This is a hill I will die on. MFA for everyone, from everywhere, all the time. No excuses, no if, buts and whys. MFA is your number one frontline defence against malicious actors. Yes, there are other many compensating controls that can be in place such as Firewalls, VPNs, networking controls, Conditional Access policies, Device […]
Entra App Registrations, Enterprise Apps and Service Principals
A practical engineering guide to owners, assignment, consent, credentials and risk The one-line lesson: do not confuse ownership, assignment, consent and credentials. They control different risks. Contents Why this topic trips people up Microsoft Entra application governance looks simple until you start reviewing real tenants. Then the terminology gets slippery. App Registrations, Enterprise Applications, service […]