Blog

Knowledge & Insights

Practical articles on IT, Microsoft 365, AI and digitalisation.

Newsletter

Tech news in your inbox

New articles straight to your inbox.

Intune Suite included in Microsoft 365 E3 and E5: what IT teams activate now — and what not
Microsoft 3651 July 2026

Intune Suite included in Microsoft 365 E3 and E5: what IT teams activate now — and what not

From Q3 2026, Microsoft automatically rolls out Intune Suite capabilities for E3 and E5 tenants. Remote Help, Advanced Analytics, Endpoint Privilege Management, and Cloud PKI are now included. But provisioning is not the same as use: without configuration, none of these capabilities reach your end users.

Read article →
Conditional Access Optimization Agent: the AI that scans your Microsoft Entra policies for gaps every day
Security30 June 2026

Conditional Access Optimization Agent: the AI that scans your Microsoft Entra policies for gaps every day

Conditional Access policies grow with your environment — but so do the gaps. New employees, shadow IT applications, AI agents with their own identities: each can fall outside your existing policies. The Conditional Access Optimization Agent in Microsoft Entra scans your tenant daily and shows exactly where coverage is missing.

Read article →
Conditional Access extends to Windows Hello for Business registration: what to review before 6 July
Security29 June 2026

Conditional Access extends to Windows Hello for Business registration: what to review before 6 July

On 6 July 2026, Entra ID Conditional Access extends to Windows Hello for Business enrolment and macOS Platform SSO registration. Policy requirements such as trusted locations and authentication strength will then apply during device registration — not only at sign-in. Which policies need reviewing, and what can you still do this week?

Read article →
SharePoint Authoritative Sites: guide Copilot to the right sources in your organisation
Microsoft 36528 June 2026

SharePoint Authoritative Sites: guide Copilot to the right sources in your organisation

Microsoft is rolling out Authoritative Sites for SharePoint in Copilot this week. With a single PowerShell command you mark a site as a trusted source, so Copilot Chat and Copilot Search consistently prioritise its content over random documents elsewhere in the tenant. How it works, which sites to mark first, and how it relates to Restricted Content Discovery.

Read article →
Intune Vulnerability Remediation Agent: how the AI agent prioritises and triages CVEs on your Windows endpoints
Security27 June 2026

Intune Vulnerability Remediation Agent: how the AI agent prioritises and triages CVEs on your Windows endpoints

Microsoft has rolled out the Vulnerability Remediation Agent for Intune to all customers in public preview this month. The agent analyses CVE data from Defender Vulnerability Management, prioritises vulnerabilities per device, and surfaces remediation recommendations directly in the Intune admin centre. How does the new Entra agentic identity work, which licences are required, and what can you configure this week?

Read article →
VoIP for SMEs: how modern business telephony works (and what IVR, SIP and call queues mean)
Telefonie27 June 2026

VoIP for SMEs: how modern business telephony works (and what IVR, SIP and call queues mean)

Calling over the internet has long been the standard, but what is under the hood? We explain VoIP for SMEs, from SIP and codecs to IVR and call queues, and how to switch without hassle.

Read article →
YellowKey and Bitskrieg: BitLocker TPM-only is broken — how to protect your laptops now
Security26 June 2026

YellowKey and Bitskrieg: BitLocker TPM-only is broken — how to protect your laptops now

Two named vulnerabilities — YellowKey and Bitskrieg — show that BitLocker without a startup PIN can be bypassed. The permanent fix is in the June 2026 Patch Tuesday. But patching alone is not enough: organisations that keep using TPM-only remain structurally exposed. How do the attacks work, how do you configure TPM+PIN via Intune, and what should you do this week?

Read article →
Entra Custom Controls retire 30 September 2026: how to migrate to External MFA
Security25 June 2026

Entra Custom Controls retire 30 September 2026: how to migrate to External MFA

Organisations that connect Duo, RSA or another external MFA provider through Conditional Access Custom Controls must migrate to External MFA before 30 September 2026. Microsoft is replacing the legacy Custom Controls approach with an OIDC-based standard that integrates more deeply and is more secure. What changes, which steps are required, and how much time is left?

Read article →
New SharePoint experience: what IT teams must do before the mandatory rollout
Microsoft 36524 June 2026

New SharePoint experience: what IT teams must do before the mandatory rollout

Microsoft is rolling out the new SharePoint experience between mid-June and mid-July 2026. The rollout is mandatory with no permanent opt-out. Admins can request up to six months of delay, but after that the new navigation structure is final. What changes, and which steps do you take now?

Read article →
Windows 11 25H2 security baseline in Intune: nine changes and how to migrate your profiles
Security23 June 2026

Windows 11 25H2 security baseline in Intune: nine changes and how to migrate your profiles

With Intune service release 2603, the security baseline for Windows 11 25H2 is now available. Nine settings have changed, existing 24H2 profiles are not auto-updated and become read-only. Which two settings need the most attention and how to complete the migration in four steps.

Read article →
EDR killers and encryption-less extortion: how ransomware disables your endpoint security
Security22 June 2026

EDR killers and encryption-less extortion: how ransomware disables your endpoint security

In 2026 ransomware attackers first disable your security software — then they strike. BYOVD techniques and encryption-less extortion have become the new standard. What are EDR killers, how does BYOVD work, and which four measures break the attack chain?

Read article →
Vishing via Microsoft Teams: how brand impersonation protection stops call fraud
Security21 June 2026

Vishing via Microsoft Teams: how brand impersonation protection stops call fraud

Attackers are calling employees via Teams posing as IT support or banks. Vishing grew 442 percent last year. Microsoft's new brand impersonation protection detects suspicious calls in real time. What do your employees see, what do you need to configure, and what additional measures help?

Read article →