Jaspreet Singh How I Audit and Reduce Admin Roles (Before They Become a Problem) Whenever I take over a new Microsoft tenant, the first thing I check isn’t Conditional Access, MFA settings, or the security roadmap. Admin roles. Almost every time, I see the same issues: Too many gl... 06-Jan-2026
Jaspreet Singh Break-Glass Accounts: The One Thing I Always Set Up Before Touching Conditional Access If you work with Microsoft identity long enough, you’ll eventually learn this lesson the hard way: You can lock yourself out of your own tenant. I’ve seen this happen to engineers, MSPs, and internal ... 05-Jan-2026
Jaspreet Singh How I Restrict Microsoft 365 Access by Country (And Why I Do It in Every Tenant) One of the first things I check when I log in to a new Microsoft 365 tenant is where users are allowed to sign in. Most tenants I see are wide open: Any country. Any IP. Any time. And that’s usually w... 04-Jan-2026
Jaspreet Singh Security Defaults vs Conditional Access – When to Switch If you’ve used Entra ID (formerly Azure AD), you’ve likely come across Security Defaults. Microsoft created them as a simple way to turn on MFA, block legacy authentication, and help small organizatio... 03-Jan-2026
Jaspreet Singh Why Most Security Problems Start With Misunderstood Basics Most security incidents occur when people ignore or misunderstand the basics. (2025 State of Enterprise Technology Survey, n.d.) Focusing on these fundamentals can significantly improve your security.... 02-Jan-2026
Jaspreet Singh How MFA Fatigue Attacks Actually Work (And Why They’re Still Succeeding) I still hear this all the time: “ We have MFA enabled, so we’re safe. ” I wish that were true. In real production environments, MFA fatigue attacks are among the easiest ways attackers still gain acce... 02-Jan-2026
Jaspreet Singh How I Disable Legacy Authentication in Microsoft Entra ID (Step-by-Step with Screenshots) How I Disable Legacy Authentication in Microsoft Entra ID (Step-by-Step with Screenshots) If you manage Microsoft 365 tenants long enough, you’ll notice a common pattern during security reviews: 👉 Sig... 01-Jan-2026
Jaspreet Singh How I Enable MFA Using Conditional Access (and Disable Security Defaults) This is the exact baseline setup I use when securing a Microsoft Entra tenant. I’m covering only three things here: Disabling Security Defaults Enforcing MFA using Conditional Access Verifying the set... 01-Jan-2026
Jaspreet Singh Zero Trust Isn’t a Tool — It’s a Habit I Had to Learn the Hard Way Written by Jaspreet Singh Author @ ITBlogs.ca I’ll Be Honest — I Used to Think I “Had” Zero Trust At one point, I genuinely thought: “We have MFA enabled. We’re good.” But the more environments I work... 01-Jan-2026
Jaspreet Singh Ultimate Guide to Microsoft Entra ID (2026): My Real-World Take on Identity & Security Ultimate Guide to Microsoft Entra ID (2026): My Real-World Take on Identity & Security Over the years, I’ve realized one thing very clearly: 👉 Identity is no longer just a component of security — it i... 31-Dec-2025
Jaspreet Singh Certifications Won’t Save Your Career — Skills Will (My Honest Take) I see this almost every day in the IT world. People are chasing certifications nonstop. One after another. Cloud, security, DevOps, networking — you name it. And don’t get me wrong — certifications ar... 31-Dec-2025
Jaspreet Singh Zero Trust Security Explained: A Practical Guide for Small & Medium Businesses 🔐 Zero Trust Security Explained: A Practical Guide for Small Medium Businesses 4 Introduction Cyberattacks are no longer targeting only large enterprises. Small and medium businesses (SMBs) are now pr... 29-Dec-2025