Business Cyber Security General Knowledge
What is Azure DR and How Does it Work?
Azure DR, or Azure Disaster Recovery, is a service offered by Microsoft to help businesses ensure business continuity by replicating their data and applications to the Azure cloud. In the event of an outage, data and critical applications can be swiftly restored, allowing companies to maintain their operations with minimal disruption. Azure DR leverages the cloud’s scalability, offering both flexibility and security, making it an effective solution for businesses in Australia, including Brisbane-based enterprises. By utilizing remote support capabilities, Azure DR provides real-time failover and recovery, enabling seamless access and restoration of essential services.
Why is a Disaster Recovery Plan Important?
A Disaster Recovery Plan (DRP) is essential for any organization because it minimizes downtime, protects data, and ensures a smooth recovery process. With cyber threats, natural disasters, and hardware failures all posing risks, having a DRP in place helps businesses restore operations quickly and maintain customer trust. For organizations in Australia, a DRP often involves both local and remote support elements to cater to geographically dispersed teams. This level of preparedness is crucial to mitigate risks, ensuring minimal data loss and financial impact.
What is an Example of Backup and Recovery?
An example of backup and recovery could involve iCloud backup services or Azure’s cloud solutions, where data is regularly copied and stored offsite. If a system failure or data loss occurs, the business can retrieve the latest backup version and restore it to resume normal operations. For instance, a Brisbane-based company may use Azure’s backup and recovery system to replicate their critical data to the cloud, which they can then access remotely in case of an emergency.
What Other Common Tools are Used for Backup and Recovery?
In addition to Azure, there are several other popular tools used for backup and recovery:
- iCloud Backup Services: Ideal for smaller businesses and personal data, iCloud offers simple and secure data storage.
- Amazon Web Services (AWS) Backup: Provides automated backups and comprehensive recovery solutions.
- Veeam Backup & Replication: Known for its ability to manage both virtual and physical backups.
These tools allow companies, whether in Brisbane or across Australia, to establish robust backup and disaster recovery protocols, often incorporating remote support for added convenience and protection.
At ThinkIT Security, we specialize in providing comprehensive backup and disaster recovery solutions to protect your data and keep your business running smoothly. Whether you need onsite, cloud, or remote support options, our team is here to help. Contact us now to discuss how we can secure your business’s future with tailored backup and recovery solutions!
azure, IT Cyber Security Technical Knowledge, licensing, m365, microsoft, o365
When you install Office 365 ProPlus / M365 Apps, you may be presented with a screen which says ‘Use this account everywhere on your device’.
Below is how to prevent that screen appearing, and prevent the Azure AD device registration that may result from pressing yes.
All goes well, until they get presented with this, at which point in a state of confusion they likely either just press yes, or possibly another option as we will see below:
Hide this screen by preventing Azure AD registration
This screen can be hidden by editing the registry as per https://docs.microsoft.com/en-us/azure/active-directory/devices/hybrid-azuread-join-plan#review-things-you-should-know:
You can prevent your domain joined device from being Azure AD registered by adding this registry key – HKLM\SOFTWARE\Policies\Microsoft\Windows\WorkplaceJoin, “BlockAADWorkplaceJoin”=dword:00000001
This registry key takes effect immediately and does not require a reboot. You won’t see the screen again. Note that you can still use Hybrid join via AD Connect.
azure, compliance, IT Cyber Security Technical Knowledge, m365, microsoft, o365
Microsoft recently turned on security defaults for M365 Tenants forcing MFA for users.
You can check by going into Azure AD > Properties > Manage Security defaults
If defaults are set to “Yes” that is the reason MFA turned on. You should be able to set that to NO to remove the “new” defaults and turn MFA off. – However it is highly recommended to use MFA for all accounts.
azure, o365
Disable Azure AD registration for devices
Login to M365 portal as a Global Administrator.
Browse to Azure Active Directory > Devices
Go into Device settings.
Select None under the ‘Users may join devices to Azure AD‘ option
Check status of machine to see if it is joined to azure AD
Run powershell as Admin
dsregcmd /status
If the device is deleted in Azure AD, you need to re-register the device. To re-register, you must take a manual action on the device.
See below for instructions for re-registration based on the device state.
To re-register hybrid Azure AD joined Windows 10 and Windows Server 2016/2019 devices, take the following steps:
Open the command prompt as an administrator.
Enter dsregcmd.exe /debug /leave
Sign out and sign in to trigger the scheduled task that registers the device again with Azure AD.
azure, o365
You may want to stop end users from Accessing the Azure AD portal, as they can all view all user accounts and the email addresses associated with user accounts.
Follow the steps below to block user from Accessing Azure AD.
Login to Azure as global admin
Go the Azure AD > User Settings
Also select ‘No‘ for ‘Users can register applications’
Select ‘Yes‘ to ‘Restrict access to Azure AD administration portal’
Optional – Select ‘No‘ for ‘LinkedIn account connections’
End users will now be unable to view other users email addresses and names in Azure AD.