Susan Bradley

Contributing Writer

Susan Bradley has been patching since before the Code Red/Nimda days and remembers exactly where she was when SQL slammer hit (trying to buy something on eBay and wondering why the Internet was so slow). She writes the Patch Watch column for Windows Secrets, is a moderator on the PatchManagement.org listserve and SBS2k, and was one of the authors of Windows Server 2008 Security Resource Kit. . In real life she’s the IT wrangler at her firm, Tamiyasu, Smith, Horn and Braun, where she manages a fleet of Windows servers, an Exchange Server, desktops, a few Macs, several iPads, a few Surface devices, several iPhones and tries to keep patches up to date on all of them. In addition, she provides forensic computer investigations for the litigation consulting arm of the firm. She blogs at www.sbsdiva.com and is on twitter at @sbsdiva. She lurks on Twitter and Facebook, so if you are on Facebook with her, she really did read what you posted. She has a SANS/GSEC certification in security and prefers Heavy Duty Reynolds wrap for her tinfoil hat.

How to secure Microsoft-based election, campaign systems

How to secure Microsoft-based election, campaign systems

Microsoft has issued guidance and provided resources for local election bodies and candidate campaigns to help protect systems and communications.

6 known RCE vulnerabilities in enterprise VPNs and how to minimize the risk

6 known RCE vulnerabilities in enterprise VPNs and how to minimize the risk

Enterprise VPNs might not always be as safe as you think. Be aware of these RCE vulnerabilities in popular enterprise VPN solutions.

How to protect and safely erase data on Windows devices

How to protect and safely erase data on Windows devices

Microsoft's BitLocker now uses AES encryption, but will default to the storage device's hardware encryption unless you make this setting, which will also allow you to easily sanitize drives.

How to migrate smartphone users to the Outlook app with Intune

How to migrate smartphone users to the Outlook app with Intune

With the pending retirement of Microsoft Basic Authentication, the best way to protect mobile device users connecting through Exchange is to move them to Outlook.

How to detect and halt credential theft via Windows WDigest

How to detect and halt credential theft via Windows WDigest

Attackers can steal user credentials by enabling credential caching in the Windows authentication protocol WDigest. Here's how to stop them.

Security and compliance considerations for Microsoft Teams

Security and compliance considerations for Microsoft Teams

Admins will need to make these decisions around security and governance when porting from Office 365 Pro Plus to Microsoft Teams.

How to disable legacy authentication in Microsoft Exchange to enable MFA

How to disable legacy authentication in Microsoft Exchange to enable MFA

Microsoft recommends enabling multi-factor authentication for Office 365. To do so, you must also disable basic or legacy authentication on Microsoft Exchange Server.

7 steps to ensure your Azure backup works when you need it

7 steps to ensure your Azure backup works when you need it

Worried about ransomware attacks? The best thing you can do now is make sure your backup system is ready.

How to avoid using RDP on Windows

How to avoid using RDP on Windows

Several new vulnerability disclosures in Windows Remote Desktop Protocol suggest it’s time to stop using it where possible. Here’s how.

How to check Privileged Identity management settings for Office 365

How to check Privileged Identity management settings for Office 365

Microsoft Azure Privileged Identity Management (PIM) allows you to set administrative rights for roles on an as-needed basis, reducing risk.

Know your Edge Chromium security options

Know your Edge Chromium security options

Microsoft's upcoming Chromium-based Edge browser will give Edge- and Chrome-like web security features to older versions of Microsoft Windows. Here's what you need to know.

How attackers identify your organization's weakest links

How attackers identify your organization's weakest links

Understanding the techniques and tools attackers use in targeted phishing attacks.

How to set up Microsoft Azure AD Identity Protection to spot risky users

How to set up Microsoft Azure AD Identity Protection to spot risky users

Whichever license of Azure Active Directory you own, you have options to set up alerts and automate actions to risky user behavior.

How to manage Microsoft's BitLocker encryption feature

How to manage Microsoft's BitLocker encryption feature

Enterprises with many Windows devices might struggle to know which have BitLocker enabled or where to find BitLocker recovery keys. These techniques can help.

How to set up Microsoft Cloud App Security

How to set up Microsoft Cloud App Security

Microsoft's Cloud App Security add-on will alert you to suspicious sign-in activity in Office 365, Azure and other cloud apps using standard templates or custom policies.

How to tell which Microsoft Office patching process to use

How to tell which Microsoft Office patching process to use

How you download and deploy Microsoft Office patches depends on the version and license type you have. Here's how to determine which process to use.

How to use the new Microsoft 365 Business Conditional Access feature

How to use the new Microsoft 365 Business Conditional Access feature

Microsoft 365 Conditional Access lets you automate conditional access controls for cloud applications. If you haven't enabled it yet, you should.

8 steps to make sure Microsoft Windows 10 1903 is ready for deployment

8 steps to make sure Microsoft Windows 10 1903 is ready for deployment

Follow these steps to identify problems that might crop up when you update to the Windows 10 1903 release.

How to disable basic authentication in Microsoft Office 365

How to disable basic authentication in Microsoft Office 365

If you've implemented multi-factor authentication, you should disable the default basic authentication to make sure attackers can't exploit it.

How to set up password policies in Azure AD Password Protection

How to set up password policies in Azure AD Password Protection

When was the last time you reviewed your password policy? It's probably time to update, and Microsoft Azure has a good tool to set up and manage that policy.

Load More