No Limits Media LLC’s Post

Here’s an important warning about something that could affect your business: A security flaw has been found in Microsoft Bookings. The popular tool is used for scheduling appointments – but the flaw could allow scammers to create unauthorized accounts and get hold of false certificates. Why should you be worried? If scammers create fake accounts pretending to be senior people in your business, they could trick your employees into sharing sensitive information. This could give them access to your business systems and even let them reset passwords, locking you out of all your accounts. If your business uses Microsoft 365, it’s doubly important to be aware of this issue. The security flaw comes from a feature in Microsoft Bookings called "Shared Booking Pages”, which is usually turned on by default under the Microsoft 365 licence. When someone creates a shared booking page, it creates a new account without going through the usual security checks. This is how scammers can slip through the cracks. This security alert is a reminder of how important it is to keep an eye on the tools we use every day. Check if you’re using Microsoft Bookings in your business and consider disabling it if you don't need it. It’s also a good idea to keep your systems updated and have an IT expert (like us) review your security settings. It can go a long way towards protecting your business. If this sounds a bit overwhelming, don’t worry. My team can help, get in touch.Here’s an important warning about something that could affect your business: A security flaw has been found in Microsoft Bookings. The popular tool is used for scheduling appointments – but the flaw could allow scammers to create unauthorized accounts and get hold of false certificates. Why should you be worried? If scammers create fake accounts pretending to be senior people in your business, they could trick your employees into sharing sensitive information. This could give them access to your business systems and even let them reset passwords, locking you out of all your accounts. If your business uses Microsoft 365, it’s doubly important to be aware of this issue. The security flaw comes from a feature in Microsoft Bookings called "Shared Booking Pages”, which is usually turned on by default under the Microsoft 365 licence. When someone creates a shared booking page, it creates a new account without going through the usual security checks. This is how scammers can slip through the cracks. This security alert is a reminder of how important it is to keep an eye on the tools we use every day. Check if you’re using Microsoft Bookings in your business and consider disabling it if you don't need it. It’s also a good idea to keep your systems updated and have an IT expert (like us) review your security settings. It can go a long way towards protecting your business. If this sounds a bit overwhelming, don’t worry. My team can help, get in touch. #Microsoft #Bookings #CyberSecurity

Here’s an important warning about something that could affect your business: A security flaw has been found in Microsoft Bookings. The popular tool is used for scheduling appointments – but the flaw could allow scammers to create unauthorized accounts and get hold of false certificates. Why should you be worried? If scammers create fake accounts pretending to be senior people in your business, they could trick your employees into sharing sensitive information. This could give them access to your business systems and even let them reset passwords, locking you out of all your accounts. If your business uses Microsoft 365, it’s doubly important to be aware of this issue. The security flaw comes from a feature in Microsoft Bookings called 'Shared Booking Pages”, which is usually turned on by default under the Microsoft 365 licence. When someone creates a shared booking page, it creates a new account without going through the usual security checks. This is how scammers can slip through the cracks. This security alert is a reminder of how important it is to keep an eye on the tools we use every day. Check if you’re using Microsoft Bookings in your business and consider disabling it if you don't need it. It’s also a good idea to keep your systems updated and have an IT expert (like us) review your security settings. It can go a long way towards protecting your business. If this sounds a bit overwhelming, don’t worry. My team can help, get in touch. https://lnkd.in/g3ds5rC5

Here’s an interesting anecdote from our Managing Director, on how passive management of your MSP creates risk for your organization. #RideIntoTheDangerZone #ExpectWhatYouInspect #CheckYourMSPsMath #DontHaveKennyLoggins

Here’s an important warning about something that could affect your business: A security flaw has been found in Microsoft Bookings. The popular tool is used for scheduling appointments – but the flaw could allow scammers to create unauthorized accounts and get hold of false certificates. Why should you be worried? If scammers create fake accounts pretending to be senior people in your business, they could trick your employees into sharing sensitive information. This could give them access to your business systems and even let them reset passwords, locking you out of all your accounts. If your business uses Microsoft 365, it’s doubly important to be aware of this issue. The security flaw comes from a feature in Microsoft Bookings called 'Shared Booking Pages”, which is usually turned on by default under the Microsoft 365 licence. When someone creates a shared booking page, it creates a new account without going through the usual security checks. This is how scammers can slip through the cracks. This security alert is a reminder of how important it is to keep an eye on the tools we use every day. Check if you’re using Microsoft Bookings in your business and consider disabling it if you don't need it. It’s also a good idea to keep your systems updated and have an IT expert (like us) review your security settings. It can go a long way towards protecting your business. If this sounds a bit overwhelming, don’t worry. My team can help, get in touch.

Here’s an important warning about something that could affect your business: A security flaw has been found in Microsoft Bookings. The popular tool is used for scheduling appointments – but the flaw could allow scammers to create unauthorised accounts and get hold of false certificates. Why should you be worried? If scammers create fake accounts pretending to be senior people in your business, they could trick your employees into sharing sensitive information. This could give them access to your business systems and even let them reset passwords, locking you out of all your accounts. If your business uses Microsoft 365, it’s doubly important to be aware of this issue. The security flaw comes from a feature in Microsoft Bookings called "Shared Booking Pages”, which is usually turned on by default under the Microsoft 365 licence. When someone creates a shared booking page, it creates a new account without going through the usual security checks. This is how scammers can slip through the cracks. This security alert is a reminder of how important it is to keep an eye on the tools we use every day. Check if you’re using Microsoft Bookings in your business and consider disabling it if you don't need it. It’s also a good idea to keep your systems updated and have an IT expert (like us) review your security settings. It can go a long way towards protecting your business. If this sounds a bit overwhelming, don’t worry. My team can help, get in touch. #Microsoft #Bookings #CyberSecurity A security flaw in Microsoft Bookings has been uncovered. This flaw, inherent in the default configuration of Microsoft Bookings, potentially allows attackers to create unauthorized Entra (formerly Azure AD) accounts and obtain fraudulent certificates.

🚦How to secure M365 with PIM and why you might not be able to🚦 💡In this post I’ll explain what PIM is, why it should be present in every Entra ID configuration, and why you might not be able to use it. I’ll also highlight some more advanced options that we recommend to strengthen security with PIM beyond the most basic set-up💡 When using Microsoft Entra Privileged Identity Management – or PIM for short - you need to elevate your account to access administrator privileges, providing just-in-time access. Even in the most basic scenarios, where you already have signed in with MFA and just need to click to activate, you get three main benefits: 🥇You will be protected from yourself. Hopefully you are already using separate accounts for admin privileges. Adding PIM to this further reduces the chance of you accidentally doing something fatal when operating as for example Global Admin (GA). 🥈Security by obscurity. Should your admin account be compromised, having to elevate will add an extra layer of security even though no requirements for the activation itself is added. 🕵️♀️You will be able to see when admin privileges are used and why. If for example someone consistently is elevating to Global Admin to configure Conditional Access, you might want to consider to change the access level that user has, or teach not to elevate to higher privilege than necessary.     To further increase security, we recommend to configure the following: 🪪Force user to re-authenticate when activating a privileged role. This can be achieved with an Authentication Context in Conditional Access, and configuring this for the appropriate roles. 💪Require stronger authentication strength for activating certain roles like GA, like the default Phishing-resistant MFA strength-level or a custom policy enforcing use of FIDO2 security key for such log-ins. 📧 Send an e-mail to your regular user account every time your admin account elevates. When you need to elevate your account, you simply go to https://aka.ms/PIM and click “Activate” on the role you need to elevate to. You choose how long the elevation lasts, and add a comment on why you are elevating. In the image below you can see some possible settings for elevating GA. You can even require a second person to approve to be able to elevate to GA. 🤔 You might be wondering why you might not have access to PIM. As promised, here is why: you need Entra ID P2 licenses to use PIM – but only for the administrators. If you have Entra ID Governance licenses these also include PIM. Join our webinar tomorrow where my colleague Simon Skotheimsvik in CloudWay will share more Entra ID fundamentals, and I will show you an easier way to track those PIM activations: https://lnkd.in/deZbtsna #entra #PIM #microsoft365 #security

Very thorough article on how to secure your M365 tenant using PIM. Great writeup!

📆Today is #WorldCloudSecurityDay. 👉This day's observed to raise awareness among individuals on the importance of cloud security, both personal & work accounts included. At work, even one compromised credential can put other accounts at risk. ✨Solution: A well-framed organizational security policy. Security policy has different parts to it. But at its core, your business needs a properly constructed password policy. Are you curious to know more? 🔖Read on here: https://zurl.to/mcIX #cybersecurity #zoho #identitymanagement

Here’s an important warning about something that could affect your business: A security flaw has been found in Microsoft Bookings. \n\nThe popular tool is used for scheduling appointments – but the flaw could allow scammers to create unauthorized accounts and get hold of false certificates. \n\nWhy should you be worried?\n\nIf scammers create fake accounts pretending to be senior people in your business, they could trick your employees into sharing sensitive information. This could give them access to your business systems and even let them reset passwords, locking you out of all your accounts. \n\nIf your business uses Microsoft 365, it’s doubly important to be aware of this issue. The security flaw comes from a feature in Microsoft Bookings called "Shared Booking Pages”, which is usually turned on by default under the Microsoft 365 licence. \n\nWhen someone creates a shared booking page, it creates a new account without going through the usual security checks. This is how scammers can slip through the cracks. \n\nThis security alert is a reminder of how important it is to keep an eye on the tools we use every day. Check if you’re using Microsoft Bookings in your business and consider disabling it if you don't need it. \n\nIt’s also a good idea to keep your systems updated and have an IT expert (like us) review your security settings. It can go a long way towards protecting your business.\n\nIf this sounds a bit overwhelming, don’t worry. My team can help, get in touch. #Microsoft #Bookings #CyberSecurity https://lnkd.in/gmd782RY

Here’s an important warning about something that could affect your business: A security flaw has been found in Microsoft Bookings. The popular tool is used for scheduling appointments – but the flaw could allow scammers to create unauthorized accounts and get hold of false certificates. Why should you be worried? If scammers create fake accounts pretending to be senior people in your business, they could trick your employees into sharing sensitive information. This could give them access to your business systems and even let them reset passwords, locking you out of all your accounts. If your business uses Microsoft 365, it’s doubly important to be aware of this issue. The security flaw comes from a feature in Microsoft Bookings called "Shared Booking Pages”, which is usually turned on by default under the Microsoft 365 licence. When someone creates a shared booking page, it creates a new account without going through the usual security checks. This is how scammers can slip through the cracks. This security alert is a reminder of how important it is to keep an eye on the tools we use every day. Check if you’re using Microsoft Bookings in your business and consider disabling it if you don't need it. It’s also a good idea to keep your systems updated and have an IT expert (like us) review your security settings. It can go a long way towards protecting your business. If this sounds a bit overwhelming, don’t worry. My team can help, get in touch - comment below or contact us at 408-559-2800, email us at [email protected] or visit us at www.trutechnical.com. #Microsoft #Bookings #CyberSecurity https://lnkd.in/epD5Tr-G