Brandon Lee

Networking

Storage

Virtualization

Brandon Lee has been in the industry 20+ years, is a prolific blogger focusing on networking, virtualization, storage, security & cloud, and contributes to the community through various blog posts and technical documentation primarily at Virtualizationhowto.com.

Articles written by Brandon Lee

Jun

13

Passwordless realities of Entra ID (formerly Azure AD) Temporary Access Pass

One of the new movements in authentication technology is called passwordless authentication. With passwordless authentication, end-users can use other means to sign in aside from the traditional password. Microsoft’s Temporary Access Pass for Microsoft Entra ID (formerly Azure Active Directory)…
Read More
Jun

06

Is your SSO login protected enough?

Today, many organizations use more systems than ever, spanning on-premises and cloud environments. As a result, employees are tasked with remembering more and more passwords as the number of systems and services continues to grow. Single Sign-On (SSO) is a…
Read More
May

31

Government of Canada password policy and best practices

Governments worldwide document specific guidance related to cybersecurity and define best practices related to protecting business-critical resources from attack. The Government of Canada (GC) provides detailed password guidance best practices to keep passwords from being compromised. In this review of…
Read More
May

16

NIST 800-53 guidelines and requirements

To help increase their cybersecurity posture and successfully meet compliance regulations, organizations must consult the latest guidance regarding security and privacy controls for securing business-critical data. The National Institute of Standards and Technology (NIST) is a respected authority for cybersecurity…
Read More
Apr

25

Virginia Consumer Data Protection Act

The Virginia Consumer Data Protection Act (VCDPA) was recently signed, making it the second state that has signed a consumer privacy regulation into law. This legislation follows what was implemented in California by way of the California Consumer Privacy Act…
Read More
Apr

18

NIST MFA guidelines

End-user passwords are often the weakest link in IT security, providing the path of least resistance for an attacker looking to penetrate business systems. Users commonly choose easy to remember, and consequently, easy to compromise passwords. In IBM's Cost of…
Read More
Apr

11

2022-2023 NIST 800-63b Password Guidelines and Best Practices

The most basic form of authentication is the password. Despite many advancements in cybersecurity, the username and password, although outdated, are still used as the most common form of authentication today. Enterprise environments have long used password policies to help…
Read More
Mar

28

Active Directory reversible encryption explained

If you have administered password policies in Active Directory or looked at the local policies present in the Windows client operating system, you may have noticed an interesting setting contained in the Account policies section. The setting is Store passwords…
Read More
Mar

07

How to delegate password reset permissions in Active Directory

Least privilege access is a crucial part of security that protects against overprovisioning user permissions. Even with IT technicians, and junior administrators, this needs to be considered when configuring permissions in the environment. A case in point is helpdesk staff…
Read More
Feb

07

Active Directory privilege escalation

There is no shortage of vulnerabilities and risks in today's digital world. Attackers are using any way possible to compromise business-critical data. However, one of the prevalent ways cybercriminals can get a foothold into your environment is by compromising user…
Read More