side of your CMMC story is weak. When I help security teams tighten Microsoft 365 access, I…
How I Build a CMMC Named Locations Policy in Entra ID
A trusted office IP can lower risk, but it can also create false comfort. When I build a CMMC named locations policy in Entra ID, I treat location as one…
CMMC Level 2: Unmanaged Device Access in SharePoint and OneDrive
When I review a Microsoft 365 tenant for Level 2, I start with one hard truth: if CUI can land on a personal laptop, risk rises fast. SharePoint and OneDrive…
Blocking Device Code Flow in Entra ID for Stronger CMMC Level 2 Alignment
A short code on a screen can turn into a full Microsoft 365 session. That is why device code flow gets so much attention now. When I review Entra ID…
Entra ID Privileged Group Review SOP for CMMC Level 2
Stale admin access is one of the fastest ways to fail a CMMC credibility check. If I can’t show who has privileged access in Microsoft Entra ID, why they still…
Entra ID Temporary Access Pass Setup for CMMC Level 2
A weak onboarding process can undo a strong security stack in one afternoon. That is why I treat Entra ID temporary access pass setup as a controlled identity process, not…
How I Use Entra ID Device Filters for CMMC Level 2
One weak laptop can open a path to Controlled Unclassified Information, even when the rest of Microsoft 365 looks locked down. I see that often when teams turn on Conditional…
Defender for Identity for CMMC Level 2 Hybrid Setups
One blind spot on a domain controller can wreck an otherwise strong CMMC story. When I deploy Defender for Identity in a hybrid defense environment, I treat it as an…
My Intune Tamper Protection Checklist for CMMC Level 2
A locked security setting can save an audit, and it can also stop a bad day from getting worse. In a CMMC Level 2 environment, I don’t treat Intune tamper…
CMMC Linux Baseline for Ubuntu and Defender
A Linux endpoint can look clean and still fail a CMMC review. I see that gap when teams install Ubuntu, add Defender, and assume the toolset is the baseline. For…