Dynamic Technical Solutions, Inc.

04/08/2026

I see this confusion all the time. Many teams block USB mass storage and assume they have also closed off USB security keys. They have not.

After 20+ years working as a senior cybersecurity consultant across large and international environments, I can tell you this misunderstanding shows up far more often than people want to admit.

Let me just say this topic can be confusing, but here is the reality. If you are enforcing USB restrictions, conditional access, device compliance, or phishing-resistant MFA in your Microsoft environment, there are a few realities the business, clients, and users SHOULD understand.

A USB security key is not the same thing as a USB thumb drive. Blocking one does not automatically block the other. That matters in Microsoft cloud environments because identity decisions are being made across Entra ID, the device state, and the browser session. If those controls are not aligned, what exactly do you think is being enforced?

This is where production reality bites. A user can be on a managed device, in a supported browser, and still present an authentication method your team forgot to account for. Or the opposite, a legitimate strong factor gets broken because security teams treated all USB the same.

That gap creates policy failures, user friction, and false confidence. False confidence is the dangerous one.

09/22/2025

How a Simple Security Check Saved Us $50K: A Close Call with Ransomware

Last month, during our regular cloud security check-up, we caught something that made my stomach drop. One of our "dead" accounts was somehow very much alive - and up to no good.

Here's what tipped us off:
- Someone was logging in from halfway across the world
- Files were being downloaded at 3 AM (definitely not our work hours)
- Multiple attempts to gain admin access
- Weird connections to outside services we don't use

We jumped into action immediately:
- Shut down the suspicious account
- Tracked it back to an old contractor's login (yikes)
- Blocked the sketchy IP addresses
- Pulled clean backups, just in case

To make sure this never happens again, we:
- Beefed up our password requirements
- Limited logins to specific regions
- Set up temporary access permissions
- Improved our activity tracking

The best part? Instead of paying a $50K ransom, we paid exactly zero dollars. We caught the bad guys before they could do any real damage.

Look, I know security audits sound about as fun as a root canal. But think of them like a regular check-up - boring, but way better than an emergency room visit at 2 AM.

Don't put this off. Book your first security audit this week. Trust me, you'll sleep better knowing you did.

09/21/2025

A client locked itself out of Microsoft 365 in under a minute. One Conditional Access change hit the wrong group. Admins blocked. MFA dead. Help desk jammed. No break glass. We jumped in, worked recovery with support, used out-of-band PowerShell to roll back, stood up two emergency accounts, and stabilized the tenant the same day. Then we rebuilt their policies with staged rollout and real change control.

Lesson: emergency access is not optional. Keep two cloud-only break glass accounts, exclude them from CA, set long passwords in a vault, alert on any sign-in, rotate on a schedule, and test monthly with a timer. Keep a one-page playbook with owners and rollback steps. Run a short tabletop each quarter. Final lesson: if you cannot get back in fast, you do not own your tenant.
🔒 🖥️ 🚨 ☁️ 👥 🛠️ 🔐 🛡️ 🚪 ✔️

08/14/2025

🚨 One bad click is all it takes…

Phishing emails are sneaky. They look normal, feel normal, and then—bam—you’re on a fake site stealing your credentials. Microsoft Safe Links works behind the scenes to scan every link in real time, blocking the bad ones before you even have a chance to click. It’s like having a bodyguard who never sleeps and always checks the door before you walk through it.

Why this matters: Phishing emails are not always obvious. In fact, many look like they came from a trusted colleague or a legitimate service you use every day.

08/11/2025

🚨 It’s time you stopped treating privileged access like a set-it-and-forget-it task. 🔒 Permanent admin permissions are an open invitation to attackers. ⚠️ Entra ID PIM-enabled security groups change the game by enforcing temporary, just-in-time access with full accountability and automation. ⏳✅ This isn’t security theater. It’s real identity governance that cuts risk and keeps your environment tight without slowing down your teams.

Is Your Organization Handing Out Permanent Privileges to Attackers? That may sound dramatic, but every security breach involving stolen credentials shares one truth: the attacker did not need 24/7 administrative access… until they had it. The bigger question is, why did your team grant it in the f...

07/12/2025

Stop weak authentication methods from putting your entire network at risk. It’s time to stop messing around with outdated options like SMS, voice calls, and email OTP that leave your organization vulnerable to phishing, SIM swaps, and credential theft. By adopting stronger, phishing-resistant authentication methods aligned with recognized standards like NIST’s Authentication Assurance Levels 2 and 3, you can dramatically improve your security posture and protect your critical resources. Don’t wait until it’s too late - take action now to safeguard your environment.

https://www.linkedin.com/pulse/upgrade-weak-authentication-methods-putting-your-network-shawn-may-2hfhe

, , , ,

Are business users still relying on insecure authentication methods like SMS, voice calls, or email one-time passwords? At DTS, we strongly recommend moving away from these vulnerable options toward stronger, more secure methods that meet the NIST Authentication Assurance Levels 2 and 3 (AAL2 and AA

07/09/2025

In business, instead of focusing on warm seats, pursue performance and products.

06/16/2025

One role resets MFA. Another assigns Global Admin. The third can bypass nearly everything. If you’re not protecting these 3 Entra ID roles, you’re not secure. Learn why they’re the real targets, and how to lock them down right.



https://www.linkedin.com/pulse/top-3-critical-entra-id-roles-secure-now-shawn-may-euote

03/02/2025

Those who see cybersecurity failures as a fait accompli fail to recognize that every major breach has been preventable with the right approach.

02/12/2025

If convenience drives your security choices, you're already compromised. Attackers love shortcuts.

02/11/2025