https://magrathean.uk/it/blog/ Practical Microsoft 365 security, identity, endpoint and Cyber Essentials Plus field notes from a UK IT consultancy. en-GB Tue, 05 May 2026 00:00:00 GMT https://magrathean.uk/it/blog/cyber-essentials-plus-readiness-checklist-microsoft-365/ https://magrathean.uk/it/blog/cyber-essentials-plus-readiness-checklist-microsoft-365/ Cyber Essentials Plus readiness guidance for UK Microsoft 365 teams covering identity, endpoint control, patching, phishing resistance and evidence. Tue, 05 May 2026 00:00:00 GMT Cyber Essentials Plus readiness Microsoft 365 security readiness CE+ Microsoft Intune Defender UK IT security consultant https://magrathean.uk/it/blog/intune-defender-endpoint-control-checklist/ https://magrathean.uk/it/blog/intune-defender-endpoint-control-checklist/ A practical guide for Intune and Defender control coverage, compliance gating, ownership, and day-to-day endpoint evidence. Tue, 05 May 2026 00:00:00 GMT Intune consultant UK Defender for Endpoint cleanup endpoint hardening Autopilot compliance controls https://magrathean.uk/it/blog/microsoft-365-security-backlog-uk-smes-2026/ https://magrathean.uk/it/blog/microsoft-365-security-backlog-uk-smes-2026/ A prioritised 2026 Microsoft 365 security backlog for UK SMEs covering identity, endpoint, mail, data and evidence in the order that usually makes the most sense. Tue, 05 May 2026 00:00:00 GMT Microsoft 365 Security Backlog UK SME Cyber Essentials Plus https://magrathean.uk/it/blog/microsoft-365-security-cleanup-checklist/ https://magrathean.uk/it/blog/microsoft-365-security-cleanup-checklist/ A focused Microsoft 365 cleanup guide for identity, mail, collaboration and audit controls that reduce risk quickly without turning into a consultancy novella. Tue, 05 May 2026 00:00:00 GMT Microsoft 365 security cleanup Entra ID hardening M365 tenant risk reduction Conditional Access cleanup https://magrathean.uk/it/blog/cyber-essentials-plus-endpoint-sample-checks-before-assessor/ https://magrathean.uk/it/blog/cyber-essentials-plus-endpoint-sample-checks-before-assessor/ A practical pre-assessment endpoint guide for Cyber Essentials Plus across Intune, Defender, patching and local admin. Mon, 04 May 2026 00:00:00 GMT Cyber Essentials Plus Intune Defender for Endpoint Endpoint Security https://magrathean.uk/it/blog/uk-cyber-security-breaches-survey-microsoft-365-owners/ https://magrathean.uk/it/blog/uk-cyber-security-breaches-survey-microsoft-365-owners/ Practical Microsoft 365 lessons from the UK Cyber Security Breaches Survey 2025 to 2026. Thu, 30 Apr 2026 00:00:00 GMT UK Cyber Security Microsoft 365 Phishing Incident Response https://magrathean.uk/it/blog/cyber-essentials-v33-14-day-patch-evidence/ https://magrathean.uk/it/blog/cyber-essentials-v33-14-day-patch-evidence/ How to prepare patching evidence for Cyber Essentials v3.3 across Windows, Microsoft 365 Apps, Intune and exceptions. Mon, 27 Apr 2026 00:00:00 GMT Cyber Essentials Plus Patching Intune Windows https://magrathean.uk/it/blog/cyber-essentials-v33-mfa-cloud-auto-fail/ https://magrathean.uk/it/blog/cyber-essentials-v33-mfa-cloud-auto-fail/ A practical Microsoft 365 guide for Cyber Essentials v3.3 MFA requirements and cloud service accounts. Thu, 23 Apr 2026 00:00:00 GMT Cyber Essentials Plus MFA Microsoft 365 Entra ID https://magrathean.uk/it/blog/cyber-essentials-v33-cloud-services-scope/ https://magrathean.uk/it/blog/cyber-essentials-v33-cloud-services-scope/ What the Cyber Essentials April 2026 cloud service scope changes mean for Microsoft 365, Entra ID, Intune and evidence. Mon, 20 Apr 2026 00:00:00 GMT Cyber Essentials Plus Microsoft 365 Cloud Services UK SME https://magrathean.uk/it/blog/endpoint-dlp-defender-for-endpoint-onboarded/ https://magrathean.uk/it/blog/endpoint-dlp-defender-for-endpoint-onboarded/ Why Endpoint DLP depends on onboarded devices, sensible targeting, and a working endpoint management baseline before policy can be trusted. Thu, 16 Apr 2026 00:00:00 GMT Endpoint DLP Microsoft Purview Defender for Endpoint Intune https://magrathean.uk/it/blog/purview-dspm-ai-data-posture-microsoft-365/ https://magrathean.uk/it/blog/purview-dspm-ai-data-posture-microsoft-365/ How Microsoft Purview DSPM for AI helps spot overshared, unlabeled and risky data before Microsoft 365 Copilot rollout gets ahead of the underlying posture. Mon, 13 Apr 2026 00:00:00 GMT Microsoft Purview DSPM AI Security Copilot Microsoft 365 https://magrathean.uk/it/blog/intune-policy-conflict-map-baselines-settings-catalog/ https://magrathean.uk/it/blog/intune-policy-conflict-map-baselines-settings-catalog/ A practical operating model for deciding where Intune settings belong so policy conflict does not become the default state. Thu, 09 Apr 2026 00:00:00 GMT Intune Endpoint Security Settings Catalog Windows https://magrathean.uk/it/blog/intune-mobile-passkeys-credential-provider/ https://magrathean.uk/it/blog/intune-mobile-passkeys-credential-provider/ Why passkeys in Microsoft Authenticator and Intune mobile controls deserve a proper plan instead of being treated as a side feature. Mon, 06 Apr 2026 00:00:00 GMT Intune Passkeys Android Mobile Security Entra ID https://magrathean.uk/it/blog/microsoft-managed-conditional-access-policies/ https://magrathean.uk/it/blog/microsoft-managed-conditional-access-policies/ What Microsoft-managed Conditional Access policies do and how SMEs should review them before relying on them. Thu, 02 Apr 2026 00:00:00 GMT Conditional Access Entra ID Microsoft 365 MFA https://magrathean.uk/it/blog/container-labels-teams-sites-groups/ https://magrathean.uk/it/blog/container-labels-teams-sites-groups/ How Microsoft Purview container labels help control Teams, Microsoft 365 Groups and SharePoint sites before file-level labels ever come into the story. Mon, 30 Mar 2026 00:00:00 GMT Microsoft Purview Teams SharePoint Sensitivity Labels https://magrathean.uk/it/blog/sensitivity-labels-sharepoint-onedrive-practical-start/ https://magrathean.uk/it/blog/sensitivity-labels-sharepoint-onedrive-practical-start/ A sensible way to start sensitivity labels in SharePoint and OneDrive without turning the rollout into a taxonomy project. Thu, 26 Mar 2026 00:00:00 GMT Microsoft Purview Sensitivity Labels SharePoint OneDrive https://magrathean.uk/it/blog/dlp-for-copilot-third-party-ai-microsoft-365/ https://magrathean.uk/it/blog/dlp-for-copilot-third-party-ai-microsoft-365/ How to use Microsoft Purview DLP and better data hygiene before Copilot or third-party AI tools turn ordinary oversharing into a bigger problem. Mon, 23 Mar 2026 00:00:00 GMT Microsoft Purview DLP Copilot AI Security Microsoft 365 https://magrathean.uk/it/blog/password-spray-controls-microsoft-365/ https://magrathean.uk/it/blog/password-spray-controls-microsoft-365/ A practical control stack for reducing password spray risk in Microsoft 365 using Entra ID, MFA and legacy authentication blocking. Thu, 19 Mar 2026 00:00:00 GMT Password Spray Entra ID MFA Conditional Access https://magrathean.uk/it/blog/passkeys-entra-id-practical-rollout/ https://magrathean.uk/it/blog/passkeys-entra-id-practical-rollout/ How to roll out passkeys in Microsoft Entra ID without confusing users or weakening account recovery. Mon, 16 Mar 2026 00:00:00 GMT Passkeys Entra ID MFA Passwordless https://magrathean.uk/it/blog/audit-logs-evidence-before-cyber-essentials-plus/ https://magrathean.uk/it/blog/audit-logs-evidence-before-cyber-essentials-plus/ A practical evidence pack for Microsoft 365, Intune and Defender controls before Cyber Essentials Plus or customer security review. Thu, 12 Mar 2026 00:00:00 GMT Cyber Essentials Plus Audit Logs Microsoft Purview Evidence https://magrathean.uk/it/blog/oauth-app-consent-audit-microsoft-365/ https://magrathean.uk/it/blog/oauth-app-consent-audit-microsoft-365/ How to review OAuth app consent, admin consent workflow and risky app permissions in Microsoft 365. Mon, 09 Mar 2026 00:00:00 GMT OAuth App Consent Entra ID Microsoft 365 https://magrathean.uk/it/blog/defender-office-365-daily-weekly-monthly-ops/ https://magrathean.uk/it/blog/defender-office-365-daily-weekly-monthly-ops/ A practical operating rhythm for Defender for Office 365 covering incidents, submissions, quarantine, tuning, reporting and policy drift. Thu, 05 Mar 2026 00:00:00 GMT Defender for Office 365 Security Operations Phishing Microsoft 365 https://magrathean.uk/it/blog/microsoft-365-incident-response-starter-plan/ https://magrathean.uk/it/blog/microsoft-365-incident-response-starter-plan/ A simple Microsoft 365 incident response plan for mailbox compromise, admin compromise, data exposure and endpoint compromise. Mon, 02 Mar 2026 00:00:00 GMT Incident Response Microsoft 365 Defender Entra ID https://magrathean.uk/it/blog/guest-access-reviews-teams-sharepoint/ https://magrathean.uk/it/blog/guest-access-reviews-teams-sharepoint/ A practical guest access review model for Microsoft Teams, SharePoint and Entra ID that keeps supplier and contractor access under control. Thu, 26 Feb 2026 00:00:00 GMT Teams SharePoint Guest Access Entra ID Access Reviews https://magrathean.uk/it/blog/break-glass-accounts-microsoft-365-design/ https://magrathean.uk/it/blog/break-glass-accounts-microsoft-365-design/ How to design Microsoft 365 break-glass accounts for emergency access without creating unmanaged security holes. Mon, 23 Feb 2026 00:00:00 GMT Break Glass Entra ID Conditional Access Microsoft 365 https://magrathean.uk/it/blog/mail-forwarding-inbox-rules-audit-microsoft-365/ https://magrathean.uk/it/blog/mail-forwarding-inbox-rules-audit-microsoft-365/ How to audit mailbox forwarding, inbox rules and transport rules in Microsoft 365, especially after compromise or during a broader tenant review. Thu, 19 Feb 2026 00:00:00 GMT Exchange Online Defender for Office 365 Mailbox Audit Microsoft 365 https://magrathean.uk/it/blog/windows-10-end-of-support-microsoft-365-cyber-essentials-risk/ https://magrathean.uk/it/blog/windows-10-end-of-support-microsoft-365-cyber-essentials-risk/ Why Windows 10 end of support is still a live Microsoft 365 and assurance problem, even with extended transition options available. Mon, 16 Feb 2026 00:00:00 GMT Windows 10 Microsoft 365 Apps Cyber Essentials Plus Endpoint Security https://magrathean.uk/it/blog/device-compliance-conditional-access-defender-risk/ https://magrathean.uk/it/blog/device-compliance-conditional-access-defender-risk/ Why Intune compliance, Defender for Endpoint risk, and Conditional Access need to work together if device trust is going to mean anything. Thu, 12 Feb 2026 00:00:00 GMT Intune Conditional Access Defender for Endpoint Device Compliance https://magrathean.uk/it/blog/avd-intune-epm-least-privilege/ https://magrathean.uk/it/blog/avd-intune-epm-least-privilege/ How to design least privilege for Azure Virtual Desktop with Intune, while keeping session hosts supportable and exceptions under control. Mon, 09 Feb 2026 00:00:00 GMT Azure Virtual Desktop Intune Endpoint Privilege Management Least Privilege https://magrathean.uk/it/blog/endpoint-privilege-management-standard-users-exceptions/ https://magrathean.uk/it/blog/endpoint-privilege-management-standard-users-exceptions/ How to use Microsoft Intune Endpoint Privilege Management to move users off local admin without turning support into chaos. Thu, 05 Feb 2026 00:00:00 GMT Intune Endpoint Privilege Management Local Admin Least Privilege https://magrathean.uk/it/blog/intune-baseline-conflicts-why-policies-fail/ https://magrathean.uk/it/blog/intune-baseline-conflicts-why-policies-fail/ A practical guide to tracing Microsoft Intune policy conflicts across baselines, settings catalog, account protection and endpoint security profiles. Mon, 02 Feb 2026 00:00:00 GMT Intune Endpoint Security Policy Conflict Windows https://magrathean.uk/it/blog/microsoft-secure-score-use-as-backlog-not-kpi/ https://magrathean.uk/it/blog/microsoft-secure-score-use-as-backlog-not-kpi/ Why Microsoft Secure Score is best treated as a prioritised work queue and discussion tool, not as proof that a Microsoft 365 tenant is secure. Thu, 29 Jan 2026 00:00:00 GMT Secure Score Microsoft 365 Security Backlog Defender XDR https://magrathean.uk/it/blog/sharepoint-onedrive-external-sharing-cleanup/ https://magrathean.uk/it/blog/sharepoint-onedrive-external-sharing-cleanup/ A practical way to clean up external sharing across SharePoint, OneDrive and connected Teams sites without breaking normal collaboration. Mon, 26 Jan 2026 00:00:00 GMT SharePoint OneDrive Teams External Sharing Microsoft 365 https://magrathean.uk/it/blog/phishing-still-pays-uk-microsoft-365-action-plan/ https://magrathean.uk/it/blog/phishing-still-pays-uk-microsoft-365-action-plan/ A grounded Microsoft 365 phishing reduction plan for UK SMEs, with official guidance and practical checks that hold up in day-to-day operations. Thu, 22 Jan 2026 00:00:00 GMT Phishing Defender for Office 365 UK Cyber Security Microsoft 365 https://magrathean.uk/it/blog/defender-office-365-baseline-standard-vs-strict/ https://magrathean.uk/it/blog/defender-office-365-baseline-standard-vs-strict/ How to choose Microsoft Defender for Office 365 preset policies, where Strict helps, and where a rushed rollout usually backfires. Mon, 19 Jan 2026 00:00:00 GMT Defender for Office 365 Phishing Microsoft 365 Email Security https://magrathean.uk/it/blog/mfa-microsoft-365-security-defaults-conditional-access-per-user/ https://magrathean.uk/it/blog/mfa-microsoft-365-security-defaults-conditional-access-per-user/ A practical comparison of Microsoft 365 MFA options for UK SMEs and when to use each. Thu, 15 Jan 2026 00:00:00 GMT MFA Entra ID Conditional Access Microsoft 365 https://magrathean.uk/it/blog/stop-admin-sprawl-global-admin-cleanup-microsoft-365/ https://magrathean.uk/it/blog/stop-admin-sprawl-global-admin-cleanup-microsoft-365/ A practical cleanup plan for excessive Global Administrator permissions in Microsoft 365 and Entra ID. Mon, 12 Jan 2026 00:00:00 GMT Entra ID Admin Roles Microsoft 365 Least Privilege https://magrathean.uk/it/blog/conditional-access-report-only-to-enforcement-safely/ https://magrathean.uk/it/blog/conditional-access-report-only-to-enforcement-safely/ How to take Microsoft Entra Conditional Access policies from report-only to enforced in a controlled way. Thu, 08 Jan 2026 00:00:00 GMT Entra ID Conditional Access MFA Microsoft 365 https://magrathean.uk/it/blog/microsoft-365-security-review-uk-smes-first-10-checks/ https://magrathean.uk/it/blog/microsoft-365-security-review-uk-smes-first-10-checks/ A practical first-pass Microsoft 365 security review for UK SMEs covering identity, Conditional Access, devices, sharing, mail and evidence. Mon, 05 Jan 2026 00:00:00 GMT Microsoft 365 UK SME Security Review Entra ID Defender