Do you know the tools and tricks in your MacGyver kit for Office 365 Security? Would you consider yourself a Security Ninja, fully versed and prepared to take advantage of the Office 365 Security and Compliance Center?
Is your SWAT Team prepared to take down adversaries in worst-case scenarios? Join Antonio Maio, 5-time Microsoft MVP and 20-year security professional, as he reviews the recommended game plan to enable your inner MacGyver, execute tactical strikes like a Ninja and arm your team with information governance and security practices in use at global 100 companies. Through customer case studies and hands-on demonstrations of capabilities such as alerts, data loss prevention policies, activity audit logs, advanced security management and advanced threat protection, Antonio will show you the tools and tricks you need to effectively secure your information in Office 365.
A beginners guide to administering office 365 with power shell antonio maioAntonioMaio2
With Office 365 PowerShell, you can manage Office 365 for your organization using commands and scripts that streamline your day to day work. Microsoft provides several easy to use admin centers to help manage Office 365. However, whether you’re an Office 365 administrator yourself or a service owner for Office 365 in your organization (working with other administrators), you’ll quickly find that you need to go beyond the capabilities that these admin centers provide. PowerShell can help you automate tasks so that they are easily repeatable, it can help you script management tasks so that they are automatically performed on a schedule and it can help you quickly output large amounts of data about your Office 365 environment. As well, some Office 365 settings are only manageable using PowerShell, with no UX provided. In this session, you’ll learn how to get started with Office 365 PowerShell and how to quickly become productive with it, making you more productive and empowered as you manage your Office 365 environment.
Office 365 security new innovations from microsoft ignite - antonio maioAntonioMaio2
With Office 365 clients continually concerned about security, governance and compliance, and with the apprehension that comes along with moving sensitive data to the cloud, it’s no surprise that Microsoft recently made a number of significant announcements at Microsoft Ignite 2016 about the new innovations they’re introducing into Office 365 to help us collaborate securely. Microsoft is getting ready to release major new security innovations like better user session control, site classification, conditional access controls, enhanced data loss prevention and stricter controls for sharing sensitive data. In this session we’ll recap those innovations and help you make sense of the new security features coming to Office 365 and how they help us better secure our content and our users.
During the 24th of October CollabDays BeNeLux, I did a session on the current and new functions for Information Protection. Including endpoint DLP. These are the slides for this session.
Being more secure using Microsoft 365 BusinessRobert Crane
Microsoft 365 Business provides a range of services to make both data and devices more secure. This webinar will take you through the range of what these services are, the best practices way in which they should be configured and how you can extend security further with additional Microsoft solutions.
In this session I go over the functional and management side of Azure Information Protection. The new Office 365 Sensitvity labels were also discussed and demonstrated.
A beginners guide to administering office 365 with power shell antonio maioAntonioMaio2
With Office 365 PowerShell, you can manage Office 365 for your organization using commands and scripts that streamline your day to day work. Microsoft provides several easy to use admin centers to help manage Office 365. However, whether you’re an Office 365 administrator yourself or a service owner for Office 365 in your organization (working with other administrators), you’ll quickly find that you need to go beyond the capabilities that these admin centers provide. PowerShell can help you automate tasks so that they are easily repeatable, it can help you script management tasks so that they are automatically performed on a schedule and it can help you quickly output large amounts of data about your Office 365 environment. As well, some Office 365 settings are only manageable using PowerShell, with no UX provided. In this session, you’ll learn how to get started with Office 365 PowerShell and how to quickly become productive with it, making you more productive and empowered as you manage your Office 365 environment.
Office 365 security new innovations from microsoft ignite - antonio maioAntonioMaio2
With Office 365 clients continually concerned about security, governance and compliance, and with the apprehension that comes along with moving sensitive data to the cloud, it’s no surprise that Microsoft recently made a number of significant announcements at Microsoft Ignite 2016 about the new innovations they’re introducing into Office 365 to help us collaborate securely. Microsoft is getting ready to release major new security innovations like better user session control, site classification, conditional access controls, enhanced data loss prevention and stricter controls for sharing sensitive data. In this session we’ll recap those innovations and help you make sense of the new security features coming to Office 365 and how they help us better secure our content and our users.
During the 24th of October CollabDays BeNeLux, I did a session on the current and new functions for Information Protection. Including endpoint DLP. These are the slides for this session.
Being more secure using Microsoft 365 BusinessRobert Crane
Microsoft 365 Business provides a range of services to make both data and devices more secure. This webinar will take you through the range of what these services are, the best practices way in which they should be configured and how you can extend security further with additional Microsoft solutions.
In this session I go over the functional and management side of Azure Information Protection. The new Office 365 Sensitvity labels were also discussed and demonstrated.
This presentation was used for a session on the North American Collaboration Summit (NACS) 2019. The session explains what options are available to detect, classify and protect content using Azure Information Protection, when stored in SharePoint (on-premises/cloud).
Protecting your files in SharePoint and OneDrive for Business When choosing a cloud collaboration platform, the most important consideration is trust in your provider. Microsoft SharePoint and OneDrive for Business are covered by the core tenets of earning and maintaining trust: security, privacy, compliance, and transparency. With SharePoint and OneDrive, they’re your files. You own them and control them.
The Microsoft approach to securing your files involves:
1. A set of customer-managed tools that adapt to your organization and its security needs.
2. A Microsoft-built security control framework of technologies, operational procedures, and policies that meet the latest global standards and can quickly adapt to security trends and industry-specific needs.
These tools and processes apply to all Microsoft Office 365 services—including SharePoint and OneDrive—so all your content beyond files is secure.
Microsoft focuses its investments in the following areas:
1. Platform security
a. Infrastructure and processes of our datacenters
b. Strong encryption technologies (at rest and in transit)
2. Secure access and sharing
a. Restrict access to files to approved people, devices, apps, locations, and data classifications
b. Enforce who can share files and with whom
3. Awareness and insights
a. Complete understanding of how people in your organization are using SharePoint and OneDrive
b. Analyze usage to measure return on investment
c. Identify potentially suspicious activity
File security in SharePoint and OneDrive 6
4. Information governance
a. Classify what constitutes sensitive data and enforce how it can be used
b. Protect your organization in the event of litigation
c. Retain business-critical files when people leave your organization
5. Compliance and trust
a. Ensure that service operations are secure, compliant, trustworthy, and transparent
Microsoft 365 Security & Compliance User Group - Microsoft Teams compliance Albert Hoitingh
In this session I discussed the storage locations for the Microsoft Teams components and how to use eDiscovery to get there. I also discussed information protection and information compliance.
Cyberspace is the new battlefield:
We’re seeing attacks on civilians and organizations from nation states. Attacks are no longer just against governments or enterprise systems directly. We’re seeing attacks against private property—the mobile devices we carry around everyday, the laptop on our desks—and public infrastructure. What started a decade-and-a-half ago as a sense that there were some teenagers in the basement hacking their way has moved far beyond that. It has morphed into sophisticated international organized crime and, worse, sophisticated nation state attacks.
Personnel and resources are limited:
According to an annual survey of 620 IT professional across North America and Western Europe from ESG, 51% respondents claim their organization had a problem of shortage of cybersecurity skills—up from 23% in 2014.1 The security landscape is getting more complicated and the stakes are rising, but many enterprises don’t have the resources they need to meet their security needs.
Virtually anything can be corrupted:
The number of connected devices in 2018 is predict to top 11 billion – not including computers and phones. As we connect virtually everything, anything can be disrupted. Everything from the cloud to the edge needs to be considered and protected.2
Community IT CTO Matthew Eshleman reviews security fundamentals in Office 365. Small and medium sized nonprofits are in a great position to take advantage of the native security tools offered in Office 365.
Slide deck used on our presentation for Modern Workplace Conference,Paris 2021 Virtual event where myself and Vijai Anand did a session on "What's new in Security and Compliance in SharePoint , OneDrive for Business & MS Teams"
Here's the slide deck from my session titled "Secure your Access to Cloud Apps using Microsoft Defender for Cloud Apps" which was presented on the Modern Workplace Conference Paris 2022 Virtual event.
Secure Productive Enterprise from Microsoft and AtidanDavid J Rosenthal
Secure Productive Enterprise
The most trusted, secure, and productive way to work that brings together the best of Office 365, Enterprise Mobility + Security, and Windows 10 Enterprise.
Cryptzone SharePoint and Office 365 Security Solutions GuideDavid J Rosenthal
The SharePoint and Office 365 Security Gap
While thousands of organizations are deploying SharePoint and Office 365 to manage enterprise content, streamline business processes, and deliver enterprise 2.0 collaboration capabilities, compliance and security concerns − and their associated risks − remain top of mind. As the amount of content and user interaction increases, particularly given the enhanced collaborative capabilities of Microsoft's collaboration platforms, the chance for a SharePoint or Office 365 security breach or compliance violation increases as well. A solution that automatically classifies, applies permissions, tracks, encrypts and prevents the inappropriate storage, access and distribution of sensitive content stored in SharePoint and Office 365 is clearly necessary to overcome this confidence gap.
Securing Governing and Protecting Your Office 365 InvestmentsChris Bortlik
Microsoft continues to invest in services and capabilities to help you protect, detect, and respond to a variety of emerging security and compliance needs for Office 365. Come to this session for an interactive scenario based whiteboard and demonstration of how you can implement comprehensive controls based on a variety of dimensions across the identity of the user; their location and device; and the application, service, and content they are accessing.
Global Azure Bootcamp 2016 completed recently across the world with a great success and I got an opportunity to deliver a session on this great event hosted in Chennai, India. Uploaded the Session slide deck for you.
Azure Information Protection - Taking a Team ApproachJoanne Klein
There's a lot more to implementing Azure Information Protection(AIP) than meets the eye simply because it goes far beyond the technical implementation of labels. In this practical session, we'll walk thru some steps to help set your organization up for a successful AIP rollout. These steps include:
how to plan your organization's AIP labels
how to configure them for your tenant
how to ensure information workers in your organization have adopted their use.
Each step is critical to the overall success of your AIP program and the reason why it cannot be done by the IT-Pro alone. Joanne and Charmaine team up for this session to share some practical advice and creative tips and tricks for rolling out AIP and will cover topics for the IT Pro, Information Manager, and Adoption specialist – all required resources on an AIP rollout team! You might even see an AIP bot!
This is the slide deck of our session on " Building solutions with SPFx that work across SharePoint and Teams" at the SharePoint Saturday event in Bengaluru on Nov 30th , 2019
Intro to Office 365 Security & Compliance CenterCraig Jahnke
This is a session I gave at SharePoint Saturday Atlanta --> The Office 365 Security & Compliance Center is your one-stop portal for protecting your data in Office 365. Microsoft has been adding many new features and services for those companies that have data protection or compliance needs, or want to audit user activity in their organization. Come to my session to learn how to get started with Security & Compliance Center, and find out you can better manage and secure you data.
This presentation was used for a session on the North American Collaboration Summit (NACS) 2019. The session explains what options are available to detect, classify and protect content using Azure Information Protection, when stored in SharePoint (on-premises/cloud).
Protecting your files in SharePoint and OneDrive for Business When choosing a cloud collaboration platform, the most important consideration is trust in your provider. Microsoft SharePoint and OneDrive for Business are covered by the core tenets of earning and maintaining trust: security, privacy, compliance, and transparency. With SharePoint and OneDrive, they’re your files. You own them and control them.
The Microsoft approach to securing your files involves:
1. A set of customer-managed tools that adapt to your organization and its security needs.
2. A Microsoft-built security control framework of technologies, operational procedures, and policies that meet the latest global standards and can quickly adapt to security trends and industry-specific needs.
These tools and processes apply to all Microsoft Office 365 services—including SharePoint and OneDrive—so all your content beyond files is secure.
Microsoft focuses its investments in the following areas:
1. Platform security
a. Infrastructure and processes of our datacenters
b. Strong encryption technologies (at rest and in transit)
2. Secure access and sharing
a. Restrict access to files to approved people, devices, apps, locations, and data classifications
b. Enforce who can share files and with whom
3. Awareness and insights
a. Complete understanding of how people in your organization are using SharePoint and OneDrive
b. Analyze usage to measure return on investment
c. Identify potentially suspicious activity
File security in SharePoint and OneDrive 6
4. Information governance
a. Classify what constitutes sensitive data and enforce how it can be used
b. Protect your organization in the event of litigation
c. Retain business-critical files when people leave your organization
5. Compliance and trust
a. Ensure that service operations are secure, compliant, trustworthy, and transparent
Microsoft 365 Security & Compliance User Group - Microsoft Teams compliance Albert Hoitingh
In this session I discussed the storage locations for the Microsoft Teams components and how to use eDiscovery to get there. I also discussed information protection and information compliance.
Cyberspace is the new battlefield:
We’re seeing attacks on civilians and organizations from nation states. Attacks are no longer just against governments or enterprise systems directly. We’re seeing attacks against private property—the mobile devices we carry around everyday, the laptop on our desks—and public infrastructure. What started a decade-and-a-half ago as a sense that there were some teenagers in the basement hacking their way has moved far beyond that. It has morphed into sophisticated international organized crime and, worse, sophisticated nation state attacks.
Personnel and resources are limited:
According to an annual survey of 620 IT professional across North America and Western Europe from ESG, 51% respondents claim their organization had a problem of shortage of cybersecurity skills—up from 23% in 2014.1 The security landscape is getting more complicated and the stakes are rising, but many enterprises don’t have the resources they need to meet their security needs.
Virtually anything can be corrupted:
The number of connected devices in 2018 is predict to top 11 billion – not including computers and phones. As we connect virtually everything, anything can be disrupted. Everything from the cloud to the edge needs to be considered and protected.2
Community IT CTO Matthew Eshleman reviews security fundamentals in Office 365. Small and medium sized nonprofits are in a great position to take advantage of the native security tools offered in Office 365.
Slide deck used on our presentation for Modern Workplace Conference,Paris 2021 Virtual event where myself and Vijai Anand did a session on "What's new in Security and Compliance in SharePoint , OneDrive for Business & MS Teams"
Here's the slide deck from my session titled "Secure your Access to Cloud Apps using Microsoft Defender for Cloud Apps" which was presented on the Modern Workplace Conference Paris 2022 Virtual event.
Secure Productive Enterprise from Microsoft and AtidanDavid J Rosenthal
Secure Productive Enterprise
The most trusted, secure, and productive way to work that brings together the best of Office 365, Enterprise Mobility + Security, and Windows 10 Enterprise.
Cryptzone SharePoint and Office 365 Security Solutions GuideDavid J Rosenthal
The SharePoint and Office 365 Security Gap
While thousands of organizations are deploying SharePoint and Office 365 to manage enterprise content, streamline business processes, and deliver enterprise 2.0 collaboration capabilities, compliance and security concerns − and their associated risks − remain top of mind. As the amount of content and user interaction increases, particularly given the enhanced collaborative capabilities of Microsoft's collaboration platforms, the chance for a SharePoint or Office 365 security breach or compliance violation increases as well. A solution that automatically classifies, applies permissions, tracks, encrypts and prevents the inappropriate storage, access and distribution of sensitive content stored in SharePoint and Office 365 is clearly necessary to overcome this confidence gap.
Securing Governing and Protecting Your Office 365 InvestmentsChris Bortlik
Microsoft continues to invest in services and capabilities to help you protect, detect, and respond to a variety of emerging security and compliance needs for Office 365. Come to this session for an interactive scenario based whiteboard and demonstration of how you can implement comprehensive controls based on a variety of dimensions across the identity of the user; their location and device; and the application, service, and content they are accessing.
Global Azure Bootcamp 2016 completed recently across the world with a great success and I got an opportunity to deliver a session on this great event hosted in Chennai, India. Uploaded the Session slide deck for you.
Azure Information Protection - Taking a Team ApproachJoanne Klein
There's a lot more to implementing Azure Information Protection(AIP) than meets the eye simply because it goes far beyond the technical implementation of labels. In this practical session, we'll walk thru some steps to help set your organization up for a successful AIP rollout. These steps include:
how to plan your organization's AIP labels
how to configure them for your tenant
how to ensure information workers in your organization have adopted their use.
Each step is critical to the overall success of your AIP program and the reason why it cannot be done by the IT-Pro alone. Joanne and Charmaine team up for this session to share some practical advice and creative tips and tricks for rolling out AIP and will cover topics for the IT Pro, Information Manager, and Adoption specialist – all required resources on an AIP rollout team! You might even see an AIP bot!
This is the slide deck of our session on " Building solutions with SPFx that work across SharePoint and Teams" at the SharePoint Saturday event in Bengaluru on Nov 30th , 2019
Intro to Office 365 Security & Compliance CenterCraig Jahnke
This is a session I gave at SharePoint Saturday Atlanta --> The Office 365 Security & Compliance Center is your one-stop portal for protecting your data in Office 365. Microsoft has been adding many new features and services for those companies that have data protection or compliance needs, or want to audit user activity in their organization. Come to my session to learn how to get started with Security & Compliance Center, and find out you can better manage and secure you data.
Azure Information Protection - Taking a Team Approach - SPS MontrealJoanne Klein
Take a team approach to implementing AIP in your organization. This slide deck walks thru the planning, configuration and some examples of how to use it in the real world.
Information security in office 365 a shared responsibility - antonio maioAntonioMaio2
There is no denying that Office 365 can make us highly productive, sharing and collaborating with coworkers, partners and clients. But, does it take care of our security and compliance issues? Is our data secure in Office 365? Yes, and no. The security of our information in Office 365 is a shared responsibility between Microsoft (the cloud provider) and us (the customers). Office 365 is a secure platform, but to truly secure our data we must make effective use of the security capabilities and features provided within the platform. We must also have strong information governance structures in place to control how information is shared and accessed through the platform. This session will provide a detailed review of the Office 365 Security and Compliance Center, including how to use the built in capabilities for alerts, data loss prevention policies, activity audit logs, advanced security management and customer lockbox. We'll also review recommended information governance and security practices based on customer experiences to help you effectively secure your information in Office 365 and uphold your end of the shared responsibility.
Most Office 365 organizations think they are safe because they are ‘only’ using collaboration in the cloud. Think again.
Join Concept Searching for a 15 minute webinar that describes the challenge of cyber security and shows you how we solve it. conceptClassifier for Office 365 identifies unknown security or confidential exposures in real-time from diverse repositories. Identification of not only standard descriptors but also organizationally defined vocabulary are also be identified. Once identified they are routed to a repository and removed from unauthorized access and portability.
Use stand-alone or integrate with your security package. We invite you to see how it works.
70% of all security breaches are due to an organization’s own staff. Register for this webinar and find out how not to become a statistic. Security is increasingly becoming a significant challenge, regarding how ensuring unstructured and semi-structured content is protected, and also the security rights of the individuals within the organization that need to be given or denied rights to organizational assets.
This Concept Searching webinar will focus on all aspects of security in a SharePoint environment, using native SharePoint tools, conceptClassifier for SharePoint, or integrated with your security application. conceptClassifier for SharePoint and conceptClassifier for Office 365 deliver semantic metadata generation, auto-classification, and taxonomy tools integrated natively with the SharePoint Term Store.
How does it work with privacy and confidential content? The products identify unknown security or confidential exposures in real-time from diverse repositories. Identification of not only standard descriptors but also organizationally defined vocabulary can also be identified. Once identified they are routed to a repository and removed from unauthorized access and portability.
Presentation used for the sessie "Get to know the new Office 365 Security & Compliance center" at SharePoint Saturday. It contains a lot of example slides covering the functions of this center.
Microsoft Teams in the Modern WorkplaceJoanne Klein
Joanne Klein delves into Microsoft Teams to give a glimpse of its features, its underlying architecture, and what’s in it for the modern worker and the data protection, data retention, and legal/compliance teams across your organization.
Microsoft Viva governance and compliance implications | Viva Explorers Commun...Nikki Chapple
12 November: Viva Explorers Community Day | In-person: Manchester United Kingdom
Microsoft Viva governance and compliance implications
This session demystifies security & compliance in Microsoft Viva to help you understand the following:
- What are the Viva modules
- How Microsoft ensures security & compliance in Microsoft Viva
- Why governance is essential
- Why employee adoption & sponsor communications are critical
March 2023 CIAOPS Need to Know WebinarRobert Crane
Slides from CIAOPS March 2023 webinar that provided Microsoft 365 news update, open Q & A as well as a focus session on Microsoft 365 Information Protection best practices. Video recording is available at www.ciaopsacademy.com
We are living a complete digital transformation where people are not restricted by apps or devices or even location. Work can be done anywhere and on any device which leads to greater security concerns regarding this business data living on mobile devices and shared with external (sometimes not trusted users). Microsoft Unified Labeling protection leverages the power of the cloud and ease of use (a few clicks for implementation) to provide a complete Information Protection solution. Now with the new unified Azure label client, users can administer the labels from one location while being integrated across the whole Microsoft platform. Attendees will learn how to configure Unified labels with real case scenarios.
Guest lecture on web application security, presented to students at the Indianapolis campus of The Iron Yard on November 9, 2016. This presentation was a basic overview/introduction to security, discussed the CIA Triad, why security is difficult, what happens if we don't do security right, what developers can do to enhance security, and included a brief overview of the OWASP Top Ten.
Rencore Webinar: Understanding EU GDPR from an Office 365 perspective with Pa...Rencore
Starting from May 25, 2018 all European businesses and all worldwide businesses that are trading partners of European businesses will have to adhere to the new General Data Protection Regulation (GDPR). In this session, learn what are the main requirements of GDPR, from an IT perspective, and what are the out-of-the-box capabilities of Microsoft Office 365 and of SharePoint Online that can help you to be compliant with the GDPR rules.
Moreover, see a sample project, based on SharePoint Online, that you can use as a starter kit to satisfy the GDPR basic requirements.
Paolo Pialorsi, Microsoft Certified Master in SharePoint, MVP and SharePoint PnP Core Team Member, joined us in this webinar to talk about how GDPR is affecting your Office 365.
Similar to Office 365 Security - MacGyver, Ninja or Swat team (20)
Introduction to Microsoft Enterprise Mobility + SecurityAntonioMaio2
Microsoft has given us some amazing capabilities with the Microsoft Enterprise Mobility + Security (EM+S) suite to help protect both our information and our investments in Office 365. This collection of features gives you just about everything you need in the Microsoft Cloud for security, compliance and Information Protection. With such a vast array of services, tools and features, its often challenging to understand everything this product provides or how its layered on top of existing Office 365 security controls. In this session we’ll review the capabilities available to you in Microsoft EM+S, and you'll discover which ones may best fit with your security and compliance needs. Come and join us, as we also dive deep into some of the most useful Microsoft EM+ S tools.
Learn how to protect against and recover from data breaches in Office 365AntonioMaio2
Microsoft provides robust Cloud based tools to help protect our data and services in Office 365 from attackers and data breaches. These tools include capabilities for auditing, monitoring, enforcing policies and protecting critical enterprise data. However, Office 365 is not immune to attack. In this session you’ll learn common patterns used by attackers to compromise Office 365 tenants in the real world, how to make use of Microsoft Cloud based tools to protect your Office 365 tenant, and how to investigate and recover from an attack so that you can help prevent it from happening again. Microsoft Premier Field Engineer Theresa Eller and six time Microsoft MVP Antonio Maio share their experiences investigating data breaches, recovering from them and helping Office 365 customers from future data breaches.
SharePoint Saturday Ottawa - How secure is my data in office 365?AntonioMaio2
When considering a cloud based service like Office 365, questions about security and trust often gets asked – questions like: Can I trust Office 365 with my company’s data? How secure is my data in Office 365? Organizations are often cautious when it comes to trusting cloud services with storing and providing access to corporate data. This becomes even more of a concern when we think about sensitive data, personally identifiable data or data that requires regulatory compliance controls. Being cautious and asking a cloud service provider questions about security and trust is a positive step. Answering those questions requires learning about the security strategy the provider has employed, and the specific controls they have put in place to protect your data. This session will answer those questions and provide an overview of the robust set of security capabilities available in Office 365.
Real world SharePoint information governance a case study - publishedAntonioMaio2
Many organizations recognize the need to establish a governance plan in order to “control the chaos” within their SharePoint portals. But, how do businesses truly do this in the real world? How do they develop a plan, and once they have one, put the policies and procedures which make up the plan actually into practice? What are typical challenges and what are real viable solutions? How do you move an organization to a more well-governed state when you already have a large unorganized content repository (SharePoint or otherwise)? How much responsibility do you impose on your business users, and how much do you control centrally? This session will look at solutions to these questions (and more) through two real life case studies: one of a global financial institution and the other of a Fortune 100 energy firm. These case studies will look at how they developed, implemented and promoted information governance policies and how they put them into practice for SharePoint in their enterprises. This session will also look at real software solutions (that you can build) within SharePoint to facilitate a business’ evolution from using a loosely-managed file repository to collaborating within a strongly-governed corporate information portal.
Overcoming Security Threats and Vulnerabilities in SharePointAntonioMaio2
How vulnerable are your SharePoint sites? Microsoft SharePoint provides features and capabilities enabling you to secure content, control authentication and authorize access to critical business information. Choosing the capabilities to make use of, configuring them and understanding their impact can be complex. During this Roundtable session you will learn about the key security features available and the best practices for using them. We will begin by talking about the business reasons that organizations need to consider when securing enterprise content, and we will then review specific capabilities available within Microsoft SharePoint, along with recommendations for using them. Throughout the session, you’ll hear examples of best practices used by large commercial enterprise, government and military to secure content within SharePoint.
This year will see another major evolution in the SharePoint on premise world - the release of SharePoint 2016! Microsoft currently has their second public beta available for download. As we work with that beta we anxiously await the product’s official final release towards the end of first-half 2016. Between now and then there is a lot to learn about what’s new and what’s changed in SharePoint 2016.
SharePoint 2016 enables great hybrid scenarios, providing for more and better integration with cloud services like Office 365. It provides significant security and compliance enhancements, and removes some of the limitations we’ve had to deal with in the past. This session will provide an overview of these great new capabilities and more about what’s new in SharePoint 2016.
Data Visualization in SharePoint and Office 365AntonioMaio2
Data Visualization in SharePoint is the ability to use appropriate tools to cultivate and present data in an interactive and compelling visual representation by way of dashboard, report or chart. Although a number of data visualization tools are available, many organizations continue to struggle with making the best decisions regarding which tools to leverage and how data should be displayed. Common challenges include the proliferation of different screen types and sizes, the rapid pace of change in Microsoft’s Business Intelligence arena, and the abundance of excess data.
In this roundtable we will provide insight into the SharePoint and Microsoft BI stack and clarification on the data visualization options available. We will cover Power BI, Power Pivot, Datazen, and out-of-the-box solutions to name a few. We will also conduct a visual analysis demo on a mobile device and show rapid results with no code solutions.
Hybrid Identity Management with SharePoint and Office 365 - Antonio MaioAntonioMaio2
Strong identity management is the foundation of any organization's security strategies. With the many online services available and constant public reports of massive identity theft, businesses and consumers are becoming increasingly concerned with protecting identities and the information they contain. In business, these identities represent our employees, our partners and of our clients. Moving into a hybrid environment with SharePoint on premise and Office 365 can pose challenges in how you protect those identities and enable easy access to cloud based services. This topic will discuss key considerations and the many options available for implementing a strong identity management strategy in a hybrid environment, so that organizations can work securely with on premise resources and Office 365.
Developing custom claim providers to enable authorization in share point an...AntonioMaio2
Developing Custom Claim Providers to Enable Authorization in SharePoint - Antonio Maio.
With the release of SharePoint 2010, Microsoft introduced the concepts of Claims Based Authentication and Authorization. SharePoint 2013 went a step further making Claims Based Authentication the default method for authenticating users when they login. Claims, and identities in general, are playing a bigger role in the security capabilities of systems like SharePoint, enabling us to solve some new and exciting security challenges. Typically we authorize the content that users have access to using SharePoint permissions, however authentication scenarios can be extended in new and interesting ways by developing a custom component called a Custom Claim Provider. This session will introduce the concepts of Claims Based Authentication and Authorization in SharePoint and provide step by step instructions on how to develop and deploy Custom Claim Providers. The session will also walk through several examples of how custom Claim Providers can enhance SharePoint security and authorization.
Best practices for security and governance in share point 2013 publishedAntonioMaio2
Microsoft SharePoint provides features and capabilities enabling you to secure access, control authentication and authorize access to information. Choosing the capabilities to make use of, configuring them and understanding their impact can be a complex tax. In this session you will learn about the key security features available in Microsoft SharePoint 2013 and the best practices for using them. The sessions begin by talking about the business reasons that organizations need to consider when security their SharePoint content, and it will then review specific capabilities and options in detail with recommendations. We’ll also review various governance best practices and how they relate to SharePoint security capabilities. Throughout the session, you’ll hear examples from large commercial enterprise, government and military and about the best practices they use to secure their content within SharePoint.
Keeping SharePoint Always On - High Availability and Disaster Recovery are two topics that frequently come up. But how do you architect and build your SharePoint environment in order to meet these requirements? This session will look into the various designs for SharePoint and SQL to help you decide on the best approach for your SharePoint Implementation.
SharePoint Governance: Impacts of Moving to the CloudAntonioMaio2
Webinar presented by Christian Buckley(@buckleyplanet) & Antonio Maio(@AntonioMaio2) on the impacts to governance strategy as organizations begin planning to expand their SharePoint footprint to the cloud -- whether moving entirely to the cloud, or in a hybrid model. Includes comparisons of on prem and online advantages and risks, and a quiz to help organizations plan accordingly.
Unleash Unlimited Potential with One-Time Purchase
BoxLang is more than just a language; it's a community. By choosing a Visionary License, you're not just investing in your success, you're actively contributing to the ongoing development and support of BoxLang.
Cyaniclab : Software Development Agency Portfolio.pdfCyanic lab
CyanicLab, an offshore custom software development company based in Sweden,India, Finland, is your go-to partner for startup development and innovative web design solutions. Our expert team specializes in crafting cutting-edge software tailored to meet the unique needs of startups and established enterprises alike. From conceptualization to execution, we offer comprehensive services including web and mobile app development, UI/UX design, and ongoing software maintenance. Ready to elevate your business? Contact CyanicLab today and let us propel your vision to success with our top-notch IT solutions.
Providing Globus Services to Users of JASMIN for Environmental Data AnalysisGlobus
JASMIN is the UK’s high-performance data analysis platform for environmental science, operated by STFC on behalf of the UK Natural Environment Research Council (NERC). In addition to its role in hosting the CEDA Archive (NERC’s long-term repository for climate, atmospheric science & Earth observation data in the UK), JASMIN provides a collaborative platform to a community of around 2,000 scientists in the UK and beyond, providing nearly 400 environmental science projects with working space, compute resources and tools to facilitate their work. High-performance data transfer into and out of JASMIN has always been a key feature, with many scientists bringing model outputs from supercomputers elsewhere in the UK, to analyse against observational or other model data in the CEDA Archive. A growing number of JASMIN users are now realising the benefits of using the Globus service to provide reliable and efficient data movement and other tasks in this and other contexts. Further use cases involve long-distance (intercontinental) transfers to and from JASMIN, and collecting results from a mobile atmospheric radar system, pushing data to JASMIN via a lightweight Globus deployment. We provide details of how Globus fits into our current infrastructure, our experience of the recent migration to GCSv5.4, and of our interest in developing use of the wider ecosystem of Globus services for the benefit of our user community.
Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...informapgpstrackings
Keep tabs on your field staff effortlessly with Informap Technology Centre LLC. Real-time tracking, task assignment, and smart features for efficient management. Request a live demo today!
For more details, visit us : https://informapuae.com/field-staff-tracking/
Software Engineering, Software Consulting, Tech Lead.
Spring Boot, Spring Cloud, Spring Core, Spring JDBC, Spring Security,
Spring Transaction, Spring MVC,
Log4j, REST/SOAP WEB-SERVICES.
Modern design is crucial in today's digital environment, and this is especially true for SharePoint intranets. The design of these digital hubs is critical to user engagement and productivity enhancement. They are the cornerstone of internal collaboration and interaction within enterprises.
In software engineering, the right architecture is essential for robust, scalable platforms. Wix has undergone a pivotal shift from event sourcing to a CRUD-based model for its microservices. This talk will chart the course of this pivotal journey.
Event sourcing, which records state changes as immutable events, provided robust auditing and "time travel" debugging for Wix Stores' microservices. Despite its benefits, the complexity it introduced in state management slowed development. Wix responded by adopting a simpler, unified CRUD model. This talk will explore the challenges of event sourcing and the advantages of Wix's new "CRUD on steroids" approach, which streamlines API integration and domain event management while preserving data integrity and system resilience.
Participants will gain valuable insights into Wix's strategies for ensuring atomicity in database updates and event production, as well as caching, materialization, and performance optimization techniques within a distributed system.
Join us to discover how Wix has mastered the art of balancing simplicity and extensibility, and learn how the re-adoption of the modest CRUD has turbocharged their development velocity, resilience, and scalability in a high-growth environment.
Check out the webinar slides to learn more about how XfilesPro transforms Salesforce document management by leveraging its world-class applications. For more details, please connect with sales@xfilespro.com
If you want to watch the on-demand webinar, please click here: https://www.xfilespro.com/webinars/salesforce-document-management-2-0-smarter-faster-better/
TROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERRORTier1 app
Even though at surface level ‘java.lang.OutOfMemoryError’ appears as one single error; underlyingly there are 9 types of OutOfMemoryError. Each type of OutOfMemoryError has different causes, diagnosis approaches and solutions. This session equips you with the knowledge, tools, and techniques needed to troubleshoot and conquer OutOfMemoryError in all its forms, ensuring smoother, more efficient Java applications.
A Comprehensive Look at Generative AI in Retail App Testing.pdfkalichargn70th171
Traditional software testing methods are being challenged in retail, where customer expectations and technological advancements continually shape the landscape. Enter generative AI—a transformative subset of artificial intelligence technologies poised to revolutionize software testing.
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoamtakuyayamamoto1800
In this slide, we show the simulation example and the way to compile this solver.
In this solver, the Helmholtz equation can be solved by helmholtzFoam. Also, the Helmholtz equation with uniformly dispersed bubbles can be simulated by helmholtzBubbleFoam.
Into the Box Keynote Day 2: Unveiling amazing updates and announcements for modern CFML developers! Get ready for exciting releases and updates on Ortus tools and products. Stay tuned for cutting-edge innovations designed to boost your productivity.
Quarkus Hidden and Forbidden ExtensionsMax Andersen
Quarkus has a vast extension ecosystem and is known for its subsonic and subatomic feature set. Some of these features are not as well known, and some extensions are less talked about, but that does not make them less interesting - quite the opposite.
Come join this talk to see some tips and tricks for using Quarkus and some of the lesser known features, extensions and development techniques.
Understanding Globus Data Transfers with NetSageGlobus
NetSage is an open privacy-aware network measurement, analysis, and visualization service designed to help end-users visualize and reason about large data transfers. NetSage traditionally has used a combination of passive measurements, including SNMP and flow data, as well as active measurements, mainly perfSONAR, to provide longitudinal network performance data visualization. It has been deployed by dozens of networks world wide, and is supported domestically by the Engagement and Performance Operations Center (EPOC), NSF #2328479. We have recently expanded the NetSage data sources to include logs for Globus data transfers, following the same privacy-preserving approach as for Flow data. Using the logs for the Texas Advanced Computing Center (TACC) as an example, this talk will walk through several different example use cases that NetSage can answer, including: Who is using Globus to share data with my institution, and what kind of performance are they able to achieve? How many transfers has Globus supported for us? Which sites are we sharing the most data with, and how is that changing over time? How is my site using Globus to move data internally, and what kind of performance do we see for those transfers? What percentage of data transfers at my institution used Globus, and how did the overall data transfer performance compare to the Globus users?
Designing for Privacy in Amazon Web ServicesKrzysztofKkol1
Data privacy is one of the most critical issues that businesses face. This presentation shares insights on the principles and best practices for ensuring the resilience and security of your workload.
Drawing on a real-life project from the HR industry, the various challenges will be demonstrated: data protection, self-healing, business continuity, security, and transparency of data processing. This systematized approach allowed to create a secure AWS cloud infrastructure that not only met strict compliance rules but also exceeded the client's expectations.
SOCRadar Research Team: Latest Activities of IntelBrokerSOCRadar
The European Union Agency for Law Enforcement Cooperation (Europol) has suffered an alleged data breach after a notorious threat actor claimed to have exfiltrated data from its systems. Infamous data leaker IntelBroker posted on the even more infamous BreachForums hacking forum, saying that Europol suffered a data breach this month.
The alleged breach affected Europol agencies CCSE, EC3, Europol Platform for Experts, Law Enforcement Forum, and SIRIUS. Infiltration of these entities can disrupt ongoing investigations and compromise sensitive intelligence shared among international law enforcement agencies.
However, this is neither the first nor the last activity of IntekBroker. We have compiled for you what happened in the last few days. To track such hacker activities on dark web sources like hacker forums, private Telegram channels, and other hidden platforms where cyber threats often originate, you can check SOCRadar’s Dark Web News.
Stay Informed on Threat Actors’ Activity on the Dark Web with SOCRadar!
top nidhi software solution freedownloadvrstrong314
This presentation emphasizes the importance of data security and legal compliance for Nidhi companies in India. It highlights how online Nidhi software solutions, like Vector Nidhi Software, offer advanced features tailored to these needs. Key aspects include encryption, access controls, and audit trails to ensure data security. The software complies with regulatory guidelines from the MCA and RBI and adheres to Nidhi Rules, 2014. With customizable, user-friendly interfaces and real-time features, these Nidhi software solutions enhance efficiency, support growth, and provide exceptional member services. The presentation concludes with contact information for further inquiries.
2. MACGYVER
2
IT Team Member
• Typically work alone
• Given responsibility for Office 365
• No formal security training, or self-trained
• Smart - Comfortable learning & working with technology
• Good at pulling together solutions with what’s available
• Smaller organization – No/low budget for training & tools
• Very security minded/concerned
3. NINJA
3
The Security Expert
• Typically work alone
• Formally trained security expert / Know your stuff
(CISSP, CISM, MSCP, OSCP, etc.)
• Very security minded/concerned
• Some budget for training & tools
4. SWAT TEAM
4
The Information Security Team
• Highly skilled team members
• Comprised of multiple security experts
• Distributed roles & responsibilities
• Larger or heavily regulated organizations
• Very security minded & compliance focused
• Annual budgets for training & tools
5. Internal Audit, Risk, Business & Technology Consulting
BUILT IN SECURITY
What everyone should know…
6. 6
• Understand Cloud Provider Responsibilities
• Understand Your Responsibilities
In a cloud environment, security and information
protection must be a Shared Responsibility.
Understanding how your responsibilities are
managed requires strong Information
Governance policies & procedures.
SAAS = Office 365
PAAS = Azure Web Services, Azure Functions, etc.
IAAS = Azure VMs
17. SharePoint Online has the same inherited, hierarchical, permissive permission model as SharePoint On Premise.
Office 365
Customer Tenant
SharePoint Online
Site Collection Site Collection
Site Site
Library List
Document Item
Site
Document
Document
Item
Demo Members SharePoint Group Edit
Demo Owners SharePoint Group Full Control
Demo Visitors SharePoint Group Read
Finance Team Domain Group Edit
Senior Mgmt Domain Group Full
Control
Research Team Domain Group Full Control
Senior Mgmt Domain Group Full Control
Research Team Domain Group Full Control
Senior Mgmt Domain Group Full Control
Antonio.Maio Domain User Full Control
• Ifauserisamemberofmultiplegroupswhichhaveaccesstoaresource,
theuserwillgetthehighestlevelofgroupaccessgranted.
• Toremoveauser’saccesstoaresource,theymustberemovedfromall
groupswhichhaveaccess.
• Thereisnoconceptofadenypolicy.
22. • New integrated authentication mechanism built into Office client apps
• Uses ADAL (Active Directory Authentication Library)
• Cross platform: Windows, Mac OS X, Windows Phone, iOS, Android
• Provides advanced sign in features for the Office clients:
• Multi-Factor Authentication (MFA)
• SAML third-party identity providers
• Smart card
• Certificate based authentication
• Microsoft Authenticator App
• Third party Authenticator App
• Microsoft Outlook no longer requires “basic authentication”
• Greaterconsistencyin the user experienceforusersauthenticatingto Office365 servicesand
apps
• GreatersecurityacrosstheentireOffice365 service& appsuite
Newly launched authentication protocol which became generally available in May 20, 2016.
23. • Dependent on client application (requires Office/Outlook 2016, or
Office 2013 with latest SP)
• Support must be enabled on Office Clients and in Office 365 service:
• Ex. Outlook 2016 will attempt Modern Authentication and auto-revert to Basic
Authentication if Exchange Online is not enabled
• No support planned for: Office 2010 or 2007, Office for Mac 2011, Windows Phone 7,
OWA for iOS or Android
• Default enablement in some Office 365 services:
• Exchange Online: OFF by default
• SharePoint Online: ON by default
• Skype for Business: OFF by default
• Enabled via PowerShell
Modern authentication must be on-boarded for some Office 365 services and environments.
24. Data Loss Prevention policies identify and protect sensitive data in SharePoint Online & OneDrive for Business.
• Automatically identify andprotect 80
sensitive data types (SSN, credit card #,
national ID #, etc.)
• AppliestoSharePoint Online
• AppliestoOneDriveforBusiness
• Appliestofiles/documents
• Doesnotapplytolistitems
• Manage policies that whensensitive data
is foundcan:
• Educateuserswithpolicytips
• Blockaccess
• AlertAdminsorInfoSecteams
• Createincidentreports
25. Classification labels provide a method for users to specify retention policies on individual documents/emails.
• Click Classifications > Label Policies
• Not used by Azure Information
Protection or Rights Management
• Primarily used for retention of
documents and email
• Labels define a retention period
• Define what occurs when retention
period expires
26. Classification labels provide a method for users to specify retention policies on individual documents/emails.
• Click Classifications >
Label Policies
• Define if a label is
published and which
services it is available to
– can publish labels to:
27. Manage how spam, malware is blocked & quarantined by adjusting your Office 365 Mail Filtering policies.
• Default standard anti-spampolicies
already inplace
• Manage Allow Lists by senderor
domain
• Manage Block Lists by sender or
domain
• Customize policies by:
28. Internal Audit, Risk, Business & Technology Consulting
SWAT – INFORMATION SECURITY TEAM
29. • Customer must approve access request, before Microsoft engineer gets any access to Customer tenant
Customers can control whether Microsoft Office 365 engineers may have access to their tenant.
30. Monitor user and admin activity with machine learning to identity suspicious behavior and automatically apply
security policies to protect against malicious attackers.
• Click Alerts > Manage Alerts
• Click Manage Advanced Alerts
31.
32.
33. THANK YOU
Antonio Maio
Protiviti | Senior SharePoint Architect
Microsoft Office Server and Services MVP
Email: antonio.maio@protiviti.com
Blog: www.trustsharepoint.com
Slide share: http://www.slideshare.net/AntonioMaio2
Twitter: @AntonioMaio2