SlideShare a Scribd company logo
1 of 34
Download to read offline
Securing IT Against Modern
Threats with Microsoft 365
Security Tools
MICHAEL NOEL, CCO
Michael Noel
@MichaelTNoel
Authored/Co-authored 20 books including the best-selling
SharePoint, Exchange, and Windows Unleashed series
Presented at over 250 events in 86 unique countries around
the world
Partner at Convergent Computing in the San Francisco Bay
Area (cco.com)
Great to be back in Pune! (Virtually, at least.) Memories from
my first visit to speak at the Pune User Group (PUG) in 2009!
The Evolution of the
Modern Hacker
WHY YOU SHOULD BE VERY CONCERNED
Spear Phishing
◦ Spear Phishing is a common approach used by hackers to target
Executives and/or people in Finance/HR
◦ List of executives is easy to find from LinkedIn
◦ Email address formats are easy to discover
◦ Execs/Finance/HR personnel are targeted with crafted emails
that make it look realistic (i.e. “Bob, here are the latest report
numbers from ProjectX.”)
◦ Emails often have a ‘payload’ that is either attached or is a link to
a nefarious website controlled by the attacker that then performs
‘credential harvesting’ by prompting the user to enter
username/password
◦ Once username and password is obtained, the hacker is then
able to login as that user and perform other lateral attacks or
attempt to exfiltrate financial data or perform unauthorized
transactions.
State Sponsored Attacks
◦ A rising number of hacking cases is coming from
well-organized and well-funded hacking ‘farms’
that are sponsored by nation-states
◦ These hacking organizations are designed to
steal trade and/or national secrets from
organizations in a competing state
◦ Targets are not only defense or NGOs, but also
include ‘regular’ organizations that can be
targeted for financial reasons for for stealing
intellectual property (IP.)
A major issue in recent years has been the rise of so-
called ‘ransomware’ attacks.
These attacks work by using compromised account
credentials to encrypt all data the hacker can find and
then to ‘throw away’ the decryption key and only
make it available after the payment of a
cryptocurrency ‘ransom.’
Aside from paying the ransom (which doesn’t always
work,) the only way to recover from this is via full
restores, which can take days or weeks
Ransomware
The rise in ‘petty theft’ and ‘smash and grab’
theft has led to a rise in the theft of
information devices such as laptops and cell
phones
Thieves are getting more sophisticated and
are starting to go after devices in car trunks
by looking for active Bluetooth signals
Once stolen, if the contents of the device are
not encrypted they are likely to be sold to
competitors and/or other people interested
in the IP
Device Theft
Intellectual Property Loss through
“Oversharing”
Much of the IP that is lost or compromised is
not lost via nefarious means, often it is
simply ‘overshared.’
This is often due to well-meaning individuals
who share documents via links or with poor
security and then the email chain is
publicized.
It can also happen if the proper security
protocols are not chosen during the creation
of cloud services
Passwords are Not as Secure as You Think
Key to password security is not necessarily
length, complexity, or even age; but global
uniqueness
Hackers have access to databases of
‘pwned’ passwords and can run password
hashes against these databases in a matter
of milliseconds
‘Passphrases’ that consist of unique seed
words are infinitely more complex and
much harder to crack (i.e. “Yellow birdseed
hat pumpkin”)
Test your password at
https://haveibeenpwned.com
Cached Credentials
Exploiting Cached credentials on
workstations are a common attack vector
Any user with local admin rights to a
workstation (obtained legitimately or via
phishing) can access the cached credentials
of any other user who logged in at some
point. If the passwords are not sufficiently
complex or match any darknet database
entries, they are EASILY cracked.
Lateral Attacks
Once a hacker has access to some small portion of
your organization, they typically try to then
perform ‘lateral’ attacks on other system,
especially ones that provide for better access.
The goal is to get access to highly privileged
accounts such as the Active Directory ‘Domain
Admins.’
“Golden Ticket” attacks using hacking tools such as
Mimikatz can then leverage elevated domain rights
(i.e. Domain Admin) to hack the krbst account and
create non-expiring ‘Golden Tickets’ that give
unfettered rights to all domain resources
Tips and Tricks to
Protect your IP from
Theft
WHAT DO I DO TO PROTECT MY ORGANIZATION?
Physical
Network
Host
Application
Administration
Data
Defense in Depth Concepts
Defense in Depth is a concept in which your
data is protected by multiple layers, each of
which would need to be compromised
before the data itself is accessed
Focus on all layers of the DiD model when
designing your IT security
Password Best Practices
As previously mentioned, use
passphrases instead of passwords
Don’t change your password as often,
but instead choose globally unique
passwords
Use a password manager tool such as
1Password, LastPass, or the ones
provided by Apple, Google
Never re-use passwords!
Hyperlink Safety
ALWAYS check your hyper-links (right-click if
you can or hover over before you click) to
see if they go to an site that makes sense.
For example, an email from your bank
should go to ‘yourbank.com’ and not
‘susahkaya.net’.
Better yet, NEVER click on links in emails. If
you think an email is legitimate, manually
login to the site by opening a browser and
typing in the site name or using a known-
good bookmark.
Physical Security
Don’t allow ‘tailgating’ into your facilities if you can
physically prevent this. Modern ‘subway-turnstile’
type entryways can help prevent this
Instruct your employees to NEVER plug in loose
thumbdrives into company systems. Dropping
thumbdrives around a facility is a common
approach to planting viruses
Follow best practice protocol around guest wireless
isolation so that guests can’t access anything
internally. This also goes for wired connections
(802.1x is a great way to prevent this.)
Full Disk Encryption
Always use full disk encryption (FDE) on ALL
devices you use, including mobile devices. This
will prevent the loss of data in the event of
device theft.
Force devices to use PINs or Biometrics to
unlock their devices before they are decrypted.
Put policies in place to ‘wipe’ systems remotely
that have been compromised or that have had
too many failed attempts to login.
Data Loss Prevention
Consider the use of Data Loss Prevention
(DLP) technologies that restrict what
happens AFTER the data has been
accessed. This allows for restrictions on
activities such as:
◦ Copy/Paste
◦ Print
◦ Save As.
◦ Programmatically access
◦ Etc.
DLP policies are your best tool to avoid IP theft
Multi-Factor Authentication
And the #1 most important thing you can
enable today to protect your startup is Multi-
factor Authentication (MFA.) This will ensure
that if an attacker gets the username and
password of a user that they won’t be able to
get in as the system will prompt for an
additional factor.
In order of effectiveness, the factors can
include:
◦ SMS Text
◦ Biometrics
◦ Authenticator Apps (MS, Google)
◦ Hardware keys
What Microsoft IT Tools
Can Help Improve
Security?
EXAMINING MICROSOFT CLOUD SECURITY OPTIONS
Microsoft Security in Relation to the
NIST Cyber Security Framework
Identify
• Azure Active
Directory
• Microsoft
Intune
• SCCM
• Microsoft
Defender for
EndPoint
Protect • Azure MFA
• Azure AD Privileged
Identity
Management
• Microsoft Identity
Manager /
Privileged Access
Management
• Azure Information
Protection
• Azure AD Password
Protection
Detect
•Azure Sentinel
•Microsoft
Cloud App
Security
•Microsoft
Defender for
Endpoint
•MDI
•Azure Security
Center
•Azure AD
Identity
Protection
Respond
• Azure
Sentinel
• Microsoft
Defender for
Identity
(Azure ATP)
Recover
• Azure Security
Center
• Azure Backup
Microsoft Cloud App Security
MCAS is a
multimode
Cloud Access
Security Broker
(CASB)
Proactively
identifies
threats across
and in between
cloud platforms
Microsoft 365 Defender
Microsoft 365 Defender
(previously Microsoft Threat
Protection).
Microsoft Defender for
Endpoint (previously Microsoft
Defender Advanced Threat
Protection).
Microsoft Defender for Office
365 (previously Office 365
Advanced Threat Protection).
Microsoft Defender for
Identity (previously Azure
Advanced Threat Protection).
Azure Defender
Azure Defender for
Servers (previously Azure
Security Center Standard
Edition).
Azure Defender for IoT
(previously Azure Security
Center for IoT).
Azure Defender for SQL
(previously Advanced
Threat Protection for SQL).
Microsoft Defender for Identity (MDI)
MDI deploys sensors to domain
controllers to look for behaviors
associated with compromised internal
systems
MDI Sensors perform their calculations
locally and then forward their alerts to
the cloud
MDI Integrates with MCAS to provide a
single console experience for hybrid
events (On-Prem with MDI and Online
with MCAS)
Azure Sentinel
Security Information & Event
Management (SIEM) Platform
built on Azure Monitor
Azure Sentinel provides for
centralized SIEM capabilities
for logs, alerting and providing
for reporting trends
Firewall, switch, Windows, and
Linux logs can all be forwarded
to Sentinel to allow for
retroactive forensics or real-
time alerts
Azure AD Password
Protection
Azure AD Password Protection runs as
agents on all internal domain
controllers that restrict how a password
is constructed.
Azure AD Password Protection allows
for complexity beyond the default
options in an AD environment,
disallowing passwords that are known
to be compromised and/or include key
words
Azure AD Entitlement Management
A component of Azure AD
Identity Governance, Azure AD
Entitlement Management is a
compliance and auditing control
platform that allows
organizations the ability to better
control access to Azure resources
Administrators can created
‘access packages’ to control what
type of rights will be granted,
which approvers can grant those
rights, and when they expire.
Azure AD Privileged Identity
Management (PIM)
A separate component of Azure AD
Identity Governance, Azure AD
Privileged Identity Management (PIM)
allows accounts to be ‘privileged by
request’ and not by default.
Users can initiate requests to raise their
privileged roles, and these requests can
be moderated by admins and/or
monitored.
In the event of a compromise, admin
users will have no special rights until
they have been elevated, which greatly
reduces exposure.
Microsoft Identity Manager / PAM
The On-Prem version of PIM is
integrated into the Microsoft
Identity Manager (MIM) suite in the
form of Privileged Access
Management (PAM.)
PAM works similarly to PIM, with
the exception being that a Bastion
forest is used for accounts with
elevated privileges.
A Bastion forest exists across a one-
way trust and accounts are only
elevated as needed. This leaves
membership in privileged groups
such as ‘Domain Admins’ to very
few active accounts.
Azure Information Protection
Azure Information Protection provides
for the ability to control what happens
to data AFTER it has been accessed.
Azure IP assigns Information Protection
tags to content either manually or via
automatic processes.
The existing Azure Rights Management
Services (Azure RMS) service is now
integrated into Azure RMS.
Hold Your Own Key (HYOK) allows
organizations to secure and encrypt
content using their own private key,
removing Microsoft from data custody.
Demo
Thank you! Questions?
CCO.com
@MichaelTNoel
Linkedin.com/in/michaeltnoel
SharingTheGlobe.com
Slideshare.net/michaeltnoel
Michael Noel

More Related Content

What's hot

National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca...
National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca...National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca...
National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca...Shah Sheikh
 
A holistic approach to risk management 20210210 w acfe france & cyber rea...
A holistic approach to risk management 20210210 w acfe france & cyber rea...A holistic approach to risk management 20210210 w acfe france & cyber rea...
A holistic approach to risk management 20210210 w acfe france & cyber rea...Judith Beckhard Cardoso
 
Cisco Cyber Security Essentials Chapter-1
Cisco Cyber Security Essentials Chapter-1Cisco Cyber Security Essentials Chapter-1
Cisco Cyber Security Essentials Chapter-1Mukesh Chinta
 
Thinking like a hacker - Introducing Hacker Vision
Thinking like a hacker - Introducing Hacker VisionThinking like a hacker - Introducing Hacker Vision
Thinking like a hacker - Introducing Hacker VisionPECB
 
Cyber Security for Digital-Era
Cyber Security for Digital-EraCyber Security for Digital-Era
Cyber Security for Digital-EraJK Tech
 
Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to CybersecurityKrutarth Vasavada
 
ICION 2016 - Cyber Security Governance
ICION 2016 - Cyber Security GovernanceICION 2016 - Cyber Security Governance
ICION 2016 - Cyber Security GovernanceCharles Lim
 
Breaking down the cyber security framework closing critical it security gaps
Breaking down the cyber security framework closing critical it security gapsBreaking down the cyber security framework closing critical it security gaps
Breaking down the cyber security framework closing critical it security gapsIBM Security
 
Netpluz DDoS Mitigation - Managed Cyber Security
Netpluz DDoS Mitigation - Managed Cyber Security Netpluz DDoS Mitigation - Managed Cyber Security
Netpluz DDoS Mitigation - Managed Cyber Security Netpluz Asia Pte Ltd
 
IT Security - Guidelines
IT Security - GuidelinesIT Security - Guidelines
IT Security - GuidelinesPedro Espinosa
 
Avoiding data breach using security intelligence and big data to stay out of ...
Avoiding data breach using security intelligence and big data to stay out of ...Avoiding data breach using security intelligence and big data to stay out of ...
Avoiding data breach using security intelligence and big data to stay out of ...IBM Security
 
Architecting for Security Resilience
Architecting for Security ResilienceArchitecting for Security Resilience
Architecting for Security ResilienceJoel Aleburu
 
CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)
CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)
CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)WAJAHAT IQBAL
 
IMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONS
IMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONSIMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONS
IMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONSPreetiDevidas
 
Symantec 2011 Social Media Protection Flash Poll Global Results
Symantec 2011 Social Media Protection Flash Poll Global ResultsSymantec 2011 Social Media Protection Flash Poll Global Results
Symantec 2011 Social Media Protection Flash Poll Global ResultsSymantec
 
Arbel Zinger | Microsoft Advanced Threat Analytics
Arbel Zinger | Microsoft Advanced Threat AnalyticsArbel Zinger | Microsoft Advanced Threat Analytics
Arbel Zinger | Microsoft Advanced Threat AnalyticsMicrosoft Österreich
 
Security Intelligence: Finding and Stopping Attackers with Big Data Analytics
Security Intelligence: Finding and Stopping Attackers with Big Data AnalyticsSecurity Intelligence: Finding and Stopping Attackers with Big Data Analytics
Security Intelligence: Finding and Stopping Attackers with Big Data AnalyticsIBM Security
 

What's hot (20)

National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca...
National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca...National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca...
National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca...
 
A holistic approach to risk management 20210210 w acfe france & cyber rea...
A holistic approach to risk management 20210210 w acfe france & cyber rea...A holistic approach to risk management 20210210 w acfe france & cyber rea...
A holistic approach to risk management 20210210 w acfe france & cyber rea...
 
Cisco Cyber Security Essentials Chapter-1
Cisco Cyber Security Essentials Chapter-1Cisco Cyber Security Essentials Chapter-1
Cisco Cyber Security Essentials Chapter-1
 
Thinking like a hacker - Introducing Hacker Vision
Thinking like a hacker - Introducing Hacker VisionThinking like a hacker - Introducing Hacker Vision
Thinking like a hacker - Introducing Hacker Vision
 
Cyber Security for Digital-Era
Cyber Security for Digital-EraCyber Security for Digital-Era
Cyber Security for Digital-Era
 
Cybersecurity Training for Nonprofits
Cybersecurity Training for NonprofitsCybersecurity Training for Nonprofits
Cybersecurity Training for Nonprofits
 
Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to Cybersecurity
 
ICION 2016 - Cyber Security Governance
ICION 2016 - Cyber Security GovernanceICION 2016 - Cyber Security Governance
ICION 2016 - Cyber Security Governance
 
Breaking down the cyber security framework closing critical it security gaps
Breaking down the cyber security framework closing critical it security gapsBreaking down the cyber security framework closing critical it security gaps
Breaking down the cyber security framework closing critical it security gaps
 
Netpluz DDoS Mitigation - Managed Cyber Security
Netpluz DDoS Mitigation - Managed Cyber Security Netpluz DDoS Mitigation - Managed Cyber Security
Netpluz DDoS Mitigation - Managed Cyber Security
 
IT Security - Guidelines
IT Security - GuidelinesIT Security - Guidelines
IT Security - Guidelines
 
Avoiding data breach using security intelligence and big data to stay out of ...
Avoiding data breach using security intelligence and big data to stay out of ...Avoiding data breach using security intelligence and big data to stay out of ...
Avoiding data breach using security intelligence and big data to stay out of ...
 
Information & Cyber Security Risk
Information & Cyber Security RiskInformation & Cyber Security Risk
Information & Cyber Security Risk
 
Architecting for Security Resilience
Architecting for Security ResilienceArchitecting for Security Resilience
Architecting for Security Resilience
 
Information security
Information securityInformation security
Information security
 
CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)
CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)
CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)
 
IMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONS
IMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONSIMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONS
IMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONS
 
Symantec 2011 Social Media Protection Flash Poll Global Results
Symantec 2011 Social Media Protection Flash Poll Global ResultsSymantec 2011 Social Media Protection Flash Poll Global Results
Symantec 2011 Social Media Protection Flash Poll Global Results
 
Arbel Zinger | Microsoft Advanced Threat Analytics
Arbel Zinger | Microsoft Advanced Threat AnalyticsArbel Zinger | Microsoft Advanced Threat Analytics
Arbel Zinger | Microsoft Advanced Threat Analytics
 
Security Intelligence: Finding and Stopping Attackers with Big Data Analytics
Security Intelligence: Finding and Stopping Attackers with Big Data AnalyticsSecurity Intelligence: Finding and Stopping Attackers with Big Data Analytics
Security Intelligence: Finding and Stopping Attackers with Big Data Analytics
 

Similar to Securing IT Against Modern Threats with Microsoft Cloud Security Tools - M365 Pune 2021

IT Insecurity - Understanding the Threat of Modern Cyberattacks - DWCNZ 2024
IT Insecurity - Understanding the Threat of Modern Cyberattacks - DWCNZ 2024IT Insecurity - Understanding the Threat of Modern Cyberattacks - DWCNZ 2024
IT Insecurity - Understanding the Threat of Modern Cyberattacks - DWCNZ 2024Michael Noel
 
"Evolving Cybersecurity Strategies" - Identity is the new security boundary
"Evolving Cybersecurity Strategies" - Identity is the new security boundary"Evolving Cybersecurity Strategies" - Identity is the new security boundary
"Evolving Cybersecurity Strategies" - Identity is the new security boundaryDean Iacovelli
 
IT Insecurity - ST Digital Brazzaville
IT Insecurity - ST Digital BrazzavilleIT Insecurity - ST Digital Brazzaville
IT Insecurity - ST Digital BrazzavilleMichael Noel
 
Securely Harden Microsoft 365 with Secure Score
Securely Harden Microsoft 365 with Secure ScoreSecurely Harden Microsoft 365 with Secure Score
Securely Harden Microsoft 365 with Secure ScoreJoel Oleson
 
Running head Cryptography1Cryptography16.docx
Running head Cryptography1Cryptography16.docxRunning head Cryptography1Cryptography16.docx
Running head Cryptography1Cryptography16.docxhealdkathaleen
 
Daniel Grabski | Microsofts cybersecurity story
Daniel Grabski | Microsofts cybersecurity storyDaniel Grabski | Microsofts cybersecurity story
Daniel Grabski | Microsofts cybersecurity storyMicrosoft Österreich
 
Fundamental of ethical hacking
Fundamental of ethical hackingFundamental of ethical hacking
Fundamental of ethical hackingWaseem Rauf
 
Free Guide-to-cybersecurity-fundamentals.pdf
Free Guide-to-cybersecurity-fundamentals.pdfFree Guide-to-cybersecurity-fundamentals.pdf
Free Guide-to-cybersecurity-fundamentals.pdfVarinder K
 
Turning the tables talk delivered at CCISDA conference
Turning the tables talk delivered at CCISDA conferenceTurning the tables talk delivered at CCISDA conference
Turning the tables talk delivered at CCISDA conferenceDean Iacovelli
 
Escalation Procedure In The Workplace
Escalation Procedure In The WorkplaceEscalation Procedure In The Workplace
Escalation Procedure In The WorkplaceJill Bell
 
Elementary-Information-Security-Practices
Elementary-Information-Security-PracticesElementary-Information-Security-Practices
Elementary-Information-Security-PracticesOctogence
 
Webinar Mastering Microsoft Security von Baggenstos
Webinar Mastering Microsoft Security von BaggenstosWebinar Mastering Microsoft Security von Baggenstos
Webinar Mastering Microsoft Security von BaggenstosJenniferMete1
 
How To Plan Successful Encryption Strategy
How To Plan Successful Encryption StrategyHow To Plan Successful Encryption Strategy
How To Plan Successful Encryption StrategyClickSSL
 
LIFT OFF 2017: Ransomware and IR Overview
LIFT OFF 2017: Ransomware and IR OverviewLIFT OFF 2017: Ransomware and IR Overview
LIFT OFF 2017: Ransomware and IR OverviewRobert Herjavec
 
Ethi mini1 - ethical hacking
Ethi mini1 - ethical hackingEthi mini1 - ethical hacking
Ethi mini1 - ethical hackingBeing Uniq Sonu
 
CCI2018 - La "moderna" Sicurezza informatica & Microsoft
CCI2018 - La "moderna" Sicurezza informatica & MicrosoftCCI2018 - La "moderna" Sicurezza informatica & Microsoft
CCI2018 - La "moderna" Sicurezza informatica & Microsoftwalk2talk srl
 
PowerPoint Presentation On Ethical Hacking in Brief (Simple)
PowerPoint Presentation On Ethical Hacking in Brief (Simple)PowerPoint Presentation On Ethical Hacking in Brief (Simple)
PowerPoint Presentation On Ethical Hacking in Brief (Simple)Shivam Sahu
 
Cloud_security.pptx
Cloud_security.pptxCloud_security.pptx
Cloud_security.pptxSofiyaKhan49
 

Similar to Securing IT Against Modern Threats with Microsoft Cloud Security Tools - M365 Pune 2021 (20)

IT Insecurity - Understanding the Threat of Modern Cyberattacks - DWCNZ 2024
IT Insecurity - Understanding the Threat of Modern Cyberattacks - DWCNZ 2024IT Insecurity - Understanding the Threat of Modern Cyberattacks - DWCNZ 2024
IT Insecurity - Understanding the Threat of Modern Cyberattacks - DWCNZ 2024
 
"Evolving Cybersecurity Strategies" - Identity is the new security boundary
"Evolving Cybersecurity Strategies" - Identity is the new security boundary"Evolving Cybersecurity Strategies" - Identity is the new security boundary
"Evolving Cybersecurity Strategies" - Identity is the new security boundary
 
IT Insecurity - ST Digital Brazzaville
IT Insecurity - ST Digital BrazzavilleIT Insecurity - ST Digital Brazzaville
IT Insecurity - ST Digital Brazzaville
 
Securely Harden Microsoft 365 with Secure Score
Securely Harden Microsoft 365 with Secure ScoreSecurely Harden Microsoft 365 with Secure Score
Securely Harden Microsoft 365 with Secure Score
 
Running head Cryptography1Cryptography16.docx
Running head Cryptography1Cryptography16.docxRunning head Cryptography1Cryptography16.docx
Running head Cryptography1Cryptography16.docx
 
Daniel Grabski | Microsofts cybersecurity story
Daniel Grabski | Microsofts cybersecurity storyDaniel Grabski | Microsofts cybersecurity story
Daniel Grabski | Microsofts cybersecurity story
 
Fundamental of ethical hacking
Fundamental of ethical hackingFundamental of ethical hacking
Fundamental of ethical hacking
 
Free Guide-to-cybersecurity-fundamentals.pdf
Free Guide-to-cybersecurity-fundamentals.pdfFree Guide-to-cybersecurity-fundamentals.pdf
Free Guide-to-cybersecurity-fundamentals.pdf
 
Turning the tables talk delivered at CCISDA conference
Turning the tables talk delivered at CCISDA conferenceTurning the tables talk delivered at CCISDA conference
Turning the tables talk delivered at CCISDA conference
 
information security awareness course
information security awareness courseinformation security awareness course
information security awareness course
 
Escalation Procedure In The Workplace
Escalation Procedure In The WorkplaceEscalation Procedure In The Workplace
Escalation Procedure In The Workplace
 
Elementary-Information-Security-Practices
Elementary-Information-Security-PracticesElementary-Information-Security-Practices
Elementary-Information-Security-Practices
 
Webinar Mastering Microsoft Security von Baggenstos
Webinar Mastering Microsoft Security von BaggenstosWebinar Mastering Microsoft Security von Baggenstos
Webinar Mastering Microsoft Security von Baggenstos
 
How To Plan Successful Encryption Strategy
How To Plan Successful Encryption StrategyHow To Plan Successful Encryption Strategy
How To Plan Successful Encryption Strategy
 
LIFT OFF 2017: Ransomware and IR Overview
LIFT OFF 2017: Ransomware and IR OverviewLIFT OFF 2017: Ransomware and IR Overview
LIFT OFF 2017: Ransomware and IR Overview
 
Ethi mini1 - ethical hacking
Ethi mini1 - ethical hackingEthi mini1 - ethical hacking
Ethi mini1 - ethical hacking
 
CCI2018 - La "moderna" Sicurezza informatica & Microsoft
CCI2018 - La "moderna" Sicurezza informatica & MicrosoftCCI2018 - La "moderna" Sicurezza informatica & Microsoft
CCI2018 - La "moderna" Sicurezza informatica & Microsoft
 
Secure the modern Enterprise
Secure the modern EnterpriseSecure the modern Enterprise
Secure the modern Enterprise
 
PowerPoint Presentation On Ethical Hacking in Brief (Simple)
PowerPoint Presentation On Ethical Hacking in Brief (Simple)PowerPoint Presentation On Ethical Hacking in Brief (Simple)
PowerPoint Presentation On Ethical Hacking in Brief (Simple)
 
Cloud_security.pptx
Cloud_security.pptxCloud_security.pptx
Cloud_security.pptx
 

More from Michael Noel

AI is Hacking You - How Cybercriminals Leveral Artificial Intelligence - DWCN...
AI is Hacking You - How Cybercriminals Leveral Artificial Intelligence - DWCN...AI is Hacking You - How Cybercriminals Leveral Artificial Intelligence - DWCN...
AI is Hacking You - How Cybercriminals Leveral Artificial Intelligence - DWCN...Michael Noel
 
Combatting Cyberthreats with Microsoft Defender 365 - CollabDays Finland 2023
Combatting Cyberthreats with Microsoft Defender 365 - CollabDays Finland 2023Combatting Cyberthreats with Microsoft Defender 365 - CollabDays Finland 2023
Combatting Cyberthreats with Microsoft Defender 365 - CollabDays Finland 2023Michael Noel
 
Securing IT Against Modern Threats with Microsoft Cloud Tools - #EUCloudSummi...
Securing IT Against Modern Threats with Microsoft Cloud Tools - #EUCloudSummi...Securing IT Against Modern Threats with Microsoft Cloud Tools - #EUCloudSummi...
Securing IT Against Modern Threats with Microsoft Cloud Tools - #EUCloudSummi...Michael Noel
 
Understanding the Tools and Features of Office 365 : DWT Africa 2018
Understanding the Tools and Features of Office 365 : DWT Africa 2018Understanding the Tools and Features of Office 365 : DWT Africa 2018
Understanding the Tools and Features of Office 365 : DWT Africa 2018Michael Noel
 
SPS Lisbon 2018 - Azure AD Connect Technical Deep Dive
SPS Lisbon 2018 - Azure AD Connect Technical Deep DiveSPS Lisbon 2018 - Azure AD Connect Technical Deep Dive
SPS Lisbon 2018 - Azure AD Connect Technical Deep DiveMichael Noel
 
Azure Active Directory Connect: Technical Deep Dive - DWCAU 2018 Melbourne
Azure Active Directory Connect: Technical Deep Dive - DWCAU 2018 MelbourneAzure Active Directory Connect: Technical Deep Dive - DWCAU 2018 Melbourne
Azure Active Directory Connect: Technical Deep Dive - DWCAU 2018 MelbourneMichael Noel
 
Azure Active Directory Connect: Technical Deep Dive - EU Collab Summit 2018
Azure Active Directory Connect: Technical Deep Dive - EU Collab Summit 2018Azure Active Directory Connect: Technical Deep Dive - EU Collab Summit 2018
Azure Active Directory Connect: Technical Deep Dive - EU Collab Summit 2018Michael Noel
 
Breaking Down the Tools and Features in Office 365 - EU Collab Summit 2018
Breaking Down the Tools and Features in Office 365 - EU Collab Summit 2018Breaking Down the Tools and Features in Office 365 - EU Collab Summit 2018
Breaking Down the Tools and Features in Office 365 - EU Collab Summit 2018Michael Noel
 
Understanding the Tools and Features of Office 365 - New Zealand Digital Work...
Understanding the Tools and Features of Office 365 - New Zealand Digital Work...Understanding the Tools and Features of Office 365 - New Zealand Digital Work...
Understanding the Tools and Features of Office 365 - New Zealand Digital Work...Michael Noel
 
Office 365; A Detailed Analysis - SPS Kampala 2017
Office 365; A Detailed Analysis - SPS Kampala 2017Office 365; A Detailed Analysis - SPS Kampala 2017
Office 365; A Detailed Analysis - SPS Kampala 2017Michael Noel
 
Office 365; une Analyse Détaillée
Office 365; une Analyse Détaillée Office 365; une Analyse Détaillée
Office 365; une Analyse Détaillée Michael Noel
 
AUDWC 2016 - Using SQL Server 20146 AlwaysOn Availability Groups for SharePoi...
AUDWC 2016 - Using SQL Server 20146 AlwaysOn Availability Groups for SharePoi...AUDWC 2016 - Using SQL Server 20146 AlwaysOn Availability Groups for SharePoi...
AUDWC 2016 - Using SQL Server 20146 AlwaysOn Availability Groups for SharePoi...Michael Noel
 
Breaking Down and Understanding Office 365 - SPSJHB 2015
Breaking Down and Understanding Office 365 - SPSJHB 2015Breaking Down and Understanding Office 365 - SPSJHB 2015
Breaking Down and Understanding Office 365 - SPSJHB 2015Michael Noel
 
Understanding Office 365 Service Offerings - O365 Saturday Sydney 2015
Understanding Office 365 Service Offerings - O365 Saturday Sydney 2015Understanding Office 365 Service Offerings - O365 Saturday Sydney 2015
Understanding Office 365 Service Offerings - O365 Saturday Sydney 2015Michael Noel
 
Ultimate SharePoint Infrastructure Best Practises Session - Isle of Man Share...
Ultimate SharePoint Infrastructure Best Practises Session - Isle of Man Share...Ultimate SharePoint Infrastructure Best Practises Session - Isle of Man Share...
Ultimate SharePoint Infrastructure Best Practises Session - Isle of Man Share...Michael Noel
 
SQL 2014 AlwaysOn Availability Groups for SharePoint Farms - SPS Sydney 2014
SQL 2014 AlwaysOn Availability Groups for SharePoint Farms - SPS Sydney 2014SQL 2014 AlwaysOn Availability Groups for SharePoint Farms - SPS Sydney 2014
SQL 2014 AlwaysOn Availability Groups for SharePoint Farms - SPS Sydney 2014Michael Noel
 
SharePoint Сегодня; Как мы докатились сюда и куда идем дальше - SPSBaku - Mic...
SharePoint Сегодня; Как мы докатились сюда и куда идем дальше - SPSBaku - Mic...SharePoint Сегодня; Как мы докатились сюда и куда идем дальше - SPSBaku - Mic...
SharePoint Сегодня; Как мы докатились сюда и куда идем дальше - SPSBaku - Mic...Michael Noel
 
SharePoint Сегодня; Как мы докатились сюда и куда идем дальше - SPCUA - Micha...
SharePoint Сегодня; Как мы докатились сюда и куда идем дальше - SPCUA - Micha...SharePoint Сегодня; Как мы докатились сюда и куда идем дальше - SPCUA - Micha...
SharePoint Сегодня; Как мы докатились сюда и куда идем дальше - SPCUA - Micha...Michael Noel
 
SPSSac2014 - SharePoint Infrastructure Tips and Tricks for On-Premises and Hy...
SPSSac2014 - SharePoint Infrastructure Tips and Tricks for On-Premises and Hy...SPSSac2014 - SharePoint Infrastructure Tips and Tricks for On-Premises and Hy...
SPSSac2014 - SharePoint Infrastructure Tips and Tricks for On-Premises and Hy...Michael Noel
 
IberianSPC - SharePoint 2013 Upgrade
IberianSPC - SharePoint 2013 UpgradeIberianSPC - SharePoint 2013 Upgrade
IberianSPC - SharePoint 2013 UpgradeMichael Noel
 

More from Michael Noel (20)

AI is Hacking You - How Cybercriminals Leveral Artificial Intelligence - DWCN...
AI is Hacking You - How Cybercriminals Leveral Artificial Intelligence - DWCN...AI is Hacking You - How Cybercriminals Leveral Artificial Intelligence - DWCN...
AI is Hacking You - How Cybercriminals Leveral Artificial Intelligence - DWCN...
 
Combatting Cyberthreats with Microsoft Defender 365 - CollabDays Finland 2023
Combatting Cyberthreats with Microsoft Defender 365 - CollabDays Finland 2023Combatting Cyberthreats with Microsoft Defender 365 - CollabDays Finland 2023
Combatting Cyberthreats with Microsoft Defender 365 - CollabDays Finland 2023
 
Securing IT Against Modern Threats with Microsoft Cloud Tools - #EUCloudSummi...
Securing IT Against Modern Threats with Microsoft Cloud Tools - #EUCloudSummi...Securing IT Against Modern Threats with Microsoft Cloud Tools - #EUCloudSummi...
Securing IT Against Modern Threats with Microsoft Cloud Tools - #EUCloudSummi...
 
Understanding the Tools and Features of Office 365 : DWT Africa 2018
Understanding the Tools and Features of Office 365 : DWT Africa 2018Understanding the Tools and Features of Office 365 : DWT Africa 2018
Understanding the Tools and Features of Office 365 : DWT Africa 2018
 
SPS Lisbon 2018 - Azure AD Connect Technical Deep Dive
SPS Lisbon 2018 - Azure AD Connect Technical Deep DiveSPS Lisbon 2018 - Azure AD Connect Technical Deep Dive
SPS Lisbon 2018 - Azure AD Connect Technical Deep Dive
 
Azure Active Directory Connect: Technical Deep Dive - DWCAU 2018 Melbourne
Azure Active Directory Connect: Technical Deep Dive - DWCAU 2018 MelbourneAzure Active Directory Connect: Technical Deep Dive - DWCAU 2018 Melbourne
Azure Active Directory Connect: Technical Deep Dive - DWCAU 2018 Melbourne
 
Azure Active Directory Connect: Technical Deep Dive - EU Collab Summit 2018
Azure Active Directory Connect: Technical Deep Dive - EU Collab Summit 2018Azure Active Directory Connect: Technical Deep Dive - EU Collab Summit 2018
Azure Active Directory Connect: Technical Deep Dive - EU Collab Summit 2018
 
Breaking Down the Tools and Features in Office 365 - EU Collab Summit 2018
Breaking Down the Tools and Features in Office 365 - EU Collab Summit 2018Breaking Down the Tools and Features in Office 365 - EU Collab Summit 2018
Breaking Down the Tools and Features in Office 365 - EU Collab Summit 2018
 
Understanding the Tools and Features of Office 365 - New Zealand Digital Work...
Understanding the Tools and Features of Office 365 - New Zealand Digital Work...Understanding the Tools and Features of Office 365 - New Zealand Digital Work...
Understanding the Tools and Features of Office 365 - New Zealand Digital Work...
 
Office 365; A Detailed Analysis - SPS Kampala 2017
Office 365; A Detailed Analysis - SPS Kampala 2017Office 365; A Detailed Analysis - SPS Kampala 2017
Office 365; A Detailed Analysis - SPS Kampala 2017
 
Office 365; une Analyse Détaillée
Office 365; une Analyse Détaillée Office 365; une Analyse Détaillée
Office 365; une Analyse Détaillée
 
AUDWC 2016 - Using SQL Server 20146 AlwaysOn Availability Groups for SharePoi...
AUDWC 2016 - Using SQL Server 20146 AlwaysOn Availability Groups for SharePoi...AUDWC 2016 - Using SQL Server 20146 AlwaysOn Availability Groups for SharePoi...
AUDWC 2016 - Using SQL Server 20146 AlwaysOn Availability Groups for SharePoi...
 
Breaking Down and Understanding Office 365 - SPSJHB 2015
Breaking Down and Understanding Office 365 - SPSJHB 2015Breaking Down and Understanding Office 365 - SPSJHB 2015
Breaking Down and Understanding Office 365 - SPSJHB 2015
 
Understanding Office 365 Service Offerings - O365 Saturday Sydney 2015
Understanding Office 365 Service Offerings - O365 Saturday Sydney 2015Understanding Office 365 Service Offerings - O365 Saturday Sydney 2015
Understanding Office 365 Service Offerings - O365 Saturday Sydney 2015
 
Ultimate SharePoint Infrastructure Best Practises Session - Isle of Man Share...
Ultimate SharePoint Infrastructure Best Practises Session - Isle of Man Share...Ultimate SharePoint Infrastructure Best Practises Session - Isle of Man Share...
Ultimate SharePoint Infrastructure Best Practises Session - Isle of Man Share...
 
SQL 2014 AlwaysOn Availability Groups for SharePoint Farms - SPS Sydney 2014
SQL 2014 AlwaysOn Availability Groups for SharePoint Farms - SPS Sydney 2014SQL 2014 AlwaysOn Availability Groups for SharePoint Farms - SPS Sydney 2014
SQL 2014 AlwaysOn Availability Groups for SharePoint Farms - SPS Sydney 2014
 
SharePoint Сегодня; Как мы докатились сюда и куда идем дальше - SPSBaku - Mic...
SharePoint Сегодня; Как мы докатились сюда и куда идем дальше - SPSBaku - Mic...SharePoint Сегодня; Как мы докатились сюда и куда идем дальше - SPSBaku - Mic...
SharePoint Сегодня; Как мы докатились сюда и куда идем дальше - SPSBaku - Mic...
 
SharePoint Сегодня; Как мы докатились сюда и куда идем дальше - SPCUA - Micha...
SharePoint Сегодня; Как мы докатились сюда и куда идем дальше - SPCUA - Micha...SharePoint Сегодня; Как мы докатились сюда и куда идем дальше - SPCUA - Micha...
SharePoint Сегодня; Как мы докатились сюда и куда идем дальше - SPCUA - Micha...
 
SPSSac2014 - SharePoint Infrastructure Tips and Tricks for On-Premises and Hy...
SPSSac2014 - SharePoint Infrastructure Tips and Tricks for On-Premises and Hy...SPSSac2014 - SharePoint Infrastructure Tips and Tricks for On-Premises and Hy...
SPSSac2014 - SharePoint Infrastructure Tips and Tricks for On-Premises and Hy...
 
IberianSPC - SharePoint 2013 Upgrade
IberianSPC - SharePoint 2013 UpgradeIberianSPC - SharePoint 2013 Upgrade
IberianSPC - SharePoint 2013 Upgrade
 

Recently uploaded

Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Adtran
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemAsko Soukka
 
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostKubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostMatt Ray
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaborationbruanjhuli
 
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...Aggregage
 
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Websitedgelyza
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationIES VE
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfDianaGray10
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxGDSC PJATK
 
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfJamie (Taka) Wang
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfinfogdgmi
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPathCommunity
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsSeth Reyes
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Commit University
 
Building AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxBuilding AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxUdaiappa Ramachandran
 
VoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXVoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXTarek Kalaji
 
Designing A Time bound resource download URL
Designing A Time bound resource download URLDesigning A Time bound resource download URL
Designing A Time bound resource download URLRuncy Oommen
 
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopBachir Benyammi
 

Recently uploaded (20)

Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystem
 
20230104 - machine vision
20230104 - machine vision20230104 - machine vision
20230104 - machine vision
 
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostKubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
 
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
 
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Website
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptx
 
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdf
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation Developers
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and Hazards
 
201610817 - edge part1
201610817 - edge part1201610817 - edge part1
201610817 - edge part1
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)
 
Building AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxBuilding AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptx
 
VoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXVoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBX
 
Designing A Time bound resource download URL
Designing A Time bound resource download URLDesigning A Time bound resource download URL
Designing A Time bound resource download URL
 
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 Workshop
 

Securing IT Against Modern Threats with Microsoft Cloud Security Tools - M365 Pune 2021

  • 1. Securing IT Against Modern Threats with Microsoft 365 Security Tools MICHAEL NOEL, CCO
  • 2. Michael Noel @MichaelTNoel Authored/Co-authored 20 books including the best-selling SharePoint, Exchange, and Windows Unleashed series Presented at over 250 events in 86 unique countries around the world Partner at Convergent Computing in the San Francisco Bay Area (cco.com)
  • 3. Great to be back in Pune! (Virtually, at least.) Memories from my first visit to speak at the Pune User Group (PUG) in 2009!
  • 4. The Evolution of the Modern Hacker WHY YOU SHOULD BE VERY CONCERNED
  • 5. Spear Phishing ◦ Spear Phishing is a common approach used by hackers to target Executives and/or people in Finance/HR ◦ List of executives is easy to find from LinkedIn ◦ Email address formats are easy to discover ◦ Execs/Finance/HR personnel are targeted with crafted emails that make it look realistic (i.e. “Bob, here are the latest report numbers from ProjectX.”) ◦ Emails often have a ‘payload’ that is either attached or is a link to a nefarious website controlled by the attacker that then performs ‘credential harvesting’ by prompting the user to enter username/password ◦ Once username and password is obtained, the hacker is then able to login as that user and perform other lateral attacks or attempt to exfiltrate financial data or perform unauthorized transactions.
  • 6. State Sponsored Attacks ◦ A rising number of hacking cases is coming from well-organized and well-funded hacking ‘farms’ that are sponsored by nation-states ◦ These hacking organizations are designed to steal trade and/or national secrets from organizations in a competing state ◦ Targets are not only defense or NGOs, but also include ‘regular’ organizations that can be targeted for financial reasons for for stealing intellectual property (IP.)
  • 7. A major issue in recent years has been the rise of so- called ‘ransomware’ attacks. These attacks work by using compromised account credentials to encrypt all data the hacker can find and then to ‘throw away’ the decryption key and only make it available after the payment of a cryptocurrency ‘ransom.’ Aside from paying the ransom (which doesn’t always work,) the only way to recover from this is via full restores, which can take days or weeks Ransomware
  • 8. The rise in ‘petty theft’ and ‘smash and grab’ theft has led to a rise in the theft of information devices such as laptops and cell phones Thieves are getting more sophisticated and are starting to go after devices in car trunks by looking for active Bluetooth signals Once stolen, if the contents of the device are not encrypted they are likely to be sold to competitors and/or other people interested in the IP Device Theft
  • 9. Intellectual Property Loss through “Oversharing” Much of the IP that is lost or compromised is not lost via nefarious means, often it is simply ‘overshared.’ This is often due to well-meaning individuals who share documents via links or with poor security and then the email chain is publicized. It can also happen if the proper security protocols are not chosen during the creation of cloud services
  • 10. Passwords are Not as Secure as You Think Key to password security is not necessarily length, complexity, or even age; but global uniqueness Hackers have access to databases of ‘pwned’ passwords and can run password hashes against these databases in a matter of milliseconds ‘Passphrases’ that consist of unique seed words are infinitely more complex and much harder to crack (i.e. “Yellow birdseed hat pumpkin”) Test your password at https://haveibeenpwned.com
  • 11. Cached Credentials Exploiting Cached credentials on workstations are a common attack vector Any user with local admin rights to a workstation (obtained legitimately or via phishing) can access the cached credentials of any other user who logged in at some point. If the passwords are not sufficiently complex or match any darknet database entries, they are EASILY cracked.
  • 12. Lateral Attacks Once a hacker has access to some small portion of your organization, they typically try to then perform ‘lateral’ attacks on other system, especially ones that provide for better access. The goal is to get access to highly privileged accounts such as the Active Directory ‘Domain Admins.’ “Golden Ticket” attacks using hacking tools such as Mimikatz can then leverage elevated domain rights (i.e. Domain Admin) to hack the krbst account and create non-expiring ‘Golden Tickets’ that give unfettered rights to all domain resources
  • 13. Tips and Tricks to Protect your IP from Theft WHAT DO I DO TO PROTECT MY ORGANIZATION?
  • 14. Physical Network Host Application Administration Data Defense in Depth Concepts Defense in Depth is a concept in which your data is protected by multiple layers, each of which would need to be compromised before the data itself is accessed Focus on all layers of the DiD model when designing your IT security
  • 15. Password Best Practices As previously mentioned, use passphrases instead of passwords Don’t change your password as often, but instead choose globally unique passwords Use a password manager tool such as 1Password, LastPass, or the ones provided by Apple, Google Never re-use passwords!
  • 16. Hyperlink Safety ALWAYS check your hyper-links (right-click if you can or hover over before you click) to see if they go to an site that makes sense. For example, an email from your bank should go to ‘yourbank.com’ and not ‘susahkaya.net’. Better yet, NEVER click on links in emails. If you think an email is legitimate, manually login to the site by opening a browser and typing in the site name or using a known- good bookmark.
  • 17. Physical Security Don’t allow ‘tailgating’ into your facilities if you can physically prevent this. Modern ‘subway-turnstile’ type entryways can help prevent this Instruct your employees to NEVER plug in loose thumbdrives into company systems. Dropping thumbdrives around a facility is a common approach to planting viruses Follow best practice protocol around guest wireless isolation so that guests can’t access anything internally. This also goes for wired connections (802.1x is a great way to prevent this.)
  • 18. Full Disk Encryption Always use full disk encryption (FDE) on ALL devices you use, including mobile devices. This will prevent the loss of data in the event of device theft. Force devices to use PINs or Biometrics to unlock their devices before they are decrypted. Put policies in place to ‘wipe’ systems remotely that have been compromised or that have had too many failed attempts to login.
  • 19. Data Loss Prevention Consider the use of Data Loss Prevention (DLP) technologies that restrict what happens AFTER the data has been accessed. This allows for restrictions on activities such as: ◦ Copy/Paste ◦ Print ◦ Save As. ◦ Programmatically access ◦ Etc. DLP policies are your best tool to avoid IP theft
  • 20. Multi-Factor Authentication And the #1 most important thing you can enable today to protect your startup is Multi- factor Authentication (MFA.) This will ensure that if an attacker gets the username and password of a user that they won’t be able to get in as the system will prompt for an additional factor. In order of effectiveness, the factors can include: ◦ SMS Text ◦ Biometrics ◦ Authenticator Apps (MS, Google) ◦ Hardware keys
  • 21. What Microsoft IT Tools Can Help Improve Security? EXAMINING MICROSOFT CLOUD SECURITY OPTIONS
  • 22. Microsoft Security in Relation to the NIST Cyber Security Framework Identify • Azure Active Directory • Microsoft Intune • SCCM • Microsoft Defender for EndPoint Protect • Azure MFA • Azure AD Privileged Identity Management • Microsoft Identity Manager / Privileged Access Management • Azure Information Protection • Azure AD Password Protection Detect •Azure Sentinel •Microsoft Cloud App Security •Microsoft Defender for Endpoint •MDI •Azure Security Center •Azure AD Identity Protection Respond • Azure Sentinel • Microsoft Defender for Identity (Azure ATP) Recover • Azure Security Center • Azure Backup
  • 23. Microsoft Cloud App Security MCAS is a multimode Cloud Access Security Broker (CASB) Proactively identifies threats across and in between cloud platforms
  • 24. Microsoft 365 Defender Microsoft 365 Defender (previously Microsoft Threat Protection). Microsoft Defender for Endpoint (previously Microsoft Defender Advanced Threat Protection). Microsoft Defender for Office 365 (previously Office 365 Advanced Threat Protection). Microsoft Defender for Identity (previously Azure Advanced Threat Protection).
  • 25. Azure Defender Azure Defender for Servers (previously Azure Security Center Standard Edition). Azure Defender for IoT (previously Azure Security Center for IoT). Azure Defender for SQL (previously Advanced Threat Protection for SQL).
  • 26. Microsoft Defender for Identity (MDI) MDI deploys sensors to domain controllers to look for behaviors associated with compromised internal systems MDI Sensors perform their calculations locally and then forward their alerts to the cloud MDI Integrates with MCAS to provide a single console experience for hybrid events (On-Prem with MDI and Online with MCAS)
  • 27. Azure Sentinel Security Information & Event Management (SIEM) Platform built on Azure Monitor Azure Sentinel provides for centralized SIEM capabilities for logs, alerting and providing for reporting trends Firewall, switch, Windows, and Linux logs can all be forwarded to Sentinel to allow for retroactive forensics or real- time alerts
  • 28. Azure AD Password Protection Azure AD Password Protection runs as agents on all internal domain controllers that restrict how a password is constructed. Azure AD Password Protection allows for complexity beyond the default options in an AD environment, disallowing passwords that are known to be compromised and/or include key words
  • 29. Azure AD Entitlement Management A component of Azure AD Identity Governance, Azure AD Entitlement Management is a compliance and auditing control platform that allows organizations the ability to better control access to Azure resources Administrators can created ‘access packages’ to control what type of rights will be granted, which approvers can grant those rights, and when they expire.
  • 30. Azure AD Privileged Identity Management (PIM) A separate component of Azure AD Identity Governance, Azure AD Privileged Identity Management (PIM) allows accounts to be ‘privileged by request’ and not by default. Users can initiate requests to raise their privileged roles, and these requests can be moderated by admins and/or monitored. In the event of a compromise, admin users will have no special rights until they have been elevated, which greatly reduces exposure.
  • 31. Microsoft Identity Manager / PAM The On-Prem version of PIM is integrated into the Microsoft Identity Manager (MIM) suite in the form of Privileged Access Management (PAM.) PAM works similarly to PIM, with the exception being that a Bastion forest is used for accounts with elevated privileges. A Bastion forest exists across a one- way trust and accounts are only elevated as needed. This leaves membership in privileged groups such as ‘Domain Admins’ to very few active accounts.
  • 32. Azure Information Protection Azure Information Protection provides for the ability to control what happens to data AFTER it has been accessed. Azure IP assigns Information Protection tags to content either manually or via automatic processes. The existing Azure Rights Management Services (Azure RMS) service is now integrated into Azure RMS. Hold Your Own Key (HYOK) allows organizations to secure and encrypt content using their own private key, removing Microsoft from data custody.
  • 33. Demo