
You Probably Already Own Everything Cyber Essentials Requires
Cyber Essentials v3.3 maps cleanly onto Microsoft 365 Business Premium. Entra, Intune, and Defender for Business cover all five technical controls without buying a single new tool.
Topic

Cyber Essentials v3.3 maps cleanly onto Microsoft 365 Business Premium. Entra, Intune, and Defender for Business cover all five technical controls without buying a single new tool.

When a vendor gets breached, their compromised guest account walks straight into your tenant. The layered Microsoft 365 model that stops it: sharing defaults, guest MFA, download limits, labels, and access reviews.

Adversary-in-the-middle phishing steals session tokens after a successful MFA prompt. Here is how to deploy MFA in 2026 so the stolen phish is worthless.

Windows 10 reached end of support in October 2025. Plus GPT-5 becomes Copilot's default model, Authenticator gets jailbreak detection, and Teams adds audio-only recording.

Strong user MFA means nothing if Global Admins carry the exceptions. This 8-level playbook takes tenant admin security from inventory to PIM, alerts, and quarterly access reviews.

As of September 30, 2025, authentication methods can no longer be managed in Entra's legacy MFA and SSPR policies. Here is the migration path and what breaks.

Nathan Taylor runs a Microsoft Center of Excellence at SourcePass that books 4 to 5 posture reviews weekly. His playbook: narrow scope, nail the fundamentals, and sell outcomes, not settings.

Six Conditional Access policies can stop token theft before it starts. Each blocks a different part of the attack, and each has a gap. Here is the full comparison with exact settings.

Exchange Online enforces tenant-wide outbound email limits, E5 Security arrives as a Business Premium add-on, and the Report Message add-in enters maintenance mode.

Entra keeps sign-in logs for 30 days at most, 7 on the free tier. Here is how to stream them into a Log Analytics Workspace and keep up to two years of evidence, usually for pocket change.

Microsoft blocks 7,000 password attacks per second, yet only 41% of Entra sign-ins use MFA. The data behind the passwordless push, and an honest look at what the passkey experience is like today.

By default, anyone with a Microsoft 365 tenant can open a Teams chat with your users. Here is the attack that exploits it and the four controls that break the kill chain.