The document discusses strategies and tools for maintaining security while working from home, emphasizing both internal and external measures. It outlines essential tools such as advanced threat protection, identity management, and data loss prevention to safeguard against various threats. The document also raises critical questions for organizations to consider as they develop security policies and practices.

1. Staying Secure While
Working From Home:
Now and in the Future!

2. Today’s Goals
• Set the stage for both internal &
external security measures
• Equip you with the questions and
ideas for what do next
• Give you the knowledge of the
tools that can address your
security needs

3. 5-10 tools you should be thinking about
1. Advanced Threat
Protection
2. Advanced Threat Analytics
3. Unified Threat
Management
4. Firewall Logging and
Management
5. Information Protection
Outside ThreatsInternal Threats
1. Identity
Management/MFA/S
SO
2. Enterprise Device
Management
3. Self Service
Password Reset
4. Rights Management
5. Data Loss Prevention

4. We need to
protect it from
the outside
world

5. But what
happens
inside our
kingdom is
another set
of challenges

6. Questions to
Consider
around
Security
How can you make sure you/your employees are
accessing the right files and applications?
How can you ensure the devices you/your
employees are safe and secure?
How can you spot/prevent phishing attempts?
What tools and policies should I be considering to
help protect my employees and company data?
How can I prevent data loss and ensure company
data is centrally managed and stored
appropriately?

7. What does a
typical security
breach look
like?

8. PLAN ENTER TRAVERSE EXECUTE MISSION
4
Threat Actors exfiltrate PII and
other sensitive business data
Threat Actor targets employee(s)
via phishing campaign1
Workstation compromised, threat
actor gathers credentials2a
Threat Actors use stolen credentials to move laterally
3a
Employee B opens infected
email (Mobile or PC).
Attacker disables antivirus
2b Compromised credentials/
device used to access
cloud service / enterprise
environment
3bc
Credentials harvested
when employee logs into
fake website
2c
A. Enter and Navigate
Any employee opens
attack email
 Access to most/all
corporate data
B. Device Compromise
Targeted employee opens attack email
 Access to same data as employee
C. Remote Credential
Harvesting
Targeted employee(s) enter credentials in
website
 Access to same data as employee(s)
Common Attacks
Office 365 Technology
• Advanced Threat Protection
(requires E5)
EMS Technology
• Cloud App Security (CASB)
(requires E5)
Office 365 Technology
• Advanced Security Management
(basic CASB) (requires E5)
Azure Technology
• Multi-Factor Authentication
• Azure Identity Protection
Windows 10 Technology
• Smartscreen URL and App reputation
EMS Technology
• Azure Information Protection
(requires E5)
Office 365 Technology
• Data Loss Prevention
Windows 10 Technology
• Windows Information Protection
Azure Technology
• Disk, Storage, SQL Encryption
• Key Vault
• …
An
y Windows 10 Technology
• Device Guard
• Credential & App Guard
• Defender Advanced Threat Protection (requires
E5)
Published Guidance
• Securing Privileged Access Roadmap
Professional Services
• Security Foundation
• Enhanced Security Admin Environment (ESAE)
Technology
• Advanced Threat Analytics (in EMS E3)
• Azure Security Center & Operations Management Suite (OMS)
• …and more
EMS Technology
• Intune conditional access
Managed Detection and Response (MDR)
• Enterprise Threat Detection (PCs only)

9. Internal Threats
& Tools to
Protect

10. Pillars of Security

11. Identity Management and Security
• Increased load and usage from so
many people working remotely
creates potential vulnerabilities in
your network/systems.
• Hotspots or Wifi at your
home/Remote Facility
• It’s important your employees’
identities are secure, and your
people and their devices are
managed.

12. Simplify access to
devices and apps
Protect at the
front door
Safeguard your
credentials
Identity & Access Management
Prove users are authorized and secure before granting access to apps and data

13. Threat Protection
Protect against advanced attacks; detect and respond quickly if breached
PROTECT
organizations from
advanced cyber attacks
RESPOND
to threats quickly
DETECT
malicious activities

14. Information Protection
Detect ProtectClassify Monitor
CLOUDDEVICES ON PREMISES
Protect sensitive data throughout the lifecycle – inside and outside the organization

15. Information Protection
Better secure your sensitive information—anytime, anywhere

16. Enterprise Mobile Management

17. Policies can be set both at the user
and company level
Rights Management Server
Rights Management allows for files, emails, and
other communications to be governed so company
compliance, regulations can be met.
When a file is protected, the protection stays
with the file, even if it is saved or copied to
storage that is not under the control of IT,
such as a cloud storage service.

18. Data Loss Prevention

19. Cloud App Security

20. Protection
from the
Outside

21. Unified Threat
Management
and AI
• Collect data at cloud scale across all users, devices,
applications, and infrastructure, both on-premises
and in multiple clouds.
• Detect previously undetected
threats, and minimize false positives using
Microsoft's analytics and unparalleled threat
intelligence.
• Investigate threats with artificial intelligence, and
hunt for suspicious activities at scale.
• Respond to incidents rapidly with built-in
orchestration and automation of common tasks.
Data Collector

23. Office Advanced Threat Protection

24. Office 365 Threat Intelligence

25. 5-10 tools you should be thinking about
1. Advanced Threat
Protection
2. Advanced Threat Analytics
3. Unified Threat
Management
4. Firewall Logging and
Management
5. Information Protection
Outside ThreatsInternal Threats
1. Identity
Management/MFA/S
SO
2. Enterprise Device
Management
3. Self Service
Password Reset
4. Rights Management
5. Data Loss Prevention

26. Solutions We Can Provide
• Unified Threat Management Programs and Monitoring
• Simulated phishing campaigns
• Advanced Threat Protection
• Secure Score of Environment (PENN)
• Ongoing Analytics
• Systems and Network Monitoring
• Security Framework Builds

27. THANK YOU
Sean Ferrel & Christi Williams
888.563.9132
Managedsolution.com

28. Core security questions for admin level