support@aits.ca The $50,000 Cookie: Why "Standard" MFA is No Longer Enough for Your Business By Jaspreet Singh, CISM Founder, Accelerate IT Services (AITS) For years, business leaders have viewed Multi-Factor Authentication (MFA) as a comprehensive cybersecurity solution. Many assumed that re... Apr 25, 2026
Jaspreet Singh Why MFA Isn’t Enough: The Silent Threat of OAuth Consent Phishing Introduction Many business owners mistakenly view Multi-Factor Authentication (MFA) as the last line of defense in cybersecurity. They mistakenly assume that if passwords are secure and MFA remains in... Apr 17, 2026
Jaspreet Singh MFA Is Not Enough: The Hidden Access Risk Most Organizations Miss Based on Lab: EID-EXP-015 (f11.ca) Most organizations have made significant progress in improving security. They have implemented Multi-Factor Authentication (MFA). This is a positive step. However, a... Apr 9, 2026
Jaspreet Singh Why “Impossible Travel” Alerts Are Failing Your Business (And What It Could Cost You) Why “Impossible Travel” Alerts Are Failing Your Business (And What It Could Cost You) Introduction Many organizations believe that “impossible travel” alerts in Microsoft Entra ID are a strong line of... Apr 3, 2026
Jaspreet Singh Why MFA Alone May Not Protect Your Microsoft 365 Environment Why MFA Alone May Not Protect Your Microsoft 365 Environment The Assumption Most Businesses Make Many organisations believe: “We have MFA enabled, so our accounts are secure. ”This assumption is under... Apr 1, 2026
Jaspreet Singh Why “Trusted Office Locations” Can Weaken Your Microsoft 365 Security Why “Trusted Office Locations” Can Weaken Your Microsoft 365 Security The Assumption Most Organizations Make Many organizations base their Microsoft 365 security policies on a straightforward assumpti... Mar 28, 2026
Jaspreet Singh Hybrid Identity Security: The Hidden Risk Most Businesses Don’t See Until It’s Too Late Hybrid Identity Security: The Hidden Risk Most Businesses Don’t See Until It’s Too Late NOTE: As part of our internal f11.ca lab series ( EID-EXP-09 ), we simulated a modern Hybrid Identity Security b... Mar 18, 2026
Jaspreet Singh MFA Fatigue Attacks: The Overlooked Risk Increasing Business Costs MFA Fatigue Attacks: The Overlooked Risk Increasing Business Costs NOTE: As part of our internal f11.ca lab series ( EID-EXP-08 ), we simulated a modern MFA fatigue attack, the same technique used in ... Mar 4, 2026
Jaspreet Singh Why SMBs Should Block High-Risk Sign-ins in Microsoft 365 (Before It Costs You) NOTE: This advisory is based on our evidence from the f11.ca lab experiment ( EID-EXP-007 ), in which we reproduced the issue. For engineers asking how this works technically. As an MSP owner, I have ... Feb 23, 2026
Jaspreet Singh Identity Protection Without Alerts Is a Silent Security Failure (And Clients Still Pay for It) NOTE: This advisory is based on our evidence from the f11.ca lab experiment (EID-EXP-006), in which we reproduced the issue. Hands-on lab (f11) For engineers asking how this works technically. Technic... Feb 16, 2026
Jaspreet Singh Microsoft 365 Identity Protection Alerts Alone Do Not Prevent Attacks, and This Gap Can Be Costly NOTE: This advisory is based on our evidence from the f11.ca lab experiment (EID-EXP-005), in which we reproduced the issue. Hands-on lab evidence (f11) For engineers asking how this works technically... Feb 12, 2026
Jaspreet Singh Identity Protection Alerts Do Not Automatically Prevent Attacks: Implications for Your Business Identity Protection Alerts Do Not Automatically Prevent Attacks: Implications for Your Business NOTE: This advisory is based on our evidence from the f11.ca lab experiment (EID-EXP-004), in which we r... Feb 7, 2026