As I progressed from “keeping Azure running” to actually owning platform decisions, one thing became painfully clear:
most Azure governance failures are not caused by missing tools — they’re caused by weak technical foundations and late architectural decisions.
I’ll walk through a few very realistic situations I’ve personally encountered over the years. They’re anonymised, but the technical problems are absolutely real.
Continue reading “Why most Azure environments fail at governance”
Are you running Azure subscriptions and want a quick, human-friendly overview of your governance, compute, storage, network and Key Vault hygiene?
The Azure Health Check PowerShell script gives you exactly that — scanning multiple subscriptions, flagging weak spots, and producing a clean interactive HTML report (with charts!).
Large and growing Azure estates can easily drift into insecure or unsupported configurations: unprotected VMs, public storage blobs, missing resource locks, orphaned disks, exposed network ports — all of which can lead to security, availability or compliance issues.
Yet manually auditing each subscription is time-consuming. That’s where automation helps. With this script, you get a multi-subscription health summary, scored, visualised and exportable — ideal for periodic reviews, customer readiness checks, or even compliance audits.
Continue reading “Azure Health Check – A Free Script to Audit and Visualise Cloud Hygiene”
Accidental deletion or modification of critical resources in Azure is more common than most teams would like to admit. And unlike on-prem environments, where layers of approvals or access barriers might slow someone down, Azure’s agility can sometimes be its own worst enemy — especially when production workloads are one click away from disappearing.
Enter: Azure Resource Locks — your environment’s seatbelt.
What Are Azure Resource Locks?
Azure Resource Locks are a built-in feature that allow you to restrict operations on resources, resource groups, or subscriptions. These locks act as a last line of defense — even if someone has Contributor or Owner permissions, a lock will block unwanted actions like deletion or configuration changes.
Continue reading “Azure Resource Locks – The One Feature You’re Probably Not Using (But Should Be)”
Microsoft has recently announced a significant change that will impact all Azure users: the mandatory implementation of Multifactor Authentication (MFA). This update aims to enhance security across the Azure platform by requiring additional verification for users accessing various Azure services.
Official Announcement: Read Microsoft’s MFA Requirement for Azure Users
Understanding the Changes
This update will affect all users interacting with the Azure Portal, Azure CLI, Azure PowerShell Modules, and Terraform when deploying to Azure. This includes guest accounts, service accounts, and break glass accounts.
Continue reading “Microsoft Announces Mandatory MFA for All Azure Users”
As the digital security landscape continues to evolve, organizations utilizing Microsoft Azure are encouraged to migrate their Identity Protection risk policies to Conditional Access. With Microsoft’s announcement that legacy risk policies in Microsoft Entra ID Protection will be retired on October 1, 2026, now is the crucial time to plan and execute this transition. This guide not only walks you through the migration process but also incorporates Microsoft’s recommended practices for configuring risk policies to protect your organization effectively.
The retirement of the old risk policies necessitates a shift to a more robust and integrated system. Conditional Access provides a more dynamic framework that allows for real-time assessments and adaptive responses to identity-based threats, making it a superior choice for managing security risks in Azure.
Begin by auditing your existing risk policies in Microsoft Entra ID Protection. Identify which configurations are active and understand their implications to ensure that all critical aspects of your security setup are transitioned without loss of coverage.
Get Practical 