AppGov Score Blog

Check out our latest updates!

Unlocking the Secrets of App Security!

May 9, 2024 Stephen Rose

Last week was incredibly busy but incredible, to say the least. I was fortunate enough to have the opportunity to reconnect with friends, clients, and Microsoft engineers at the M365 Community Conference, the Scheduled Maintenance Party hosted by ENow along with Dynamic Consultants Group, ZIRO, and my consulting company, stephenlrose.com. Many incredible conversations were had, in addition to the great sessions at the conference where attendees learned about tons of updates and new features coming to Microsoft Teams, Office, Copilot, SharePoint, and more. Copilot and the topic of Governance seemed to be the permeating themes and dominated many discussions.

But, best of all – last week an exciting new episode of UnplugIT with Sean Hurley and special guest Jay Gundotra went live! In this episode I talk with Sean, who oversees Application Security for the world’s largest iconic media and entertainment company and destination (think products, parks, attractions, superhero and sci-fi movies, wink wink) and we learn all about how he protects and secures Entra ID Applications for over 200k employees, across hundreds of thousands of devices every year.

With 20+ years of experience in the Security and Identity Management space, Sean explains how he had to learn and start thinking like a hacker – and so should you. With Microsoft reporting a 10-fold increase in the number of attacks in the month after the Midnight Blizzard attack, you’ll want to hear Sean’s tips and tricks around Entra ID Application Security and what you can do now to keep your organization safe.

Sean also tells me about what ‘keeps him up at night’ and gets into the nitty-gritty, the fundamentals that admins must look into, and know – for example, what is an Enterprise app vs an App Registration; and why you really have to think about how these applications integrate within your environment, and what you want to allow.

However, that can be easier said than done, especially for an Enterprise organization with 50k+ employees and thousands of apps being registered. Sean found it almost impossible to manually find, remediate, and manage apps at that level with scripting, so he shares his story around his journey with ENow to develop App Governance Accelerator – the product and solution he sought not just to streamline app security for his organization – but to also provide visibility into what was once a blind spot, for the entire IT community.

We also chat with ENow CEO Jay Gundotra as he shares his story about the inception of the product; how ENow collaborated with Sean and his team to co-innovate, making product improvements and advancing the App Governance tool forward to its latest v2.0 iteration with new features that were inspired by Midnight Blizzard.

Ready to dive in and hear how Sean manages and protects his 3P Apps? Then press play on this week’s episode of Unplug IT


Do you know what apps are lurking in your tenant? The ENow AppGov Score is a free security assessment tool that will quantify your application governance state quickly.  In addition to providing your AppGov Score, the tool will provide a comprehensive Application Governance Assessment report that includes each test, your result and why the test matters. Sign up to get your score and assessment report in just a few minutes - Get Your AppGov Score today!

 

Share This:

Stephen Rose

Written by Stephen Rose

Stephen has been helping companies all over the world to plan, pilot, deploy, manage, secure, and adopt products, including Microsoft 365, Teams, and Copilot as well as a variety of AI tools and 3rd party products. He was an independent contractor for many years and an MCT and MVP before he became part of Microsoft in 2009. While working there, he oversaw IT pro training and content for Windows, OneDrive, Office, Teams, and Copilot until he left in 2023.  Currently, he is consulting with a variety of customers, helping them manage change and new work methods by showing companies how to use the tools they have today more effectively and get ready for the AI tools they will need to stay ahead.