How to Re-Register MFA
Working closely with nonprofits every day, I often come across a common challenge faced by MFA users. Recently, I worked with a nonprofit leader who faced an issue after getting a new phone. She was unable to authenticate into her Microsoft 365 environment because her MFA setup was tied to her old device. This experience highlighted how important it is to have a process in place for MFA re-registration. Without it, even routine changes like upgrading a phone can disrupt access to your everyday tools and technologies, delaying important work such as submitting a grant proposal. Why MFA is Essential for Nonprofits Before we discuss how to reset MFA, let’s take a step back and discuss why MFA is a necessity for nonprofits the way it is important for any organization. In the nonprofit world, protecting sensitive or confidential data—like donor information, financial records, and program details—is a top priority. One of the best ways to step up your security game is by using Multi-Factor Authentication (MFA). MFA adds an extra layer of protection on top of passwords by requiring something you have (like a mobile app or text message) or something you are (like a fingerprint). This makes it a lot harder for cybercriminals to get unauthorized access. If your nonprofit uses Azure Active Directory (AAD), or Microsoft Entra (as it is now called), with Microsoft 365, MFA can make a big difference in keeping your work safe. Since Microsoft Entra is built to work together with other Microsoft tools, it’s easy to set up and enforce secure sign-in methods across your whole organization. To make sure this added protection stays effective, it’s a good idea to occasionally ask users to update how they verify their identity. What Does MFA Re-Registration Mean for Nonprofits? MFA re-registration is just a fancy way of saying users need to update or reset how they authenticate, or verify, themselves. This might mean setting up MFA on a new phone (like the woman in the scenario above), adding an extra security option (like a hardware token), or simply confirming their existing setup. It’s all about making sure the methods and devices your users rely on for MFA are secure and under their control. When and Why Should Nonprofits Require MFA Re-Registration? Outside of getting a new phone, there may be other situations that raise cause for reason to re-register your MFA. A few scenarios include: Lost or Stolen Devices: Similar to the scenario above, if someone loses their phone or it gets stolen, you will have to re-register the new device. Role Changes: If someone’s responsibilities change, their MFA setup can be adjusted to match their new access needs. Security Enhancements: Organizations may require users to re-register for MFA to adopt more secure authentication methods, such as moving from SMS-based MFA to an app-based MFA like Microsoft Authenticator Policy Updates: When an organization updates its security policies, it might require all users to re-register for MFA to comply with new standards Account Compromise: If there is a suspicion that an account has been compromised, re-registering for MFA can help secure the account by ensuring that only the legitimate user has access With Microsoft Entra, managing MFA re-registration is straightforward and can be done with an administrator to the organization’s tenant. How to require re-registration of MFA To reset or require re-registration of MFA in Microsoft Entra, please follow the steps below. Navigate to portal.azure.com with your nonprofit admin account. Select Microsoft Entra ID Select the drop-down for Manage In the left-hand menu bar select Users > Select the user's name that you want to reregister to MFA (not shown). Once in their profile, select Manage MFA authentication methods Select Require re-register multifactor authentication Congratulations! The user will now be required to re-register the account in the Microsoft Authentication app.Building a Power App with SharePoint: Setting Up Your SharePoint List
⬅️ Previous: An Overview of the SharePoint/PowerApps Combination ➡️ Next: Building Your Power App What We’ll Cover Creating a SharePoint list from scratch Choosing column types to match your data needs Setting up lookup columns and choice fields Best practices for organizing and naming columns Preparing your list for integration with Power Apps Creating Your SharePoint List Log in to SharePoint: Navigate to your SharePoint site. SharePoint can also be accessed via m365.cloud.microsoft, signing into your account and then clicking in the upper left corner of the window, select App launcher > SharePoint. (If not in left corner please look for “Apps”) Create a List: Go to the site contents and select "New"> "List". --> 3.Start a New List: Click “New List” and choose a blank list or template. If you have an existing excel or CSV file with columns you have already written, you can also import as well. First choose import from excel Then select a file on the SharePoint site or Upload a file 3. If you have multiple sheets in the file, you can select the table or sheet and choose the column type for each column. Choosing the Right Column Types Below, see the list of options when you are importing from ESV or CSV. Each column in your SharePoint list stores a different type of data. Choosing the right type helps your app work efficiently. Common column types include: Single line of text: For short text entries (names, titles). Multiple lines of text: For longer notes or descriptions. Choice: Predefined options for consistent data entry (e.g., status: Active, Inactive). Number: For numerical data (e.g., quantity, age). Date and time: For dates such as event dates or registration timestamps. Lookup: To reference data from another SharePoint list. Make sure to match your columns to the data you’ll collect. 4. Name Your List: Give your list a name (e.g., "Employee Directory"). 5. Add Columns: Add the necessary columns to your list (e.g., Name, Email, Department). If you imported from a file, feel free to add any more columns you may have needed or adjust the column types by clicking on the Column – Column Settings-Edit. Option B for Step 1: Using Microsoft Lists Open Microsoft Lists: Go to Microsoft Lists or access it via the Microsoft 365 app launcher. 2. Start a New List: Click “New List” and choose a blank list or template. 3. Configure the List: Name your list (e.g., "Employee Directory"). Select the desired color and icon if you wish. Choose whether to save it to My lists (private) or a SharePoint site (team-based). 4. Add Columns: Add custom columns such as Name, Email, Department, etc. Note: Whether you create your list in SharePoint or Microsoft Lists, it can be connected to PowerApps the same way in the next step. Tip: When starting from a SharePoint List that has no data, it is helpful to add one line of test data to see how the fields populate within the Power App. Take the time to add an entry before we begin to create the app. Best Practices for Organizing Your List Use clear and consistent column names (avoid spaces or special characters when possible). Keep your list structure simple—complex relationships can be handled later in Power Apps or Power Automate. Limit the number of columns to only those you need to keep performance smooth. Add columns for auditing if needed, such as “Created By” and “Modified Date.” These can be system generated following the steps below: Click on Add Column-Show or hide columns-Select Column-Apply Preparing Your List for Power Apps Once your SharePoint list is ready: Double-check your columns and data types. Add some sample data to test with later. Avoid complex calculated columns that Power Apps might not support fully. Ensure you have proper permissions to connect the list to Power Apps Conclusion Your SharePoint list is the foundation of your Power App. Taking time to set it up thoughtfully will save you time and headaches down the road, making your app more reliable and user-friendly. In our next blog, we’ll jump into Power Apps Studio to connect your SharePoint list and start building your app interface. Stay tuned! Additional information: Setting Up Views Views help you filter and organize your list data directly in SharePoint. Setting up a custom view lets users see just the data relevant to them. Create views based on common filters (e.g., “Pending Approvals” or “Active Volunteers”) Set a default view that makes sense for most users In this example application, I will create an HR view that displays the fields the HR team will manage first in the list. To add a view, click on + Add View on the top right of the list Best Practices for SharePoint Lists with Power Apps Keep your list simple and clean for better app performance Limit choice columns to fewer than 20 options for usability Avoid using complex column types that don’t work well with Power Apps Regularly maintain and clean your list data to prevent errors Plan your list structure early to avoid major changes later 📚 Explore the Series Series Introduction An Overview of the SharePoint/PowerApps Combination Setting Up Your SharePoint List Building Your Power AppBoosting Nonprofits with Github Copilot
What is Github Copilot? Github Copilot, developed by OpenAI and Github, is an AI-powered assistant that integrates seamlessly into popular code editors such as Visual Studio Code, Neovim, and JetBrains. It leverages advanced machine learning to suggest code snippets, provide auto-completions, and even generate entire functions based on the developer’s context and intent. Think of it as your intelligent pair programmer, available 24/7, to enhance your productivity and creativity. Key Features of Github Copilot Code Suggestions: Provides real-time code suggestions directly in your editor, reducing the need for extensive searches or documentation reviews. Auto-completion: Completes lines or entire blocks of code, saving time and effort. Multi-language Support: Supports a wide range of programming languages, making it versatile for developers with varied expertise. Context-aware Recommendations: Adapts to your coding style and context, offering tailored suggestions that align with your project’s needs. Learning and Adaptation: Becomes smarter with usage, ensuring better and more accurate recommendations over time. Benefits of Github Copilot for Nonprofits For nonprofits, every resource counts. Github Copilot doesn’t just help write code faster; it empowers organizations to focus on what truly matters—their mission. Here’s how it can be a game-changer for nonprofits: Improved Efficiency: By handling repetitive coding tasks, Github Copilot frees up time for developers to concentrate on strategic and impactful projects. Enhanced Collaboration: Teams can use the tool to standardize code across projects, improving consistency and reducing the learning curve for new members. Resource Optimization: Nonprofits often operate with lean teams. Copilot helps bridge gaps in technical expertise, allowing less experienced developers to achieve more. Accessibility: Developers with limited experience can leverage Copilot’s advanced capabilities to tackle complex coding challenges, leveling the playing field. Innovation: By reducing the time spent on mundane tasks, organizations have more bandwidth to focus on innovative solutions aligned with their mission. Practical Applications for Nonprofits Wondering how Github Copilot can be applied to the nonprofit sector? Here are some practical examples: Building Sophisticated Websites Nonprofits can use Github Copilot to efficiently develop and maintain websites that serve as their digital headquarters. Whether it’s crafting interactive donation pages or creating compelling narratives for their causes, Copilot ensures smooth and efficient coding. Managing Donor Databases With Copilot, developers can quickly set up and optimize donor management systems, ensuring secure and streamlined data handling. The AI assistant can generate scripts for querying, organizing, and analyzing donor information. Automating Workflows From automating routine administrative tasks to setting up email campaigns, Github Copilot can significantly reduce manual effort while maintaining accuracy. Developing Mobile Applications Mission-driven nonprofits can leverage Copilot to create user-friendly mobile apps that connect with their target audiences, providing updates, fundraising tools, and volunteering opportunities. Enhancing Cybersecurity Copilot can help organizations write robust security protocols to safeguard sensitive data, ensuring compliance with data protection regulations. Ready to Transform Your Nonprofit with Github Copilot? Github Copilot is more than just a coding assistant—it’s a bridge to innovation and efficiency for nonprofits. If you’re intrigued by its potential, we invite you to explore Github Copilot and sign up for a free trial. See firsthand how it can revolutionize your workflows and empower your team to achieve more. Stay tuned for future blog posts, where we’ll delve deeper into Github Copilot’s features and share step-by-step guides on integrating it into your nonprofit’s workflows. Don’t miss the chance to elevate your organization to new heights! Resources to Get Started For nonprofits eager to harness the power of Github Copilot, there’s a wealth of resources available to make your journey seamless. Here are some key links and communities to get you started: Official Github Copilot Documentation: A comprehensive guide to installing, configuring, and using Github Copilot effectively. Community Forums: Join a vibrant community of developers and nonprofit organizations. Share tips, ask questions, and learn from others' experiences. Github Learning Lab: Explore interactive modules and exercises tailored to help organizations of all sizes master Github Copilot. Microsoft Learn: Access free, interactive learning paths and resources offered by Microsoft to build your technical skills, including guides and tutorials related to GitHub and AI-driven tools.
Enhancing Cybersecurity for Nonprofits with Microsoft Defender
Cybersecurity is a critical concern for nonprofits, as they often handle sensitive information such as donor data, financial records, and personal details of beneficiaries. Microsoft Defender offers comprehensive security solutions that can help nonprofits safeguard their data and systems from cyber threats. Threat Protection: Microsoft Defender provides advanced threat protection by detecting and responding to potential security incidents in real-time. It uses machine learning and artificial intelligence to identify suspicious activities and block malicious attacks before they can cause harm. Data Encryption: To protect sensitive data at rest and in transit, Microsoft Defender offers encryption features such as BitLocker and Azure Information Protection. These tools ensure that only authorized users can access confidential information, reducing the risk of data breaches. Identity and Access Management: Microsoft Defender integrates with Azure Active Directory to provide robust identity and access management capabilities. Nonprofits can enforce multi-factor authentication (MFA), set up conditional access policies, and monitor user activities to prevent unauthorized access. Security Best Practices: Nonprofits should follow best practices to enhance their cybersecurity posture. This includes regularly updating software and systems, conducting security awareness training for staff, implementing strong password policies, and performing regular security assessments. By leveraging Microsoft Defender's security features and following best practices, nonprofits can protect their valuable data and maintain the trust of their donors and beneficiaries. Getting Started with Microsoft Defender for Cloud Sign Up for Azure: If your nonprofit organization doesn't already have an Azure account, sign up for one. Enable Microsoft Defender for Cloud: In the Azure portal, navigate to "Microsoft Defender for Cloud". Click on "Getting started" and enable Microsoft Defender for Cloud for your subscription. Configure Security Policies: Go to the "Security policy" section in Microsoft Defender for Cloud. Configure security policies for your resources by selecting the appropriate policy definitions and assigning them to your subscriptions or resource groups. Set Up Alerts and Notifications: In the "Security alerts" section, configure alert rules to notify you of potential security threats. Set up email notifications or integrate with other tools like Microsoft Teams for real-time alerts. Monitor and Respond to Threats: Use the "Security posture" dashboard to monitor the security status of your resources. Investigate and respond to security alerts by following the recommended actions provided by Microsoft Defender for Cloud. Conclusion In conclusion, cybersecurity is a vital aspect of nonprofit operations, given the sensitive data they handle and the potential risks they face. Microsoft Defender provides a robust solution to protect nonprofits from cyber threats, offering advanced security features and practical tools to maintain a secure environment. By adopting best practices and leveraging Microsoft Defender, nonprofits can safeguard their data, build trust with stakeholders, and focus on their mission without the constant worry of cyberattacks.Building a Power App with SharePoint: Connecting and Customizing the App for an HR Use Case
[⬅️Previous Blog] Setting Up Your SharePoint List You're reading the last of the series, Blog 4 Building Your Power App Now that you’ve set up your SharePoint List — the foundation for your app’s data — it’s time to bring your HR app to life using Microsoft Power Apps. In this blog, we’ll walk step-by-step through how to: Connect your Power App to the SharePoint list, Customize the forms and layout, Configure how users interact with the app, And apply basic rules that enhance the functionality of your HR or other adopted solution Whether you're a nonprofit looking to simplify HR tracking or a team supporting digital transformation with no-code tools, these Power Apps steps will help you build an easy-to-use app your staff can rely on. By the end, you’ll have a working Power App connected to SharePoint, ready for testing. Integrate the List into PowerApps Open PowerApps: Sign in to PowerApps via make.powerapps.com Ensure you are creating the app in the appropriate “Environment” on the top right corner, if you organization is using multiple for different purposes or departments Create an App: Select "Create an app" and choose "Start with data.” Choose “Connect external data” Choose a data set to start Select “From SharePoint” There are 3 ways in which you can connect to the list. Enter the URL of your SharePoint site and select the list you created. Search the Name of the SharePoint Site the list was created within, then select the list name Enter the URL of the List site where it says Enter SharePoint URL, and click connect I will use option 3 and copy the URL link to my SharePoint list (the web address listed when you are on your SharePoint List site), and copy it into the “Enter SharePoint URL” Click Connect if you copied the URL using option 1 or 3 Click Create App Once list is selected 6. Create the App: PowerApps will generate a default app with one screen that includes a container and two sub containers (listing the items in the list if you added one, and the body sub container has the fields in your list) 7. Save the application (warning) Using the save button in the upper right corner and give your app a name. If you do not save right away, after the screen is idle for some time you will have to start over. Ensure the auto save setting is on within Settings->General. Once you have clicked the save it will continue to auto save changes Customize the App Design the App: Use the PowerApps Studio to customize the layout and design of your app. Add Controls: Add controls such as text boxes, buttons, and galleries to display and interact with your data. Set Up Navigation: Configure navigation between screens using buttons and actions. Test the App: Test the app to ensure it functions as expected. Example Customizations Let’s take you through some example configurations based on theme of the HR Employee Ticketing App Here is the app, as finished from the steps above Please note the yellow warning icon is Power Apps warning for the search feature, and that the formula might not work correctly with large data. If you are planning to have over 500 records, there is still a way to use this app and an alternative search function if needed. Follow these articles for more information. Understand delegation in a canvas app - Power Apps | Microsoft Learn Connect to SharePoint from a canvas app - Power Apps | Microsoft Learn Deleting Controls For this app I do not want employees to be able to delete records, so I will remove the delete icon and delete confirm dialog container that was auto created. (see highlights in picture above) Right Click on “DeleteIconButton” then click “Delete” on the Pop-up dialog Add a Display Icon When the employees sign in, I want their profile picture (if uploaded into the directory) to show on the right-hand side Select the Table Name Container, as I want it to be inserted at the top Click Insert on the top of the screen Search for Avatar (or find Display, and scroll), the image well then insert at the top Removing fields from PowerApps View Sometimes, there may be a list or other data that you may not need to be shown in the Power App. Below shows what you can do to remove those (only from the App). Click on the component that is bringing in the data, in this example it is a Form in the MainContainer Then scroll down to the field you want to remove, by simply right clicking on the field i.e., “Priority Level” and click Delete Second Option to Remove Fields There is also the option to hover over the area, and the distinct options will show, choose “Fields” Third Option to Remove Fields Lastly, you can also use the Properties panel on the right side of the screen. This Property Panel is where many other items can be controlled, like size of text, height, and spacing of columns. To remove the field In Properties select Edit Fields -> Find Field to remove from app -> Right Click -> Click on the ellipses->Select Remove ---> ---> Tip: Please note that you can also use this view of the fields properties to drag fields in the order of which you would like (not just the move up and move down arrows shown). In this example, I removed fields that only HR Administrators will use to manage HR cases that come through the application. This way we have employee facing fields and HR only fields. Editing Galleries Layout If you are using a Gallery within your application, you can change the layout that is automatically added. Click on the gallery In the Properties pane, find the Layout subsection. Click on the drop-down arrow to change to the layout you would like If your data includes images, you can choose the option that shows the results with an image icon --> For this application I will keep the Title, subtitle, and body option Gallery Items If you also want to edit the items shown in the gallery, you can click on the Title, subtitle, or body and change the text Formula used. Performing this will update it for all the items shown in the gallery. ---> Click on the item in the gallery, or find the Gallery in the left-hand menu, and select Title, subtitle, or body Once selected the formula bar on the top of the screen, should change to the text property Update the formula to ThisItem.’DataColumnName’ The updates I have made were from First Name, Last Name, and blank to: ThisItem.Created ThisItem.Description ThisItem.'HR Category'.Value Searching in Galleries Once your gallery display items have been updated, you have a search field that now may also be updated depending on how the users will search entries. This example below will only go over searching text values. Click on the Gallery Name in the Screens left hand menu The Items property should pop up with the search equation used. Change the search values – to do this remove or add items after the SearchInput1.Text Value (that is if your icon is labeled as such) see image below Search([@'Import HR Employee App'], SearchInput1.Text, field_1,'Description') “Import HR Employee App – is the Datasource “SearchInput1” - is the search box where items users will type/search “Field_1” or ‘Description’ - are the fields chosen to search from this specific data source Change the items after “SearchInput1.Text,” separating each by a comma. Adding a Screen/Form We are now going to create a form that the user will use to submit a case to the HR team. Click New Screen Choose Blank option Rename screen by click on the “...” ellipses, choose Rename Click Insert -> Search Form -> Select Form or Edit Form Choose Data Source A screen will appear to allow you to select your data source, which will be the same as the gallery in this option and managed by the HR team through the SharePoint List. Below is an image of the Form inserted Remove fields The form that is inserted will bring in fields automatically, utilize the steps in the “Removing fields from PowerApps View” to remove the fields that the employee should not see or fill out Adding Fields Lets add fields that may not be auto added during creation. Utilizing the Properties Pane-> Edit Fields-> Add Field It is here you can multi-select fields for your form Default Mode – change the default mode from edit to new in the properties pane Properties the right pane shows that you perform a variety of changes Edit Fields Change amount of columns Display field name – change whether the layout is vertically on top or to the side of the field Size/Position - change the sizing of the form and position Color – edit the color Border – add a border to the outside of the form Pulling In User Data For this app I want the user information to automatically pull in from the user profile, to prevent type errors. Ensure that you have connected the “Office365Users” data source for user profiles to pull into the app. Below are the formulas I have used: First Name = First(Split(User().FullName, " ")).Value Last Name = Last(Split(User().FullName, " ")).Value Email Address = User().Email Employee ID = Office365Users.MyProfileV2().id Viewable only Fields If there is a need for any of your form fields to be viewable only, in the Properties Pane when the DataCard Value for that field is selected, change the DisplayMode to: DisplayMode.View Note you first must unlock the card to make changes Adding Controls Let us now add a cancel and save button for employees to be able to submit the form or clear the form. Click Insert-> Select Button (For this step, I will perform twice to insert two buttons) Drag the button to the preferred location on the screen Tip Rename the buttons in the Tree View; this helps when looking at the screen left navigation and knowing which button is which Edit the display name for the user using the properties pane If your properties pane does not show click on the icon in the top navigation next to the editing icon, see image below Icon – there is also the ability to change the icon, select which icon makes the most sense for the action you would like the button to perform. The “Layout” property also allows you to have only the icon show, or both icon and text Button Formulas Cancel/Clear the formula for the “OnSelect” Property of the button, and type “ResetForm(NameofFormUsedinTreeView)’ For this app it will be ResetForm(EmployeeFormScreen) If you have a screen you would like to send the user back to, after clicking cancel add; Navigate(MainScreen1) --> Final formula combined would be ResetForm(EmployeeForm);Navigate(MainScreen1) Save – Onselect – SubmitForm(EmployeeForm) Successfully Submitting a Form Click on your Form in the Tree View “EmployeeForm” in this app Find the OnSuccess property Type ResetForm(EmployeeForm);Navigate(MainScreen1) in the formula bar Exit Button For this app I have also added an Exit Button to the Gallery Screen, and added an icon OnSelect fx = Exit() Navigate to the App in the left-hand Tree View and look at the options in Properties Menu on the right-hand side, that says Confirm Exit Turn off if you would like the system to confirm before the user exits Confirm exit message – type in a message you would want the user to see ---> Step 4: Save and Publish the App Although saving, and the auto save setting was explored, in the event this was not utilized let's save and publish! Save the App: Select the Save icon in the upper-right corner and give your app a name. Publish: the app to make it available to your organization. Share the App: Share the app with your team members and assign appropriate permissions. Conclusion Creating a Power App from a SharePoint list is a powerful way to leverage your existing data and create custom applications that meet your organization's needs. By following the steps outlined in this guide, you can build an app that improves efficiency, enhances collaboration, and provides valuable insights. Start exploring the possibilities of PowerApps and SharePoint today! Additional Resources Add and configure controls in canvas apps - Power Apps | Microsoft Learn Understand delegation in a canvas app - Power Apps | Microsoft Learn Connect to SharePoint from a canvas app - Power Apps | Microsoft Learn Congratulations! You’ve now walked through the full process of building a Power App that connects directly to your SharePoint List. From selecting the correct data source to customizing fields, adding logic, and polishing your interface — your app is now functional and ready to test with real users. Before you go live, make sure to: Review your SharePoint permissions so employees only see their own data, Confirm Power App users only have “Can use” access and not edit privileges, And walk through your app to catch any last usability tweaks. 📚 Explore the Series Series Introduction An Overview of the SharePoint/PowerApps Combination Setting Up Your SharePoint List Building Your Power AppPlatform Alerts with Azure Health Service
Staying Informed with Azure Health Services If you are a nonprofit that is new to Azure, managing your subscription can be daunting. Azure is a powerful platform that constantly iterates adding advanced services. More importantly, there are times that services hosted on Azure may need to be down for maintenance, expanding new service rollouts, and platform updates. Azure Health Services helps keep you up to date for your subscriptions Globally. Getting a high-level understanding of any new service alerts will keep organization. What is Azure Service Health? Service Health is hosted on the Azure Platform, which is secure, reliable, and flexible. Allowing organizations to have the tools and services they need at any moment notice. Although Azure is globally available, there are times when services or regions may be down for maintenance. It is important to monitor services to get a full picture view of your development landscape. That bug you caught may simply be a service being unavailable for maintenance. So, a scheduled site maintenance may suffice for your audience. Resource health, Azure status, and Service health are the dynamic trio that make up Azure Service Health. Presenting a unified experience within Azure with all the combined services. Azure status: Global view of services unavailability. Resource health: Information about personal individual cloud resources which utilizes Azure Monitor to setup alerts & notify members about services being unavailable. Service health: View of services within your personal subscription that may be experiencing an outage, maintenance, and advisories. Service Health Menu Active Events Service issues: Real-time information about ongoing service issues affecting your Azure resources. It helps you stay informed about any disruptions and their impact on your services, enabling you to take appropriate actions to mitigate the effects. Planned maintenance: This feature notifies you about upcoming maintenance events that may affect your Azure resources. It includes details about the schedule, scope, and potential impact of the maintenance Health advisories: Important updates and recommendations regarding the health of your Azure resources. It includes information about potential issues, best practices, and guidance to help you maintain the optimal performance and availability of your services. Security advisories: Provides critical information about security-related issues and vulnerabilities that may affect your Azure resources. It includes details about the nature of the threats, recommended actions, and updates to help you protect your services and data from potential security risks. Disclaimer: In order to view Security advisories, updates, notifications, and important information about personal services and resources impacted by outages, critical, and non-business issues across regions. History Health history: provides a detailed record of the health status of your Azure resources over time. It includes information about past incidents, maintenance events, and health advisories, allowing you to analyze trends and identify recurring issues. Resources Health Resource health: provides a comprehensive view of the health status of your Azure resources. It helps you quickly identify and diagnose issues, ensuring that you can maintain the availability and performance of your services. Detailed information about resource health, including current and past incidents, planned maintenance, and health advisories. Alerts Health alerts: Real-time notifications about the health status of your Azure resources. It alerts you to any issues or changes that may affect the availability and performance of your services Creating an Alert Rule Now that we know a little more about Azure Health Service. Let's explore creating your first alert. First you need to navigate the Azure Portal at https://portal.azure.com. After logging in you will need to type in the top search bar Service health then click the heart icon. You need to have an active service you will need to have created a resource group and a active service within the resource group for example a virtual machine. This is necessary if you want to set up the optional step under Actions. Next follow the steps below to create a service alert: In the left-hand menu under Active Events, then select "Service issues." For the scope, select the subscription you would like to receive alerts. then click "Next: Condition." Under Condition in the dropdown selectors Services, Regions, and Event types click "Select all," then click "Next: Actions." You will now create a action group. Click on the "Create action group" button then fill out the following: Basic: Select the "Subscription, Resource group, and Region." Then under instance details, name your "Action group name" and "Display name." Then select "Next: Notification." Notifications: Select the "Notification type" and then create a unique name under "Name." Under Notification type choose between "Email/Azure Resource Manager" role to email specific roles within your subscription to receive notifications. Then select the roles then click ok. We will choose this option to save time though it is recommended you create two alerts using both Email/Azure Resource Manager and Email/SMS message/Push/Voice. Once you are done select "Next: Actions." Actions: You now will select the "Action type" and the Name. Choose between the types of resources to receive a condition-based alert. You then will need to follow the instructions pertaining to which service. Automation Runbook Azure Function Event Hub ITSM Logic App Secure Webhook Webhook Tags: You can create tags as an option to track. Choose relevant tags depending on the subscription, department, team, or testing as an example. Create the "Name" and "Value." Select "Review + Create." Review + Create: Review all the information is correct and the pricing and privacy statement information then select "Create." After you create your action group you will then be sent back to the "Create an alert rule" where you will continue creating your alert, then click the "Next: Details." In Details, under Alert rule details create an "Alert rule name" and description, then click "Next: Tags." Create "Name" and "Value" pair for your tags for your alert. Then select "Next: Review + create." Review all details are correct then click "Create." Creating the alert might take a few minutes, but once it is ready, you will see a notification under the bell icon located in the top menu. Congratulations on taking your first step in creating a plan to be prepared. Setting up alerts keeps your team up to date with the latest information. Conclusion In conclusion, you learned about Azure's tools to inform users of the health of operations of services globally. Teams can track issues concerning their personal resources and improve security, outages, and planned maintenance. You also started down the path of improving your security practices within Azure, so way to go. If you would like to take a even deeper look by following quick start guides and tutorials with the links below. Now, go learn, grow, and achieve the mission that you are so passionate about. Hyperlinks What is Azure Service Health? - Azure Service Health | Microsoft Learn Azure Service Health Video | Microsoft Learn Azure status overview - Azure Service Health | Microsoft LearnBuilding Secure Software from the Ground Up: Why It Matters for Nonprofits
What Is the Secure Software Development Lifecycle (SSDLC)? The Secure Software Development Lifecycle (SSDLC) integrates security into every phase of the traditional Software Development Lifecycle (SDLC). Instead of treating security as a final step before software deployment, SSDLC ensures that security measures are embedded from day one. This approach reduces vulnerabilities and strengthens nonprofit organizations against cyber threats. Key Phases of SSDLC and Why They Matter Planning & Requirements Identify security risks before development begins: This involves understanding potential threats and vulnerabilities that could affect the software. Define compliance needs: Ensure that the software meets regulatory requirements such as GDPR, HIPAA, and donor data protection. Design Use secure architecture principles to mitigate risks: Design the software with security in mind, incorporating principles that reduce potential risks. Implement encryption, authentication, and access control measures: Ensure that data is protected through encryption, and that only authorized users can access the system. Development Follow secure coding best practices: Prevent vulnerabilities like SQL injection, cross-site scripting (XSS), and unauthorized access by adhering to secure coding standards. Use automated security scanning tools: Detect issues early in the development process by employing tools that automatically scan for security vulnerabilities. Testing Conduct penetration testing, security audits, and code reviews: Uncover weaknesses by thoroughly testing the software's security. Simulate cyberattacks to test software resilience: Ensure the software can withstand real-world attacks by simulating various cyber threats. Deployment & Maintenance Monitor for security threats and apply regular updates: Continuously watch for potential security issues and keep the software up-to-date with the latest patches. Conduct incident response drills: Prepare for potential breaches by regularly practicing how to respond to security incidents. How Nonprofits Can Implement SSDLC with the Right Tools Understanding SSDLC is one thing—putting it into practice effectively is another. Many nonprofits lack dedicated cybersecurity teams or technical expertise, making it difficult to integrate security throughout the development process. This is where Microsoft’s Security Development Lifecycle (SDL) comes in. Leveraging Microsoft’s Security Development Lifecycle (SDL) Practices Microsoft’s Security Development Lifecycle (SDL) is a structured approach that aligns with SSDLC principles, providing security best practices and tools to help organizations—including nonprofits—develop secure applications. Some of the key SDL practices that nonprofits should incorporate include: 🔹 Perform Security Design Review and Threat Modeling – Nonprofits often handle sensitive data, such as donor information and beneficiary details. Conducting thorough security design reviews and identifying potential security risks early in the development cycle through threat modeling helps protect this sensitive information and ensures compliance with regulations. 🔹 Require Use of Proven Security Features, Languages, and Frameworks – Nonprofits may have limited resources, so it's crucial to use reliable security features, programming languages, and frameworks that are known to minimize vulnerabilities. This ensures that the software is built on a secure foundation without requiring extensive custom security solutions. 🔹 Perform Security Testing – Regularly run comprehensive security tests, including penetration tests and vulnerability assessments, to identify and address security flaws. This practice is essential for nonprofits to maintain the trust of their donors and beneficiaries by ensuring that their data is secure. 🔹 Implement Security Monitoring and Response – Continuously monitor for security threats and have a robust incident response plan in place to address potential breaches. Nonprofits need to be prepared to quickly detect and effectively manage any security incidents to minimize the impact on their operations and stakeholders. 🔹 Provide Security Training – Educate and train staff on security best practices and the importance of maintaining a secure development lifecycle. Nonprofits often rely on volunteers and staff who may not have extensive technical backgrounds, so ongoing security training is crucial to prevent security breaches and ensure everyone understands their role in maintaining security. This list showcases some of the essential SDL practices that can greatly benefit nonprofits. For a comprehensive overview, please view the following resources: Microsoft Security Development Lifecycle Practices. Learn how Microsoft supports secure software development as part of a cybersecurity solution - Training | Microsoft Learn Microsoft Tools That Support Secure Development To help nonprofits implement SSDLC and SDL, Microsoft offers several security-focused tools that integrate directly into the software development process. ✔ Microsoft Defender for DevOps – Protects code repositories and CI/CD pipelines from security threats, ensuring security is embedded throughout the development lifecycle. ✔ Azure DevOps Security Tools – Integrates security checks into DevOps workflows with automated scanning for vulnerabilities in code, dependencies, and containerized applications. ✔ Microsoft Defender for Cloud – Provides real-time security monitoring, threat detection, and compliance management for cloud-based applications. This helps nonprofits maintain continuous security visibility across Azure and hybrid environments. ✔ Azure Key Vault – Secures application secrets, encryption keys, and certificates, preventing unauthorized access to sensitive credentials used in nonprofit applications. ✔ Azure Web Application Firewall (WAF) – Helps protect nonprofit web applications from common threats like SQL injection, cross-site scripting (XSS), and bot attacks by filtering and monitoring traffic. ✔ Azure Policy – Automates security compliance checks within Azure environments, ensuring nonprofit applications and services follow best security practices throughout their lifecycle. Bringing It All Together For nonprofits, cybersecurity isn’t just an IT issue—it’s a mission-critical priority. A data breach can compromise donor trust, expose sensitive beneficiary information, and disrupt critical operations. By integrating Microsoft’s SDL practices and security tools into the Secure Software Development Lifecycle (SSDLC), nonprofits can: ✅ Proactively reduce cybersecurity risks before they become major threats. ✅ Protect donor and beneficiary data from unauthorized access. ✅ Ensure compliance with data privacy regulations. ✅ Strengthen trust with stakeholders who rely on them. By leveraging Microsoft’s security tools, nonprofits can build safer, more resilient applications—even without large security teams. This blog discusses building applications and incorporating security from the very beginning phases of development. If you are a nonprofit with applications that you may not have the budget to rebuild from the ground up, you can learn about modernizing and upgrading the security for your legacy applications here: Modernizing Legacy Applications in your Nonprofit | Microsoft Community Hub
