Jaspreet Singh How SPF, DKIM, and DMARC Actually Work Together (And Why One Alone Is Useless) How SPF, DKIM, and DMARC Actually Work Together (And Why One Alone Is Useless) Email security failures rarely start with malware. They start with trust. If someone can impersonate your domain, attacke... 14-Jan-2026 ITBlogs.ca
Jaspreet Singh How Attackers Use Inbox Rules (And Why Most Breaches Go Unnoticed) How Attackers Use Inbox Rules (And Why Most Breaches Go Unnoticed) Most people think email attacks end when the phishing email is clicked. They don’t. Some of the most serious attacks I see don’t use ... 13-Jan-2026 ITBlogs.ca
Jaspreet Singh Secure OneDrive & SharePoint Sharing: The Part Everyone Leaves Wide Open If there’s one place I keep finding security gaps, time and again, it’s OneDrive and SharePoint sharing. Not firewalls. Not MFA. Not even email anymore. It’s files. Everyone assumes: “It’s just a docu... 12-Jan-2026 ITBlogs.ca
Jaspreet Singh How to Secure Shared Mailboxes (The Part Everyone Forgets) Shared mailboxes are everywhere. Finance@ HR@ Info@ Support@ They’re convenient and simple, but if you’re not careful, they can quietly become a security risk. I see this often in real Microsoft 365 t... 10-Jan-2026 ITBlogs.ca
Jaspreet Singh Safe Links & Safe Attachments: The Quiet Security Features Saving You Every Day Most people think cybersecurity is all about firewalls, antivirus software, or the latest scary breach in the news. But some of the most important protection happens quietly inside your inbox every si... 09-Jan-2026 ITBlogs.ca
Jaspreet Singh How Phishing Bypasses Basic Security (And Why SMBs Are Still Getting Burned) How Phishing Bypasses Basic Security (And Why SMBs Are Still Getting Burned) Most small and mid-sized businesses think they’re “covered.” They have antivirus software. They have spam filtering. They m... 08-Jan-2026 ITBlogs.ca
Jaspreet Singh The Identity Security Checklist Every SMB Should Follow (Before It’s Too Late) Let me be clear: most SMB breaches don’t happen because hackers are especially clever. They happen because: MFA was “planned.” Admin access was never reviewed Old accounts were never disabled And iden... 07-Jan-2026 ITBlogs.ca
Jaspreet Singh How I Audit and Reduce Admin Roles (Before They Become a Problem) Whenever I take over a new Microsoft tenant, the first thing I check isn’t Conditional Access, MFA settings, or the security roadmap. Admin roles. Almost every time, I see the same issues: Too many gl... 06-Jan-2026 ITBlogs.ca
Jaspreet Singh Break-Glass Accounts: The One Thing I Always Set Up Before Touching Conditional Access If you work with Microsoft identity long enough, you’ll eventually learn this lesson the hard way: You can lock yourself out of your own tenant. I’ve seen this happen to engineers, MSPs, and internal ... 05-Jan-2026 ITBlogs.ca
Jaspreet Singh How I Restrict Microsoft 365 Access by Country (And Why I Do It in Every Tenant) One of the first things I check when I log in to a new Microsoft 365 tenant is where users are allowed to sign in. Most tenants I see are wide open: Any country. Any IP. Any time. And that’s usually w... 04-Jan-2026 ITBlogs.ca
Jaspreet Singh Security Defaults vs Conditional Access – When to Switch If you’ve used Entra ID (formerly Azure AD), you’ve likely come across Security Defaults. Microsoft created them as a simple way to turn on MFA, block legacy authentication, and help small organizatio... 03-Jan-2026 ITBlogs.ca
Jaspreet Singh Why Most Security Problems Start With Misunderstood Basics Most security incidents occur when people ignore or misunderstand the basics. (2025 State of Enterprise Technology Survey, n.d.) Focusing on these fundamentals can significantly improve your security.... 02-Jan-2026 ITBlogs.ca