Successfully reported this slideshow.
Your SlideShare is downloading. ×

Fundamentals of Microsoft 365 Security , Identity and Compliance

Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Loading in …3
×

Check these out next

1 of 58 Ad

Fundamentals of Microsoft 365 Security , Identity and Compliance

Download to read offline

This is the slide deck used on my webinar session titled " Fundamentals of Microsoft 365 security , Identity and Compliance" .You can find the recording of this webinar here : https://youtu.be/akrEnqK6Dsc

This is the slide deck used on my webinar session titled " Fundamentals of Microsoft 365 security , Identity and Compliance" .You can find the recording of this webinar here : https://youtu.be/akrEnqK6Dsc

Advertisement
Advertisement

More Related Content

Slideshows for you (20)

Similar to Fundamentals of Microsoft 365 Security , Identity and Compliance (20)

Advertisement

More from Vignesh Ganesan I Microsoft MVP (20)

Recently uploaded (20)

Advertisement

Fundamentals of Microsoft 365 Security , Identity and Compliance

  1. 1. Microsoft Security , Compliance and Identity Webinar Series Fundamentals of Microsoft Security , Compliance and Identity Vignesh Ganesan | MCITP , MCSE , MCP , MCT & ITIL V3 Enterprise Cloud Architect & Technology Strategist viganes@vigneshganesan.com www.vigneshsharepointthoughts.com www.vigneshganesan.com (under construction) @cloudvignesh https://www.linkedin.com/in/vignesh-ganesan-mcse- mcsa-mct-itilv3-9246384a/
  2. 2. • The planned duration for this webinar is 75 minutes, and it might extend based on the questions we get during the session . • Questions ? Feel free to type them in the instant message window at any time. Note that any questions you post will be public .If you want to ask a question verbally then please hold it till the Q&A session. • This webinar is being recorded. We’ll post the recordings to our YouTube Channel https://www.youtube.com/c/VigneshGanesan • Join our Meetup group : https://www.meetup.com/Microsoft-365-and-Power-Platform-User-group-India/ Session Guidelines
  3. 3. About Myself
  4. 4. Introducing India Cloud Security Summit , 2021 | Aug 28th India Cloud Security Summit , 2021 is a one-day virtual event organized by the Microsoft 365 , Power Platform & Cloud Security India User group . This event will completely focus on the Cloud Security services related to Microsoft 365 , Microsoft Azure ,Microsoft Power Platform security and Dynamics 365 . This is the first of its kind from the Microsoft Community at India and we’re planning to cover all the aspects of Microsoft Cloud Security services in this event . In this one-day virtual event we will deep-dive into Microsoft’s Cloud Security stack with hands-on sessions and labs, delivered to you by the experts and community leaders. Event site : https://www.indiacloudsecuritysummit.com/
  5. 5. In today’s session we will be discussing about Microsoft Security , Compliance and Identity only from a Microsoft 365 standpoint
  6. 6. Assumptions Office 365 Administrator SharePoint Administrator Office 365 developer Exchange Administrator MS Teams Administrator Cloud Architect Cloud Solutions Architect C-Suite
  7. 7. Which one is the hacker?
  8. 8. What to expect from today’s session Microsoft 365 security Microsoft Compliance Building your own Cybersecurity framework Understanding the big picture and how to get started Microsoft Identity
  9. 9. Information Rights Management The market is segmented and confusing Mobile Device & Application Management Cloud Access Security Broker SIEM Data Loss Prevention User & Entity Behavioral Analytics Mobile Data Loss Prevention Threat Detection Identity governance Single- sign on Cloud Data Loss Prevention Conditional access Discovery Cloud visibility Secure collaboration Cloud anomaly detection Identity & Access Management The market is segmented and confusing
  10. 10. Three main components that we will be focusing today Microsoft Security Microsoft Identity Microsoft Compliance
  11. 11. Trends in security landscape
  12. 12. 1. BCG remote work study 2. Gartner CXO survey 40% CIOs indicate that Information Security is a primary risk from COVID-192 300M Global office workers are expected to be working from home1
  13. 13. Security pillars for digital era Data Users Devices Information Protection … Locations
  14. 14. Default Controls
  15. 15. Customer management of risk Data classification and data accountability Shared management of risk Identity & access management | End point devices Provider management of risk Physical | Networking Cloud customer Cloud provider Responsibility On-Prem IaaS PaaS SaaS Data classification and accountability Client & end-point protection Identity & access management Application level controls Network controls Host infrastructure Physical security
  16. 16. Defense in depth multi-dimensional approach to customer environment Physical controls, video surveillance, access control Edge routers, firewalls, intrusion detection, vulnerability scanning Dual-factor authentication, intrusion detection, vulnerability scanning Access control and monitoring, anti-malware, patch and configuration management Secure engineering (SDL), access control and monitoring, anti-malware Account management, training and awareness, screening Threat and vulnerability management, security monitoring, and response, access control and monitoring, file/data integrity, encryption Facility Network perimeter Internal network Host Application Admin Data
  17. 17. Encryption • Encryption is the process of making data unreadable and unusable to unauthorized viewers. • Encryption of data at rest • Encryption of data in transit • Two top-level types of encryption: • Symmetric – uses same key to encrypt and decrypt data • Asymmetric - uses a public key and private key pair
  18. 18. Hashing • Hashing uses an algorithm to convert the original text to a unique fixed-length hash value. Hash functions are: • Deterministic, the same input produces the same output. • A unique identifier of its associated data. • Different to encryption in that the hashed value isn't subsequently decrypted back to the original. • Used to store passwords. The password is “salted” to mitigate risk of brute-force dictionary attack. •
  19. 19. Microsoft Identity Azure AD
  20. 20. © Copyright Microsoft Corporation. All rights reserved. Azure Active Directory • Microsoft’s cloud-based identity and access management service • Azure AD provides access to both external and internal resources • Many similarities with Active Directory • Features include: • Multi-factor authentication • Single sign-on • Conditional Access • Multiple license options
  21. 21. Comparison between Active Directory , Azure AD and Azure AD Domain Services Ref : https://www.ciraltos.com/active-directory-domain-service-azure-active-directory-and-azure-active- directory-domain-service-explained/
  22. 22. CLOUD APPS AND SAAS SERVICES On-premises & web apps
  23. 23. MOBILE AND PERSONAL DEVICES On-premises & web apps
  24. 24. ORGANIZATION & SOCIAL IDENTITIES On-premises & web apps
  25. 25. On-premises & web apps
  26. 26. Intelligent Identity Control Plane On-premises & web apps
  27. 27. Open Standards { JSON } OData
  28. 28. 2,000,000+ active apps Azure Active Directory Cornerstone OnDemand Workplace by Facebook Canvas Concur Salesforce Clever SuccessFactors Google G Suite Workday ServiceNow World’s largest enterprise IDaaS service based on SaaS app user traffic. Request additional integrations at aka.ms/AzureADAppRequest
  29. 29. A complete IAM solution
  30. 30. Federation Server IDP Connector Provisioning Engine HR System(s) App Proxy Event Logs Sign-in provider MFA Server Directory Database(s)
  31. 31. IAM Today Authentication& Authorization Directory Management IdentityGovernance& Administration IdentityforIaaS (VMAccess Management) IdentityDeveloper Platform Customer IAM SingleSignon (SSO + Federation) Identity Governance RBAC Microsoft Identity Platform Azure AD B2C / B2B Multi-Factor Authentication HybridIdentity Passwordless Conditional Access Provisioning Microsoft Graph Identity Protection Secure HybridAccess Group Management Azure AD DS
  32. 32. Microsoft Compliance
  33. 33. What are your biggest challenges? Evolving regulations Discovering data Classifying and mapping data Insider risks Responding to audits and DSRs Securing data Preventing data leaks Influx of data Managing the data lifecycle Multiple point solutions Scaling workflows and processes
  34. 34. Intelligent compliance and risk management solutions Simplify compliance and reduce risk Compliance Management Quickly investigate and respond with relevant data Discover & Respond Protect and govern data wherever it lives Information Protection & Governance Insider Risk Management Identify and take action on critical insider risks
  35. 35. Information Protection & Governance Insider Risk Management Discover & Respond Compliance Management Solutions Microsoft Information protection (MIP) Capabilities DLP (Teams, Endpoint) Microsoft Information Governance (MIG) Records Management Communication Compliance Core eDiscovery Content search Compliance Score Insider Risk Management Advanced Message Encryption Customer Key Customer Lockbox Privileged Access Management Compliance Protect and govern data wherever it lives Identify and take action on insider risk Information Barrier Advanced Auditing Advanced eDiscovery Compliance Manager
  36. 36. Building your own Cybersecurity Framework and how to get started
  37. 37. https://aka.ms/MCRA S3 Azure Active Directory Azure Key Vault Azure Backup GitHub Advanced Security – Secure development and software supply chain Endpoint & Server/VM Office 365 Email and Apps Azure & 3rd party clouds Identity Cloud & On-Premises SaaS Microsoft Cloud App Security Azure Security Center – Cross-Platform Cloud Security Posture Management (CSPM) Other Tools, Logs, and Data Sources B2B B2C Azure Sentinel – Cloud Native SIEM, SOAR, and UEBA for IT, OT, and IoT Azure AD App Proxy Beyond User VPN Security Documentation Microsoft Best Practices Top 10 Benchmarks CAF WAF Security & Other Services Discover Protect Classify Monitor
  38. 38. Security & Compliance Policy Engine Conditional Access App Control Zero Trust User Access https://aka.ms/MCRA
  39. 39. Capability Equivalent Microsoft Product MFA & SSO Azure AD , Azure AD SSO & Azure AD connect Conditional Access Azure AD Conditional Access Privileged Identity Management Azure AD PIM Privileged Access Management MIM PAM RBAC Azure AD RBAC B2B & B2C Azure AD B2B & B2C Identity Governance Azure AD Identity Governance Identity Protection Azure AD Identity Protection Audit logging Azure AD Audit logs SSPR Azure AD SSPR Threat Protection Microsoft Defender for Identity Identity and Access Management domain
  40. 40. Other players in this space  Okta  Ping Identity  Oracle Active Directory Authentication  SailPoint  Oracle  IBM  ForgeRock  Amazon IAM  Google IAM  Thycotic Server  MicroFocus  Auth0
  41. 41. Capability Equivalent Microsoft Product DLP Microsoft Unified DLP Data Discovery MCAS Data Classification AIP/MIP Cloud Access Security Broker MCAS Email Security & Malware Protection EOP & Microsoft Defender for Office 365 Data Protection AIP Office 365 Message Encryption Advanced Message Encryption BYOK, HYOK Microsoft Managed key Customer Key Data Archive Office 365 Archive Data Retention Office 365 retention policies and labels Data Protection domain
  42. 42. Other players in this space  Symantec  Proofpoint  Digital Guardian  Titus  Boldon James  Zix  Vitru  Google  Encase  McAfee  Netskope  Bitglass  Mimecast
  43. 43. Capability Equivalent Microsoft Product Mobile Device Management (MDM) Microsoft Intune Mobile Application Management (MAM) Microsoft Intune Endpoint Management Microsoft Intune, Microsoft Configuration Manager & Microsoft Endpoint Manager Device Enrollment Microsoft Intune Microsoft Endpoint Configuration Manager Windows Autopilot Device Protection Windows Analytics Device Health Windows Hello for Business, Credential Guard and Direct Access Windows Information Protection and Bitlocker Endpoint Security & Encryption Microsoft Defender for Endpoint Microsoft Defender Antivirus and Device Guard Device Protection domain
  44. 44. Other players in this space  VMware Workspace ONE  AirWatch  MobileIron UEM  Citrix Endpoint Management  JAMF Pro  IBM MaaS360  IBM BigFix
  45. 45. Capability Equivalent Microsoft Product Audit Logging Audit logs ( M365 Security center) Discover & Respond ( M365 Compliance center ) SIEM Azure Sentinel Cloud Security Posture Management Azure Security Center Cloud Security for IOT Azure Defender Alerts MCAS XDR Microsoft XDR Logging and Monitoring domain
  46. 46. Other players in this space  Splunk  IBM  Exabeam  Securonix  FireEye  McAfee  Micro Focus  Fortinet  Manage Engine
  47. 47. Capability Equivalent Microsoft Product Information Protection and Governance Microsoft Information Protection DLP for Teams Microsoft Endpoint DLP Microsoft Information Governance Insider Risk Management Insider Risk Management Communication Compliance PAM Information Barrier Discover and Respond Advanced eDiscovery Advanced Audit Compliance Management Compliance Manager Compliance domain
  48. 48. Other players in this space  Broadcom  Proofpoint  McAfee  Titus  Securonix  Smarsh  Dtex  OPENTEXT  Xterrc  Relativity  Brainspace
  49. 49. Microsoft Security , Compliance & Identity Product Portfolio Microsoft Identity Microsoft Security Microsoft Compliance Azure Active Directory Azure AD Groups External Identities Azure AD RBAC Administrative Units Enterprise Appln management Device Management Azure AD App registrations Identity Governance App Proxy Group based license mgmnt PIM/PAM Conditional Access Identity Protection Azure AD Connect Authentication methods Azure AD MFA Password Protection Identity Secure Score Azure AD B2B/B2C Microsoft Defender for Office 365 Microsoft Defender for Endpoint Microsoft Defender for Identity Microsoft Cloud App Security Microsoft Endpoint Manager Microsoft Unified DLP Microsoft Information Protection Unified Auditing EOP Office 365 Message Encryption Azure Sentinel Exchange Transport Rules Microsoft Secure Score Information Protection Information Governance Records Management DLP Advanced Message Encryption Customer Key Insider Risk Management Communication Compliance Customer Lockbox Privileged Access Management Information Barrier eDiscovery Advanced eDiscovery Advanced Auditing Compliance Manager Microsoft Compliance Score
  50. 50. Conclusion  Remote work is here to stay  Cybersecurity is the top priority for many organizations in the new normal  You don’t need to have a Cybersecurity background to deal with Cloud Security but understanding Cloud and other related services is very important  Your organization may not be a Microsoft shop but if you’re able to identity and build your own Cybersecurity framework then your chances of becoming a Rockstar security professional is very high.  There’s no one single person in this planet who has mastered on all cloud services and how they operate , so please don’t get caught up in that dogma .
  51. 51. Key Industry References and Resources https://www.opengroup.org/forum/security Zero Trust Core Principles - https://publications.opengroup.org/security-library/w210 https://www.nist.gov/cyberframework Zero Trust Architecture - https://www.nist.gov/publications/zero-trust-architecture https://www.cisecurity.org/cis-benchmarks/

×