Global Admin, no MFA. My daily dose of 'are you serious?' 🙄 → Global Admin account. No MFA. Password: Company2023! → SharePoint site. Public. Since 2021. → 47 users forwarding emails to Gmail → Conditional Access policy: 0 rules enforced And someone got paid handsomely for this

Hardening Intune, by @Carlos_Perez Part 1: The Privileged Roles Nobody Talks About trustedsec.com/blog/the-priv… Part 2: The Implementation Guide trustedsec.com/blog/hardenin…

Your M365 'security' is based on compliance checklists? That's building a bulletproof vest then leaving your brain exposed. Real security is active, not checkboxes. 🧠 wintive.com

Oh, you bought M365 E5? Fantastic! Now, about actually *using* it... → 250 E5 licenses. Monthly cost: $12,500. 💸 → Defender for Endpoint: not configured. → Purview DLP policies: 0. → Sentinel workspace: created, never opened. Must be nice to burn $12,500/month on something you

Why didn’t somebody tell me before that local AI agents are already running on our managed devices? 😩 Right now in our tenant: • 6 AI agents detected • 3 unique agents (Hermes, Claude Code, OpenClaw) • Running on 29% of onboarded devices The FREE Intune Dashboard now includes a dedicated **AI Agents** tab that proactively scans and shows exactly which local AI agents are installed across the fleet. @MSIntune #Intune

Zero Trust isn't a product you buy; it's a culture you build. Until your C-suite greenlights tearing down sacred cows (and admin rights!), you're just paying for more security theater. 🎭

Zero Trust strategy? More like 'Zero Clue' strategy. 🤦 Some recent findings: → Zero Trust roadmap: 48-page PowerPoint 📝 → MFA rollout: planned since Q1 2022 → Still 200 local admin accounts active → VPN still the 'security strategy' Bet their 'strategic consultant' retired earl

[New Post] 📌Manage Windows Recall Availability for End Users on Managed Devices using Intune anoopcnair.com/windows-recal… #MSIntune #Intune #HTMDCommunity

Most SharePoint governance plans are just IT's attempt to build bigger walls. Meanwhile, users are already building tunnels. Your 'plan' failed before day one. 💀 wintive.com

Oh look, a Global Admin account without MFA. What could *possibly* go wrong? 💀 → Global Admin. No MFA. Password: Company2023! 🤦‍♂️ → SharePoint site. Public. Since 2021. → 47 users forwarding emails to Gmail. → Conditional Access policy: 0 rules enforced. Glad they pay us to pr

Originally from TrustedSec: Hardening Intune: The Implementation Guide trustedsec.com/blog/hardenin… ( :-{ı▓ #trustedsec #pentesting #cyberresearch

Most Conditional Access deployments are crippled by IT's fear of locking themselves out. Result? Half-baked policies that protect nobody. If you can't trust your break-glass, you can't trust your CA 💀.

Who needs SharePoint governance when you have... chaos? 🤦 → SharePoint sites: 847. Owners: unknown for 600. → External sharing: enabled for all. 😱 → Guest users: 1,200. Most never removed. → Data classification: nobody's job apparently. That's not a platform, it's a very expensiv

Why didn’t somebody tell me before that required installations are one of the biggest things breaking Autopilot ESP? 😩 “So what are your required installations?” Every Autopilot admin asks this… and Intune makes it ridiculously hard to answer. No single view. You’re stuck clicking through assignments or running PowerShell. Meanwhile your ESP is stuck for 30 minutes because of 7 hidden required Win32 apps. The FREE Intune Dashboard fixes it in one click. Now you can easily compare with the ESP configuration. **Required Install** view shows every required app across the entire tenant — All Devices All Users — instantly. Right now we have exactly **7** required apps (ConfigMgr Toolkit, .NET Runtime, M365 Apps, etc.). No more guessing. No more ESP surprises. @MSIntune #Intune

SharePoint governance doesn't fail because users are messy. It fails because IT still treats it like a file share from 2005, building prisons, not platforms. Empower or get out of the way. 🔒

Another 'Intune deployment' where the 'deploy' button was the only thing pressed. 🤦‍♂️ → Intune license paid. Enrollment: 0 devices. → MDM policy: default. Which means: none. → Compliance policy: exists. Enforced: never. → IT team still imaging PCs manually in 2024. All that mone

Get your copy of the Office 365 for IT Pros eBook (2026 edition) at gum.co/O365IT/

Zero Trust isn't a product you buy; it's a culture you build. Marketing sells you the product. Reality check: your leadership probably still thinks it's an antivirus. 🤡

Your firm's 12% lost revenue? Clearly, the associates are just slow. Find your firm's lost millions. Get the Wintive audit. wintive.com/offers/#producti… #Microsoft365 #LawFirm

Some people just *love* playing Russian Roulette with their tenant. No MFA on GA? Bold strategy. 🤦‍♂️ → Global Admin account. No MFA. Password: Company2023! → SharePoint site. Public. Since 2021. → 47 users forwarding emails to Gmail → Conditional Access policy: 0 rules enforced