|
Supporting IT Professionals is all we do
|
|
|
Great reads: Microsoft Garage is a fun place where new software comes to life and you can try out their inventions but also in this weeks KNOW section I want you to be familiar with the important opportunities in the Microsoft Partner program and make money from it. Also take some time to learn about Vuln.AI and how this AI is going to change how you do cybersecurity.
The Truth: You start selling your MSP about 3 years before you actually sell it. Get on the path with SellMyMSP
Tech to do's: Stop corporate passwords from syncing to Edge, Protect your Global Admin accounts from impersonation, implement local admin password control and set your PassKey profiles.
|
|
|
I hope that you enjoy this week's newsletter and tell everyone to subscribe.
thanks, Amy
|
|
4 things to know: Get familiar with Microsoft Garage and try an app, Introducing Vuln.AI, Still Ransomware, Find out about the new Microsoft partner program
|
|
|
|---|
|
|
|
We deliver programs and experiences to our employees, customers, and ecosystem that drive collaboration, creativity, and experimentation.
|
|  www.microsoft.com
|
|
|
A 70% reduction in time to vulnerability insights, enabling faster prioritization and mitigation, minimizing exposure windows.
|
|
|
|---|
|
|
|
Microsoft launches its sixth annual Digital Defense Report, highlighting trends from July 2024 to June 2025, including that over half of cyberattacks with known motives were driven by extortion or ransomware. The report stresses that legacy security is insufficient-modern AI-driven defenses and cross-industry collaboration are essential.
|
|  blogs.microsoft.com
|
|
|
Summarize recent changes to the Microsoft partner program and highlight opportunities for small MSPs
|
| |
|
|---|
|
|
|
Connect with SellMyMSP's 3 Step Process
|
|
|
|---|
|
|
|
SellMyMSP helps firms get ready to strategically exit and close the deal. Follow the steps below.
|
| |
|
|---|
|
|
|
4 things to do: Disable Password Sync, Control local admin passwords, Understand Global Admin impersonation and check your Passkey profiles
|
|
|
|---|
|
|
|
Microsoft now recommends enabling the built-in password manager as part of the Edge Security Baseline, allowing credentials to roam securely across devices. However, in enterprise environments, this roaming capability may become a security concern, especially when users sign into Edge from...
|
|  www.vansurksum.com
|
|
|
The result? A potential compromise that spreads laterally across every device sharing that password. MSPs often store these passwords in a documentation tool like IT glue to overcome many of these issues but I would argue that letting Microsoft manage these might be a better, and more secure, option.
|
|  tminus365.com
|
|
|---|
|
|
|
In this blog, we take a closer look at CVE-2025-55241, a critical Entra ID flaw that briefly allowed attackers to impersonate Global Admins across any tenant, no phishing or passwords required. While Microsoft moved fast to patch the issue, it exposed how deeply legacy code can undermine modern security efforts.
|
 practical365.com
|
|
|
In November 2025, Microsoft Entra ID will support passkey profiles in public preview, enabling group-based passkey configurations and new API schema changes. Rollout occurs worldwide early November to December and mid-November to mid-December for GCC environments. No admin action is needed before rollout.
|
|
|
|---|
|
|
|
|
