Managing a Microsoft 365 tenant can be deceptively simple (it is a commodity, right! Right?), but small misconfigurations can lead to security gaps and vulnerabilities. In this session, Microsoft MVP Dave Stork highlights common mistakes he encounters in real-world M365 environments and explains why they introduce unnecessary risk.

More importantly, he demonstrates practical, secure alternatives based on Microsoft's latest guidance, CIS benchmarks, and field experience.

Attendees will learn how to strengthen administrative identity, access, and posture with approaches such as least‑privilege administration, secure account design, Conditional Access, privileged access management, and automation-first operations.

Expect pragmatic insights, recognizable examples, and actionable recommendations to immediately improve your tenant’s management.

This is a session based on my personal experiences on how organizations have implemented their administration. Most common mistakes I found will be discussed, alternatives provided but also much room for interaction, questions and other examples from the audience.
Attendees should be inspired to improve their management and take away some actions they can perform immediately the next day.