You’ve entrusted all of your company’s data to Microsoft’s cloud…what could go wrong? In 2018 you’ve either moved your data to Office365, you’re thinking about it, or you’ve locked your entire business into Lotus Notes. As cloud providers eat away traditional infrastructure, IT and Security teams must either adapt to this brave new world, or be left behind. In this talk we will provide real-world examples and how to apply both traditional and new security controls/tools to secure Office 365 & Azure. We will give specific, actionable recommendations you can make to your Microsoft Office 365 and Azure tenants. Recommendations like how to prevent external threats like account takeovers, internal threats like Shadow cloud Apps, effective monitoring and processes to follow to minimize the likelihood that your company becomes the Next Big Breach. The new perimeter is identities in the cloud, so learn to protect them with Azure Active Directory.
Microsoft 365 provides holistic security across these four aspects of security.
By helping enterprise businesses secure corporate data and manage risk in today’s mobile-first, cloud-first world Microsoft 365 enables customers to digitally transform by unifying user productivity and enterprise security tools into a single suite that enables the modern workplace.
Identity & Access Mgmt
Secure identities to reach zero trust
Threat Protection
Help stop damaging attacks with integrated and automated security
Information Protection
Protect sensitive information anywhere it lives
Security Management
Strengthen your security posture with insights and guidance
Cyberspace is the new battlefield:
We’re seeing attacks on civilians and organizations from nation states. Attacks are no longer just against governments or enterprise systems directly. We’re seeing attacks against private property—the mobile devices we carry around everyday, the laptop on our desks—and public infrastructure. What started a decade-and-a-half ago as a sense that there were some teenagers in the basement hacking their way has moved far beyond that. It has morphed into sophisticated international organized crime and, worse, sophisticated nation state attacks.
Personnel and resources are limited:
According to an annual survey of 620 IT professional across North America and Western Europe from ESG, 51% respondents claim their organization had a problem of shortage of cybersecurity skills—up from 23% in 2014.1 The security landscape is getting more complicated and the stakes are rising, but many enterprises don’t have the resources they need to meet their security needs.
Virtually anything can be corrupted:
The number of connected devices in 2018 is predict to top 11 billion – not including computers and phones. As we connect virtually everything, anything can be disrupted. Everything from the cloud to the edge needs to be considered and protected.2
Differences between Enterprise contract levels. Articulation of benefits for moving to an E5.
(Note: This document is visible only for those with the link.)
Community IT CTO Matthew Eshleman reviews security fundamentals in Office 365. Small and medium sized nonprofits are in a great position to take advantage of the native security tools offered in Office 365.
Our end-to-end, integrated portfolio of cloud solutions across Microsoft 365, Dynamics 365, and Azure is built on a foundation of security and privacy and helps every organization in every industry build resilience and improve the bottom line.
Microsoft 365 provides holistic security across these four aspects of security.
By helping enterprise businesses secure corporate data and manage risk in today’s mobile-first, cloud-first world Microsoft 365 enables customers to digitally transform by unifying user productivity and enterprise security tools into a single suite that enables the modern workplace.
Identity & Access Mgmt
Secure identities to reach zero trust
Threat Protection
Help stop damaging attacks with integrated and automated security
Information Protection
Protect sensitive information anywhere it lives
Security Management
Strengthen your security posture with insights and guidance
Cyberspace is the new battlefield:
We’re seeing attacks on civilians and organizations from nation states. Attacks are no longer just against governments or enterprise systems directly. We’re seeing attacks against private property—the mobile devices we carry around everyday, the laptop on our desks—and public infrastructure. What started a decade-and-a-half ago as a sense that there were some teenagers in the basement hacking their way has moved far beyond that. It has morphed into sophisticated international organized crime and, worse, sophisticated nation state attacks.
Personnel and resources are limited:
According to an annual survey of 620 IT professional across North America and Western Europe from ESG, 51% respondents claim their organization had a problem of shortage of cybersecurity skills—up from 23% in 2014.1 The security landscape is getting more complicated and the stakes are rising, but many enterprises don’t have the resources they need to meet their security needs.
Virtually anything can be corrupted:
The number of connected devices in 2018 is predict to top 11 billion – not including computers and phones. As we connect virtually everything, anything can be disrupted. Everything from the cloud to the edge needs to be considered and protected.2
Differences between Enterprise contract levels. Articulation of benefits for moving to an E5.
(Note: This document is visible only for those with the link.)
Community IT CTO Matthew Eshleman reviews security fundamentals in Office 365. Small and medium sized nonprofits are in a great position to take advantage of the native security tools offered in Office 365.
Our end-to-end, integrated portfolio of cloud solutions across Microsoft 365, Dynamics 365, and Azure is built on a foundation of security and privacy and helps every organization in every industry build resilience and improve the bottom line.
NIC 2017 Azure AD Identity Protection and Conditional Access: Using the Micro...Morgan Simonsen
A common trend in today’s cloud based world is identity driven security. As the name implies this makes user identity really important; user identity is now the key to unlock everything. Building the infrastructure to support this trend is very hard; you bear all the responsibilities and can rely on only your own signal data and threat detection. With Azure AD there is a better way! Come join this session to see how Azure AD Identity Protection is using signals from the global Microsoft cloud, Big Data and Machine Learning to protect your users’ accounts, and also how Azure AD Conditional Access makes it easy to enforce application access policies based on things like location and device. We will show you how to set it all up, what works and what doesn’t and how it integrates with other Microsoft protection services in the cloud, and your existing systems. Come and be safe!
Microsoft Security - New Capabilities In Microsoft 365 E5 PlansDavid J Rosenthal
Cyberspace is the new battlefield:
We’re seeing attacks on civilians and organizations from nation states. Attacks are no longer just against governments or enterprise systems directly. We’re seeing attacks against private property—the mobile devices we carry around everyday, the laptop on our desks—and public infrastructure. What started a decade-and-a-half ago as a sense that there were some teenagers in the basement hacking their way has moved far beyond that. It has morphed into sophisticated international organized crime and, worse, sophisticated nation state attacks.
Personnel and resources are limited:
According to an annual survey of 620 IT professional across North America and Western Europe from ESG, 51% respondents claim their organization had a problem of shortage of cybersecurity skills—up from 23% in 2014.1 The security landscape is getting more complicated and the stakes are rising, but many enterprises don’t have the resources they need to meet their security needs.
Virtually anything can be corrupted:
The number of connected devices in 2018 is predict to top 11 billion – not including computers and phones. As we connect virtually everything, anything can be disrupted. Everything from the cloud to the edge needs to be considered and protected
What is Microsoft Enterprise Mobility Suite and how to deploy itPeter De Tender
Key components of the Enterprise Mobility Suite are Azure AD Premium, Windows Intune and Azure Rights Management.
Learn from Peter De Tender, Microsoft Infrastructure Architect, MCT and MVP not only what the Microsoft Enterprise Mobility Suite is, but also how one can deploy it in an enterprise organization. By attending this session, you will gain the knowledge to optimize the adoption of IT, BYOD and SaaS as the core cloud solution components. Key concepts that will be covered are identity and access management, mobile device management and data protection.
At Agile IT, we've been leading the trend in moving customers to the Microsoft Cloud. Along that roadmap is the need to secure and manage the devices that will access that data. The Microsoft Enterprise Mobility Suite (EMS) focuses on managing both the data that's accessible from the cloud as well as the devices that access it. In this webinar, we introduce you to EMS and focus on how cloud technologies work together to deliver a seamless solution for protecting your data.
The accompanying recording of the webinar can be found at https://youtu.be/NOWFI4xl-dM.
I nuovi strumenti di comunicazione e collaborazione di Office 365 e la loro i...Jürgen Ambrosi
I vantaggi di Office 2019; Gestione e condivisione dei documenti: OneDrive e SharePoint; Lavoro di gruppo con Teams; Strumenti moderni per la formazione (Forms, Sway e Stream). Funzionalità di centralino telefonico e di audio-conferencing integrate in Skype for Business e Teams che abilitano le comunicazioni interne ed esterne all’organizzazione
Being more secure using Microsoft 365 BusinessRobert Crane
Microsoft 365 Business provides a range of services to make both data and devices more secure. This webinar will take you through the range of what these services are, the best practices way in which they should be configured and how you can extend security further with additional Microsoft solutions.
Productivity and Security with Microsoft 365 and the Modern DesktopDavid J Rosenthal
Microsoft 365 Enterprise is a complete, intelligent solution, which brings together the best of Office 365, Windows 10 Enterprise, and Enterprise Mobility + Security, that empowers everyone to be creative and work together, securely.
How to plan your Modern Workplace Project - SPS Denver October 2018Ammar Hasayen
Join Ammar Hasayen as he speaks at the SharePoint Saturday Denver, Colorado - October 2018 about how big organizations should plan their modern workplace project. Learn how to get executive sponsorship, create clear vision, drive adoption, and adopt a success plan to maximize the impact of the modern workplace.
More at my blog post https://blog.ahasayen.com/speaking-at-sharepoint-saturday-denver-colorado
here's where Microsoft has invested, across these areas: identity and access management, apps and data security, network security, threat protection, and security management.
We’ve put a tremendous amount of investment into these areas and the way it shows up is across a pretty broad array of product areas and features.
Our Identity and Access Management tools enable you to take an identity-based approach to security, and establish truly conditional access policies
Our App and Data Security help you protect your apps and your data as it moves around—both inside and outside your organization
Azure includes a robust networking infrastructure with built-in security controls for your application and service connectivity.
Our Threat Protection capabilities are built in and fully integrated, so you can strengthen both pre-breach protection with deep capabilities across e-mail, collaboration services, and end points including hardware based protection; and post-breach detection that includes memory and kernel based protection and response with automation.
And our Security Management tools give you the visibility and more importantly the guidance to manage policy centrally
Office 365 Security - MacGyver, Ninja or Swat teamAntonioMaio2
Do you know the tools and tricks in your MacGyver kit for Office 365 Security? Would you consider yourself a Security Ninja, fully versed and prepared to take advantage of the Office 365 Security and Compliance Center?
Is your SWAT Team prepared to take down adversaries in worst-case scenarios? Join Antonio Maio, 5-time Microsoft MVP and 20-year security professional, as he reviews the recommended game plan to enable your inner MacGyver, execute tactical strikes like a Ninja and arm your team with information governance and security practices in use at global 100 companies. Through customer case studies and hands-on demonstrations of capabilities such as alerts, data loss prevention policies, activity audit logs, advanced security management and advanced threat protection, Antonio will show you the tools and tricks you need to effectively secure your information in Office 365.
A beginners guide to administering office 365 with power shell antonio maioAntonioMaio2
With Office 365 PowerShell, you can manage Office 365 for your organization using commands and scripts that streamline your day to day work. Microsoft provides several easy to use admin centers to help manage Office 365. However, whether you’re an Office 365 administrator yourself or a service owner for Office 365 in your organization (working with other administrators), you’ll quickly find that you need to go beyond the capabilities that these admin centers provide. PowerShell can help you automate tasks so that they are easily repeatable, it can help you script management tasks so that they are automatically performed on a schedule and it can help you quickly output large amounts of data about your Office 365 environment. As well, some Office 365 settings are only manageable using PowerShell, with no UX provided. In this session, you’ll learn how to get started with Office 365 PowerShell and how to quickly become productive with it, making you more productive and empowered as you manage your Office 365 environment.
Focusing on security with Microsoft 365 BusinessRobert Crane
This presentation show you the different options that are available when you consider improving security using Microsoft 365 Business and the features it includes.
Microsoft 365 Tenant Administration: Understanding Microsoft 365 Administrati...Joel Oleson
Microsoft 365 M365 Management Made Easy
Do you struggle with administering your Microsoft 365 tenant? Have you ever wished there was an easy way to segment your tenant so you could delegate permissions more granularly to group or site admins?
Microsoft has introduced Administrative Units and they are a great start to creating boundaries within your tenant for user and group administration but are they enough? What about the other Microsoft365 services not covered by Administrative Units?
Microsoft has also announced they’ll be introducing custom roles for Microsoft 365. While currently very limited, they do promise that you’ll be able to get more granular with the permissions you want to assign.
CoreView helps you to easily manage Microsoft 365 by combining multiple Microsoft Admin Centers into a single view so you no longer need to log into multiple admin centers to complete everyday tasks.
With Virtual Tenants (like OUs for Azure AD), you can also segment your tenant by geography, department, or any other AD attribute to limit the admin scope. Virtual Tenants can be applied to any Microsoft 365 object, so they’re not just limited to users and groups.
CoreView also has very granular permissions that allow you to adhere to the least privilege access policy recommended by Microsoft. CoreView permission sets can get as granular as a single attribute without giving the delegated administrator permission to do anything else.
You’ll also see how you can easily delegate the running of PowerShell scripts so once the script is created, anyone with proper CoreView permissions can execute it.
Register now to hear MVP Joel Oleson’s take on Admin Units, and how CoreView can help take them to the next level.
Secure Productive Enterprise from Microsoft and AtidanDavid J Rosenthal
Secure Productive Enterprise
The most trusted, secure, and productive way to work that brings together the best of Office 365, Enterprise Mobility + Security, and Windows 10 Enterprise.
Securely Harden Microsoft 365 with Secure ScoreJoel Oleson
7 Ways to Harden and Secure Microsoft 365
1. Enable Secure Access for Users with Azure Active Directory MFA
2. Identify compromised identities or malicious insiders with Microsoft Defender for Identity
3. Protect and Encrypt Sensitive Data with Microsoft Information Protection
4. Manage and Protect Devices and with Secure Score for Devices
5. Prevent Unauthorized Access and Sharing with Cloud App security
6. Secure your Email and Files with Microsoft 365 Rights Management Policies and Defender for Microsoft 365
7. Use Intelligent Insights and Guidance to Strengthen Your Organizational security posture with Microsoft Secure Score
Sponsored by CoreView
“How do we operate as a multi-tenant environment while, from Microsoft’s perspective, on a single tenant? CoreView brought all of that to the table with the V-tenant capabilities. We can slice and dice administration into functional areas. We can have user managers, Teams managers, Teams administrators, or security administrators. All of those functions and feature sets are critical to the solution we have today”
NIC 2017 Azure AD Identity Protection and Conditional Access: Using the Micro...Morgan Simonsen
A common trend in today’s cloud based world is identity driven security. As the name implies this makes user identity really important; user identity is now the key to unlock everything. Building the infrastructure to support this trend is very hard; you bear all the responsibilities and can rely on only your own signal data and threat detection. With Azure AD there is a better way! Come join this session to see how Azure AD Identity Protection is using signals from the global Microsoft cloud, Big Data and Machine Learning to protect your users’ accounts, and also how Azure AD Conditional Access makes it easy to enforce application access policies based on things like location and device. We will show you how to set it all up, what works and what doesn’t and how it integrates with other Microsoft protection services in the cloud, and your existing systems. Come and be safe!
Microsoft Security - New Capabilities In Microsoft 365 E5 PlansDavid J Rosenthal
Cyberspace is the new battlefield:
We’re seeing attacks on civilians and organizations from nation states. Attacks are no longer just against governments or enterprise systems directly. We’re seeing attacks against private property—the mobile devices we carry around everyday, the laptop on our desks—and public infrastructure. What started a decade-and-a-half ago as a sense that there were some teenagers in the basement hacking their way has moved far beyond that. It has morphed into sophisticated international organized crime and, worse, sophisticated nation state attacks.
Personnel and resources are limited:
According to an annual survey of 620 IT professional across North America and Western Europe from ESG, 51% respondents claim their organization had a problem of shortage of cybersecurity skills—up from 23% in 2014.1 The security landscape is getting more complicated and the stakes are rising, but many enterprises don’t have the resources they need to meet their security needs.
Virtually anything can be corrupted:
The number of connected devices in 2018 is predict to top 11 billion – not including computers and phones. As we connect virtually everything, anything can be disrupted. Everything from the cloud to the edge needs to be considered and protected
What is Microsoft Enterprise Mobility Suite and how to deploy itPeter De Tender
Key components of the Enterprise Mobility Suite are Azure AD Premium, Windows Intune and Azure Rights Management.
Learn from Peter De Tender, Microsoft Infrastructure Architect, MCT and MVP not only what the Microsoft Enterprise Mobility Suite is, but also how one can deploy it in an enterprise organization. By attending this session, you will gain the knowledge to optimize the adoption of IT, BYOD and SaaS as the core cloud solution components. Key concepts that will be covered are identity and access management, mobile device management and data protection.
At Agile IT, we've been leading the trend in moving customers to the Microsoft Cloud. Along that roadmap is the need to secure and manage the devices that will access that data. The Microsoft Enterprise Mobility Suite (EMS) focuses on managing both the data that's accessible from the cloud as well as the devices that access it. In this webinar, we introduce you to EMS and focus on how cloud technologies work together to deliver a seamless solution for protecting your data.
The accompanying recording of the webinar can be found at https://youtu.be/NOWFI4xl-dM.
I nuovi strumenti di comunicazione e collaborazione di Office 365 e la loro i...Jürgen Ambrosi
I vantaggi di Office 2019; Gestione e condivisione dei documenti: OneDrive e SharePoint; Lavoro di gruppo con Teams; Strumenti moderni per la formazione (Forms, Sway e Stream). Funzionalità di centralino telefonico e di audio-conferencing integrate in Skype for Business e Teams che abilitano le comunicazioni interne ed esterne all’organizzazione
Being more secure using Microsoft 365 BusinessRobert Crane
Microsoft 365 Business provides a range of services to make both data and devices more secure. This webinar will take you through the range of what these services are, the best practices way in which they should be configured and how you can extend security further with additional Microsoft solutions.
Productivity and Security with Microsoft 365 and the Modern DesktopDavid J Rosenthal
Microsoft 365 Enterprise is a complete, intelligent solution, which brings together the best of Office 365, Windows 10 Enterprise, and Enterprise Mobility + Security, that empowers everyone to be creative and work together, securely.
How to plan your Modern Workplace Project - SPS Denver October 2018Ammar Hasayen
Join Ammar Hasayen as he speaks at the SharePoint Saturday Denver, Colorado - October 2018 about how big organizations should plan their modern workplace project. Learn how to get executive sponsorship, create clear vision, drive adoption, and adopt a success plan to maximize the impact of the modern workplace.
More at my blog post https://blog.ahasayen.com/speaking-at-sharepoint-saturday-denver-colorado
here's where Microsoft has invested, across these areas: identity and access management, apps and data security, network security, threat protection, and security management.
We’ve put a tremendous amount of investment into these areas and the way it shows up is across a pretty broad array of product areas and features.
Our Identity and Access Management tools enable you to take an identity-based approach to security, and establish truly conditional access policies
Our App and Data Security help you protect your apps and your data as it moves around—both inside and outside your organization
Azure includes a robust networking infrastructure with built-in security controls for your application and service connectivity.
Our Threat Protection capabilities are built in and fully integrated, so you can strengthen both pre-breach protection with deep capabilities across e-mail, collaboration services, and end points including hardware based protection; and post-breach detection that includes memory and kernel based protection and response with automation.
And our Security Management tools give you the visibility and more importantly the guidance to manage policy centrally
Office 365 Security - MacGyver, Ninja or Swat teamAntonioMaio2
Do you know the tools and tricks in your MacGyver kit for Office 365 Security? Would you consider yourself a Security Ninja, fully versed and prepared to take advantage of the Office 365 Security and Compliance Center?
Is your SWAT Team prepared to take down adversaries in worst-case scenarios? Join Antonio Maio, 5-time Microsoft MVP and 20-year security professional, as he reviews the recommended game plan to enable your inner MacGyver, execute tactical strikes like a Ninja and arm your team with information governance and security practices in use at global 100 companies. Through customer case studies and hands-on demonstrations of capabilities such as alerts, data loss prevention policies, activity audit logs, advanced security management and advanced threat protection, Antonio will show you the tools and tricks you need to effectively secure your information in Office 365.
A beginners guide to administering office 365 with power shell antonio maioAntonioMaio2
With Office 365 PowerShell, you can manage Office 365 for your organization using commands and scripts that streamline your day to day work. Microsoft provides several easy to use admin centers to help manage Office 365. However, whether you’re an Office 365 administrator yourself or a service owner for Office 365 in your organization (working with other administrators), you’ll quickly find that you need to go beyond the capabilities that these admin centers provide. PowerShell can help you automate tasks so that they are easily repeatable, it can help you script management tasks so that they are automatically performed on a schedule and it can help you quickly output large amounts of data about your Office 365 environment. As well, some Office 365 settings are only manageable using PowerShell, with no UX provided. In this session, you’ll learn how to get started with Office 365 PowerShell and how to quickly become productive with it, making you more productive and empowered as you manage your Office 365 environment.
Focusing on security with Microsoft 365 BusinessRobert Crane
This presentation show you the different options that are available when you consider improving security using Microsoft 365 Business and the features it includes.
Microsoft 365 Tenant Administration: Understanding Microsoft 365 Administrati...Joel Oleson
Microsoft 365 M365 Management Made Easy
Do you struggle with administering your Microsoft 365 tenant? Have you ever wished there was an easy way to segment your tenant so you could delegate permissions more granularly to group or site admins?
Microsoft has introduced Administrative Units and they are a great start to creating boundaries within your tenant for user and group administration but are they enough? What about the other Microsoft365 services not covered by Administrative Units?
Microsoft has also announced they’ll be introducing custom roles for Microsoft 365. While currently very limited, they do promise that you’ll be able to get more granular with the permissions you want to assign.
CoreView helps you to easily manage Microsoft 365 by combining multiple Microsoft Admin Centers into a single view so you no longer need to log into multiple admin centers to complete everyday tasks.
With Virtual Tenants (like OUs for Azure AD), you can also segment your tenant by geography, department, or any other AD attribute to limit the admin scope. Virtual Tenants can be applied to any Microsoft 365 object, so they’re not just limited to users and groups.
CoreView also has very granular permissions that allow you to adhere to the least privilege access policy recommended by Microsoft. CoreView permission sets can get as granular as a single attribute without giving the delegated administrator permission to do anything else.
You’ll also see how you can easily delegate the running of PowerShell scripts so once the script is created, anyone with proper CoreView permissions can execute it.
Register now to hear MVP Joel Oleson’s take on Admin Units, and how CoreView can help take them to the next level.
Secure Productive Enterprise from Microsoft and AtidanDavid J Rosenthal
Secure Productive Enterprise
The most trusted, secure, and productive way to work that brings together the best of Office 365, Enterprise Mobility + Security, and Windows 10 Enterprise.
Securely Harden Microsoft 365 with Secure ScoreJoel Oleson
7 Ways to Harden and Secure Microsoft 365
1. Enable Secure Access for Users with Azure Active Directory MFA
2. Identify compromised identities or malicious insiders with Microsoft Defender for Identity
3. Protect and Encrypt Sensitive Data with Microsoft Information Protection
4. Manage and Protect Devices and with Secure Score for Devices
5. Prevent Unauthorized Access and Sharing with Cloud App security
6. Secure your Email and Files with Microsoft 365 Rights Management Policies and Defender for Microsoft 365
7. Use Intelligent Insights and Guidance to Strengthen Your Organizational security posture with Microsoft Secure Score
Sponsored by CoreView
“How do we operate as a multi-tenant environment while, from Microsoft’s perspective, on a single tenant? CoreView brought all of that to the table with the V-tenant capabilities. We can slice and dice administration into functional areas. We can have user managers, Teams managers, Teams administrators, or security administrators. All of those functions and feature sets are critical to the solution we have today”
This session will provide a basic overview of Microsoft 365 and will then dive into how to position its benefits for customers. You'll learn how the Microsoft 365 features help resolve many common business challenges today and how you should be speaking with customers about these.
Microsoft cloud app security or CASB is a critical component of the Microsoft cloud security stack. It provides a comprehensive solution to give organizations improved visibility into cloud activities, uncover shadow IT, assess risks, enforce polices, investigate suspicious activities and stop threats
https://blog.ahasayen.com/microsoft-cloud-app-security-casb/
Utilizing Microsoft 365 Security for Remote Work Perficient, Inc.
With an increasingly mobile workforce, and the spread of shadow IT, the rapid rise of cybercrime - companies must find unique ways to effectively manage their sprawling SaaS portfolio.
Simple, Straightforward, and Jargon-Free Answers to basic questions including:
What is Office 365?
What is Office 365 used for?
How much does Office 365 cost?
Is Office 365 secure?
How does Office 365 stack up against the competition?
How difficult is it to migrate your existing files?
To help you make an informed decision about whether Office 365 is right for your business.
Security and compliance is an ongoing process, not a steady state. It is constantly maintained, enhanced, and verified by highly-skilled, experienced and trained personnel. We strive to keep software and hardware technologies up to date through robust processes. To help keep Office 365 security at the top of the industry, we use processes such as the Security Development Lifecycle; we also employ techniques that throttle traffic and prevent, detect, and mitigate breaches.
https://runfrictionless.com/b2b-white-paper-service/
Rencore Webinar: Securing Office 365 and Microsoft Azure like a RockstarRencore
Securing and maintaining a trustworthy Office 365 and Microsoft Azure deployment is not an easy task.
Join Jussi in his session where we’ll take a look into how you can secure and control your cloud-based servers and services, data and users using Azure Active Directory, Azure Security Center, Privileged Identity Management, and Advanced Security Management.
In addition, we’ll also take a look at how Operations Management Suite and Microsoft Advanced Threat Analytics can be used to provide better overall security for on-premises and hybrid deployments.
This is the slide deck used on my webinar session titled " Fundamentals of Microsoft 365 security , Identity and Compliance" .You can find the recording of this webinar here : https://youtu.be/akrEnqK6Dsc
SPC18 - Getting Started with Office 365 Advanced Threat Protection for ShareP...jeffgellman
This is the deck from my presentation at SPC18 on Getting Started with Office 365 Advanced Threat Protection for SharePoint, OneDrive for Business and Teams.
May 2018 Office 365 Need to Know WebinarRobert Crane
Slides from CIAOPS May 2018 webinar that provided Office 365 news update, open Q & A as well as a focus session on Office 365 Data Loss Prevention. Video recording is available at www.ciaopsacademy.com
Similar to Office 365 Security - Its 2am do you know whos in your office 365 (20)
A Clear Path to NIST & CMMC Compliance - 2023 Cleveland Security Summit.pdfJack Nichelson
All DoD contractors are now be subject to CMMC 2.0 DFARS 252.204-7012 & 7019. This means, that any DoD suppliers looking to earn new business or up for a renewal will need to complete a new NIST 800-171 Self-Assessment and upload the results to the Supplier Performance Risk System (SPRS) before a contract is awarded. If you do business with the DPD, NASA, GSA or another state/federal agency, you need to be prepared for the CMMC framework. In this presentation, we discuss the potential impacts on your business, while introducing an affordable, practical and secure solution for contractors preparing for CMMC 2.0 certification.In addition to answering questions from attendees, this presentation will cover the following topics:• What You Need to Know About CMMC• CMMC 2.0 Proposed Changes• The Crawl – Walk – Run of CMMC• Preliminary Steps for CMMC Success• How to improve your NIST SP 800-171 Self-Assessment SPRS score
A Clear Path to NIST & CMMC Compliance - 2022 Summit.pptxJack Nichelson
Beginning in 2020, the DoD will use the Cybersecurity Maturity Model Certification (CMMC) to verify contractors of the Defense Industrial Base are operating with effective cyber hygiene. In order to bid on, maintain, and win future DoD contracts, all organizations will need to prove their required level of cyber maturity. If you do business with the DPD, NASA, GSA or another state/federal agency, you need to be prepared for the CMMC framework. In this presentation, we discuss the potential impacts on your business, while introducing an affordable, practical and secure solution for contractors preparing for CMMC certification.In addition to answering questions from attendees, this presentation will cover the following topics:• What You Need to Know About CMMC• CMMC 2.0 Proposed Changes• The Crawl – Walk – Run of CMMC• Preliminary Steps for CMMC Success• How to improve your NIST SP 800-171 Self-Assessment SPRS score
A Clear Path to NIST & CMMC Compliance_ISSA.pptxJack Nichelson
Beginning in 2020, the DoD will use the Cybersecurity Maturity Model Certification (CMMC) to verify contractors of the Defense Industrial Base are operating with effective cyber hygiene. In order to bid on, maintain, and win future DoD contracts, all organizations will need to prove their required level of cyber maturity. If you do business with the DPD, NASA, GSA or another state/federal agency, you need to be prepared for the CMMC framework. In this webinar, we discuss the potential impacts on your business, while introducing an affordable, practical and secure solution for contractors preparing for CMMC certification.
In addition to answering questions from attendees, this webinar will cover the following topics:
• What You Need to Know About CMMC
• The Crawl – Walk – Run of CMMC
• Preliminary Steps for CMMC Success
The kickstarter to measuring what matters Evanta CISO 2017Jack Nichelson
Does counting the number of intrusions a firewall blocked in a month really justify the capital spend on security projects? What kind of operational data demonstrates cybersecurity leaders’ long-term budgetary needs for their programs and at the same time shows the progress they’ve made over the years? Learn how a duo of cybersecurity professionals used thought leadership and a goals-based approach to build the case for past capital and future spend — a system that won them both dollars and trust with peers and their boards.
Be Proactive – Focus on what you can influence
Begin with the end in mind – Define practical outcomes
Create a Problem Statement – A goal without a plan is just a wish
Put first thing first – Plan weekly, act daily
Chart Performance & Adjust – Shine a light on the problem
You're the newly-minted CISO in your organization, charged with the (un)enviable task of improving security. Unfortunately, your superiors and peers aren't quite sure what good security looks like, what they expect to see from you, or how you should go about doing it. All the execs know for sure is that if a security breach happens, it’s definitely your fault...and if a breach never comes, they question the need for security’s budget.
It falls to you to chart your own path, and help define what good security looks like within your organization. In this session we will provide real-world examples of how the three speakers have faced this challenge in multiple organizations, what metrics were chosen to show progress, and how the speakers have gone about gathering them. You will leave this session not with abstract ivory-tower ideas on measurement, but with actionable tactics you can put in place within your own program today. This session will address:
• How to show security progress
• Presenting security to senior leadership
• Real-world security metrics
• Identifying and using easily collected data
• Aligning with existing organizational metrics
10 Critical Habits of Effective Security ManagersJack Nichelson
How to Secure Things & Influence People:
10 Critical Habits of Effective Security Managers
Have you ever felt that the security problems you're faced with would be so simple to solve if only your colleagues had your perspective on them? Are you frustrated that security does not have a more prominent seat at the table?
Often times identifying security problems and developing the appropriate controls is the easiest part of the security job. Getting our peers and superiors to buy-in to those solutions and understand the risk decisions they're making is an under-appreciated but arguably much more important part of our jobs in security.
Chris and Jack will share techniques that help to turn your employees into an army of human security sensors, to get security done regardless of where it sits on the org chart, and to earn major security victories even with a meager budget and a small team. Along the way you’ll learn about the “10 Critical Habits” which we have observed effective security leaders using to achieve their goals.
Information Security Metrics - Practical Security MetricsJack Nichelson
So exactly how do you integrate information security metrics into action in an organization and actually achieve value from the effort. Learn what efforts are currently underway in the industry to create consensus metrics guides and what initial steps an organization can take to start measuring the effectiveness of their security program.
Information Security - Back to Basics - Own Your VulnerabilitiesJack Nichelson
When a security program isn't as good as it should be it can be tempting to conclude that it needs more resources and solutions. Jack Nichelson decided to take a different approach: simplification. By focusing on fewer problems with bigger returns, he was able to reduce malware by 60 percent and improve the results of his annual pen report. He’ll share a back-to-the-basics case study for removing complexity and running a simple, effective, start-up worthy security program.
This Talk is for - Security Managers looking to better focus on the real vulnerabilities and more effectively communicate your progress
The Goals of this talk – Find the real problems, create a formal plan, build support for the plan, and report the progress
Protecting the Crown Jewels – Enlist the BeefeatersJack Nichelson
Protecting the Crown Jewels – Enlist the Beefeaters
In the wake of a constant stream of high-profile breaches, data is not only becoming a highly valued commodity, it’s becoming an organization’s crown jewels. Who better to protect your crown jewels than the Beefeaters? Tapping into the iconic London Guard’s reputation, Jack Nichelson, with the support of the FBI and PwC, has developed an elite force to defend his organization’s most valuable assets from even trusted insiders. Providing insights into his companies data identification, classification and security initiative, sharing best practices for creating consensus, and engaging and aligning multiple business units to better protect the organization's crown jewels.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
Office 365 Security - Its 2am do you know whos in your office 365
1. Its 2am…Do you know who’s in your Office (365)?
By Jack Nichelson and Jason Middaugh
October 25, 2018
Technical Advisor: Kevin Merolla
2. Jack Nichelson
Chief Information Security Officer
MRK Technologies
I defend my companies competitive advantage by helping
solve business problems through technology to work faster
and safer.
Executive MBA from Baldwin-Wallace University
Recognized as one of the “People Who Made a Difference
in Security” by the SANS Institute and Received the CSO50
award for connecting security initiatives to business value.
Adviser for Baldwin Wallace’s, State winner Collegiate
Cyber Defense Competition (CCDC) team.
3. Jason Middaugh
Manager of Infrastructure & Security Services
Cleveland-Cliffs Inc.
Jason holds a bachelor’s degree in information
systems/operations management from the University of
Toledo, an executive master’s degree in business
administration from The Ohio State University.
Holds several IT based certifications (CISSP, MCSE, VCP,
CCNA, CCDA).
He is currently a member of the North East Ohio Cyber
Consortium and InfraGard.
He is also a graduate of the FBI Citizens Academy and a
skiing enthusiast.
4. In the past Microsoft only, licensed software by device for individual
products. But now they offer licensing by user and as a bundle of products
to better meet the needs of a modern mobile workforce.
Microsoft has introduced a new software-as-a-service subscription plan
called Office 365 that provides Email and Office and another plan called
Microsoft 365 that includes Office 365, Windows 10, Mobility and Security.
• Office Applications – The regular Office applications (Word, Excel,
PowerPoint, etc.) you know and love, updated to take advantage of the
collaboration and cloud file syncing features.
• Office Mobile – Native mobile apps available for Windows Phone,
iPhone, iPad, and various Android devices.
• Office Web Apps – Online versions of Word, Excel, PowerPoint, and
OneNote, available on any computer with a web browser.
To put it simply, Office 365 brings the Microsoft Office
suite of applications into the 21st century.
Office 365 Overview
5. • Security related O365 Services & Licenses
• As with every cloud service you are building on the
foundation of your contract and licenses. Get this wrong
and your hands will be tied before you start.
Office 365 Licensing
6. • Point 1
• Point2
Enterprise Mobility + Security Licensing
Don’t go to Office 365 without EMS
8. Azure Security Overview
Network Security Groups (NSG)
Site-to-Site VPN
Point-to-Site VPN
ExpressRoute
Network Security Appliances
Host-based firewalls
Security Center
Role-Based Access Control
Key Vault
Microsoft anti-malware
Rights Management/Information Protection
Cloud App Discovery
Infrastructure Securing assets
Connect Health
Identity Protection
Privileged Identity Management
OMS Security & Audit
Multi-Factor Authentication
Azure Active Directory
9. Office 365 Security Architecture
63% of Office 365 data breaches involve weak, default, or stolen passwords.
10. Azure Active Directory (Azure AD) is Microsoft’s multi-tenant,
cloud-based directory, and identity management service.
Azure AD combines core directory services, application
access management, and identity protection in a single
solution.
The heart of security in Office 365 & Azure is Identity and
Access Management controls in Azure AD.
Identities, Management and Security
• The core of each Azure subscription is Azure AD
• You can have multiple AAD tenants within the same
Azure subscription
• Users, groups, licenses, permissions, apps, app proxies,
domains… All controlled in Azure AD
• It’s important to understand the difference between AAD,
AD and AAD Connect (and AAD DS)
Heart of Security: Azure Active Directory
The new perimeter is identities in the cloud
11. We started looking at Office
365 back in 2014
When did the
Journey Begin?
Main drivers were to move
Exchange Online and Skype
for Business
Why?
We are now fully in the cloud
for email and instant
messaging/collaboration (no
on-premise)
Current State
Cliffs is an Enterprise Cloud
Suite / E3 / M365-E3 (not E5)
Licensing
My Journey to Office 365
12. Pilot, pilot, pilot!
01
02
03
We spent close to 12 months
Piloting O365
Worked out all the kinks before
mass migrations
For Example:
Conference Rooms and Voicemail while in Hybrid
Configuration.
Taking this approach made
conversions much easier,
Except for those 25-50gb mailboxes! (you currently
get a 100gb mailbox with O365)
13. 01 Started Elsewhere
Account was comprised, password was being
used between different sites/accounts
02Covert and Waited
Waited to launch attack until user was on plane,
figured that out via email and calendar
03 Payload
Attacker attempted to get a fake invoice paid
and wired immediately
04Extent of Compromise
They were in the user’s voicemail and faked
approvals from Senior Executives
05 Near-miss
Internal processed stop this large transaction
from happening
06Prevention
IF MFA would have been in place, this attack
would have never got off the ground
Story On Why You Need MFA in Front of O365
14. Threat Vector
The second you move to
O365 you become a bigger
target and susceptible to the
“O365 logon page” phishing
scam to try and harvest
credentials
Requirement
Multi-Factor Authentication
is not a question; it is a must
have!
Simplicity
We were able to
eliminate ADFS
Consistency
We implement the same IDP
for on-premise and the cloud
to have a consistent end-
user experience
Ease of Use
In my opinion, Microsoft
MFA was clunky and
complex for a end-user to
understand
Multi-factor is a must in the cloud
User name and password are not enough
15. Whether you know it or not, when you
commit to O365 you are committing to
keeping your version of Office under
Mainstream Support
Mainstream Support
You can no longer kick the can on Office
upgrades until the product gets close to the
Extended Support date
Rate of Change
You won’t get them to say this, but Microsoft
is slowly pushing everyone to the “Click to
Run” / Office Pro Plus. Watch out Office plug-
ins!
Future
Software Lifecycle Management Acceleration
16. Microsoft Support Dates You Need to Know
Mainstream support
ends: No longer
supported
Extended support ends:
Oct. 13, 2020
Office 2010
01
Mainstream support
ends: No longer
supported
Extended support ends:
April 11, 2023
Office 2013
Mainstream support
ends: Oct. 13, 2020
Office 365 System
Requirements support:
October 2023
Extended support ends:
Oct. 14, 2025
Office 2016
Mainstream support
ends: No longer
supported
Extended support ends:
Jan. 14, 2020
Windows 7
Mainstream support
ends: Oct. 13, 2020
Extended support ends:
Oct. 14, 2025
Windows 10
02 03 04 05
17. P.S.A.
Freebie – Executive Protection
(please thank Phillip Samson for
this!)
Security First
The #1 vector for Security
Breaches is email/phishing
attacks, this is not the area to
skimp in the budget
Invest in Best of Breed
Microsoft product is improving
but not as good as dedicated
products
Features
Last time I checked, things like
end user digests and automated
integration with on-premise
firewall block lists are not
available with Exchange Online
Protection
Email Security Gateway Product
18. Understanding Office 365 Account Management
Backups?
You need to really know
this, because there are
no backups in O365
Restores?
You cannot call up
Microsoft and ask them
for a restore
Policies
You might have to re-
write or adjust IT policies
Settings
Settings can be adjusted
on a per-product level
(Exchange, Skype,
SharePoint …)
Example
Walk through of how we
keep mailboxes for 90
post termination
19. 01
02
03
04
05
Office 365, People will start using everything!
My Advice
Get in and work with the early adopters of these new Microsoft products
and try to identify potential issues before they become problems
Rapid Change
Skype is becoming Teams. We’ve had some Skype issues and continue to work on them, but Skype isn’t the
greatest collaboration tool. But it was A LOT cheaper than WebEx and maybe they’ll fix it with Teams
Bad News
Bad because it can have undesired consequences
• Teams example
Good News
Great because Microsoft is giving you access to new tools as soon
as they become available
Before you know it; someone will find they have
access to Teams and Planner and Yammer and ….
Before you even have had time to look at the Products
20. So, how secure is your Office 365?
Office 365 Secure Score analyzes your Office 365 security settings and
assigns a score and makes recommendations to improve your score.
• Secure Score is a proactive security management service for Office
365 to help you find & fix risks. https://securescore.office.com
• Secure Score will provide a list of actions for things to fix, in order to
improve your security posture and baseline score. The baseline score
is comprised of seven groups of different sizes for you to compare
against based on your company size
• You get 100 points just by enabling MFA for global admins
Secure Office 365 with Secure Score
21. CIS Microsoft 365 Foundations Benchmark
The CIS Microsoft 365 Foundations Benchmark is designed to assist organizations in
establishing the foundation level of security for anyone adopting Microsoft 365. The
benchmark should not be considered as an exhaustive list of all possible security
configurations and architecture but as a starting point. Each organization must still
evaluate their specific situation, workloads, and compliance requirements and tailor
their environment accordingly.
The CIS benchmark contains two levels, each with slightly different technical
specifications:
• Level 1—Recommended minimum security settings that should be configured on
any system and should cause little or no interruption of service or reduced
functionality.
• Level 2—Recommended security settings for highly secure environments and could
result in some reduced functionality.
• https://www.microsoft.com/security/blog/2019/01/10/best-practices-for-securely-
using-microsoft-365-the-cis-microsoft-365-foundations-benchmark-now-available/
Secure Office 365 with Secure Score
22. Azure Security Center
So, how secure are your Azure Servers?
Security Center is the dashboard for Azure security
Azure Security Center provides unified security management and
advanced threat protection across your cloud workloads.
Security Center can apply security policies, limit your exposure to
threats, and detect and respond to attacks.
• A simple way to view what’s secured and what’s not in Azure
• Includes behavioral analytics and incident reporting
• Standard license gives advanced threat detection & intelligence
• Centralized policy management
• Continuous security assessment
• Actionable recommendations
• Prioritized alerts and incidents
23. Azure AD Connect is a tool for connecting on premises AD identity
infrastructure to Microsoft Azure AD. It includes a number of
technologies:
• AAD Connect Sync
• AAD Connect Health
• ADFS (Active Directory Federation Services)
• The PHS/PTA/SSSO Provisioning Connector
Securing and monitoring Azure AD Connect, ADFS and on-premises AD configuration
with Azure AD Connect Health.
• Monitors your AD FS, AD FS Proxy, AAD Domain Services and AAD Connect status
• Can alert you when things break down – useful for many directory-related
services, and especially for Azure AD Connect issues
• Deploying is easy:
• Install agents for AD FS, AAD Connect and AD DS servers
• Verify configuration on AAD CH blade in Azure Portal
• This feature requires AAD Premium licenses
Securing Azure AD Connect
24. Modern Authentication
What to need to know before you turn it on
• Turned on at the tenant level
• You need to be running Office 2016 before go to Modern Auth
• By default, Exchange and Skype for Business Online tenants are not
enabled for Modern Authentication
• Closes loop hole in Outlook clients where you can access a mailbox with
only user name & password
• You must manually enable it via PowerShell
Why?
Why? - Because no wants to enter their password every time they open
Outlook (every user is going to cache their credentials)
Modern Auth enables MFA, SAML-based third party Identity Providers with
Office clients, smart card and certificate-based authentication, and removes
the need for Outlook to use the basic authentication protocol.
25. The vast majority of security breaches take place when
attackers gain access to an environment by stealing a
user’s identity.
Safeguarding for users who log in from weird countries with Azure AD
Identity Protection by Monitoring for risk events, vulnerabilities and
policy changes
• Automatically flags suspicious events, such as users who perform impossible
travel times.
• Detect potential vulnerabilities affecting your organization’s identities
• Configure automated responses to detected suspicious actions that are related
to your organization’s identities
• Investigate suspicious incidents and take appropriate action to resolve them to
automatically flag suspicious events
• Reports such as Users flagged for risk, Risk events and Vulnerabilities
• Providing custom recommendations to improve overall security posture by
highlighting vulnerabilities like calculating sign-in & user risk levels
Azure AD Identity Protection
26. Cloud App Security is a great component of the Microsoft
Cloud Security stack
• Cloud Discovery: Discover all cloud use in your organization, including
Shadow IT reporting and control and risk assessment.
• Data Protection: Monitor and control your data in the cloud by gaining
visibility, enforcing DLP policies, alerting and investigation.
• Threat Protection: Detect anomalous use and security incidents by
recording all activities of users, including external users
Finding Shadow IT within the organization with Cloud App
Discovery
• Discover unmanaged (and managed) cloud apps in use
• Works by dropping an agent on workstations
• Discover apps, amount of data transferred and who uses what
Microsoft Cloud App Security
27. Where is the True Issue?
This was much easier when everything
was in your Data Center
• The path was from the office,
across the WAN, to the Data
Center and back
• What if the problem is on the
Internet? And not your
connection, but several hops down
the path?
• User are complaining they
cannot get their mail
• Network Engineers say
everything is “Good/Green”
Application Selection
We selected a tool the constantly
monitors from all of our internet
break-outs the path to many of our
Cloud Applications, the path they take
to get there, and the speed/latency it
normally takes,. It then alerts us when
anything changes, goes offline, or
when the latency greatly increases
New World
So now you have moved to the
cloud, how do you troubleshoot
the path your users take to get to
these services? And monitor and
alert on consistent/inconsistent
end user experiences?
Knowledge is Power
While this does not “solve or fix” the
issues when it happens, it does let us
know immediately so we can
communicate, and we also do not
have to waste a ton of time looking are
our equipment to see if the problem is
on our end
Look to invest in Non-traditional IT monitoring tools
28. Microsoft Office 365 Security
The new perimeter is identities in the cloud
Disable POP3, IMAP and ActiveSync
Shutdown Legacy Protocols
Don’t go to Office 365 without
MFA enabled for everyone
Multi-factor Authentication
Enable modern
authentication for all users
Modern Authentication
Review Secure Score
monthly and implement the
recommended changes
Secure Score
Review cloud app security to
watch with suspicious
activities in Office 365
Cloud App Security
Review the logs daily to
check for risky logins
Identity Protection
Conclusions
29. Information Security Summit
THANK YOU
Jason.Middaugh@ClevelandCliffs.com Jack@Nichelson.net
Jack D. Nichelson
Chief Information Security Officer
MRK Technologies
Jason Middaugh
Manager of Infrastructure & Security
Cleveland-Cliffs Inc.
They love to change / rename the same products
So how many people are O365 customers today?
How many people are looking at O365?
Who says there is no way I am ever moving my email off-premise?
I think that this presentation has a little something no matter where they are in their journey, well maybe not that last group
Since we have put MFA in place, we have eliminated this attack vector
Version of Office – need to be under Main stream Support or Microsoft can cut you off!
Office 2019 will only be available with an .exe, will not auto-update
We strongly recommend using a third-party gateway
(Thousandeyes)
So don’t try and fight the cloud, embrace it, and hopefully my journey has taught you a few things to consider in your journey
Title:
Its 2am…Do you know who’s in your Office (365)?
Abstract:
You’ve entrusted all of your company’s data to Microsoft’s cloud…what could go wrong? In 2018 you’ve either moved your data to Office365, you’re thinking about it, or you’ve locked your entire business into Lotus Notes. As cloud providers eat away traditional infrastructure, IT and Security teams must either adapt to this brave new world, or be left behind. In this talk we will provide real-world examples and how to apply both traditional and new security controls/tools to secure Office 365 & Azure. We will give specific, actionable recommendations you can make to your Microsoft Office 365 and Azure tenants. Recommendations like how to prevent external threats like account takeovers, internal threats like Shadow cloud Apps, effective monitoring and processes to follow to minimize the likelihood that your company becomes the Next Big Breach. The new perimeter is identities in the cloud, so learn to protect them with Azure Active Directory.
Talk Outline:
The Big Picture - Office 365 review of its most common parts and different security controls.
Office 365 Licensing – As with every cloud service you are building on the foundation of your contract and licenses. Get this wrong and your hands will be tied before you start.
Overview of Azure Active Directory – The heart of security in Office 365 & Azure is Identity and Access Management. The new perimeter is identities in the cloud, so learn to protect them with Azure Active Directory.
Preventing External Threats – Recommendation like: Securing Authentication, Azure AD ID Protection, Privileged ID Management, Baseline with SecureScore.office.com, Azure Security Center, Operations Management Suite, Azure AD Application Proxy.
Preventing Internal Threats – How to discover Shadow IT like unmanaged cloud apps, Cloud App Security, Advanced Threat Analytics, Compliance Manager, Azure Key Vault.
Monitoring & Auditing – Azure Monitoring throughout tenants and resource groups, Azure AD Connect, Common Risk Events, Vulnerabilities, and Policy changes. Q&A