Susan Bradley

Contributing Writer

Susan Bradley has been patching since before the Code Red/Nimda days and remembers exactly where she was when SQL slammer hit (trying to buy something on eBay and wondering why the Internet was so slow). She writes the Patch Watch column for Windows Secrets, is a moderator on the PatchManagement.org listserve and SBS2k, and was one of the authors of Windows Server 2008 Security Resource Kit. . In real life she’s the IT wrangler at her firm, Tamiyasu, Smith, Horn and Braun, where she manages a fleet of Windows servers, an Exchange Server, desktops, a few Macs, several iPads, a few Surface devices, several iPhones and tries to keep patches up to date on all of them. In addition, she provides forensic computer investigations for the litigation consulting arm of the firm. She blogs at www.sbsdiva.com and is on twitter at @sbsdiva. She lurks on Twitter and Facebook, so if you are on Facebook with her, she really did read what you posted. She has a SANS/GSEC certification in security and prefers Heavy Duty Reynolds wrap for her tinfoil hat.

The Latest from Susan

Feature

6 known RCE vulnerabilities in enterprise VPNs and how to minimize the risk

Enterprise VPNs might not always be as safe as you think. Be aware of these RCE vulnerabilities in popular enterprise VPN solutions.

How-To

How to protect and safely erase data on Windows devices

Microsoft's BitLocker now uses AES encryption, but will default to the storage device's hardware encryption unless you make this setting, which will also allow you to easily sanitize drives.

How-To

How to migrate smartphone users to the Outlook app with Intune

With the pending retirement of Microsoft Basic Authentication, the best way to protect mobile device users connecting through Exchange is to move them to Outlook.

How-To

How to detect and halt credential theft via Windows WDigest

Attackers can steal user credentials by enabling credential caching in the Windows authentication protocol WDigest. Here's how to stop them.

How-To

Security and compliance considerations for Microsoft Teams

Admins will need to make these decisions around security and governance when porting from Office 365 Pro Plus to Microsoft Teams.

How-To

How to disable legacy authentication in Microsoft Exchange to enable MFA

Microsoft recommends enabling multi-factor authentication for Office 365. To do so, you must also disable basic or legacy authentication on Microsoft Exchange Server.

How-To

7 steps to ensure your Azure backup works when you need it

Worried about ransomware attacks? The best thing you can do now is make sure your backup system is ready.

How-To

How to avoid using RDP on Windows

Several new vulnerability disclosures in Windows Remote Desktop Protocol suggest it’s time to stop using it where possible. Here’s how.

How-To

How to check Privileged Identity management settings for Office 365

Microsoft Azure Privileged Identity Management (PIM) allows you to set administrative rights for roles on an as-needed basis, reducing risk.

How-To

Know your Edge Chromium security options

Microsoft's upcoming Chromium-based Edge browser will give Edge- and Chrome-like web security features to older versions of Microsoft Windows. Here's what you need to know.

Opinion

How attackers identify your organization's weakest links

Understanding the techniques and tools attackers use in targeted phishing attacks.

How-To

How to set up Microsoft Azure AD Identity Protection to spot risky users

Whichever license of Azure Active Directory you own, you have options to set up alerts and automate actions to risky user behavior.

How-To

How to manage Microsoft's BitLocker encryption feature

Enterprises with many Windows devices might struggle to know which have BitLocker enabled or where to find BitLocker recovery keys. These techniques can help.

How-To

How to set up Microsoft Cloud App Security

Microsoft's Cloud App Security add-on will alert you to suspicious sign-in activity in Office 365, Azure and other cloud apps using standard templates or custom policies.

How-To

How to tell which Microsoft Office patching process to use

How you download and deploy Microsoft Office patches depends on the version and license type you have. Here's how to determine which process to use.

How-To

How to use the new Microsoft 365 Business Conditional Access feature

Microsoft 365 Conditional Access lets you automate conditional access controls for cloud applications. If you haven't enabled it yet, you should.

How-To

8 steps to make sure Microsoft Windows 10 1903 is ready for deployment

Follow these steps to identify problems that might crop up when you update to the Windows 10 1903 release.

How-To

How to disable basic authentication in Microsoft Office 365

If you've implemented multi-factor authentication, you should disable the default basic authentication to make sure attackers can't exploit it.

How-To

How to set up password policies in Azure AD Password Protection

When was the last time you reviewed your password policy? It's probably time to update, and Microsoft Azure has a good tool to set up and manage that policy.

How-To

How to update your Spectre, Meltdown mitigations for the Retpoline mitigation

Intel recently released a new mitigation for Spectre and Meltdown and some of their variants. Called Retpoline, it might not be enabled with the Windows 10 1809 update. Here's how to find out and implement.

Popular Resources

Video/Webcast
Sponsored

Cloud-Delivered Security: Network Detection and Response
White Paper

Cloud Lessons Learned: Four Companies That Migrated Their Windows Server and SQL Server Workloads to Azure
White Paper

Four SD-WAN security hurdles to overcome
White Paper

Digital Identity Security Assurance
White Paper

How a Software-Defined Network Advances Digital Transformation

See All