The document discusses encryption in Microsoft 365. It provides an overview of encryption for data at rest and in transit in Microsoft 365. It describes different encryption methods like Bitlocker, per-file encryption, data encryption policies, and transport layer security. It also discusses sensitivity labels, customer key encryption, double key encryption, and Office 365 message encryption. The presentation includes demos of configuring encryption settings in labels and using Office 365 message encryption.
Microsoft Information Protection demystified Albert HoitinghAlbert Hoitingh
This session was presented at the North American Collaboration Summit 2022. It covers the many technical aspects of Microsoft Purview Information Protection.
Microsoft Information Protection: Your Security and Compliance FrameworkAlistair Pugin
Its one thing encrypting and protecting your data from prying eyes but what use is it, if it is not retained or protected against loss. With Microsoft Information Protection, Microsoft provides organisations the ability to:
• Protection content from deletion
• Adhere to compliance standards (GDPR, HIPAA, etc)
• Discover content for litigation
• Manage access to content based on rules
By implementing the correct rules, organisations are able to mitigate risk and remain compliant and at the same time ensure that content is identified, classified, retained and disposed of accordingly.
Protect your business with a universal identity platform
The Azure Active Directory (Azure AD) enterprise identity service provides single sign-on and multi-factor authentication to help protect your users from 99.9 percent of cybersecurity attacks.
Gartner named Microsoft a leader in Magic Quadrant 2020 for Access Management
Single sign-on simplifies access to your apps from anywhere
Conditional Access and multi-factor authentication help protect and govern access
A single identity platform lets you engage with internal and external users more securely
Developer tools make it easy to integrate identity into your apps and services
Connect your workforce
Whether people are on-site or remote, give them seamless access to all their apps so they can stay productive from anywhere. Automate workflows for user lifecycle and provisioning. Save time and resources with self-service management.
Choose from thousands of SaaS apps
Simplify single sign-on. Azure AD supports thousands of pre-integrated software as a service (SaaS) applications.
Protect and govern access
Safeguard user credentials by enforcing strong authentication and conditional access policies. Efficiently manage your identities by ensuring that the right people have the right access to the right resources.
Engage with your customers and partners
Secure and manage customers and partners beyond your organizational boundaries, with one identity solution. Customize user journeys and simplify authentication with social identity and more.
Integrate identity into your apps
Accelerate adoption of your application in the enterprise by supporting single sign-on and user provisioning. Reduce sign-in friction and automate the creation, removal, and maintenance of user accounts.
Microsoft Information Protection demystified Albert HoitinghAlbert Hoitingh
This session was presented at the North American Collaboration Summit 2022. It covers the many technical aspects of Microsoft Purview Information Protection.
Microsoft Information Protection: Your Security and Compliance FrameworkAlistair Pugin
Its one thing encrypting and protecting your data from prying eyes but what use is it, if it is not retained or protected against loss. With Microsoft Information Protection, Microsoft provides organisations the ability to:
• Protection content from deletion
• Adhere to compliance standards (GDPR, HIPAA, etc)
• Discover content for litigation
• Manage access to content based on rules
By implementing the correct rules, organisations are able to mitigate risk and remain compliant and at the same time ensure that content is identified, classified, retained and disposed of accordingly.
Protect your business with a universal identity platform
The Azure Active Directory (Azure AD) enterprise identity service provides single sign-on and multi-factor authentication to help protect your users from 99.9 percent of cybersecurity attacks.
Gartner named Microsoft a leader in Magic Quadrant 2020 for Access Management
Single sign-on simplifies access to your apps from anywhere
Conditional Access and multi-factor authentication help protect and govern access
A single identity platform lets you engage with internal and external users more securely
Developer tools make it easy to integrate identity into your apps and services
Connect your workforce
Whether people are on-site or remote, give them seamless access to all their apps so they can stay productive from anywhere. Automate workflows for user lifecycle and provisioning. Save time and resources with self-service management.
Choose from thousands of SaaS apps
Simplify single sign-on. Azure AD supports thousands of pre-integrated software as a service (SaaS) applications.
Protect and govern access
Safeguard user credentials by enforcing strong authentication and conditional access policies. Efficiently manage your identities by ensuring that the right people have the right access to the right resources.
Engage with your customers and partners
Secure and manage customers and partners beyond your organizational boundaries, with one identity solution. Customize user journeys and simplify authentication with social identity and more.
Integrate identity into your apps
Accelerate adoption of your application in the enterprise by supporting single sign-on and user provisioning. Reduce sign-in friction and automate the creation, removal, and maintenance of user accounts.
This is Microsoft Azure Information Protection which helps you out to protect your data being accessible to the unauthorized users. This is an overview for the AIP
Labelling in Microsoft 365 - Retention & SensitivityDrew Madelung
Are you classifying your data in Microsoft 365? You can add data classifications using sensitivity and retention labels but they do two very different things. In this session I will break down what the label options are, how you can use them, and why you should deploy them in your organization to keep your content compliant and secure.
Securing sensitive data with Azure Key VaultTom Kerkhove
As a developer you often have to use & store a lot of sensitive data going from service credentials to connection strings or even encryption keys. But how do I store these in a secure way? How do I know who has access to them and how do I prevent people from copying them and abusing them? On the other hand, SaaS customers have no clue how you store their sensitive data and how they use it. How can they monitor that? How can they revoke your access easily?
Watch the recording here - http://azug.be/2015-05-05---securing-sensitive-data-with-azure-key-vault
This is the slide deck used on my webinar session titled " Fundamentals of Microsoft 365 security , Identity and Compliance" .You can find the recording of this webinar here : https://youtu.be/akrEnqK6Dsc
Deploy a DoD Secure Cloud Computing Architecture Environment in AWS | AWS Pub...Amazon Web Services
The Department of Defense's Secure Cloud Computing Architecture (SCCA) guidance provides DoD mission owners the security requirements for building a DoD compliant and secure application environment in the cloud. This session will review the DoD Cloud Security Requirements Guide and the DoD SCCA pillars and how they apply to AWS services. We will demonstrate how to build a DoD SCCA environment through automation and configuration management tools as well as discuss how to document security controls implementations. We will answer common questions, such as: how do we connect to a DoD Cloud Access Point? How do we implement a least privilege access control model? And how do we automate security event notifications and remediate issues? This session is designed for both technical and information assurance professionals that want to understand the process to move DoD systems into AWS, secure them, and get them accredited. Learn More: https://aws.amazon.com/government-education/
Deploy a DoD Secure Cloud Computing Architecture Environment in AWSAmazon Web Services
The Department of Defense's Secure Cloud Computing Architecture (SCCA) guidance provides DoD mission owners the security requirements for building a DoD compliant and secure application environment in the cloud. This session will review the DoD Cloud Security Requirements Guide and the DoD SCCA pillars and how they apply to AWS services. We will demonstrate how to build a DoD SCCA environment through automation and configuration management tools as well as discuss how to document security controls implementations. We will answer common questions, such as: how do we connect to a DoD Cloud Access Point? How do we implement a least privilege access control model? And how do we automate security event notifications and remediate issues? This session is designed for both technical and information assurance professionals that want to understand the process to move DoD systems into AWS, secure them, and get them accredited.
Microsoft Security - New Capabilities In Microsoft 365 E5 PlansDavid J Rosenthal
Cyberspace is the new battlefield:
We’re seeing attacks on civilians and organizations from nation states. Attacks are no longer just against governments or enterprise systems directly. We’re seeing attacks against private property—the mobile devices we carry around everyday, the laptop on our desks—and public infrastructure. What started a decade-and-a-half ago as a sense that there were some teenagers in the basement hacking their way has moved far beyond that. It has morphed into sophisticated international organized crime and, worse, sophisticated nation state attacks.
Personnel and resources are limited:
According to an annual survey of 620 IT professional across North America and Western Europe from ESG, 51% respondents claim their organization had a problem of shortage of cybersecurity skills—up from 23% in 2014.1 The security landscape is getting more complicated and the stakes are rising, but many enterprises don’t have the resources they need to meet their security needs.
Virtually anything can be corrupted:
The number of connected devices in 2018 is predict to top 11 billion – not including computers and phones. As we connect virtually everything, anything can be disrupted. Everything from the cloud to the edge needs to be considered and protected
March 2023 CIAOPS Need to Know WebinarRobert Crane
Slides from CIAOPS March 2023 webinar that provided Microsoft 365 news update, open Q & A as well as a focus session on Microsoft 365 Information Protection best practices. Video recording is available at www.ciaopsacademy.com
Cyberspace is the new battlefield:
We’re seeing attacks on civilians and organizations from nation states. Attacks are no longer just against governments or enterprise systems directly. We’re seeing attacks against private property—the mobile devices we carry around everyday, the laptop on our desks—and public infrastructure. What started a decade-and-a-half ago as a sense that there were some teenagers in the basement hacking their way has moved far beyond that. It has morphed into sophisticated international organized crime and, worse, sophisticated nation state attacks.
Personnel and resources are limited:
According to an annual survey of 620 IT professional across North America and Western Europe from ESG, 51% respondents claim their organization had a problem of shortage of cybersecurity skills—up from 23% in 2014.1 The security landscape is getting more complicated and the stakes are rising, but many enterprises don’t have the resources they need to meet their security needs.
Virtually anything can be corrupted:
The number of connected devices in 2018 is predict to top 11 billion – not including computers and phones. As we connect virtually everything, anything can be disrupted. Everything from the cloud to the edge needs to be considered and protected.2
With a minimum security baseline in place, you’re now ready to host data—which means Data Protection is required. Here we will discuss defining encryption strategy and selecting native AWS (KMS, CloudHSM) or third party tools; defining key rotation and key protection mechanisms; and defining data at rest and data in transit protection requirements.
A description of Azure Key Vault. Why do we need Azure Key Vault where does it fit in a solution. The details of storing keys, secrets and certificate inside of key vault. Using key vault for encryption and decryption of data
Modern Workplace Conference 2022 - Paris Microsoft Information Protection Dem...Albert Hoitingh
In this session, I went into any nook and cranny regarding Microsoft Information Protection. Labels, auto-classification, and PowerShell - all were part of this session.
Scottish Summit 2022 - Microsoft Information Protection de-mystifiedAlbert Hoitingh
In this session for the 2022 edition of the Scottish Summit in Glasgow, I presented on Microsoft Information Protection. Subjects included the different clients, auto-classification, email protection and customization options using PowerShell
This is Microsoft Azure Information Protection which helps you out to protect your data being accessible to the unauthorized users. This is an overview for the AIP
Labelling in Microsoft 365 - Retention & SensitivityDrew Madelung
Are you classifying your data in Microsoft 365? You can add data classifications using sensitivity and retention labels but they do two very different things. In this session I will break down what the label options are, how you can use them, and why you should deploy them in your organization to keep your content compliant and secure.
Securing sensitive data with Azure Key VaultTom Kerkhove
As a developer you often have to use & store a lot of sensitive data going from service credentials to connection strings or even encryption keys. But how do I store these in a secure way? How do I know who has access to them and how do I prevent people from copying them and abusing them? On the other hand, SaaS customers have no clue how you store their sensitive data and how they use it. How can they monitor that? How can they revoke your access easily?
Watch the recording here - http://azug.be/2015-05-05---securing-sensitive-data-with-azure-key-vault
This is the slide deck used on my webinar session titled " Fundamentals of Microsoft 365 security , Identity and Compliance" .You can find the recording of this webinar here : https://youtu.be/akrEnqK6Dsc
Deploy a DoD Secure Cloud Computing Architecture Environment in AWS | AWS Pub...Amazon Web Services
The Department of Defense's Secure Cloud Computing Architecture (SCCA) guidance provides DoD mission owners the security requirements for building a DoD compliant and secure application environment in the cloud. This session will review the DoD Cloud Security Requirements Guide and the DoD SCCA pillars and how they apply to AWS services. We will demonstrate how to build a DoD SCCA environment through automation and configuration management tools as well as discuss how to document security controls implementations. We will answer common questions, such as: how do we connect to a DoD Cloud Access Point? How do we implement a least privilege access control model? And how do we automate security event notifications and remediate issues? This session is designed for both technical and information assurance professionals that want to understand the process to move DoD systems into AWS, secure them, and get them accredited. Learn More: https://aws.amazon.com/government-education/
Deploy a DoD Secure Cloud Computing Architecture Environment in AWSAmazon Web Services
The Department of Defense's Secure Cloud Computing Architecture (SCCA) guidance provides DoD mission owners the security requirements for building a DoD compliant and secure application environment in the cloud. This session will review the DoD Cloud Security Requirements Guide and the DoD SCCA pillars and how they apply to AWS services. We will demonstrate how to build a DoD SCCA environment through automation and configuration management tools as well as discuss how to document security controls implementations. We will answer common questions, such as: how do we connect to a DoD Cloud Access Point? How do we implement a least privilege access control model? And how do we automate security event notifications and remediate issues? This session is designed for both technical and information assurance professionals that want to understand the process to move DoD systems into AWS, secure them, and get them accredited.
Microsoft Security - New Capabilities In Microsoft 365 E5 PlansDavid J Rosenthal
Cyberspace is the new battlefield:
We’re seeing attacks on civilians and organizations from nation states. Attacks are no longer just against governments or enterprise systems directly. We’re seeing attacks against private property—the mobile devices we carry around everyday, the laptop on our desks—and public infrastructure. What started a decade-and-a-half ago as a sense that there were some teenagers in the basement hacking their way has moved far beyond that. It has morphed into sophisticated international organized crime and, worse, sophisticated nation state attacks.
Personnel and resources are limited:
According to an annual survey of 620 IT professional across North America and Western Europe from ESG, 51% respondents claim their organization had a problem of shortage of cybersecurity skills—up from 23% in 2014.1 The security landscape is getting more complicated and the stakes are rising, but many enterprises don’t have the resources they need to meet their security needs.
Virtually anything can be corrupted:
The number of connected devices in 2018 is predict to top 11 billion – not including computers and phones. As we connect virtually everything, anything can be disrupted. Everything from the cloud to the edge needs to be considered and protected
March 2023 CIAOPS Need to Know WebinarRobert Crane
Slides from CIAOPS March 2023 webinar that provided Microsoft 365 news update, open Q & A as well as a focus session on Microsoft 365 Information Protection best practices. Video recording is available at www.ciaopsacademy.com
Cyberspace is the new battlefield:
We’re seeing attacks on civilians and organizations from nation states. Attacks are no longer just against governments or enterprise systems directly. We’re seeing attacks against private property—the mobile devices we carry around everyday, the laptop on our desks—and public infrastructure. What started a decade-and-a-half ago as a sense that there were some teenagers in the basement hacking their way has moved far beyond that. It has morphed into sophisticated international organized crime and, worse, sophisticated nation state attacks.
Personnel and resources are limited:
According to an annual survey of 620 IT professional across North America and Western Europe from ESG, 51% respondents claim their organization had a problem of shortage of cybersecurity skills—up from 23% in 2014.1 The security landscape is getting more complicated and the stakes are rising, but many enterprises don’t have the resources they need to meet their security needs.
Virtually anything can be corrupted:
The number of connected devices in 2018 is predict to top 11 billion – not including computers and phones. As we connect virtually everything, anything can be disrupted. Everything from the cloud to the edge needs to be considered and protected.2
With a minimum security baseline in place, you’re now ready to host data—which means Data Protection is required. Here we will discuss defining encryption strategy and selecting native AWS (KMS, CloudHSM) or third party tools; defining key rotation and key protection mechanisms; and defining data at rest and data in transit protection requirements.
A description of Azure Key Vault. Why do we need Azure Key Vault where does it fit in a solution. The details of storing keys, secrets and certificate inside of key vault. Using key vault for encryption and decryption of data
Modern Workplace Conference 2022 - Paris Microsoft Information Protection Dem...Albert Hoitingh
In this session, I went into any nook and cranny regarding Microsoft Information Protection. Labels, auto-classification, and PowerShell - all were part of this session.
Scottish Summit 2022 - Microsoft Information Protection de-mystifiedAlbert Hoitingh
In this session for the 2022 edition of the Scottish Summit in Glasgow, I presented on Microsoft Information Protection. Subjects included the different clients, auto-classification, email protection and customization options using PowerShell
This presentation was used for a session on the North American Collaboration Summit (NACS) 2019. The session explains what options are available to detect, classify and protect content using Azure Information Protection, when stored in SharePoint (on-premises/cloud).
Envision it SharePoint Extranet Webinar Series - Federation and Office 365Envision IT
In this Webinar, Envision IT demonstrates how to set up ADFS so that staff are automatically signed in to their corporate network, and external users are provided with a rich login experience. View more details and the webinar recording here:
http://www.envisionit.com/products/events/Pages/SharePoint-Extranet-Spring-Webinar-Series-Federation-and-Office-365.aspx
In this session I go over the functional and management side of Azure Information Protection. The new Office 365 Sensitvity labels were also discussed and demonstrated.
Are you looking to SharePoint for advanced collaboration, but are not sure whether to deploy in-house or in the cloud? Perhaps you already have SharePoint, need to upgrade, but are not sold on the path that's right for you.
Scottish Summit - Azure Information Protection and SharePoint 2020Albert Hoitingh
Azure Information Protection is Microsoft's solution for classifying and protecting documents, regardless of their location. As many documents are stored in SharePoint (either on-premise or Online), many organisations want to label and protect these as-well.
In order to use Azure Information Protection with SharePoint on-premise we will need the Azure Information Protection scanner. For SharePoint Online we need Cloud App Security. In this session, Albert will describe Azure Information Protection and show how the scanner and Cloud App Security allow you to label (and protect) documents. Preview functionalitity from Ignite 2019 is also part of the session.
SPSNL17 - Azure AD B2B - Safe collaboration has never been that easy!Anco Stuij
Safe and easy collaboration with third parties, it’s possible for every organization with Azure AD B2B. This solution is even more powerful through integration with Line of Business applications such as Salesforce, SAP, Exact and Dynamics 365. We will show you this during this interactive presentation. After adding a contact in Dynamics 365, a personalized invitation is automatically sent through an Azure Function that invokes the Microsoft Graph invitation manager. Upon acceptance of the invitation, the contact has access to a SharePoint Online customer portal with its own account. After this interactive presentation you have insight into account provisioning via Azure AD B2B in combination with Dynamics 365.
Building the Perfect Microsoft 365 Tenant - Scottish Summit 2020Chirag Patel
Microsoft 365 has come a long way with tons of productivity apps and tools and enticing features to help businesses stay ahead of their competitors with two-speed IT providers. There is a lot of information and guidance out there but it can be difficult to follow the right direction and approach to implementing Office 365 for your organisation. This session will walk through the process of getting you started giving you an overview of all the capabilities, components and common scenarios that require consideration for successfully building your Microsoft 365 tenant.
Presentation on how Microsoft Dynamics 365 is more powerful resource when connected to Microsoft 365. Reviewing all Office 365 services and their relation to Dynamics 365, that bring new level of productivity and collaboration.
5 Security Questions To Ask When Deploying O365Bitglass
Migrating to Office 365 introduces several new avenues for data leakage: one-click sharing, desktop sync clients, unmanaged device access, and more. Particularly risky for organizations subject to compliance mandates. In this webinar, we'll detail the security gaps in Office 365 and explore how new approaches to cloud security can help mitigate the threat of data leakage with real-world use cases. Join our webinar to find out which questions you should be asking about Office 365 security.
How to Get Nonprofit Office 365 Cloud SubscriptionsTechSoup
Have you heard about Microsoft Office 365 and are ready to use Microsoft cloud solutions, but unsure of how to get started? We’ll walk you through what subscriptions are available to nonprofits, how you can learn more about making the right choices for your organization, and your options for how to request the licenses you need. This webinar is best suited for those who are ready to explore moving to Office 365 or that already have a Microsoft nonprofit cloud account set up. In this webinar, we will discuss:
- What Office 365 licenses are available to nonprofits
- How to get qualified for purchasing licenses
- Requesting your licenses
- Ways TechSoup can help you through this process
Understanding Security and Compliance in Microsoft Teams - M365 Saturday Bang...Chirag Patel
Did you know there are about 25 key security and privacy features in Microsoft Teams to keep your organisation secure and compliant? We will cover what these features are as overview and deep dive with some of them so you can apply it to your Microsoft Teams environment.
Similar to CollabDays NL 2022 - Albert Hoitingh - Encryption in M365 - Slideshare.pptx (20)
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Meetup DIWUG Januari 2024 - Data Loss PreventionAlbert Hoitingh
This presentation was used during the meetup of the Dutch Information Worker User Group (DIwug) on Januari 2024. It covers all aspects of Microsoft Purview Data Loss Prevention, including endpoint DLP.
Microsoft Purview Information Barriers and Communication Compliance and Micro...Albert Hoitingh
In this session for the European Collaboration Summit 2023, I talked about two insider risk prevention components: information barriers and communication compliance.
Teams Day Online V - Information Barriers - Communication Compliance and Micr...Albert Hoitingh
In this session you will learn about more complex Microsoft 365 (E5) compliance functionality - information barriers (Chinese Walls) and communications compliance.
Microsoft 365 Chicago - eDiscovery and Microsoft TeamsAlbert Hoitingh
In this session, the concepts of eDiscovery in Microsoft 365 are discussed, as well as the architecture for Microsoft Teams. We will look at how these work and don't work together.
During this session for Teams Day Online 2021 I explained the concepts of eDiscovery and showed how information from Microsoft Teams can be discovered using core and advanced eDiscovery.
Microsoft 365 Security & Compliance User Group - Microsoft Teams compliance Albert Hoitingh
In this session I discussed the storage locations for the Microsoft Teams components and how to use eDiscovery to get there. I also discussed information protection and information compliance.
During the 24th of October CollabDays BeNeLux, I did a session on the current and new functions for Information Protection. Including endpoint DLP. These are the slides for this session.
Microsoft 365 UK Usergroup 2020 Sensitivity labelsAlbert Hoitingh
In this session I talked about and demo-ed new Microsoft Information Protection features as announced during Ignite 2019. Auto-classification for data at rest, Office Online integration, trainable classifiers and more.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
UiPath Test Automation using UiPath Test Suite series, part 4
CollabDays NL 2022 - Albert Hoitingh - Encryption in M365 - Slideshare.pptx
1. #CollabDaysNL | @CollabDaysNL | www.collabdays.org/2022-nl
Albert Hoitingh
Sr. consultant Microsoft Purview | InSpark | NL
Encryption in Microsoft 365
4. #CollabDaysNL | @CollabDaysNL | www.collabdays.org/2022-nl
• Microsoft 365 Encryption
• Microsoft Information Protection
• Office 365 Message Encryption
• Advanced settings
• Heads ups
TODAY’S SESSION
5. …the FBI recovered a blue 16GB SanDisk SD card…
…the SD card was wrapped in plastic and placed between two
slices of bread on half of a peanut butter sandwich….
Picture and information curtesy of: How a Navy veteran
allegedly stole classified submarine docs (taskandpurpose.com)
7. Encryption for
Microsoft 365
• Data at rest
• Data in transit
• Specific functions:
• Microsoft Information Protection
• Information Rights Management
• Office 365 Message Encryption
8.
9. Licensing considerations
• Office/Microsoft 365 E3
• Microsoft 365 E5 Compliance
• E5 eDiscovery & Audit:
• Advanced eDiscovery
• E5 Information Protection & Governance:
• Customer Key
• Double Key Encryption
• Advanced Message Encryption
Notes
• Auto-classification is included in E5
Information Protection & Governance
#CollabDaysNL | @CollabDaysNL | www.collabdays.org/2022-nl
10. Microsoft 365
Data at rest
• Bitlocker (many levels)
• Per-file encryption (every file and file-
update uses a unique encryption key)
• Data encryption policies (DEP)
• SharePoint Online and OneDrive for
Business
• Exchange Online
• All other Microsoft 365 services and
Microsoft Information Protection
#CollabDaysNL | @CollabDaysNL | www.collabdays.org/2022-nl
11. Microsoft 365
Data in transit
• (Mutual) Transport Layer Security
(MTLS/TLS)
• Secure Real-Time Transport Protocol
(SRTP)
• Exchange IRM – s/MIME – OME
#CollabDaysNL | @CollabDaysNL | www.collabdays.org/2022-nl
12. Encryption keys for
Microsoft 365
• Microsoft managed
• Customer Key / Bring Your Own Key (BYOK)
• Double Key (Microsoft Information
Protection)
#CollabDaysNL | @CollabDaysNL | www.collabdays.org/2022-nl
13. Customer Key for
Microsoft 365
• Organization provides and controls
encryption keys
• Does not prevent access to data from
Microsoft personnel
• Can be set for different DEP’s
• Uses Azure Key Vault and Hardware
Security Modules (HSM) – requires at
least 1024 bits for MIP.
#CollabDaysNL | @CollabDaysNL | www.collabdays.org/2022-nl
14. Double Key for
Microsoft Information
Protection
• For specific compliance reasons
• Can be set on the label
• Complex to implement and maintain
• Content is encrypted using the tenant key
and your own key
Notes
• Only works for Office apps and the
labeling client
• Restricts transport | Microsoft Delve |
eDiscovery | Content search/indexing |
Office Web Apps & co-authoring
#CollabDaysNL | @CollabDaysNL | www.collabdays.org/2022-nl
16. Information Rights
Management (IRM)
• Only works for Office and PDF documents
• Works for documents in library and lists
• Requires AD RMS
• Somewhat limited (introduced in SP2010!)
• Use sensitivity labels instead
Notes
• Does not allow for co-authoring in the
Office apps
• Does not support Office Online
• https://<SPADMIN>.sharepoint.com/_layouts
/15/online/TenantSettings.aspx
#CollabDaysNL | @CollabDaysNL | www.collabdays.org/2022-nl
18. Documents and e-mails
• Label applied to document/e-mail
• Label added as metadata, stays with document
• Can be configured to:
- Apply visual markings
- Encrypt the document
- Allow offline access
- Work within DLP policies
• Works with a hierarchy, parents and sublabels
• Does not provide retention!
#CollabDaysNL | @CollabDaysNL | www.collabdays.org/2022-nl
19. Encryption and labels
• Uses Azure Rights Management and Azure AD accounts
• RMS Connector for Exchange on-premises
Microsoft Managed (Azure) key details
• Symmetric AES 128/256 bit
• Key protection: Asymmetric RSA 2048 bit
• Certificate signing: SHA-256
Notes
• Licensing requirements
• Limitations (Double Key: only Office apps)
• Azure AD accounts and B2B (OTP/guest account)
• Co-authoring and auto-save for Office
#CollabDaysNL | @CollabDaysNL | www.collabdays.org/2022-nl
21. File-types are important
• Some types only support labeling (no
encryption)
• Office and PDF files: native clients
• Office and PDF files: Microsoft Edge
• Other supported files: AIP Viewer client
• Watch out for the file extension
#CollabDaysNL | @CollabDaysNL | www.collabdays.org/2022-nl
22. Accounts are important
• Azure AD account is required
• Can also be a guest account | Microsoft
Live account | free RMS account
• One Time Passcode will not work
Notes
• Note the Azure AD B2B settings
• Note the All authenticated label setting
Set-SPOTenant -
EnableAzureADB2BIntegration
#CollabDaysNL | @CollabDaysNL | www.collabdays.org/2022-nl
23. Co-authoring and auto-save
• No possible in Office apps when
encryption is enabled
• Can be enabled using GUI or PowerShell
• Changes labeling metadata
#CollabDaysNL | @CollabDaysNL | www.collabdays.org/2022-nl
24. Beware of the integrated client…
It does not support
• Label inheritance from e-mail
• On-premises scanner
• Custom permissions independently from label
• Bar in Office
• File explorer integration
• PPDF support
• Powershell labeling cmdlets
Client V2.x Integrated client
Build into Office Apps
Unified Labeling client
• BYOK/Double Key encryption
• Usage logging event viewer
• Do not forward button Outlook
• Document tracking/revoking
• Protection only mode
#CollabDaysNL | @CollabDaysNL | www.collabdays.org/2022-nl
27. Secure e-mail
• Exchange IRM or s/MIME (not for today)
• Sensitivity labels
• Encryption options Outlook - Do-not-forward
and Encrypt only (Options | Encrypt) or as
part of a label
Notes
• Known as Office 365 Message Encryption
• Mind working with attachments
• Encrypt only using a label is only
available in integrated client
#CollabDaysNL | @CollabDaysNL | www.collabdays.org/2022-nl
28. Office 365 Message
Encryption (OME)
• Works with any email client
• Does not require a specific account for
the recipient (or does it?)
• Works with native Office functions and a
secure portal
• Standard options: Do-not-forward and
Encrypt only
Notes
• Does not offer any MFa-related options
(SMS for example)
• No easy “revoke” option
• Take encryption of attachments into
account!
#CollabDaysNL | @CollabDaysNL | www.collabdays.org/2022-nl
29. Advanced Office 365 Message
Encryption
• Licensing: Microsoft/Office 365 E5 |
Microsoft 365 E5 Compliance | Microsoft
365 E5 Information Protection and
Governance
• Use mailrules based on sensitive
information types/keywords
• Message revocation and expiration
Notes
• For revocation and expiration to work,
you must restrict (force!) recipients to
work with the secure portal.
#CollabDaysNL | @CollabDaysNL | www.collabdays.org/2022-nl
30. #CollabDaysNL | @CollabDaysNL | www.collabdays.org/2022-nl
Encapsulated email message
• A protected e-mail becomes a .rpmsg file
• Outlook Apps (Windows, Mac, iOS/Android
and web) open natively
• Other (web) clients are redirected to the
secure portal
• File itself is always presented
Notes
• You cannot use the AIP Viewer to open
these files
• There’s a 25 MB limit per message
31. Office 365 Message Encryption -
Working with attachments
• Unprotected MS Office documents
• Protection is applied to the document
• Permissions differ between Do-not-forward and Encrypt
only (DnF: printing/copy not allowed)
• Mind the Azure AD (guest) account!
• Alternative: decrypt on download (PowerShell)
#CollabDaysNL | @CollabDaysNL | www.collabdays.org/2022-nl
33. An example - Office 365 – Outlook web
#CollabDaysNL | @CollabDaysNL | www.collabdays.org/2022-nl
34. An example – Gmail - webbrowser
#CollabDaysNL | @CollabDaysNL | www.collabdays.org/2022-nl
35. An example – OME Secure Portal – including attachment
#CollabDaysNL | @CollabDaysNL | www.collabdays.org/2022-nl
36. An example – Outlook client – preview screen
#CollabDaysNL | @CollabDaysNL | www.collabdays.org/2022-nl
37. An example – Outlook – after opening
#CollabDaysNL | @CollabDaysNL | www.collabdays.org/2022-nl
38. An example – Permissions on Word document
#CollabDaysNL | @CollabDaysNL | www.collabdays.org/2022-nl
39. What about an e-mail with a
label with permissions?
• Email message and attachments are
protected
• Based on settings for the label
• If recipient is not part of the protection
– email will not be opened
• Emails can inherit the label of the
attachment, when higher
#CollabDaysNL | @CollabDaysNL | www.collabdays.org/2022-nl
40. What about an e-mail with a
label with permissions?
• Email message and attachments are
protected
• Based on settings for the label
• If recipient is not part of the protection
– email will not be opened
• Emails can inherit the label of the
attachment, when higher
#CollabDaysNL | @CollabDaysNL | www.collabdays.org/2022-nl
42. To think about
• Used to set specific configurations
• Either for the unified labeling client
• Or for the specific working of a function
• For more information: scan the QR code
• Some examples…
43. Advanced configurations PowerShell
Set-LabelPolicy -Identity “policyname” -AdvancedSettings
@{EnableCustomPermissions="False"}
Disable the custom permissions option in the Windows File Explorer
Set-LabelPolicy -Identity “Policyname” -AdvancedSettings
@{OutlookWarnUntrustedCollaborationLabel=“Labelid"}
Warn, justify or block labeled messages or messages with specific labeled
attachments using a default message
Set-LabelPolicy -Identity “policyname” -AdvancedSettings
@{OutlookJustifyTrustedDomains="contoso.com,fabrikam.com,litware.com"}
Disregard the warn, justify or block action for specific (trusted) domains
Set-IRMConfiguration -DecryptAttachmentForEncryptOnly $true
Remove the encryption from email attachments when downloaded using the browser
#CollabDaysNL | @CollabDaysNL | www.collabdays.org/2022-nl
44. Keep in mind
• Sharing an encrypted file | working with
guests
• Label/encrypt using DLP rules
• Decrypt file in SPO: Unlock-
SensitivityLabelEncryptedFile
• Metadata change, MSIP_ cannot be used
anymore
#CollabDaysNL | @CollabDaysNL | www.collabdays.org/2022-nl
45. Keep in mind
• eDiscovery and encryption
• Advanced eDiscovery supports all
• Content search and core eDiscovery only
support previewing and exporting
encrypted attachments
• Super User role
• Encrypted PDF’s (Adobe Acrobat | Microsoft
Edge) & Digitally signed PDF’s
#CollabDaysNL | @CollabDaysNL | www.collabdays.org/2022-nl
46. Keep in mind
• Migrating content can be difficult
• Keep in mind your encrypted content
#CollabDaysNL | @CollabDaysNL | www.collabdays.org/2022-nl