SlideShare a Scribd company logo

Office 365 Saturday - Office 365 Security Best Practices

Download as PPTX, PDF
Benoit HAMET
Benoit HAMET

Office 365 Saturday Sydney presentation decks Security best practices for Office 365 and what to use to secure your Office 365

Technology
1 of 55
Gold Silver Bronze
Thanks for coming! Important stuff you need to know Toilets Fire Escapes Internet Access Stick around til the end and provide feedback to win!
Digital Workplace Conference Sofitel Sydney Wentworth 23rd to 24th August
We have some amazing things to give away today! Wanna Twit about the day? Use either #O365Sat17 or #O365SatSyd17 Leave us feedback, not only cause it makes our events better but you win amazing prizes! https://tinyurl.com/O365SatSyd17
Room 1 Room 2 Room 3 1:00- 2:00 MS Graph Building Data and Intelligent Apps Ashish Trivedi Extranet for partner Collaboration Alpesh Nakar Team Sites | Teams | Groups | Yammer – Untangling the Collaboration Web Russ Norton 2:05- 3:05 SharePoint Framework – Build integrated user experiences Anupam Ranku 9 Months of Fun with SharePoint in Azure and Office365 Colin Philips Top 10 Adoption Tips Kirsty McGrath 3:10 - 4:10 What the heck is GraphAPI and why should I care? Steven Hosking Automate Office 365 Robert Crane TBA Adam Cogan Room 1 Room 2 Room 3 9:00 - 10:00 Introduction to SharePoint Framework (SPFx) Sezai Komur From Cloud Productivity to Enterprise Business App Igor Jericevich SharePoint Branding for Non-Branders Colin Gardner 10:05- 11:05 Mayhem and Mischief with the Outlook and Microsoft Graph APIs Simon Waight Mind blown: the Dynamite Dynamics 365 Experience Roger Carran Who said you have to be a Power-User to create Dynamic Forms? Ishai Sagi 11:10- 12:10 Event Driven Development in Office 365 Amr Found Office 365 Security Best Practices Benoit Hamet Making your first app with Power Apps Haylee Fox
▶ ▶ ▶ ▶ ▶ ▶ http://blog.hametbenoit.info http://twitter.com/benoit_hamet
▶ ▶ ▶ ▶ ▶ ▶ ▶ ▶ ▶
When moving to cloud services, the security is a major concern On Office 365, security is a 2 dimensional implementation: ▶ The first dimension is the Microsoft-managed service- level, including operational procedures or default policies ▶ The second dimension is the customer-managed control-level Security and compliance is an ongoing process, not a steady state. It is constantly maintained, enhanced, and verified by highly-skilled, experienced and trained personnel Objectives of this session is to give you some keys practices/implementation to help you stay secure on Office 365
Financial services firms worry about customer fraud and advanced attacks. 47% Financial services Business services pros want to use managed security services. 11% Business services The nonprofit/ government sector prioritizes authentication concerns 9% Nonprofit / government Healthcare firms focus on patient data protection. 8% Healthcare Forrester’s Inquiry Spotlight: Security And Risk, Q3 2015 To Q3 2016, Stephanie Balaouras, Claire O'Malley with Laura Koetzle, Trevor Lyness, Peggy Dostie, December 27, 2016 Based: 1,731 inquiries from Q3 2015 to Q3 2016
$4 M - IDC Ponemom Institute, Cost of a Data Breach Report (2016) 63% - Verizon 2016 Data Breach Report 80% - Stratecast, December 2016 33% - VansonBourne, February 2014
Technical Objectives • Get in reliably • Obtain data I am assigned or can sell • Avoid detection Specialization • Exploiting Stolen Data • Selling Stolen Data • Selling Attack Tools • Sell Access to environments Motivations • Money / Profit • Message / Activism • Mission / Nation State Daily Considerations • Build or buy my tools? • What is the target worth? • Try the easy things first Stats: • 82% of Successful cyberattacks are from Cybercriminals via: • Phishing • Network Scans • Strategic web site compromise • 11% are from insiders • 7% are nation states SecureWorks 2016 via eWeek Good to know: • Attacks aren’t random • Likely has attacked before • Very expensive to react to – preventative much better than reactive
▶ Know you risks ▶ Know your user’s behaviour ▶ Know your environment ▶ Know you data ▶ Know your legal/financial requirements ▶ Confidentially ▶ Privacy ▶ Regulatory ▶ Review / Audit ▶ Never ending story
Apps and Data SaaS Malware Protection Center Cyber Hunting Teams Security Response Center DeviceInfrastructure CERTs Identity INTELLIGENT SECURITY GRAPH Cyber Defense Operations Center Digital Crimes Unit Antivirus NetworkIndustry Partners PaaS IaaS
Office 365 includes tools to discover your environment ▶ Office 365 Secure Score ▶ Helps to assess your security configuration ▶ Provides actions/recommendations ▶ Proactive vs reactive ▶ Compliance Center ▶ Provides regulatory documentation ▶ Security and regulations standards implemented ▶ Cloud App Security (EMS E5) / Advanced Security Management (E5) ▶ Discovers application used by user
▶ Cloud identity management is similar to On Premises identity management ▶ Provisioning / Management / Termination ▶ Integrates with your On Premises directory ▶ Use latest version of Azure AD Connect ▶ Authenticate with your On Premises credentials (ADFS / Password synch / Pass Through) ▶ Grant permissions using groups not to individuals ▶ Enable self-service (password reset) ▶ Identity sensitive users / roles ▶ Enable MFA ▶ Automate Office 365 role assignment / approval workflow ▶ Separate “day to day” and admin accounts
One small mistake can lead to attacker control Attackers Can • Steal any data • Modify documents • Impersonate users • Disrupt business operations Active Directory and Administrators control all the assets
Your users’ productivity and security is more challenged than ever by different types of attacks. 80 Billion Inbound Messages to Office365 in 1 month – only 31% core business mails 55 Billion Spam and Bulk mails that could have crowded users’ mailboxes Malware  600% Volume of malware targeting O365 has increased 600% in the past year
▶ Exchange Online Protection ▶ Spam protection ▶ Spoofing protection (SPF / DKIM / DMARC) ▶ ‘light’ malware protection ▶ Advanced Threats Protection ▶ URL rewriting ▶ Attachments analysis ▶ SharePoint Online / OneDrive ▶ Device Access
▶ Free for individuals (recipient only) ▶ Azure Right Management Services (RMS) included with Office 365 E plans ▶ Can be automatically applied to SharePoint library and Exchange mails ▶ Azure Information Protection included with Azure Premium / EMS ▶ Allows tagging ▶ Both can protects data by embedding authorization
Netskope Cloud Report, Summer 2015 ▶ 17.9% of files violate DLP Policy ▶ 22.2% are shared publicly ▶ Almost all data leakage occurs inadvertently ▶ Define labels ▶ Create DLP rules ▶ Built in ▶ Custom
▶ Retention ensures conservation of data ▶ Applies to Exchange and SharePoint (including Office 365 groups) ▶ Not only used for compliance but can be used for recovery
▶ 2 options ▶ Access Control Policy (ADFS) ▶ Conditional Access (Azure AD Premium) ▶ Access Control Policy ▶ On Premises configuration ▶ Built in and custom conditions ▶ Not only applies to Office 365 ▶ Conditional Access ▶ Azure AD configuration / Intune ▶ Can work in conjunction with Azure AD Identity Protection (Azure Premium P2) ▶ Conditions: group membership, location, device platform and state
▶ First to discover ▶ Identity existing usage/gap ▶ Continuous activities review ▶ Identify potential malicious activities ▶ Validate/Review configuration (DLP) ▶ All activities are audited
▶ Security is specific to you ▶ Common patterns to everybody ▶ Meet your specific needs ▶ Manage your identity ▶ Be as ‘end-user’ friendly as possible ▶ Automation ▶ Self service ▶ Communicate / Instruct ▶ No exceptions ▶ There is always exception, but the less the better
▶ Restrict privileges ▶ Lower permissions as possible ▶ Elevate security requirements for sensitive role (MFA) ▶ Conditional access ▶ Monitor ▶ Be proactive ▶ Review activities ▶ Identify your data
Gold Silver Bronze
Room 1 Room 2 Room 3 1:00- 2:00 MS Graph Building Data and Intelligent Apps Ashish Trivedi Extranet for partner Collaboration Alpesh Nakar Team Sites | Teams | Groups | Yammer – Untangling the Collaboration Web Russ Norton 2:05- 3:05 SharePoint Framework – Build integrated user experiences Anupam Ranku 9 Months of Fun with SharePoint in Azure and Office365 Colin Philips Top 10 Adoption Tips Kirsty McGrath 3:10 - 4:10 What the heck is GraphAPI and why should I care? Steven Hosking Automate Office 365 Robert Crane TBA Adam Cogan Room 1 Room 2 Room 3 9:00 - 10:00 Introduction to SharePoint Framework (SPFx) Sezai Komur From Cloud Productivity to Enterprise Business App Igor Jericevich SharePoint Branding for Non-Branders Colin Gardner 10:05- 11:05 Mayhem and Mischief with the Outlook and Microsoft Graph APIs Simon Waight Mind blown: the Dynamite Dynamics 365 Experience Roger Carran Who said you have to be a Power-User to create Dynamic Forms? Ishai Sagi 11:10- 12:10 Event Driven Development in Office 365 Amr Found Office 365 Security Best Practices Benoit Hamet Making your first app with Power Apps Haylee Fox
▶ Office 365 Microsoft Trust Center https://www.microsoft.com/en- us/trustcenter/cloudservices/office365 ▶ Secure Store https://securescore.office.com ▶ Security and Compliance Portal https://protection.office.com ▶ Cloud App Security https://portal.cloudappsecurity.com ▶ Azure Self Service Portal https://account.activedirectory.windowsazure.com
▶ Azure AD Conditional Access https://portal.azure.com/#blade/Microsoft_AAD_IAM/Con ditionalAccessBlade/Policies ▶ OneDrive Access Policy https://admin.onedrive.com/?v=AccessPolicySettings ▶ Azure Privileged Identity Management https://portal.azure.com/#blade/Microsoft_Azure_PIM/Co mmonMenuBlade/QuickStart https://portal.azure.com/#blade/Microsoft_Azure_PIM/Dir ectoryRoleManagementMenuBlade/setting

Recommended

Protect your hybrid workforce across the attack chain
Protect your hybrid workforce across the attack chainProtect your hybrid workforce across the attack chain
Protect your hybrid workforce across the attack chainDavid J Rosenthal
 
Respond-Recover-Reimagine: Building Business Resilience
Respond-Recover-Reimagine: Building Business ResilienceRespond-Recover-Reimagine: Building Business Resilience
Respond-Recover-Reimagine: Building Business ResilienceDavid J Rosenthal
 
Modern Workplace with Microsoft 365
Modern Workplace with Microsoft 365Modern Workplace with Microsoft 365
Modern Workplace with Microsoft 365Ravikumar Sathyamurthy
 
Microsoft Teams Governance Quickstart - The Experts Conference
Microsoft Teams Governance Quickstart - The Experts ConferenceMicrosoft Teams Governance Quickstart - The Experts Conference
Microsoft Teams Governance Quickstart - The Experts ConferenceJoel Oleson
 
Microsoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewMicrosoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewDavid J Rosenthal
 
Securing your Organization with Microsoft 365
Securing your Organization with Microsoft 365Securing your Organization with Microsoft 365
Securing your Organization with Microsoft 365Ravikumar Sathyamurthy
 
Securely Harden Microsoft 365 with Secure Score
Securely Harden Microsoft 365 with Secure ScoreSecurely Harden Microsoft 365 with Secure Score
Securely Harden Microsoft 365 with Secure ScoreJoel Oleson
 
Microsoft Office 365 Security and Compliance Updates
Microsoft Office 365 Security and Compliance UpdatesMicrosoft Office 365 Security and Compliance Updates
Microsoft Office 365 Security and Compliance UpdatesDavid J Rosenthal
 

Recommended

Protect your hybrid workforce across the attack chain
Protect your hybrid workforce across the attack chainProtect your hybrid workforce across the attack chain
Protect your hybrid workforce across the attack chainDavid J Rosenthal
 
Respond-Recover-Reimagine: Building Business Resilience
Respond-Recover-Reimagine: Building Business ResilienceRespond-Recover-Reimagine: Building Business Resilience
Respond-Recover-Reimagine: Building Business ResilienceDavid J Rosenthal
 
Modern Workplace with Microsoft 365
Modern Workplace with Microsoft 365Modern Workplace with Microsoft 365
Modern Workplace with Microsoft 365Ravikumar Sathyamurthy
 
Microsoft Teams Governance Quickstart - The Experts Conference
Microsoft Teams Governance Quickstart - The Experts ConferenceMicrosoft Teams Governance Quickstart - The Experts Conference
Microsoft Teams Governance Quickstart - The Experts ConferenceJoel Oleson
 
Microsoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewMicrosoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewDavid J Rosenthal
 
Securing your Organization with Microsoft 365
Securing your Organization with Microsoft 365Securing your Organization with Microsoft 365
Securing your Organization with Microsoft 365Ravikumar Sathyamurthy
 
Securely Harden Microsoft 365 with Secure Score
Securely Harden Microsoft 365 with Secure ScoreSecurely Harden Microsoft 365 with Secure Score
Securely Harden Microsoft 365 with Secure ScoreJoel Oleson
 
Microsoft Office 365 Security and Compliance Updates
Microsoft Office 365 Security and Compliance UpdatesMicrosoft Office 365 Security and Compliance Updates
Microsoft Office 365 Security and Compliance UpdatesDavid J Rosenthal
 
A Secure Journey to Cloud with Microsoft 365
A Secure Journey to Cloud with Microsoft 365A Secure Journey to Cloud with Microsoft 365
A Secure Journey to Cloud with Microsoft 365David J Rosenthal
 
Understanding Security and Compliance in Microsoft Teams - M365 Saturday Pune...
Understanding Security and Compliance in Microsoft Teams - M365 Saturday Pune...Understanding Security and Compliance in Microsoft Teams - M365 Saturday Pune...
Understanding Security and Compliance in Microsoft Teams - M365 Saturday Pune...Chirag Patel
 
Reducing the Chance of an Office 365 Security Breach
Reducing the Chance of an Office 365 Security BreachReducing the Chance of an Office 365 Security Breach
Reducing the Chance of an Office 365 Security BreachQuest
 
Microsoft Teams - Transform Workplace Collaboration
Microsoft Teams - Transform Workplace CollaborationMicrosoft Teams - Transform Workplace Collaboration
Microsoft Teams - Transform Workplace CollaborationDavid J Rosenthal
 
Security and compliance in Office 365 -Part 1
Security and compliance in Office 365 -Part 1Security and compliance in Office 365 -Part 1
Security and compliance in Office 365 -Part 1Vignesh Ganesan I Microsoft MVP
 
Webinar: Protect your teams work across office 365
Webinar: Protect your teams work across office 365Webinar: Protect your teams work across office 365
Webinar: Protect your teams work across office 365ShareGate
 
Crisis communication App - A Power Platform App from Microsoft
Crisis communication App - A Power Platform App from MicrosoftCrisis communication App - A Power Platform App from Microsoft
Crisis communication App - A Power Platform App from MicrosoftDavid J Rosenthal
 
Microsoft 365 Business - Presented by Razor Technology
Microsoft 365 Business - Presented by Razor TechnologyMicrosoft 365 Business - Presented by Razor Technology
Microsoft 365 Business - Presented by Razor TechnologyDavid J Rosenthal
 
Foster Employee Engagement and Create a Digital Culture Through Microsoft Mod...
Foster Employee Engagement and Create a Digital Culture Through Microsoft Mod...Foster Employee Engagement and Create a Digital Culture Through Microsoft Mod...
Foster Employee Engagement and Create a Digital Culture Through Microsoft Mod...David J Rosenthal
 
Innovation morning microsoft 365 e security
Innovation morning microsoft 365 e security Innovation morning microsoft 365 e security
Innovation morning microsoft 365 e security Claudia Angelelli
 
Pitching Microsoft 365
Pitching Microsoft 365Pitching Microsoft 365
Pitching Microsoft 365Robert Crane
 
August 2020 Microsoft 365 Need to Know Webinar
August 2020 Microsoft 365 Need to Know WebinarAugust 2020 Microsoft 365 Need to Know Webinar
August 2020 Microsoft 365 Need to Know WebinarRobert Crane
 
Enabling Teamwork From Anywhere - From Microsoft and Razor Technology
Enabling Teamwork From Anywhere - From Microsoft and Razor TechnologyEnabling Teamwork From Anywhere - From Microsoft and Razor Technology
Enabling Teamwork From Anywhere - From Microsoft and Razor TechnologyDavid J Rosenthal
 
Microsoft 365 Live Events
Microsoft 365 Live EventsMicrosoft 365 Live Events
Microsoft 365 Live EventsDavid J Rosenthal
 
Overview of Microsoft Exchange Online
Overview of Microsoft Exchange OnlineOverview of Microsoft Exchange Online
Overview of Microsoft Exchange OnlineMicrosoft Private Cloud
 
Getting started with Microsoft Office 365 by Vignesh Ganesan
Getting started with Microsoft Office 365 by Vignesh GanesanGetting started with Microsoft Office 365 by Vignesh Ganesan
Getting started with Microsoft Office 365 by Vignesh GanesanVignesh Ganesan I Microsoft MVP
 
Microsoft 365 Tenant Administration: Understanding Microsoft 365 Administrati...
Microsoft 365 Tenant Administration: Understanding Microsoft 365 Administrati...Microsoft 365 Tenant Administration: Understanding Microsoft 365 Administrati...
Microsoft 365 Tenant Administration: Understanding Microsoft 365 Administrati...Joel Oleson
 
Introduction to Microsoft 365 Business
Introduction to Microsoft 365 BusinessIntroduction to Microsoft 365 Business
Introduction to Microsoft 365 BusinessRobert Crane
 
Understanding Microsoft Teams Security & Compliance features and plan for Gov...
Understanding Microsoft Teams Security & Compliance features and plan for Gov...Understanding Microsoft Teams Security & Compliance features and plan for Gov...
Understanding Microsoft Teams Security & Compliance features and plan for Gov...Ravikumar Sathyamurthy
 
Evolve Your Web Applications with Microsoft Azure
Evolve Your Web Applications with Microsoft AzureEvolve Your Web Applications with Microsoft Azure
Evolve Your Web Applications with Microsoft AzureDavid J Rosenthal
 
Auditing in the Cloud
Auditing in the CloudAuditing in the Cloud
Auditing in the Cloudtcarrucan
 
Microsoft 365 | Modern workplace
Microsoft 365 | Modern workplaceMicrosoft 365 | Modern workplace
Microsoft 365 | Modern workplaceSiddick Elaheebocus
 

More Related Content

What's hot

A Secure Journey to Cloud with Microsoft 365
A Secure Journey to Cloud with Microsoft 365A Secure Journey to Cloud with Microsoft 365
A Secure Journey to Cloud with Microsoft 365David J Rosenthal
 
Understanding Security and Compliance in Microsoft Teams - M365 Saturday Pune...
Understanding Security and Compliance in Microsoft Teams - M365 Saturday Pune...Understanding Security and Compliance in Microsoft Teams - M365 Saturday Pune...
Understanding Security and Compliance in Microsoft Teams - M365 Saturday Pune...Chirag Patel
 
Reducing the Chance of an Office 365 Security Breach
Reducing the Chance of an Office 365 Security BreachReducing the Chance of an Office 365 Security Breach
Reducing the Chance of an Office 365 Security BreachQuest
 
Microsoft Teams - Transform Workplace Collaboration
Microsoft Teams - Transform Workplace CollaborationMicrosoft Teams - Transform Workplace Collaboration
Microsoft Teams - Transform Workplace CollaborationDavid J Rosenthal
 
Webinar: Protect your teams work across office 365
Webinar: Protect your teams work across office 365Webinar: Protect your teams work across office 365
Webinar: Protect your teams work across office 365ShareGate
 
Crisis communication App - A Power Platform App from Microsoft
Crisis communication App - A Power Platform App from MicrosoftCrisis communication App - A Power Platform App from Microsoft
Crisis communication App - A Power Platform App from MicrosoftDavid J Rosenthal
 
Microsoft 365 Business - Presented by Razor Technology
Microsoft 365 Business - Presented by Razor TechnologyMicrosoft 365 Business - Presented by Razor Technology
Microsoft 365 Business - Presented by Razor TechnologyDavid J Rosenthal
 
Foster Employee Engagement and Create a Digital Culture Through Microsoft Mod...
Foster Employee Engagement and Create a Digital Culture Through Microsoft Mod...Foster Employee Engagement and Create a Digital Culture Through Microsoft Mod...
Foster Employee Engagement and Create a Digital Culture Through Microsoft Mod...David J Rosenthal
 
Innovation morning microsoft 365 e security
Innovation morning microsoft 365 e security Innovation morning microsoft 365 e security
Innovation morning microsoft 365 e security Claudia Angelelli
 
Pitching Microsoft 365
Pitching Microsoft 365Pitching Microsoft 365
Pitching Microsoft 365Robert Crane
 
August 2020 Microsoft 365 Need to Know Webinar
August 2020 Microsoft 365 Need to Know WebinarAugust 2020 Microsoft 365 Need to Know Webinar
August 2020 Microsoft 365 Need to Know WebinarRobert Crane
 
Enabling Teamwork From Anywhere - From Microsoft and Razor Technology
Enabling Teamwork From Anywhere - From Microsoft and Razor TechnologyEnabling Teamwork From Anywhere - From Microsoft and Razor Technology
Enabling Teamwork From Anywhere - From Microsoft and Razor TechnologyDavid J Rosenthal
 
Getting started with Microsoft Office 365 by Vignesh Ganesan
Getting started with Microsoft Office 365 by Vignesh GanesanGetting started with Microsoft Office 365 by Vignesh Ganesan
Getting started with Microsoft Office 365 by Vignesh GanesanVignesh Ganesan I Microsoft MVP
 
Microsoft 365 Tenant Administration: Understanding Microsoft 365 Administrati...
Microsoft 365 Tenant Administration: Understanding Microsoft 365 Administrati...Microsoft 365 Tenant Administration: Understanding Microsoft 365 Administrati...
Microsoft 365 Tenant Administration: Understanding Microsoft 365 Administrati...Joel Oleson
 
Introduction to Microsoft 365 Business
Introduction to Microsoft 365 BusinessIntroduction to Microsoft 365 Business
Introduction to Microsoft 365 BusinessRobert Crane
 
Understanding Microsoft Teams Security & Compliance features and plan for Gov...
Understanding Microsoft Teams Security & Compliance features and plan for Gov...Understanding Microsoft Teams Security & Compliance features and plan for Gov...
Understanding Microsoft Teams Security & Compliance features and plan for Gov...Ravikumar Sathyamurthy
 
Evolve Your Web Applications with Microsoft Azure
Evolve Your Web Applications with Microsoft AzureEvolve Your Web Applications with Microsoft Azure
Evolve Your Web Applications with Microsoft AzureDavid J Rosenthal
 

What's hot (20)

A Secure Journey to Cloud with Microsoft 365
A Secure Journey to Cloud with Microsoft 365A Secure Journey to Cloud with Microsoft 365
A Secure Journey to Cloud with Microsoft 365
 
Understanding Security and Compliance in Microsoft Teams - M365 Saturday Pune...
Understanding Security and Compliance in Microsoft Teams - M365 Saturday Pune...Understanding Security and Compliance in Microsoft Teams - M365 Saturday Pune...
Understanding Security and Compliance in Microsoft Teams - M365 Saturday Pune...
 
Reducing the Chance of an Office 365 Security Breach
Reducing the Chance of an Office 365 Security BreachReducing the Chance of an Office 365 Security Breach
Reducing the Chance of an Office 365 Security Breach
 
Microsoft Teams - Transform Workplace Collaboration
Microsoft Teams - Transform Workplace CollaborationMicrosoft Teams - Transform Workplace Collaboration
Microsoft Teams - Transform Workplace Collaboration
 
Security and compliance in Office 365 -Part 1
Security and compliance in Office 365 -Part 1Security and compliance in Office 365 -Part 1
Security and compliance in Office 365 -Part 1
 
Webinar: Protect your teams work across office 365
Webinar: Protect your teams work across office 365Webinar: Protect your teams work across office 365
Webinar: Protect your teams work across office 365
 
Crisis communication App - A Power Platform App from Microsoft
Crisis communication App - A Power Platform App from MicrosoftCrisis communication App - A Power Platform App from Microsoft
Crisis communication App - A Power Platform App from Microsoft
 
Microsoft 365 Business - Presented by Razor Technology
Microsoft 365 Business - Presented by Razor TechnologyMicrosoft 365 Business - Presented by Razor Technology
Microsoft 365 Business - Presented by Razor Technology
 
Foster Employee Engagement and Create a Digital Culture Through Microsoft Mod...
Foster Employee Engagement and Create a Digital Culture Through Microsoft Mod...Foster Employee Engagement and Create a Digital Culture Through Microsoft Mod...
Foster Employee Engagement and Create a Digital Culture Through Microsoft Mod...
 
Innovation morning microsoft 365 e security
Innovation morning microsoft 365 e security Innovation morning microsoft 365 e security
Innovation morning microsoft 365 e security
 
Pitching Microsoft 365
Pitching Microsoft 365Pitching Microsoft 365
Pitching Microsoft 365
 
August 2020 Microsoft 365 Need to Know Webinar
August 2020 Microsoft 365 Need to Know WebinarAugust 2020 Microsoft 365 Need to Know Webinar
August 2020 Microsoft 365 Need to Know Webinar
 
Enabling Teamwork From Anywhere - From Microsoft and Razor Technology
Enabling Teamwork From Anywhere - From Microsoft and Razor TechnologyEnabling Teamwork From Anywhere - From Microsoft and Razor Technology
Enabling Teamwork From Anywhere - From Microsoft and Razor Technology
 
Microsoft 365 Live Events
Microsoft 365 Live EventsMicrosoft 365 Live Events
Microsoft 365 Live Events
 
Overview of Microsoft Exchange Online
Overview of Microsoft Exchange OnlineOverview of Microsoft Exchange Online
Overview of Microsoft Exchange Online
 
Getting started with Microsoft Office 365 by Vignesh Ganesan
Getting started with Microsoft Office 365 by Vignesh GanesanGetting started with Microsoft Office 365 by Vignesh Ganesan
Getting started with Microsoft Office 365 by Vignesh Ganesan
 
Microsoft 365 Tenant Administration: Understanding Microsoft 365 Administrati...
Microsoft 365 Tenant Administration: Understanding Microsoft 365 Administrati...Microsoft 365 Tenant Administration: Understanding Microsoft 365 Administrati...
Microsoft 365 Tenant Administration: Understanding Microsoft 365 Administrati...
 
Introduction to Microsoft 365 Business
Introduction to Microsoft 365 BusinessIntroduction to Microsoft 365 Business
Introduction to Microsoft 365 Business
 
Understanding Microsoft Teams Security & Compliance features and plan for Gov...
Understanding Microsoft Teams Security & Compliance features and plan for Gov...Understanding Microsoft Teams Security & Compliance features and plan for Gov...
Understanding Microsoft Teams Security & Compliance features and plan for Gov...
 
Evolve Your Web Applications with Microsoft Azure
Evolve Your Web Applications with Microsoft AzureEvolve Your Web Applications with Microsoft Azure
Evolve Your Web Applications with Microsoft Azure
 

Similar to Office 365 Saturday - Office 365 Security Best Practices

Auditing in the Cloud
Auditing in the CloudAuditing in the Cloud
Auditing in the Cloudtcarrucan
 
Microsoft 365 | Modern workplace
Microsoft 365 | Modern workplaceMicrosoft 365 | Modern workplace
Microsoft 365 | Modern workplaceSiddick Elaheebocus
 
30 March 2017 - Vuzion Ireland Love Cloud
30 March 2017 - Vuzion Ireland Love Cloud30 March 2017 - Vuzion Ireland Love Cloud
30 March 2017 - Vuzion Ireland Love CloudVuzion
 
Office 365 in today's digital threats landscape: attacks & remedies from a ha...
Office 365 in today's digital threats landscape: attacks & remedies from a ha...Office 365 in today's digital threats landscape: attacks & remedies from a ha...
Office 365 in today's digital threats landscape: attacks & remedies from a ha...panagenda
 
Office365 in today's digital threats landscape: attacks & remedies from a hac...
Office365 in today's digital threats landscape: attacks & remedies from a hac...Office365 in today's digital threats landscape: attacks & remedies from a hac...
Office365 in today's digital threats landscape: attacks & remedies from a hac...Benedek Menesi
 
MTX Portland Office 365 Strategic Capabilities Sep2017
MTX Portland Office 365 Strategic Capabilities Sep2017MTX Portland Office 365 Strategic Capabilities Sep2017
MTX Portland Office 365 Strategic Capabilities Sep2017Owen Allen
 
Top 10 use cases for Microsoft Purview.pptx
Top 10 use cases for Microsoft Purview.pptxTop 10 use cases for Microsoft Purview.pptx
Top 10 use cases for Microsoft Purview.pptxAlistair Pugin
 
How to Monitor Digital Dependencies Across Your Modern IT Stack
How to Monitor Digital Dependencies Across Your Modern IT StackHow to Monitor Digital Dependencies Across Your Modern IT Stack
How to Monitor Digital Dependencies Across Your Modern IT StackThousandEyes
 
How to Monitor Digital Dependencies Across Your Modern IT Stack
How to Monitor Digital Dependencies Across Your Modern IT StackHow to Monitor Digital Dependencies Across Your Modern IT Stack
How to Monitor Digital Dependencies Across Your Modern IT StackThousandEyes
 
Breakdown of Microsoft Purview Solutions
Breakdown of Microsoft Purview SolutionsBreakdown of Microsoft Purview Solutions
Breakdown of Microsoft Purview SolutionsDrew Madelung
 
Office 365 Security, Privacy and Compliance - SMB Nation 2015
Office 365 Security, Privacy and Compliance - SMB Nation 2015Office 365 Security, Privacy and Compliance - SMB Nation 2015
Office 365 Security, Privacy and Compliance - SMB Nation 2015Robert Crane
 
Protect your data in / with the Cloud
Protect your data in / with the CloudProtect your data in / with the Cloud
Protect your data in / with the CloudGWAVA
 
Wrong slides! Please check description for correct deck
Wrong slides! Please check description for correct deck Wrong slides! Please check description for correct deck
Wrong slides! Please check description for correct deck Benedek Menesi
 
One name unify them all
One name unify them allOne name unify them all
One name unify them allBizTalk360
 
How to classify documents automatically using NLP
How to classify documents automatically using NLPHow to classify documents automatically using NLP
How to classify documents automatically using NLPSkyl.ai
 
The Future of Project Management from Microsoft
The Future of Project Management from MicrosoftThe Future of Project Management from Microsoft
The Future of Project Management from MicrosoftDavid J Rosenthal
 
Deep dive into Microsoft Purview Data Loss Prevention
Deep dive into Microsoft Purview Data Loss PreventionDeep dive into Microsoft Purview Data Loss Prevention
Deep dive into Microsoft Purview Data Loss PreventionDrew Madelung
 
Microsoft Teams in the Modern Workplace
Microsoft Teams in the Modern WorkplaceMicrosoft Teams in the Modern Workplace
Microsoft Teams in the Modern WorkplaceJoanne Klein
 

Similar to Office 365 Saturday - Office 365 Security Best Practices (20)

Auditing in the Cloud
Auditing in the CloudAuditing in the Cloud
Auditing in the Cloud
 
Microsoft 365 | Modern workplace
Microsoft 365 | Modern workplaceMicrosoft 365 | Modern workplace
Microsoft 365 | Modern workplace
 
30 March 2017 - Vuzion Ireland Love Cloud
30 March 2017 - Vuzion Ireland Love Cloud30 March 2017 - Vuzion Ireland Love Cloud
30 March 2017 - Vuzion Ireland Love Cloud
 
Office 365 in today's digital threats landscape: attacks & remedies from a ha...
Office 365 in today's digital threats landscape: attacks & remedies from a ha...Office 365 in today's digital threats landscape: attacks & remedies from a ha...
Office 365 in today's digital threats landscape: attacks & remedies from a ha...
 
Office365 in today's digital threats landscape: attacks & remedies from a hac...
Office365 in today's digital threats landscape: attacks & remedies from a hac...Office365 in today's digital threats landscape: attacks & remedies from a hac...
Office365 in today's digital threats landscape: attacks & remedies from a hac...
 
MTX Portland Office 365 Strategic Capabilities Sep2017
MTX Portland Office 365 Strategic Capabilities Sep2017MTX Portland Office 365 Strategic Capabilities Sep2017
MTX Portland Office 365 Strategic Capabilities Sep2017
 
Top 10 use cases for Microsoft Purview.pptx
Top 10 use cases for Microsoft Purview.pptxTop 10 use cases for Microsoft Purview.pptx
Top 10 use cases for Microsoft Purview.pptx
 
How to Monitor Digital Dependencies Across Your Modern IT Stack
How to Monitor Digital Dependencies Across Your Modern IT StackHow to Monitor Digital Dependencies Across Your Modern IT Stack
How to Monitor Digital Dependencies Across Your Modern IT Stack
 
How to Monitor Digital Dependencies Across Your Modern IT Stack
How to Monitor Digital Dependencies Across Your Modern IT StackHow to Monitor Digital Dependencies Across Your Modern IT Stack
How to Monitor Digital Dependencies Across Your Modern IT Stack
 
Webinar: Microsoft 365 - Your Gateway to Data Loss Prevention
Webinar: Microsoft 365 - Your Gateway to Data Loss PreventionWebinar: Microsoft 365 - Your Gateway to Data Loss Prevention
Webinar: Microsoft 365 - Your Gateway to Data Loss Prevention
 
Breakdown of Microsoft Purview Solutions
Breakdown of Microsoft Purview SolutionsBreakdown of Microsoft Purview Solutions
Breakdown of Microsoft Purview Solutions
 
Office 365 Security, Privacy and Compliance - SMB Nation 2015
Office 365 Security, Privacy and Compliance - SMB Nation 2015Office 365 Security, Privacy and Compliance - SMB Nation 2015
Office 365 Security, Privacy and Compliance - SMB Nation 2015
 
Protect your data in / with the Cloud
Protect your data in / with the CloudProtect your data in / with the Cloud
Protect your data in / with the Cloud
 
Wrong slides! Please check description for correct deck
Wrong slides! Please check description for correct deck Wrong slides! Please check description for correct deck
Wrong slides! Please check description for correct deck
 
NG-Brochure
NG-BrochureNG-Brochure
NG-Brochure
 
One name unify them all
One name unify them allOne name unify them all
One name unify them all
 
How to classify documents automatically using NLP
How to classify documents automatically using NLPHow to classify documents automatically using NLP
How to classify documents automatically using NLP
 
The Future of Project Management from Microsoft
The Future of Project Management from MicrosoftThe Future of Project Management from Microsoft
The Future of Project Management from Microsoft
 
Deep dive into Microsoft Purview Data Loss Prevention
Deep dive into Microsoft Purview Data Loss PreventionDeep dive into Microsoft Purview Data Loss Prevention
Deep dive into Microsoft Purview Data Loss Prevention
 
Microsoft Teams in the Modern Workplace
Microsoft Teams in the Modern WorkplaceMicrosoft Teams in the Modern Workplace
Microsoft Teams in the Modern Workplace
 

More from Benoit HAMET

2023-03 - Workplace Ninja - Migrating to a modern device management.pptx
2023-03 - Workplace Ninja - Migrating to a modern device management.pptx2023-03 - Workplace Ninja - Migrating to a modern device management.pptx
2023-03 - Workplace Ninja - Migrating to a modern device management.pptxBenoit HAMET
 
TechDays 2012 - L’entreprise numérique: l’environnement de travail se transforme
TechDays 2012 - L’entreprise numérique: l’environnement de travail se transformeTechDays 2012 - L’entreprise numérique: l’environnement de travail se transforme
TechDays 2012 - L’entreprise numérique: l’environnement de travail se transformeBenoit HAMET
 
TechDays 2009 - Introduction au troubleshooting de SharePoint 2007
TechDays 2009 - Introduction au troubleshooting de SharePoint 2007TechDays 2009 - Introduction au troubleshooting de SharePoint 2007
TechDays 2009 - Introduction au troubleshooting de SharePoint 2007Benoit HAMET
 
TechDays 2011 - Préparation à la migration Lotus Notes vers SharePoint
TechDays 2011 - Préparation à la migration Lotus Notes vers SharePointTechDays 2011 - Préparation à la migration Lotus Notes vers SharePoint
TechDays 2011 - Préparation à la migration Lotus Notes vers SharePointBenoit HAMET
 
TechDays 2011 - Publier SharePoint 2010 sur internet de manière sécurisée
TechDays 2011 - Publier SharePoint 2010 sur internet de manière sécuriséeTechDays 2011 - Publier SharePoint 2010 sur internet de manière sécurisée
TechDays 2011 - Publier SharePoint 2010 sur internet de manière sécuriséeBenoit HAMET
 
Nouveautés dans l'administration de SharePoint 2010
Nouveautés dans l'administration de SharePoint 2010Nouveautés dans l'administration de SharePoint 2010
Nouveautés dans l'administration de SharePoint 2010Benoit HAMET
 
Préparer la migration vers SharePoint 2010
Préparer la migration vers SharePoint 2010Préparer la migration vers SharePoint 2010
Préparer la migration vers SharePoint 2010Benoit HAMET
 
Publication de SharePoint
Publication de SharePointPublication de SharePoint
Publication de SharePointBenoit HAMET
 
Quest IT Performance Day 2010 - Gouvernance SharePoint
Quest IT Performance Day 2010 - Gouvernance SharePointQuest IT Performance Day 2010 - Gouvernance SharePoint
Quest IT Performance Day 2010 - Gouvernance SharePointBenoit HAMET
 

More from Benoit HAMET (9)

2023-03 - Workplace Ninja - Migrating to a modern device management.pptx
2023-03 - Workplace Ninja - Migrating to a modern device management.pptx2023-03 - Workplace Ninja - Migrating to a modern device management.pptx
2023-03 - Workplace Ninja - Migrating to a modern device management.pptx
 
TechDays 2012 - L’entreprise numérique: l’environnement de travail se transforme
TechDays 2012 - L’entreprise numérique: l’environnement de travail se transformeTechDays 2012 - L’entreprise numérique: l’environnement de travail se transforme
TechDays 2012 - L’entreprise numérique: l’environnement de travail se transforme
 
TechDays 2009 - Introduction au troubleshooting de SharePoint 2007
TechDays 2009 - Introduction au troubleshooting de SharePoint 2007TechDays 2009 - Introduction au troubleshooting de SharePoint 2007
TechDays 2009 - Introduction au troubleshooting de SharePoint 2007
 
TechDays 2011 - Préparation à la migration Lotus Notes vers SharePoint
TechDays 2011 - Préparation à la migration Lotus Notes vers SharePointTechDays 2011 - Préparation à la migration Lotus Notes vers SharePoint
TechDays 2011 - Préparation à la migration Lotus Notes vers SharePoint
 
TechDays 2011 - Publier SharePoint 2010 sur internet de manière sécurisée
TechDays 2011 - Publier SharePoint 2010 sur internet de manière sécuriséeTechDays 2011 - Publier SharePoint 2010 sur internet de manière sécurisée
TechDays 2011 - Publier SharePoint 2010 sur internet de manière sécurisée
 
Nouveautés dans l'administration de SharePoint 2010
Nouveautés dans l'administration de SharePoint 2010Nouveautés dans l'administration de SharePoint 2010
Nouveautés dans l'administration de SharePoint 2010
 
Préparer la migration vers SharePoint 2010
Préparer la migration vers SharePoint 2010Préparer la migration vers SharePoint 2010
Préparer la migration vers SharePoint 2010
 
Publication de SharePoint
Publication de SharePointPublication de SharePoint
Publication de SharePoint
 
Quest IT Performance Day 2010 - Gouvernance SharePoint
Quest IT Performance Day 2010 - Gouvernance SharePointQuest IT Performance Day 2010 - Gouvernance SharePoint
Quest IT Performance Day 2010 - Gouvernance SharePoint
 

Recently uploaded

SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 

Recently uploaded (20)

DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 

Office 365 Saturday - Office 365 Security Best Practices

  • 2. Thanks for coming! Important stuff you need to know Toilets Fire Escapes Internet Access Stick around til the end and provide feedback to win!
  • 3. Digital Workplace Conference Sofitel Sydney Wentworth 23rd to 24th August
  • 4. We have some amazing things to give away today! Wanna Twit about the day? Use either #O365Sat17 or #O365SatSyd17 Leave us feedback, not only cause it makes our events better but you win amazing prizes! https://tinyurl.com/O365SatSyd17
  • 5. Room 1 Room 2 Room 3 1:00- 2:00 MS Graph Building Data and Intelligent Apps Ashish Trivedi Extranet for partner Collaboration Alpesh Nakar Team Sites | Teams | Groups | Yammer – Untangling the Collaboration Web Russ Norton 2:05- 3:05 SharePoint Framework – Build integrated user experiences Anupam Ranku 9 Months of Fun with SharePoint in Azure and Office365 Colin Philips Top 10 Adoption Tips Kirsty McGrath 3:10 - 4:10 What the heck is GraphAPI and why should I care? Steven Hosking Automate Office 365 Robert Crane TBA Adam Cogan Room 1 Room 2 Room 3 9:00 - 10:00 Introduction to SharePoint Framework (SPFx) Sezai Komur From Cloud Productivity to Enterprise Business App Igor Jericevich SharePoint Branding for Non-Branders Colin Gardner 10:05- 11:05 Mayhem and Mischief with the Outlook and Microsoft Graph APIs Simon Waight Mind blown: the Dynamite Dynamics 365 Experience Roger Carran Who said you have to be a Power-User to create Dynamic Forms? Ishai Sagi 11:10- 12:10 Event Driven Development in Office 365 Amr Found Office 365 Security Best Practices Benoit Hamet Making your first app with Power Apps Haylee Fox
  • 8.
  • 9. When moving to cloud services, the security is a major concern On Office 365, security is a 2 dimensional implementation: ▶ The first dimension is the Microsoft-managed service- level, including operational procedures or default policies ▶ The second dimension is the customer-managed control-level Security and compliance is an ongoing process, not a steady state. It is constantly maintained, enhanced, and verified by highly-skilled, experienced and trained personnel Objectives of this session is to give you some keys practices/implementation to help you stay secure on Office 365
  • 10.
  • 11. Financial services firms worry about customer fraud and advanced attacks. 47% Financial services Business services pros want to use managed security services. 11% Business services The nonprofit/ government sector prioritizes authentication concerns 9% Nonprofit / government Healthcare firms focus on patient data protection. 8% Healthcare Forrester’s Inquiry Spotlight: Security And Risk, Q3 2015 To Q3 2016, Stephanie Balaouras, Claire O'Malley with Laura Koetzle, Trevor Lyness, Peggy Dostie, December 27, 2016 Based: 1,731 inquiries from Q3 2015 to Q3 2016
  • 12. $4 M - IDC Ponemom Institute, Cost of a Data Breach Report (2016) 63% - Verizon 2016 Data Breach Report 80% - Stratecast, December 2016 33% - VansonBourne, February 2014
  • 13. Technical Objectives • Get in reliably • Obtain data I am assigned or can sell • Avoid detection Specialization • Exploiting Stolen Data • Selling Stolen Data • Selling Attack Tools • Sell Access to environments Motivations • Money / Profit • Message / Activism • Mission / Nation State Daily Considerations • Build or buy my tools? • What is the target worth? • Try the easy things first Stats: • 82% of Successful cyberattacks are from Cybercriminals via: • Phishing • Network Scans • Strategic web site compromise • 11% are from insiders • 7% are nation states SecureWorks 2016 via eWeek Good to know: • Attacks aren’t random • Likely has attacked before • Very expensive to react to – preventative much better than reactive
  • 14.
  • 15.
  • 16.
  • 17. ▶ Know you risks ▶ Know your user’s behaviour ▶ Know your environment ▶ Know you data ▶ Know your legal/financial requirements ▶ Confidentially ▶ Privacy ▶ Regulatory ▶ Review / Audit ▶ Never ending story
  • 18.
  • 19. Apps and Data SaaS Malware Protection Center Cyber Hunting Teams Security Response Center DeviceInfrastructure CERTs Identity INTELLIGENT SECURITY GRAPH Cyber Defense Operations Center Digital Crimes Unit Antivirus NetworkIndustry Partners PaaS IaaS
  • 20.
  • 21. Office 365 includes tools to discover your environment ▶ Office 365 Secure Score ▶ Helps to assess your security configuration ▶ Provides actions/recommendations ▶ Proactive vs reactive ▶ Compliance Center ▶ Provides regulatory documentation ▶ Security and regulations standards implemented ▶ Cloud App Security (EMS E5) / Advanced Security Management (E5) ▶ Discovers application used by user
  • 22.
  • 23.
  • 24. ▶ Cloud identity management is similar to On Premises identity management ▶ Provisioning / Management / Termination ▶ Integrates with your On Premises directory ▶ Use latest version of Azure AD Connect ▶ Authenticate with your On Premises credentials (ADFS / Password synch / Pass Through) ▶ Grant permissions using groups not to individuals ▶ Enable self-service (password reset) ▶ Identity sensitive users / roles ▶ Enable MFA ▶ Automate Office 365 role assignment / approval workflow ▶ Separate “day to day” and admin accounts
  • 25. One small mistake can lead to attacker control Attackers Can • Steal any data • Modify documents • Impersonate users • Disrupt business operations Active Directory and Administrators control all the assets
  • 26.
  • 27.
  • 28.
  • 29.
  • 30. Your users’ productivity and security is more challenged than ever by different types of attacks. 80 Billion Inbound Messages to Office365 in 1 month – only 31% core business mails 55 Billion Spam and Bulk mails that could have crowded users’ mailboxes Malware  600% Volume of malware targeting O365 has increased 600% in the past year
  • 31. ▶ Exchange Online Protection ▶ Spam protection ▶ Spoofing protection (SPF / DKIM / DMARC) ▶ ‘light’ malware protection ▶ Advanced Threats Protection ▶ URL rewriting ▶ Attachments analysis ▶ SharePoint Online / OneDrive ▶ Device Access
  • 32. ▶ Free for individuals (recipient only) ▶ Azure Right Management Services (RMS) included with Office 365 E plans ▶ Can be automatically applied to SharePoint library and Exchange mails ▶ Azure Information Protection included with Azure Premium / EMS ▶ Allows tagging ▶ Both can protects data by embedding authorization
  • 33.
  • 34.
  • 35.
  • 36.
  • 37.
  • 38.
  • 39. Netskope Cloud Report, Summer 2015 ▶ 17.9% of files violate DLP Policy ▶ 22.2% are shared publicly ▶ Almost all data leakage occurs inadvertently ▶ Define labels ▶ Create DLP rules ▶ Built in ▶ Custom
  • 40. ▶ Retention ensures conservation of data ▶ Applies to Exchange and SharePoint (including Office 365 groups) ▶ Not only used for compliance but can be used for recovery
  • 41.
  • 42. ▶ 2 options ▶ Access Control Policy (ADFS) ▶ Conditional Access (Azure AD Premium) ▶ Access Control Policy ▶ On Premises configuration ▶ Built in and custom conditions ▶ Not only applies to Office 365 ▶ Conditional Access ▶ Azure AD configuration / Intune ▶ Can work in conjunction with Azure AD Identity Protection (Azure Premium P2) ▶ Conditions: group membership, location, device platform and state
  • 43.
  • 44.
  • 45.
  • 46. ▶ First to discover ▶ Identity existing usage/gap ▶ Continuous activities review ▶ Identify potential malicious activities ▶ Validate/Review configuration (DLP) ▶ All activities are audited
  • 47.
  • 48.
  • 49. ▶ Security is specific to you ▶ Common patterns to everybody ▶ Meet your specific needs ▶ Manage your identity ▶ Be as ‘end-user’ friendly as possible ▶ Automation ▶ Self service ▶ Communicate / Instruct ▶ No exceptions ▶ There is always exception, but the less the better
  • 50. ▶ Restrict privileges ▶ Lower permissions as possible ▶ Elevate security requirements for sensitive role (MFA) ▶ Conditional access ▶ Monitor ▶ Be proactive ▶ Review activities ▶ Identify your data
  • 52. Room 1 Room 2 Room 3 1:00- 2:00 MS Graph Building Data and Intelligent Apps Ashish Trivedi Extranet for partner Collaboration Alpesh Nakar Team Sites | Teams | Groups | Yammer – Untangling the Collaboration Web Russ Norton 2:05- 3:05 SharePoint Framework – Build integrated user experiences Anupam Ranku 9 Months of Fun with SharePoint in Azure and Office365 Colin Philips Top 10 Adoption Tips Kirsty McGrath 3:10 - 4:10 What the heck is GraphAPI and why should I care? Steven Hosking Automate Office 365 Robert Crane TBA Adam Cogan Room 1 Room 2 Room 3 9:00 - 10:00 Introduction to SharePoint Framework (SPFx) Sezai Komur From Cloud Productivity to Enterprise Business App Igor Jericevich SharePoint Branding for Non-Branders Colin Gardner 10:05- 11:05 Mayhem and Mischief with the Outlook and Microsoft Graph APIs Simon Waight Mind blown: the Dynamite Dynamics 365 Experience Roger Carran Who said you have to be a Power-User to create Dynamic Forms? Ishai Sagi 11:10- 12:10 Event Driven Development in Office 365 Amr Found Office 365 Security Best Practices Benoit Hamet Making your first app with Power Apps Haylee Fox
  • 53.
  • 54. ▶ Office 365 Microsoft Trust Center https://www.microsoft.com/en- us/trustcenter/cloudservices/office365 ▶ Secure Store https://securescore.office.com ▶ Security and Compliance Portal https://protection.office.com ▶ Cloud App Security https://portal.cloudappsecurity.com ▶ Azure Self Service Portal https://account.activedirectory.windowsazure.com
  • 55. ▶ Azure AD Conditional Access https://portal.azure.com/#blade/Microsoft_AAD_IAM/Con ditionalAccessBlade/Policies ▶ OneDrive Access Policy https://admin.onedrive.com/?v=AccessPolicySettings ▶ Azure Privileged Identity Management https://portal.azure.com/#blade/Microsoft_Azure_PIM/Co mmonMenuBlade/QuickStart https://portal.azure.com/#blade/Microsoft_Azure_PIM/Dir ectoryRoleManagementMenuBlade/setting

Editor's Notes

  1. Cloud app security discovers all applications, including third party Advanced Security Management discovers only Office 365 applications usage/activities