Delegating EntraID Application Secret Rotation without Ownership rights

Within an Azure EntraID enterprise there is often a large number of Application Service Principles. These EntraID Applications are used for applications and services which need to authenticate themselves to your EntraID tenant or authenticate your users. Microsoft exposes these Applications under th…

Microsoft Azure AD is now Entra ID

Microsoft has re-branded the Azure AD (Active Directory) service to now be Entra ID. https://www.microsoft.com/en-us/security/blog/2023/07/11/microsoft-entra-expands-into-security-service-edge-and-azure-ad-becomes-microsoft-entra-id/ We are already seeing the new Entra branding show up in Azure Gove…

Secure Removable Media – USB Drives in Azure and Azure Government

Enterprise environments which handle DoD or highly sensitive information frequently have to deal with how to handle removable USB drives.  To ensure you meet NIST 800-171 and CMMC for handling ITAR and CUI you need to make sure the drives are encrypted and controlled.   Removable USB data …

Intune Autopilot coming to AzureGov?!?

While working in AzureGov recently I was able to connect to a few AutoPilot interfaces in the Microsoft Endpoint Manager/Intune portal. AutoPilot allows organizations to effectively “PIN” or “LOCK” a device to their AAD environment and then asset with auto enrollment/provisio…

Getting the Microsoft Certified: Azure Solutions Architect Expert certification

While I have been using Azure for almost 10 years I have never gone through the process to get certified in Azure until this year. Starting in March 2023 I completed the AZ-900 which was the basics of Azure and on June 16th I completed AZ-305 to complete the certification. The AZ-900 This is similar…

The Expert Generialist


I have 20+ years of hands of experience designing, building, operating and securing environments and performing forensics/investigations on digital assets. I have experience with green-field new startups, to enterprise environments, and DoD U.S. Army programs.

I hold CISSP, Microsoft Services, mobile and computer forensics, and DoD certifications and clearances.

My experience includes designing and building systems, infrastructure, teams, and complete compliance/security programs to handle trade secrets, ITAR, and U.S. Government CUI for digital, operational and physical environments.

I worked to build the engineering environment and IT systems for Microsoft IVAS program and support manufacturing of next generation Augmented Reality systems.



Expert in Digital, Operational, Physical Security, Forensics


Architecting and implementing scalable hybrid cloud environments


End-to-End network, client, server infrastructure