SlideShare a Scribd company logo

Office365 App Security

Oliver Wirkus
Oliver Wirkus

This slide deck provides an overview on the options administrators have to secure the applications that are part of Office 365. This slide deck also include recommendations and best-practices.

Technology
1 of 42
Download to read offline
Office365 App Security Overview on options to secure Office365 applications Presented By: Oliver Wirkus (MVP) September, 7th 2017
About me • Sr. Consultant with 2toLead • Microsoft Office Servers and Services MVP • Published Author and Speaker • Member of the Board of Vancouver Office365 user group Email: oliver@2tolead.com Twitter: @OWirkus LinkedIn: https://www.linkedin.com/in/owirkus/ Oliver Wirkus
 What are common threads that organizations face?  How to secure the Office 365 applications?  Summary and Best Practices
What are common threads that organizations face? Agenda
Sharing of sensitive information outside of the organization Common Threads
Sharing of sensitive information with other organizations Common Threads
Using unmanaged (personal) devices Common Threads
Uncontrolled sync’ing of data Common Threads
(Accidentally) sending sensitive information Common Threads
How to secure the Office 365 applications? Agenda
Security settings for SharePoint online
Configure external sharing according to corporate policies SharePoint online Configure external sharing in the Office365 Admin Center.} } Limit external sharing to selected security groups
Configure blocked and allowed domains as an additional layer of security SharePoint Online Configure domains users are allowed to share with.}
Create DLP rules according to corporate policies and keep in mind that DLP rules are not in effect immediately SharePoint online Data Loss Prevention Configure external sharing in the Office365 Security and Compliance Center. Rules might take a long time to become active!
Security settings for OneDrive for Business
Configure external sharing according to corporate policies OneDrive for Business Configure sharing with external users} Configure defaults for sharing links}
Configure blocked and allowed domains as an additional layer of security OneDrive for Business Limit external sharing by domain. Domains can be blocked or allowed}
Create DLP rules according to corporate policies and keep in mind that DLP rules are not in effect immediately OneDrive for Business OneDrive for Business is using the same DLP rules as SharePoint Online
Limit sync’ing to PCs joined to a corporate domain OneDrive for Business List domains that devices need to join to be included into synchronization}
Security settings for PowerApps and Flow
Only allow connectors which are safe to handle corporate data. Content transferred by connectors is not checked! PowerApps / Flow Data Loss Prevention is handled by allowing specific connectors to be used with Business Data} Redmond Magazine: How to Secure SharePoint Online Workflows with Microsoft Flow
Security settings for Skype for Business
Configure external access based on corporate policies Skype for Business Control how users can access Skype for Business users in other organizations} Configure blocked and allowed domains}
Security settings for Power BI
Configure who is allowed to share externally and who is allowed to publish to the web Power BI Control how users can share dashboards with external users} Control who can share dashboards with external users} Control who is allowed to publish reports to the web}
Control who is allowed to export data or to print dashboards and reports Power BI
Configure carefully who is allowed to use integrations services, audits and usage metrics Power BI Control who is allowed to use integration services } Control who is allowed to create audits and usage metrics }
Security settings for Office Groups
Configure privacy settings according to governance policies Office Groups Office Groups can be either ‘Public’ or ‘Private’} Configure if the group can receive external email}
Security settings for Yammer
Add only trusted network domains to Yammer Yammer Access list of allowed domains } Add domains as ‘allowed’ domains}
Configure who is allowed to create External Networks Yammer Configure who is allowed to create ‘External Networks’} Configure additional options for ‘External Networks’}
Configure IP ranges for Office network or VPN access Yammer Define a range of allowed IP addresses} Define how logins from outside are handled}
Security settings for Sway
Configure options for external sharing and what viewers are allowed to do with a Sway they receive. Sway Select with whom the Sway should be shared} Configure additional options regarding what Viewers are allowed to do}
Security & Privacy settings for Office 365
Assign roles and permissions according to tasks. Don’t assign all roles to just a few admins. Office 365 Assign roles and permissions to employees who need to perform specific tasks}
Create alerts based on various predefined activities } Set alerts and know what is happing to your data. Office 365
Only use Supervision with permission of your corporation Office 365 Configure who’s communication should be supervised, how often it should supervised and define supervisors }
Fine-tune the communication that should be supervised Office 365 “The conditions you choose will apply to communications from both email and 3rd-party sources in your organization (like from Facebook or DropBox).” https://support.office.com/en-us/article/Configure-supervision-policies-for-your-organization-d14ae7c3-fcb0-4a03-967b-cbed861bb086
Summary and Best Practices Agenda
Best practice guidance Security restricts employees in their day-to-day business! Too much security restrictions might constrict users in a disproportionate manner. On the other hand, too less security will definitely have a negative impact on the business and jeopardize the enterprise. My personal best practices:  Develop governance rules and security guidelines with business owners and external experts.  Apply the necessary amount of security rules based on these governance rules.  Log each applied security setting thoroughly and utilize the “Four- eye principle”.  Review governance rules and security settings at least twice per year.  Be transparent and train users

Recommended

SharePoint Saturday NL 2016 - Security & Compliance
SharePoint Saturday NL 2016 - Security & ComplianceSharePoint Saturday NL 2016 - Security & Compliance
SharePoint Saturday NL 2016 - Security & ComplianceAlbert Hoitingh
 
Microsoft 365 Security & Compliance User Group - Microsoft Teams compliance
Microsoft 365 Security & Compliance User Group - Microsoft Teams compliance Microsoft 365 Security & Compliance User Group - Microsoft Teams compliance
Microsoft 365 Security & Compliance User Group - Microsoft Teams compliance Albert Hoitingh
 
Intro to Office 365 Security & Compliance Center
Intro to Office 365 Security & Compliance CenterIntro to Office 365 Security & Compliance Center
Intro to Office 365 Security & Compliance CenterCraig Jahnke
 
Overview of Microsoft Teams and Data Loss Prevention(DLP)
Overview of Microsoft Teams and Data Loss Prevention(DLP)Overview of Microsoft Teams and Data Loss Prevention(DLP)
Overview of Microsoft Teams and Data Loss Prevention(DLP)Radhakrishnan Govindan
 
Intro to Data Loss Prevention in SharePoint 2016
Intro to Data Loss Prevention in SharePoint 2016Intro to Data Loss Prevention in SharePoint 2016
Intro to Data Loss Prevention in SharePoint 2016Craig Jahnke
 
Labelling in Microsoft 365 - Retention & Sensitivity
Labelling in Microsoft 365 - Retention & SensitivityLabelling in Microsoft 365 - Retention & Sensitivity
Labelling in Microsoft 365 - Retention & SensitivityDrew Madelung
 
Microsoft 365 and Microsoft Cloud App Security
Microsoft 365 and Microsoft Cloud App SecurityMicrosoft 365 and Microsoft Cloud App Security
Microsoft 365 and Microsoft Cloud App SecurityAlbert Hoitingh
 
Overview of Data Loss Prevention Policies in Office 365
Overview of Data Loss Prevention Policies in Office 365Overview of Data Loss Prevention Policies in Office 365
Overview of Data Loss Prevention Policies in Office 365Dock 365
 

More Related Content

What's hot

Cryptzone SharePoint and Office 365 Security Solutions Guide
Cryptzone SharePoint and Office 365 Security Solutions GuideCryptzone SharePoint and Office 365 Security Solutions Guide
Cryptzone SharePoint and Office 365 Security Solutions GuideDavid J Rosenthal
 
Office 365 Security - MacGyver, Ninja or Swat team
Office 365 Security - MacGyver, Ninja or Swat teamOffice 365 Security - MacGyver, Ninja or Swat team
Office 365 Security - MacGyver, Ninja or Swat teamAntonioMaio2
 
ECS19 - Nicki Borell - Microsoft Cybersecurity Reference Architecture
ECS19 - Nicki Borell - Microsoft Cybersecurity Reference ArchitectureECS19 - Nicki Borell - Microsoft Cybersecurity Reference Architecture
ECS19 - Nicki Borell - Microsoft Cybersecurity Reference ArchitectureEuropean Collaboration Summit
 
SharePoint Saturday Ottawa - How secure is my data in office 365?
SharePoint Saturday Ottawa - How secure is my data in office 365?SharePoint Saturday Ottawa - How secure is my data in office 365?
SharePoint Saturday Ottawa - How secure is my data in office 365?AntonioMaio2
 
Rencore Webinar: Understanding EU GDPR from an Office 365 perspective with Pa...
Rencore Webinar: Understanding EU GDPR from an Office 365 perspective with Pa...Rencore Webinar: Understanding EU GDPR from an Office 365 perspective with Pa...
Rencore Webinar: Understanding EU GDPR from an Office 365 perspective with Pa...Rencore
 
ECS19 - Bram De Jager - Design a secure collaboration solution with Azure In...
ECS19 - Bram De Jager - Design a secure collaboration solution with Azure In...ECS19 - Bram De Jager - Design a secure collaboration solution with Azure In...
ECS19 - Bram De Jager - Design a secure collaboration solution with Azure In...European Collaboration Summit
 
Everything you need to know about sharing files in SharePoint and OneDrive
Everything you need to know about sharing files in SharePoint and OneDriveEverything you need to know about sharing files in SharePoint and OneDrive
Everything you need to know about sharing files in SharePoint and OneDriveDrew Madelung
 
What's new in Exchange Online - Microsoft Office 365 - Atidan
What's new in Exchange Online - Microsoft Office 365 - AtidanWhat's new in Exchange Online - Microsoft Office 365 - Atidan
What's new in Exchange Online - Microsoft Office 365 - AtidanDavid J Rosenthal
 
Office 365 cloud principles
Office 365 cloud principlesOffice 365 cloud principles
Office 365 cloud principlesMotty Ben Atia
 
Office 365 deployment fast track
Office 365 deployment fast trackOffice 365 deployment fast track
Office 365 deployment fast trackMotty Ben Atia
 
Real world SharePoint information governance a case study - published
Real world SharePoint information governance a case study - publishedReal world SharePoint information governance a case study - published
Real world SharePoint information governance a case study - publishedAntonioMaio2
 
M365 Virtual Marathon: Retention in Office 365 - the Where What and How
M365 Virtual Marathon: Retention in Office 365 - the Where What and HowM365 Virtual Marathon: Retention in Office 365 - the Where What and How
M365 Virtual Marathon: Retention in Office 365 - the Where What and HowJoanne Klein
 
Sensitivity labels for Teams, Microsoft 365 Groups & SharePoint Sites
Sensitivity labels for Teams, Microsoft 365 Groups & SharePoint SitesSensitivity labels for Teams, Microsoft 365 Groups & SharePoint Sites
Sensitivity labels for Teams, Microsoft 365 Groups & SharePoint SitesDrew Madelung
 
What's new in Security and Compliance in SharePoint , OneDrive for Business &...
What's new in Security and Compliance in SharePoint , OneDrive for Business &...What's new in Security and Compliance in SharePoint , OneDrive for Business &...
What's new in Security and Compliance in SharePoint , OneDrive for Business &...Vignesh Ganesan I Microsoft MVP
 
Intro to Shared Channels
Intro to Shared ChannelsIntro to Shared Channels
Intro to Shared ChannelsDrew Madelung
 
Securing SharePoint & OneDrive in Office 365
Securing SharePoint & OneDrive in Office 365Securing SharePoint & OneDrive in Office 365
Securing SharePoint & OneDrive in Office 365Drew Madelung
 
Reducing the Chance of an Office 365 Security Breach
Reducing the Chance of an Office 365 Security BreachReducing the Chance of an Office 365 Security Breach
Reducing the Chance of an Office 365 Security BreachQuest
 
What's new with Security & Compliance for SharePoint, OneDrive, and Teams
What's new with Security & Compliance for SharePoint, OneDrive, and TeamsWhat's new with Security & Compliance for SharePoint, OneDrive, and Teams
What's new with Security & Compliance for SharePoint, OneDrive, and TeamsDrew Madelung
 
SharePoint Saturday Cambridge: Security & compliance
SharePoint Saturday Cambridge: Security & complianceSharePoint Saturday Cambridge: Security & compliance
SharePoint Saturday Cambridge: Security & complianceAlbert Hoitingh
 

What's hot (20)

Cryptzone SharePoint and Office 365 Security Solutions Guide
Cryptzone SharePoint and Office 365 Security Solutions GuideCryptzone SharePoint and Office 365 Security Solutions Guide
Cryptzone SharePoint and Office 365 Security Solutions Guide
 
Office 365 Security - MacGyver, Ninja or Swat team
Office 365 Security - MacGyver, Ninja or Swat teamOffice 365 Security - MacGyver, Ninja or Swat team
Office 365 Security - MacGyver, Ninja or Swat team
 
ECS19 - Nicki Borell - Microsoft Cybersecurity Reference Architecture
ECS19 - Nicki Borell - Microsoft Cybersecurity Reference ArchitectureECS19 - Nicki Borell - Microsoft Cybersecurity Reference Architecture
ECS19 - Nicki Borell - Microsoft Cybersecurity Reference Architecture
 
SharePoint Saturday Ottawa - How secure is my data in office 365?
SharePoint Saturday Ottawa - How secure is my data in office 365?SharePoint Saturday Ottawa - How secure is my data in office 365?
SharePoint Saturday Ottawa - How secure is my data in office 365?
 
Rencore Webinar: Understanding EU GDPR from an Office 365 perspective with Pa...
Rencore Webinar: Understanding EU GDPR from an Office 365 perspective with Pa...Rencore Webinar: Understanding EU GDPR from an Office 365 perspective with Pa...
Rencore Webinar: Understanding EU GDPR from an Office 365 perspective with Pa...
 
ECS19 - Bram De Jager - Design a secure collaboration solution with Azure In...
ECS19 - Bram De Jager - Design a secure collaboration solution with Azure In...ECS19 - Bram De Jager - Design a secure collaboration solution with Azure In...
ECS19 - Bram De Jager - Design a secure collaboration solution with Azure In...
 
Everything you need to know about sharing files in SharePoint and OneDrive
Everything you need to know about sharing files in SharePoint and OneDriveEverything you need to know about sharing files in SharePoint and OneDrive
Everything you need to know about sharing files in SharePoint and OneDrive
 
What's new in Exchange Online - Microsoft Office 365 - Atidan
What's new in Exchange Online - Microsoft Office 365 - AtidanWhat's new in Exchange Online - Microsoft Office 365 - Atidan
What's new in Exchange Online - Microsoft Office 365 - Atidan
 
Office 365 cloud principles
Office 365 cloud principlesOffice 365 cloud principles
Office 365 cloud principles
 
Office 365 deployment fast track
Office 365 deployment fast trackOffice 365 deployment fast track
Office 365 deployment fast track
 
Real world SharePoint information governance a case study - published
Real world SharePoint information governance a case study - publishedReal world SharePoint information governance a case study - published
Real world SharePoint information governance a case study - published
 
M365 Virtual Marathon: Retention in Office 365 - the Where What and How
M365 Virtual Marathon: Retention in Office 365 - the Where What and HowM365 Virtual Marathon: Retention in Office 365 - the Where What and How
M365 Virtual Marathon: Retention in Office 365 - the Where What and How
 
Sensitivity labels for Teams, Microsoft 365 Groups & SharePoint Sites
Sensitivity labels for Teams, Microsoft 365 Groups & SharePoint SitesSensitivity labels for Teams, Microsoft 365 Groups & SharePoint Sites
Sensitivity labels for Teams, Microsoft 365 Groups & SharePoint Sites
 
What's new in Security and Compliance in SharePoint , OneDrive for Business &...
What's new in Security and Compliance in SharePoint , OneDrive for Business &...What's new in Security and Compliance in SharePoint , OneDrive for Business &...
What's new in Security and Compliance in SharePoint , OneDrive for Business &...
 
Intro to Shared Channels
Intro to Shared ChannelsIntro to Shared Channels
Intro to Shared Channels
 
Securing SharePoint & OneDrive in Office 365
Securing SharePoint & OneDrive in Office 365Securing SharePoint & OneDrive in Office 365
Securing SharePoint & OneDrive in Office 365
 
Reducing the Chance of an Office 365 Security Breach
Reducing the Chance of an Office 365 Security BreachReducing the Chance of an Office 365 Security Breach
Reducing the Chance of an Office 365 Security Breach
 
Office 365 Security Best Practices
Office 365 Security Best PracticesOffice 365 Security Best Practices
Office 365 Security Best Practices
 
What's new with Security & Compliance for SharePoint, OneDrive, and Teams
What's new with Security & Compliance for SharePoint, OneDrive, and TeamsWhat's new with Security & Compliance for SharePoint, OneDrive, and Teams
What's new with Security & Compliance for SharePoint, OneDrive, and Teams
 
SharePoint Saturday Cambridge: Security & compliance
SharePoint Saturday Cambridge: Security & complianceSharePoint Saturday Cambridge: Security & compliance
SharePoint Saturday Cambridge: Security & compliance
 

Similar to Office365 App Security

Hybrid SharePoint - Office 365 & On-prem SharePoint 2013 -part2
Hybrid SharePoint - Office 365 & On-prem SharePoint 2013 -part2Hybrid SharePoint - Office 365 & On-prem SharePoint 2013 -part2
Hybrid SharePoint - Office 365 & On-prem SharePoint 2013 -part2WinWire Technologies Inc
 
SPSVB - Office 365 and Cloud Identity - What Does It Mean for Me?
SPSVB - Office 365 and Cloud Identity - What Does It Mean for Me?SPSVB - Office 365 and Cloud Identity - What Does It Mean for Me?
SPSVB - Office 365 and Cloud Identity - What Does It Mean for Me?Scott Hoag
 
Deep dive into Microsoft Purview Data Loss Prevention
Deep dive into Microsoft Purview Data Loss PreventionDeep dive into Microsoft Purview Data Loss Prevention
Deep dive into Microsoft Purview Data Loss PreventionDrew Madelung
 
SharePoint Online vs. On-Premise
SharePoint Online vs. On-PremiseSharePoint Online vs. On-Premise
SharePoint Online vs. On-PremiseEvan Hodges
 
Top 10 Enterprise Reporter Reports You Didn't Know You Needed
Top 10 Enterprise Reporter Reports You Didn't Know You NeededTop 10 Enterprise Reporter Reports You Didn't Know You Needed
Top 10 Enterprise Reporter Reports You Didn't Know You NeededQuest
 
SharePoint 2013 in a hybrid world
SharePoint 2013 in a hybrid worldSharePoint 2013 in a hybrid world
SharePoint 2013 in a hybrid worldJethro Seghers
 
St. Louis SharePoint User Group - Security and Compliance in O365 for SharePo...
St. Louis SharePoint User Group - Security and Compliance in O365 for SharePo...St. Louis SharePoint User Group - Security and Compliance in O365 for SharePo...
St. Louis SharePoint User Group - Security and Compliance in O365 for SharePo...Ajay Iyer
 
Managing SharePoint On-Premises vs. Online -- Compare and Contrast
Managing SharePoint On-Premises vs. Online -- Compare and ContrastManaging SharePoint On-Premises vs. Online -- Compare and Contrast
Managing SharePoint On-Premises vs. Online -- Compare and ContrastChristian Buckley
 
Tech Module 4 - Microsoft Teams admin and gov.pptx
Tech Module 4 - Microsoft Teams admin and gov.pptxTech Module 4 - Microsoft Teams admin and gov.pptx
Tech Module 4 - Microsoft Teams admin and gov.pptxeco80080
 
Planning a Migration to Office 365
Planning a Migration to Office 365Planning a Migration to Office 365
Planning a Migration to Office 365Doug Hemminger
 
SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365
SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365
SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365Scott Hoag
 
Rencore Webinar: Advanced Security Management within Office 365 with Liam Cleary
Rencore Webinar: Advanced Security Management within Office 365 with Liam ClearyRencore Webinar: Advanced Security Management within Office 365 with Liam Cleary
Rencore Webinar: Advanced Security Management within Office 365 with Liam ClearyRencore
 
Securing Team, SharePoint, and OneDrive in Microsoft 365 - M365VM
Securing Team, SharePoint, and OneDrive in Microsoft 365 - M365VMSecuring Team, SharePoint, and OneDrive in Microsoft 365 - M365VM
Securing Team, SharePoint, and OneDrive in Microsoft 365 - M365VMDrew Madelung
 
March 2023 CIAOPS Need to Know Webinar
March 2023 CIAOPS Need to Know WebinarMarch 2023 CIAOPS Need to Know Webinar
March 2023 CIAOPS Need to Know WebinarRobert Crane
 
Microsoft Cloud Solutions for Nonprofits
Microsoft Cloud Solutions for NonprofitsMicrosoft Cloud Solutions for Nonprofits
Microsoft Cloud Solutions for NonprofitsTechSoup
 
Configuring Hybrid Workloads for SharePoint 2013 and O365 by Neil Hodgkinson
Configuring Hybrid Workloads for SharePoint 2013 and O365 by Neil HodgkinsonConfiguring Hybrid Workloads for SharePoint 2013 and O365 by Neil Hodgkinson
Configuring Hybrid Workloads for SharePoint 2013 and O365 by Neil HodgkinsonEuropean SharePoint Conference
 
Microsoft Information Protection: Your Security and Compliance Framework
Microsoft Information Protection: Your Security and Compliance FrameworkMicrosoft Information Protection: Your Security and Compliance Framework
Microsoft Information Protection: Your Security and Compliance FrameworkAlistair Pugin
 
SharePoint Online vs. SharePoint Server_22-9-2023.pptx
SharePoint Online vs. SharePoint Server_22-9-2023.pptxSharePoint Online vs. SharePoint Server_22-9-2023.pptx
SharePoint Online vs. SharePoint Server_22-9-2023.pptxSunil Jagani
 
SPS Sydney - Office 365 and Cloud Identity – What does it mean for me?
SPS Sydney - Office 365 and Cloud Identity – What does it mean for me?SPS Sydney - Office 365 and Cloud Identity – What does it mean for me?
SPS Sydney - Office 365 and Cloud Identity – What does it mean for me?Scott Hoag
 
Microsoft Cloud Solutions Webinar April 2022
Microsoft Cloud Solutions Webinar April 2022Microsoft Cloud Solutions Webinar April 2022
Microsoft Cloud Solutions Webinar April 2022TechSoup
 

Similar to Office365 App Security (20)

Hybrid SharePoint - Office 365 & On-prem SharePoint 2013 -part2
Hybrid SharePoint - Office 365 & On-prem SharePoint 2013 -part2Hybrid SharePoint - Office 365 & On-prem SharePoint 2013 -part2
Hybrid SharePoint - Office 365 & On-prem SharePoint 2013 -part2
 
SPSVB - Office 365 and Cloud Identity - What Does It Mean for Me?
SPSVB - Office 365 and Cloud Identity - What Does It Mean for Me?SPSVB - Office 365 and Cloud Identity - What Does It Mean for Me?
SPSVB - Office 365 and Cloud Identity - What Does It Mean for Me?
 
Deep dive into Microsoft Purview Data Loss Prevention
Deep dive into Microsoft Purview Data Loss PreventionDeep dive into Microsoft Purview Data Loss Prevention
Deep dive into Microsoft Purview Data Loss Prevention
 
SharePoint Online vs. On-Premise
SharePoint Online vs. On-PremiseSharePoint Online vs. On-Premise
SharePoint Online vs. On-Premise
 
Top 10 Enterprise Reporter Reports You Didn't Know You Needed
Top 10 Enterprise Reporter Reports You Didn't Know You NeededTop 10 Enterprise Reporter Reports You Didn't Know You Needed
Top 10 Enterprise Reporter Reports You Didn't Know You Needed
 
SharePoint 2013 in a hybrid world
SharePoint 2013 in a hybrid worldSharePoint 2013 in a hybrid world
SharePoint 2013 in a hybrid world
 
St. Louis SharePoint User Group - Security and Compliance in O365 for SharePo...
St. Louis SharePoint User Group - Security and Compliance in O365 for SharePo...St. Louis SharePoint User Group - Security and Compliance in O365 for SharePo...
St. Louis SharePoint User Group - Security and Compliance in O365 for SharePo...
 
Managing SharePoint On-Premises vs. Online -- Compare and Contrast
Managing SharePoint On-Premises vs. Online -- Compare and ContrastManaging SharePoint On-Premises vs. Online -- Compare and Contrast
Managing SharePoint On-Premises vs. Online -- Compare and Contrast
 
Tech Module 4 - Microsoft Teams admin and gov.pptx
Tech Module 4 - Microsoft Teams admin and gov.pptxTech Module 4 - Microsoft Teams admin and gov.pptx
Tech Module 4 - Microsoft Teams admin and gov.pptx
 
Planning a Migration to Office 365
Planning a Migration to Office 365Planning a Migration to Office 365
Planning a Migration to Office 365
 
SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365
SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365
SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365
 
Rencore Webinar: Advanced Security Management within Office 365 with Liam Cleary
Rencore Webinar: Advanced Security Management within Office 365 with Liam ClearyRencore Webinar: Advanced Security Management within Office 365 with Liam Cleary
Rencore Webinar: Advanced Security Management within Office 365 with Liam Cleary
 
Securing Team, SharePoint, and OneDrive in Microsoft 365 - M365VM
Securing Team, SharePoint, and OneDrive in Microsoft 365 - M365VMSecuring Team, SharePoint, and OneDrive in Microsoft 365 - M365VM
Securing Team, SharePoint, and OneDrive in Microsoft 365 - M365VM
 
March 2023 CIAOPS Need to Know Webinar
March 2023 CIAOPS Need to Know WebinarMarch 2023 CIAOPS Need to Know Webinar
March 2023 CIAOPS Need to Know Webinar
 
Microsoft Cloud Solutions for Nonprofits
Microsoft Cloud Solutions for NonprofitsMicrosoft Cloud Solutions for Nonprofits
Microsoft Cloud Solutions for Nonprofits
 
Configuring Hybrid Workloads for SharePoint 2013 and O365 by Neil Hodgkinson
Configuring Hybrid Workloads for SharePoint 2013 and O365 by Neil HodgkinsonConfiguring Hybrid Workloads for SharePoint 2013 and O365 by Neil Hodgkinson
Configuring Hybrid Workloads for SharePoint 2013 and O365 by Neil Hodgkinson
 
Microsoft Information Protection: Your Security and Compliance Framework
Microsoft Information Protection: Your Security and Compliance FrameworkMicrosoft Information Protection: Your Security and Compliance Framework
Microsoft Information Protection: Your Security and Compliance Framework
 
SharePoint Online vs. SharePoint Server_22-9-2023.pptx
SharePoint Online vs. SharePoint Server_22-9-2023.pptxSharePoint Online vs. SharePoint Server_22-9-2023.pptx
SharePoint Online vs. SharePoint Server_22-9-2023.pptx
 
SPS Sydney - Office 365 and Cloud Identity – What does it mean for me?
SPS Sydney - Office 365 and Cloud Identity – What does it mean for me?SPS Sydney - Office 365 and Cloud Identity – What does it mean for me?
SPS Sydney - Office 365 and Cloud Identity – What does it mean for me?
 
Microsoft Cloud Solutions Webinar April 2022
Microsoft Cloud Solutions Webinar April 2022Microsoft Cloud Solutions Webinar April 2022
Microsoft Cloud Solutions Webinar April 2022
 

More from Oliver Wirkus

UG Victoria - Microsoft Teams rollout lessons learned
UG Victoria - Microsoft Teams rollout lessons learnedUG Victoria - Microsoft Teams rollout lessons learned
UG Victoria - Microsoft Teams rollout lessons learnedOliver Wirkus
 
Microsoft 365 governance approach
Microsoft 365 governance approachMicrosoft 365 governance approach
Microsoft 365 governance approachOliver Wirkus
 
Mastering the Art of SharePoint DMS
Mastering the Art of SharePoint DMSMastering the Art of SharePoint DMS
Mastering the Art of SharePoint DMSOliver Wirkus
 
SharePoint Migration-What you need to know
SharePoint Migration-What you need to knowSharePoint Migration-What you need to know
SharePoint Migration-What you need to knowOliver Wirkus
 
App modernization-What you need to know before planning a migration to office...
App modernization-What you need to know before planning a migration to office...App modernization-What you need to know before planning a migration to office...
App modernization-What you need to know before planning a migration to office...Oliver Wirkus
 
App Modernization - What you need to know before planning a migration to Offi...
App Modernization - What you need to know before planning a migration to Offi...App Modernization - What you need to know before planning a migration to Offi...
App Modernization - What you need to know before planning a migration to Offi...Oliver Wirkus
 
Mastering the Art of SharePoint DMS implemenation
Mastering the Art of SharePoint DMS implemenationMastering the Art of SharePoint DMS implemenation
Mastering the Art of SharePoint DMS implemenationOliver Wirkus
 
What you need to know about Enterprise 2.0 before implementing social features
What you need to know about Enterprise 2.0 before implementing social featuresWhat you need to know about Enterprise 2.0 before implementing social features
What you need to know about Enterprise 2.0 before implementing social featuresOliver Wirkus
 
SharePoint excellence evening - Collaboration mit sharepoint 2013
SharePoint excellence evening - Collaboration mit sharepoint 2013SharePoint excellence evening - Collaboration mit sharepoint 2013
SharePoint excellence evening - Collaboration mit sharepoint 2013Oliver Wirkus
 
SharePoint 2013 - Enterprise 2.0: Chance oder Risiko
SharePoint 2013 - Enterprise 2.0: Chance oder RisikoSharePoint 2013 - Enterprise 2.0: Chance oder Risiko
SharePoint 2013 - Enterprise 2.0: Chance oder RisikoOliver Wirkus
 
Coding against the Office Graph
Coding against the Office GraphCoding against the Office Graph
Coding against the Office GraphOliver Wirkus
 
Moving mountains with Sharepoint - Document Management with SharePoint 2013
Moving mountains with Sharepoint - Document Management with SharePoint 2013Moving mountains with Sharepoint - Document Management with SharePoint 2013
Moving mountains with Sharepoint - Document Management with SharePoint 2013Oliver Wirkus
 

More from Oliver Wirkus (12)

UG Victoria - Microsoft Teams rollout lessons learned
UG Victoria - Microsoft Teams rollout lessons learnedUG Victoria - Microsoft Teams rollout lessons learned
UG Victoria - Microsoft Teams rollout lessons learned
 
Microsoft 365 governance approach
Microsoft 365 governance approachMicrosoft 365 governance approach
Microsoft 365 governance approach
 
Mastering the Art of SharePoint DMS
Mastering the Art of SharePoint DMSMastering the Art of SharePoint DMS
Mastering the Art of SharePoint DMS
 
SharePoint Migration-What you need to know
SharePoint Migration-What you need to knowSharePoint Migration-What you need to know
SharePoint Migration-What you need to know
 
App modernization-What you need to know before planning a migration to office...
App modernization-What you need to know before planning a migration to office...App modernization-What you need to know before planning a migration to office...
App modernization-What you need to know before planning a migration to office...
 
App Modernization - What you need to know before planning a migration to Offi...
App Modernization - What you need to know before planning a migration to Offi...App Modernization - What you need to know before planning a migration to Offi...
App Modernization - What you need to know before planning a migration to Offi...
 
Mastering the Art of SharePoint DMS implemenation
Mastering the Art of SharePoint DMS implemenationMastering the Art of SharePoint DMS implemenation
Mastering the Art of SharePoint DMS implemenation
 
What you need to know about Enterprise 2.0 before implementing social features
What you need to know about Enterprise 2.0 before implementing social featuresWhat you need to know about Enterprise 2.0 before implementing social features
What you need to know about Enterprise 2.0 before implementing social features
 
SharePoint excellence evening - Collaboration mit sharepoint 2013
SharePoint excellence evening - Collaboration mit sharepoint 2013SharePoint excellence evening - Collaboration mit sharepoint 2013
SharePoint excellence evening - Collaboration mit sharepoint 2013
 
SharePoint 2013 - Enterprise 2.0: Chance oder Risiko
SharePoint 2013 - Enterprise 2.0: Chance oder RisikoSharePoint 2013 - Enterprise 2.0: Chance oder Risiko
SharePoint 2013 - Enterprise 2.0: Chance oder Risiko
 
Coding against the Office Graph
Coding against the Office GraphCoding against the Office Graph
Coding against the Office Graph
 
Moving mountains with Sharepoint - Document Management with SharePoint 2013
Moving mountains with Sharepoint - Document Management with SharePoint 2013Moving mountains with Sharepoint - Document Management with SharePoint 2013
Moving mountains with Sharepoint - Document Management with SharePoint 2013
 

Recently uploaded

Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesKari Kakkonen
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 
Infrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platformsInfrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platformsYoss Cohen
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...panagenda
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
QMMS Lesson 2 - Using MS Excel Formula.pdf
QMMS Lesson 2 - Using MS Excel Formula.pdfQMMS Lesson 2 - Using MS Excel Formula.pdf
QMMS Lesson 2 - Using MS Excel Formula.pdfROWELL MARQUINA
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPathCommunity
 
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...Jeffrey Haguewood
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityIES VE
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Farhan Tariq
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Hiroshi SHIBATA
 
Kuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorialKuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorialJoão Esperancinha
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Nikki Chapple
 
WomenInAutomation2024: AI and Automation for eveyone
WomenInAutomation2024: AI and Automation for eveyoneWomenInAutomation2024: AI and Automation for eveyone
WomenInAutomation2024: AI and Automation for eveyoneUiPathCommunity
 
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data IntegrationBridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integrationmarketing932765
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfIngrid Airi González
 
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Mark Simos
 
Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024TopCSSGallery
 

Recently uploaded (20)

Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
 
Infrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platformsInfrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platforms
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
QMMS Lesson 2 - Using MS Excel Formula.pdf
QMMS Lesson 2 - Using MS Excel Formula.pdfQMMS Lesson 2 - Using MS Excel Formula.pdf
QMMS Lesson 2 - Using MS Excel Formula.pdf
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to Hero
 
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a reality
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024
 
Kuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorialKuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorial
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
 
WomenInAutomation2024: AI and Automation for eveyone
WomenInAutomation2024: AI and Automation for eveyoneWomenInAutomation2024: AI and Automation for eveyone
WomenInAutomation2024: AI and Automation for eveyone
 
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data IntegrationBridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdf
 
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
 
Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024
 

Office365 App Security

  • 1. Office365 App Security Overview on options to secure Office365 applications Presented By: Oliver Wirkus (MVP) September, 7th 2017
  • 2. About me • Sr. Consultant with 2toLead • Microsoft Office Servers and Services MVP • Published Author and Speaker • Member of the Board of Vancouver Office365 user group Email: oliver@2tolead.com Twitter: @OWirkus LinkedIn: https://www.linkedin.com/in/owirkus/ Oliver Wirkus
  • 3.  What are common threads that organizations face?  How to secure the Office 365 applications?  Summary and Best Practices
  • 4. What are common threads that organizations face? Agenda
  • 5. Sharing of sensitive information outside of the organization Common Threads
  • 6. Sharing of sensitive information with other organizations Common Threads
  • 7. Using unmanaged (personal) devices Common Threads
  • 8. Uncontrolled sync’ing of data Common Threads
  • 9. (Accidentally) sending sensitive information Common Threads
  • 10. How to secure the Office 365 applications? Agenda
  • 12. Configure external sharing according to corporate policies SharePoint online Configure external sharing in the Office365 Admin Center.} } Limit external sharing to selected security groups
  • 13. Configure blocked and allowed domains as an additional layer of security SharePoint Online Configure domains users are allowed to share with.}
  • 14. Create DLP rules according to corporate policies and keep in mind that DLP rules are not in effect immediately SharePoint online Data Loss Prevention Configure external sharing in the Office365 Security and Compliance Center. Rules might take a long time to become active!
  • 16. Configure external sharing according to corporate policies OneDrive for Business Configure sharing with external users} Configure defaults for sharing links}
  • 17. Configure blocked and allowed domains as an additional layer of security OneDrive for Business Limit external sharing by domain. Domains can be blocked or allowed}
  • 18. Create DLP rules according to corporate policies and keep in mind that DLP rules are not in effect immediately OneDrive for Business OneDrive for Business is using the same DLP rules as SharePoint Online
  • 19. Limit sync’ing to PCs joined to a corporate domain OneDrive for Business List domains that devices need to join to be included into synchronization}
  • 21. Only allow connectors which are safe to handle corporate data. Content transferred by connectors is not checked! PowerApps / Flow Data Loss Prevention is handled by allowing specific connectors to be used with Business Data} Redmond Magazine: How to Secure SharePoint Online Workflows with Microsoft Flow
  • 23. Configure external access based on corporate policies Skype for Business Control how users can access Skype for Business users in other organizations} Configure blocked and allowed domains}
  • 25. Configure who is allowed to share externally and who is allowed to publish to the web Power BI Control how users can share dashboards with external users} Control who can share dashboards with external users} Control who is allowed to publish reports to the web}
  • 26. Control who is allowed to export data or to print dashboards and reports Power BI
  • 27. Configure carefully who is allowed to use integrations services, audits and usage metrics Power BI Control who is allowed to use integration services } Control who is allowed to create audits and usage metrics }
  • 29. Configure privacy settings according to governance policies Office Groups Office Groups can be either ‘Public’ or ‘Private’} Configure if the group can receive external email}
  • 31. Add only trusted network domains to Yammer Yammer Access list of allowed domains } Add domains as ‘allowed’ domains}
  • 32. Configure who is allowed to create External Networks Yammer Configure who is allowed to create ‘External Networks’} Configure additional options for ‘External Networks’}
  • 33. Configure IP ranges for Office network or VPN access Yammer Define a range of allowed IP addresses} Define how logins from outside are handled}
  • 35. Configure options for external sharing and what viewers are allowed to do with a Sway they receive. Sway Select with whom the Sway should be shared} Configure additional options regarding what Viewers are allowed to do}
  • 37. Assign roles and permissions according to tasks. Don’t assign all roles to just a few admins. Office 365 Assign roles and permissions to employees who need to perform specific tasks}
  • 38. Create alerts based on various predefined activities } Set alerts and know what is happing to your data. Office 365
  • 39. Only use Supervision with permission of your corporation Office 365 Configure who’s communication should be supervised, how often it should supervised and define supervisors }
  • 40. Fine-tune the communication that should be supervised Office 365 “The conditions you choose will apply to communications from both email and 3rd-party sources in your organization (like from Facebook or DropBox).” https://support.office.com/en-us/article/Configure-supervision-policies-for-your-organization-d14ae7c3-fcb0-4a03-967b-cbed861bb086
  • 41. Summary and Best Practices Agenda
  • 42. Best practice guidance Security restricts employees in their day-to-day business! Too much security restrictions might constrict users in a disproportionate manner. On the other hand, too less security will definitely have a negative impact on the business and jeopardize the enterprise. My personal best practices:  Develop governance rules and security guidelines with business owners and external experts.  Apply the necessary amount of security rules based on these governance rules.  Log each applied security setting thoroughly and utilize the “Four- eye principle”.  Review governance rules and security settings at least twice per year.  Be transparent and train users