We have IT covered.
Discover leading Managed IT Service Providers across USA, Canada & the United Kingdom.
- 100s of leading MSPs
- Find a MSP near you
- Latest IT news for SMBs
Roll Out FIDO2 Passkeys in Microsoft 365 Without Chaos | Sourcepass
For many small and mid-sized businesses (SMBs) running on Microsoft 365, multifactor authentication (MFA) is no longer a differentiator. It is a baseline control. The problem is that many widely used MFA methods remain vulnerable to adversary-in-the-middle phishing, MFA fatigue attacks, and social engineering techniques that target user behavior rather than technical weaknesses. As cyber insurance requirements, client security questionnaires, and regulatory expectations continue to evolve, organizations are increasingly being asked whether they have implemented phishing-resistant MFA rather
For many small and mid-sized businesses (SMBs) running on Microsoft 365, multifactor authentication (MFA) is no longer a differentiator. It is a baseline control. The problem is that many widely used MFA methods remain vulnerable to adversary-in-the-middle phishing, MFA fatigue attacks, and social engineering techniques that target user behavior rather than technical weaknesses. As cyber insurance requirements, client security questionnaires, and regulatory expectations continue to evolve, organizations are increasingly being asked whether they have implemented phishing-resistant MFA rather than simply enabled MFA. FIDO2 passkeys provide a practical path forward. By replacing passwords and one-time codes with cryptographic credentials tied to trusted devices and legitimate domains, passkeys help reduce the risk of credential theft while simplifying the user experience. Microsoft documents that passkeys in Microsoft Entra ID are designed to help prevent phishing by binding authentication to the legitimate sign-in origin, reducing opportunities for credential replay attacks. https://learn.microsoft.com/en-us/entra/identity/authentication/concept-authentication-passkeys-fido2 For SMB leaders, the challenge is rarely whether passkeys are beneficial. The challenge is how to implement FIDO2 passkeys in Microsoft 365 without disrupting operations, overwhelming users, or creating new support burdens. Why SMBs Must Move from Basic MFA to FIDO2 Passkeys Traditional MFA methods such as SMS codes, authenticator push notifications, and one-time passcodes improve security compared to passwords alone. However, they rely on credentials or temporary codes that attackers can potentially capture, relay, or manipulate through phishing campaigns. FIDO2 passkeys fundamentally change the authentication process. Instead of sending reusable secrets across the authentication flow, passkeys rely on public-key cryptography stored locally on a trusted device or hardware security key. The private key never leaves the device, making credential theft significantly more difficult. For Microsoft 365 organizations, this provides several operational advantages: Reduced exposure to phishing attacks Stronger protection for privileged accounts Improved alignment with Zero Trust principles Better support for cyber insurance requirements Reduced dependency on passwords Passkeys can also improve the employee experience. Users authenticate with familiar methods such as Windows Hello biometrics, device PINs, or approved security keys instead of managing complex passwords and secondary authentication prompts. Organizations interested in a Microsoft-focused implementation roadmap can reference Microsoft's official passkey guidance and practical SMB-focused deployment recommendations from sources such as https://blog.sourcepass.com/sourcepass-blog/rolling-out-fido2-passkeys-in-microsoft-365-tenants-sourcepass. Why Cyber Insurance and Client Requirements Are Shifting Many cyber insurers and enterprise clients now assess authentication controls more deeply than they did previously. Security questionnaires increasingly distinguish between basic MFA and phishing-resistant MFA. This shift reflects a practical reality: attackers frequently target user authentication because it remains one of the most effective paths to account compromise. Organizations that demonstrate structured adoption of phishing-resistant authentication are often better positioned to meet evolving security expectations. Why FIDO2 Passkeys Fit Microsoft 365 Environments Microsoft Entra ID supports FIDO2 security keys and passkeys as part of a passwordless authentication strategy. This integration allows organizations to strengthen authentication while leveraging existing Microsoft identity controls such as: Conditional Access Identity Protection Windows Hello for Business Device compliance policies Microsoft Zero Trust architecture Microsoft's guidance for SMBs highlights identity security as a foundational Zero Trust pillar because identity compromise remains a leading path to broader business disruption (https://learn.microsoft.com/en-us/security/zero-trust/guidance-smb-partner. Design a Phased FIDO2 Rollout for High-Risk SMB Users First A successful FIDO2 rollout is primarily an operational project rather than a technical project. Organizations that attempt large-scale authentication changes without planning often create unnecessary user frustration and support challenges. A phased deployment approach reduces risk while allowing IT leaders to improve processes before broader adoption. Identify High-Risk Accounts and Business Functions Begin by identifying the user populations that represent the highest risk if compromised. For most SMBs, this includes: IT administrators Executive leadership Finance teams Human resources personnel Users with access to sensitive client data Individuals authorized to approve payments or contracts Document how these users currently authenticate and identify common work scenarios such as office-based work, remote work, travel, and shared workstation usage. This assessment helps determine whether device-based passkeys, hardware security keys, or a combination of both methods will provide the most practical and secure experience. Launch a Focused Pilot Program Instead of replacing authentication methods across the organization simultaneously, start with a small pilot group. A strong pilot often includes: IT administrators Security champions Executive sponsors Operational leaders willing to provide feedback Enable passkeys alongside existing authentication methods rather than immediately removing alternatives. This approach provides a safety net while users become comfortable with the new sign-in process. Follow Microsoft's implementation guidance for registering FIDO2 passkeys and security keys within Microsoft Entra ID (https://learn.microsoft.com/en-us/entra/identity/authentication/concept-authentication-passkeys-fido2). Measure User Friction Before Expansion User adoption determines the success or failure of any authentication initiative. During the pilot phase, collect feedback regarding: Registration challenges Sign-in confusion Device compatibility issues Recovery processes for lost devices Application compatibility concerns The objective is not merely technical deployment. The objective is reducing friction while improving security outcomes. Once pilot issues are resolved, expand adoption in clearly defined waves: Administrative accounts Executive accounts Finance and HR teams Client-facing personnel Broader user populations Throughout deployment, connect passkeys to business outcomes rather than technical terminology. Employees are more likely to support adoption when they understand the operational benefits, including easier sign-ins and reduced password-related disruptions. Integrate Passkeys into a Broader Zero Trust Strategy FIDO2 passkeys should not operate as a standalone control. Organizations will achieve better outcomes when passkeys are combined with: Conditional Access policies Device compliance requirements Legacy authentication protocol blocking Identity governance processes Ongoing security monitoring Microsoft recommends a layered Zero Trust approach in which identity, device health, and access policies work together (https://learn.microsoft.com/en-us/security/zero-trust/guidance-smb-partner). For many SMBs, this also aligns with broader governance efforts such as NIST Cybersecurity Framework (CSF) adoption and identity-centric security programs. Maintain Evidence and Metrics for FIDO2 Success Authentication improvements often lose momentum when organizations fail to measure adoption and outcomes. Without visibility into deployment progress, exceptions accumulate, phishing-resistant MFA coverage declines, and legacy authentication methods remain in use longer than intended. Track Passkey Coverage Among Priority Users Start by measuring passkey adoption among the highest-risk user groups. Metrics may include: Percentage of privileged users registered with passkeys Percentage of executive users registered with passkeys Number of remaining authentication exceptions Percentage of users still dependent on SMS-based MFA Microsoft Entra ID reporting can help organizations monitor authentication method adoption and identify gaps requiring remediation (https://learn.microsoft.com/en-us/entra/identity/authentication/concept-authentication-passkeys-fido2). Leadership should receive simple business-oriented reporting that demonstrates progress against established security objectives. Measure Operational Improvements Security controls should improve both protection and operational efficiency. Track metrics such as: Password reset volume MFA-related support tickets Authentication lockout incidents Average help desk resolution time These measurements help demonstrate whether passkey deployment has reduced administrative overhead while improving security resilience. Monitor Identity Security Outcomes Passkeys are not a complete solution to every identity threat, but they can significantly reduce exposure to phishing-based account compromise. Organizations should routinely review: Risky sign-in activity Account compromise attempts Identity Protection alerts Privileged account monitoring data Authentication exception requests Combining passkey adoption metrics with broader identity security monitoring provides a more complete picture of risk reduction. Make Passkeys Part of Governance Long-term success requires operational consistency. Organizations should incorporate passkey registration into: New employee onboarding Privileged access reviews Identity governance programs Cyber insurance documentation Security questionnaire responses Including passkey coverage in governance dashboards helps prevent authentication controls from weakening over time. FIDO2 passkeys deliver their greatest value when treated as an ongoing identity security practice rather than a one-time technology deployment. For Microsoft 365 organizations, a structured rollout supported by measurable adoption metrics, user education, Conditional Access controls, and governance processes creates a more resilient identity environment while reducing operational friction. FAQ What are FIDO2 passkeys in Microsoft 365? FIDO2 passkeys are phishing-resistant authentication credentials that use public-key cryptography instead of passwords. In Microsoft 365, passkeys integrate with Microsoft Entra ID and allow users to authenticate using trusted devices, biometrics, or security keys. Why are FIDO2 passkeys considered phishing-resistant MFA? Passkeys are tied to legitimate websites and applications through cryptographic validation. Because there is no reusable password or one-time code to steal, attackers have far fewer opportunities to capture credentials through phishing attacks. Should SMBs replace MFA with passkeys? Most organizations should view passkeys as an evolution of MFA rather than a complete replacement initiative. A phased deployment approach allows companies to strengthen authentication while maintaining business continuity and user adoption. Who should receive FIDO2 passkeys first? High-risk users should typically be prioritized first. This includes administrators, executives, finance personnel, HR teams, and employees with access to sensitive business or client information. How do FIDO2 passkeys support Microsoft Zero Trust strategies? Passkeys strengthen the identity pillar of Zero Trust by reducing reliance on passwords and helping verify that authentication requests originate from legitimate users on trusted devices. When combined with Conditional Access and device compliance policies, they contribute to a stronger overall security posture.
Read full post on blog.sourcepass.comMSPdb™ News
The Upside-Down Pyramid of AI
I keep seeing the same scene play out. Someone shares work they’re proud of, then can’t answer a basic question about how it holds together. The polish is there. The understanding isn’t. We’re entering an era where almost anyone can produce work that looks extraordinary. A business owner can write a policy in minutes. A
I keep seeing the same scene play out. Someone shares work they’re proud of, then can’t answer a basic question about how it holds together. The polish is there. The understanding isn’t. We’re entering an era where almost anyone can produce work that looks extraordinary. A business owner can write a policy in minutes. A
Read full post on flexibleit.com
AI Governance for Kelowna Businesses: Could You Stop It?
If an AI tool in your business did something it shouldn’t, how quickly could you step in and shut it down? Most businesses are moving fast with AI. Very few have thought about what happens when it goes wrong…
If an AI tool in your business did something it shouldn’t, how quickly could you step in and shut it down? Most businesses are moving fast with AI. Very few have thought about what happens when it goes wrong…
Read full post on skysailtechnologies.com
Nsight Technical Overview
How Intelligent Print Monitoring Simplifies Managed Print Services Introduction Managing a modern print environment involves much more than collecting meter reads. Organizations need visibility into device health, automated supply fulfillment, proactive service alerts, accurate billing data, and centralized fleet reporting. Nsight is a cloud-based print monitoring platform designed to automate these processes. By continuously
How Intelligent Print Monitoring Simplifies Managed Print Services Introduction Managing a modern print environment involves much more than collecting meter reads. Organizations need visibility into device health, automated supply fulfillment, proactive service alerts, accurate billing data, and centralized fleet reporting. Nsight is a cloud-based print monitoring platform designed to automate these processes. By continuously
Read full post on novatech.net
Lallycooler Music Festival 2026
Xigent recently hosted several clients at this year’s Lallycooler Music Festival alongside our valued partners, VergeIO and Versa Building Connections at Lallycooler 2026 Xigent recently hosted several clients at this year’s Lallycooler Music Festival alongside our valued partners, VergeIO and Versa. Events like these provide a meaningful opportunity to step away from the office, enjoy
Xigent recently hosted several clients at this year’s Lallycooler Music Festival alongside our valued partners, VergeIO and Versa Building Connections at Lallycooler 2026 Xigent recently hosted several clients at this year’s Lallycooler Music Festival alongside our valued partners, VergeIO and Versa. Events like these provide a meaningful opportunity to step away from the office, enjoy
Read full post on xigentsolutions.com
What Is VoIP? Complete Guide to VoIP Phone Systems for Small Business 2026 | Tecbound
Learn what VoIP is, how it works, the key benefits for small businesses, how it compares to traditional landlines, and how to switch in 7 steps.
Learn what VoIP is, how it works, the key benefits for small businesses, how it compares to traditional landlines, and how to switch in 7 steps.
Read full post on tecbound.com
How Can Manufacturing Plants Stop AI-Powered Cyberattacks?
AI can help criminals write more effective phishing emails, identify weak spots faster, and create more convincing fake voices for urgent requests. Manufacturing plants can reduce this risk by strengthening identity controls, separating IT from factory systems, locking down vendor access, and practicing recovery. When AI-powered phishing, ransomware, or vendor account attacks hit manufacturing plants, downtime stops production, and missed shipments hurt customer trust. Intelligent Technical Solutions (ITS) has spent over 20 years helping organizations, including manufacturers, protect thei
AI can help criminals write more effective phishing emails, identify weak spots faster, and create more convincing fake voices for urgent requests. Manufacturing plants can reduce this risk by strengthening identity controls, separating IT from factory systems, locking down vendor access, and practicing recovery. When AI-powered phishing, ransomware, or vendor account attacks hit manufacturing plants, downtime stops production, and missed shipments hurt customer trust. Intelligent Technical Solutions (ITS) has spent over 20 years helping organizations, including manufacturers, protect their networks without shutting down production. We help you prevent attacks that cause downtime and protect your reputation. In this article, we've invited Sean Harris, ITS Chief Risk and Compliance Officer, to share practical steps manufacturers can take to defend against AI-powered attacks. You will learn: How can manufacturing plants reduce the risk of AI-driven phishing and payment fraud? How can MSSPs help protect manufacturing plants from AI-powered attacks? Why Are AI-Powered Attacks a Growing Threat to Manufacturing Plants? Manufacturing plants run on equipment that often can't be patched easily. Production schedules don't allow lengthy security updates. Remote vendor access creates necessary but risky entry points. These realities make manufacturing targets attractive to criminals. In some cases, AI and automation can cut the time from targeting to action from days to hours by finding weak spots faster and attacking more targets at once. These capabilities create three specific problems for manufacturers: AI-Powered Phishing AI tools write emails that sound natural. Criminals scan your website and LinkedIn to learn vendor names and project details. These emails often match your plant's normal style. Deepfake voice tools can imitate a person's voice from short recordings, making urgent fraud calls more believable. Fewer Obvious Warning Signs Traditional phishing emails had clear red flags, such as spelling errors, awkward phrasing, and requests that didn't align with normal business processes. However, AI-generated attacks look professional and sound natural, so these old warning signs no longer help. Faster Network Attacks
Read full post on itsasap.com
Net Friends Named a Top Workplace in 2026
Net Friends has been named a 2026 Top Workplace by Energage, recognized entirely by confidential employee feedback for its culture, leadership, and commitment to its people.
Net Friends has been named a 2026 Top Workplace by Energage, recognized entirely by confidential employee feedback for its culture, leadership, and commitment to its people.
Read full post on netfriends.com
Indiana Manufacturers Pass Audits, But IT Tells Another Story
There's a version of compliance that looks fine in documentation and falls apart the moment anyone looks closely at the actual environment. It's more common than the industry likes to admit and it's showing up near Indiana manufacturing operations with increasing frequency.
There's a version of compliance that looks fine in documentation and falls apart the moment anyone looks closely at the actual environment. It's more common than the industry likes to admit and it's showing up near Indiana manufacturing operations with increasing frequency.
Read full post on andromeda.tech
Managed IT Services for Senior Living: The Complete Guide for Community Administrators
Ask five senior living administrators who’s responsible for cybersecurity at their community, and at least three will point to someone whose actual job has nothing to do with IT. The budget goes to caregivers first, and technology gets handled by whoever has room for one more task. Managed IT services for senior living means a ... Read more
Ask five senior living administrators who’s responsible for cybersecurity at their community, and at least three will point to someone whose actual job has nothing to do with IT. The budget goes to caregivers first, and technology gets handled by whoever has room for one more task. Managed IT services for senior living means a ... Read more
Read full post on meriplex.com
How to Build a Technology Roadmap Your CFO Will Actually Approve
Sentry Technology Solutions | General Tech | Technology Planning
Sentry Technology Solutions | General Tech | Technology Planning
Read full post on sentrytechsolutions.com