PryroTech Blog

Is your organization rolling out Privileged Identity Management (or PIM)? If you haven't already, you're probably in the same boat as a lot of organizations. Rolling out Privileged Identity Management isn't about another checkbox, it's a shift towards strengthening access, accountability, and agility. With this in mind, I wanted to give you an effective strategy to begin your journey into PIM and provide some insights from my experience. Discovery and Assessment Take stock of the current roles that are active within your tenant already across the applications, from Entra ID itself, to Azure and your Microsoft 365 apps. Once you have your inventory of roles gathered, determine who has access and why - are there any roles that are no longer needed? Is the role necessary if a lesser role can achieve the same task? Check for overprivileged accounts. Identify high-risk roles such as Global Administrator, Exchange Administrator, etc. Identify service principals and applicatio...

 It's been a minute, but I am back with some absolutely exciting news. Just the other day, I came across an announcement that is sure to send shockwaves through the Microsoft 365 community - the implementation of Microsoft 365 Local: Microsoft's answer to keeping your M365 data sovereign. Over the past little while, more and more companies and organizations have been pivoting towards local alternatives to Microsoft 365 as the lines between data ownership and residency are getting blurred. Given that a plethora of countries in the EU started to pull away from Microsoft 365 and Azure due to lack of control over where their data was going, Microsoft has announced Microsoft 365 Local, which gives organizations the ability to bring the best of the Microsoft 365 environment into their own environment. What does this mean for organizations? Instead of hosting the infrastructure required on servers in the cloud - companies can now opt to host the services on their own infrastructure, p...

 Long time no see! The reason for this is because while I was away, I was working on a brand-new tool for administrators to audit their environment for shadow IT apps. This idea came after I wanted to be able to audit my own environment for shadow IT and didn't have a way to do it in a comprehensive manner. Thus, my PowerShell tool was born; I introduce to you, Shadowman! What is Shadowman? Shadowman in a nutshell is a tool designed to get you all the information that you need on the service principals in your Azure environment. Administrators have the option to conduct a basic audit that will capture all information and flags that are available through the application, as well as a targeted mode that will give administrators the ability to filter applications based on the following flags: Service Principal Properties Property Description DisplayName Name of the service principal AppId Application ID ObjectId Object ID in Azure AD ...

Working in an IT department, you're always making changes and doing things. However, the plethora of platforms that allow you to communicate these things are also constantly changing as well as expanding. One feature I have discovered in the Microsoft 365 admin center is the ability to send organizational messages. If you haven't already, I highly recommend looking into how organizational messages can positively impact your org-wide communications. In this post, I will talk about this feature and how you can get the most out of it. What is Organizational Messages? Organizational Messages in Microsoft 365 are targeted, branded communications delivered directly within Microsoft apps and Windows environments. They help organizations share timely updates, onboarding guidance, policy changes, and training resources—right where users work. With customizable visuals, audience targeting, and performance tracking, these messages ensure important information reaches the right people at t...