Perficient, Inc., profile picture
Uploaded byPerficient, Inc.
PPTX, PDF160 views

Utilizing Microsoft 365 Security for Remote Work

The document outlines the importance of transitioning to a Zero Trust cybersecurity framework in light of increasing cyber threats and the inadequacy of traditional network security. It provides a series of essential tasks, particularly for implementing Microsoft 365 security capabilities, aimed at enhancing organizational security amid remote work scenarios. Emphasis is placed on enabling multi-factor authentication (MFA), configuring various threat protection tools, and effectively training users to recognize and respond to security threats.

Embed presentation

Downloaded 11 times
Introductions . Ron Jones Director, Modern Workplace Microsoft National Business Unit Email: Ron.Jones@Perficient.com Tweet: @ronjones03 Connect: LinkedIn.com/in/jones33 Mark Dobberstein Practice Architect, Modern Workplace Microsoft National Business Unit Email: Mark.Dobberstein@Perficient.com Connect: LinkedIn.com/in/mark- dobberstein-6103a1/
5 Million 350+ 125+ 50+ $500M+OCM 95% 85% AZURE CONSUMPTION GROWTH A W A R D S & R E C O G N I T I O N I N D U S T R Y T E A M S
We’re Here to Help! Amidst the uncertainty, you need a partner you can count on. With nearly 4,000 team members across the globe we're remote ready, and here to help move your digital transformation projects forward! Microsoft 365 Rapid Response Offerings: • Free Virtual Consultations and Workshops • Teams in 10 Days • Crisis Management Communication Solutions • Accelerated Adoption
Agenda
Introduction Network-based security is no longer an adequate option when organizations are looking to securely block potential threats. With an increasingly mobile workforce, and the spread of shadow IT, the rapid rise of cybercrime - companies must find unique ways to effectively manage their sprawling SaaS portfolio. Impacting Businesses Should I • Cloud and SaaS Sprawl • Shadow/Stealth IT • Rapid Obsolescence of Network-based Security Architecture • Continued Threat of Cybercrime
Zero Trust Cybersecurity is steadily becoming an arms race. Improvements in detection, protection, and response are met with more diverse and effective attack tactics. There is no impermeable perimeter. It’s not a matter of if, but when, there will be an incident — you may have already been hacked but just don’t know it yet. The Zero Trust framework is the pragmatic model for today’s hostile reality that includes a mindset, operating model, and architecture tuned to the threat. The best way to prep and implement a new security framework is to start with “no trust but verify” model. The model has been promoted by Forrester as “Zero Trust” since 2010. "Every service request made by a user or machine is properly authenticated, authorized, and encrypted end-to-end."
Microsoft 365: A Path to Zero Trust Microsoft has identified 12 key tasks to help security teams implement the most important security capabilities as quickly as possible with COVID-19 in mind. 1) Enable Azure multi-factor authentication (MFA) 2) Protect against threats in Office 365 3) Configure Office 365 advanced threat protection 4) Configure Azure advanced threat protection 5) Turn on Microsoft Advanced Threat Protection 6) Configure intune mobile app protection for phones and tablets 7. Configure MFA and conditional access for guests, including intune mobile app protection 8. Enroll PCs into Device Management and require compliant PCs 9. Optimize your network for cloud connectivity 10. Train Users 11. Get started with Microsoft cloud app security 12. Monitor for threats and take action
Security Capabilities & Licensing Utilizing our enterprise plans, Microsoft recommends you complete the tasks listed in the following table that apply to your service plan. If, instead of purchasing a Microsoft 365 enterprise plan, you are combining subscriptions, note the following: • Microsoft 365 E3 includes Enterprise Mobility + Security (EMS) E3 and Azure AD P1 • Microsoft 365 E5 includes EMS E5 and Azure AD P2 Task All Office 365 Enterprise Plans Microsoft 365 E3 Microsoft 365 E5 1. Enable Azure Multi-factor Authentication (MFA)    2. Protect Against Threats In Office 365    3. Configure Office 365 Advanced Threat Protection  4. Configure Azure Advanced Threat Protection (ATP)  5. Turn On Microsoft Advanced Threat Protection  6. Configure Intune Mobile App Protection For Phones And Tablets   7. Configure MFA And Conditional Access For Guests, Including Intune Mobile App Protection   8. Enroll Pcs Into Device Management And Require Compliant Pcs   9. Optimize Your Network For Cloud Connectivity    10. Train Users    11. Get Started With Microsoft Cloud App Security    12. Monitor For Threats And Take Action   
1. Enable Azure Multi-Factor Authentication (MFA) The single best thing you can do to improve security for employees working from home is to turn on MFA. If you don't already have processes in place, treat this as an emergency pilot and make sure you have support folks ready to help employees who get stuck. Recommendations: For organizations without Azure AD P1 or P2 • Enable Security defaults in Azure AD • Security defaults in Azure AD include MFA for users and administrators For organizations with Azure AD P1 (Microsoft 365 E3) • Require MFA for administrators • Require MFA for all users • Block legacy authentication For organizations with Azure AD P2 (Microsoft 365 E5) • Require MFA when sign-in risk is medium or high • Block clients that don't support modern authentication • High risk users must change password
2. Protect Against Threats In Office 365 • • •
3. Configure Office 365 Advanced Threat Protection (E5 Only) • • •
4. Configure Azure Advanced Threat Protection (ATP) • • • •
5. Turn on Microsoft Threat Protection (E5 Only) Now that you have Office 365 ATP and Azure ATP configured, you can view the combined signals from these capabilities in one dashboard. Microsoft Threat Protection (MTP) brings together alerts, incidents, automated investigation and response, and advanced hunting across workloads (Azure ATP, Office 365 ATP, Microsoft Defender ATP, and Microsoft Cloud App Security) into a single pane at security.microsoft.com.
6. Configure Intune Mobile App Protection For Phones And Tablets (E3 And E5) Microsoft Intune Mobile Application Management (MAM), now known as Endpoint Manager, allows you to manage and protect your organization's data on phones and tablets without managing these devices (BYOD). Here's How It Works: • Create an App Protection Policy (APP) that determines which apps on a device are managed and what behaviors are allowed (such as preventing data from a managed app from being copied to an unmanaged app). Create one policy for each platform (iOS, Android). • After creating the app protection policies, enforce these by creating a conditional access rule in Azure AD to require approved apps and APP data protection. Start With Common Identity And Device Management Policies Use the article located here to get started. It illustrates the recommended set of policies. It shows which tier of protections each policy applies to and whether the policies apply to PCs or phones and tablets, or both categories of devices.
7. Configure MFA & Conditional Access for Guests, Including Intune App Protection (E3 And E5) Next, ensure you can continue to collaborate and work with guests. If you're using the Microsoft 365 E3 plan and implemented MFA for all users, you're set. If you're using the Microsoft 365 E5 plan and you're taking advantage of Azure Identity Protection for risk-based MFA, you need to make a couple of adjustments (because Azure AD Identity protection doesn't extend to guests): • Create a new conditional access rule to always require MFA for guests and external users. • Update the risk-based MFA conditional access rule to exclude guests and external users. Use guidance from Updating the common policies to allow and protect guest and external access to understand how guest access works with Azure AD and to update the affected policies. The Intune mobile app protection policies you created, together with the conditional access rule to require approved apps and APP protection, apply to guests accounts and will help protect your organization data.
8. Enroll PCs Into Device Management & Require Compliant PCs (E3 And E5) There are several methods to enroll your workforce's devices. Each method depends on the device's ownership (personal or corporate), device type (iOS, Windows, Android), and management requirements (resets, affinity, locking). After enrolling devices, use the guidance in Common identity and device access policies to create these policies: • Define device-compliance policies - The recommended settings for Windows 10 include requiring antivirus protection. If you have Microsoft 365 E5, use Microsoft Defender Advanced Threat Protection to monitor the health of employee devices. Be sure compliance policies for other operating systems include antivirus protection and end-point protection software. • Require compliant PCs - This is the conditional access rule in Azure AD that enforces the device compliance policies. Only one organization can manage a device, so be sure to exclude guest accounts from the conditional access rule in Azure AD. If you don't exclude guest and external users from policies that require device compliance, these policies will block these users. For more information, see updating the Common Policies” to allow and protect guest and external access
9. Optimize Your Network For Cloud Connectivity If you are rapidly enabling the bulk of employees to work from home, this sudden switch of connectivity patterns can have a significant impact on corporate network infrastructure, here is why: • Many networks were scaled and designed before cloud services were adopted. • In many cases, networks were not designed to be used remotely by all users simultaneously. • Central internet bandwidth and network security stack are strained under additional user load from additional “boomerang” network usage. This results in poor performance and productivity, and a poor user experience. Some protections are provided by the cloud apps your users are accessing. If you've implemented cloud security controls for M365 services and data you have controls in place and may be ready to route remote users' traffic directly to O365. If you still require a VPN link for access to other apps, you can improve performance and user experience by implementing split tunneling. Most organizations are running lots of business-critical apps on-premises, many of which may not be accessible from outside the corporate network. Azure AD Application Proxy is a ligh go here.
10. Train Users When users don't know about threat protection features at work in your organization, they can get frustrated by protection features that are perceived as slowing them down or preventing them from getting their work done. In addition, if they know ahead of time what to watch for with respect to suspicious email messages or URLs, they'll be far less likely to open questionable artifacts. Training users can save your users and security operations team a lot of time and frustration. Microsoft 365 Resources: Concept Resources Microsoft 365 Learning Pathways Site These resources can help you put together training for end users in your organization Microsoft 365 Security Learning module: Secure your organization with built-in, intelligent security from Microsoft 365 This module enables you to describe how Microsoft 365 security features work together and to articulate the benefits of these security features. Multi-factor Authentication Two-step verification: What is the additional verification page? This article helps end users understand what multi-factor authentication is and why it's being used at your organization.
11. Get Started With Microsoft Cloud App Security (E5 Uses Full MCAS) Microsoft Cloud App Security provides rich visibility, control over data travel, and sophisticated analytics to identify and combat cyberthreats across all your cloud services. Once you get started with Cloud App Security, anomaly detection policies are automatically enabled, but Cloud App Security has an initial learning period of 7 days during which not all anomaly detection alerts are raised. Get Started With Cloud App Security Now: • QuickStart: Get started with Cloud App Security • Get instantaneous behavioral analytics and anomaly detection • Learn more about Microsoft Cloud App Security • Review new features and capabilities • See basic setup instructions
12. Monitor For Threats & Take Action Microsoft 365 includes several ways to monitor status and take appropriate actions. Your best starting point is the Microsoft 365 Security Center, where you can view your organization's Microsoft Secure Score, and any alerts or entities that require your attention. Get Started: • Get Started With The Microsoft 365 Security Center • Monitor And View Reports • See The Security Portals In Microsoft 365
Stay Tuned… Upcoming Weekly Webinars 4/9 Utilizing Microsoft 365 Security for Remote Work 4/16 Accelerating Adoption and Change Management for Teams for Remote Work 4/16 Preparing for Project Cortex and the Future of Knowledge Management 4/20 Virtual Teams Summit
Q&A . Ron Jones Director, Modern Workplace Microsoft National Business Unit Email: Ron.Jones@Perficient.com Tweet: @ronjones03 Connect: LinkedIn.com/in/jones33 Mark Dobberstein Practice Architect, Modern Workplace Microsoft National Business Unit Email: Mark.Dobberstein@Perficient.com Connect: LinkedIn.com/in/mark- dobberstein-6103a1/
Utilizing Microsoft 365 Security for Remote Work

More Related Content

PPTX
3 Modern Security - Secure identities to reach zero trust with AAD
byAndrew Bettany
 
PPTX
Crisis Management & Remote Work w/ Microsoft 365
byPerficient, Inc.
 
PDF
Protect your hybrid workforce across the attack chain
byDavid J Rosenthal
 
PDF
Office 365 smb guidelines for pure bookkeeping (slideshare)
byDavidNicholls52
 
PDF
Identity and Data protection with Enterprise Mobility Security in ottica GDPR
byJürgen Ambrosi
 
PPTX
Mct summit 2021
byKushantha Gunawardana
 
PPTX
ECMDay2015 - Kent Agerlund - Secunia - 10 minutes is all it takes – Managing ...
byKenny Buntinx
 
PDF
Msft cloud architecture_security_commonattacks
byAkram Qureshi
 
3 Modern Security - Secure identities to reach zero trust with AAD
byAndrew Bettany
 
Crisis Management & Remote Work w/ Microsoft 365
byPerficient, Inc.
 
Protect your hybrid workforce across the attack chain
byDavid J Rosenthal
 
Office 365 smb guidelines for pure bookkeeping (slideshare)
byDavidNicholls52
 
Identity and Data protection with Enterprise Mobility Security in ottica GDPR
byJürgen Ambrosi
 
Mct summit 2021
byKushantha Gunawardana
 
ECMDay2015 - Kent Agerlund - Secunia - 10 minutes is all it takes – Managing ...
byKenny Buntinx
 
Msft cloud architecture_security_commonattacks
byAkram Qureshi
 

What's hot

PPTX
Zero Trust 20211105
byThomas Treml
 
PDF
Microsoft Zero Trust
byDavid J Rosenthal
 
PPTX
IMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONS
byPreetiDevidas
 
PDF
Working with MS Endpoint Manager
byGeorge Grammatikos
 
PDF
Management of all the devices using Microsoft 365 Business
byRobert Crane
 
PDF
Azure Sentinel Tips
byMario Worwell
 
PPTX
cyber-security-reference-architecture
byBirendra Negi ☁️
 
DOCX
Security and Compliance In Microsoft Office 365 Whitepaper
byDavid J Rosenthal
 
PDF
Microsoft 365 Compliance and Security Overview
byDavid J Rosenthal
 
PPTX
EC-Council Products and career path
byKushantha Gunawardana
 
PDF
Microsoft EMS Enterprise Mobility and Security Architecture Poster
byAmmar Hasayen
 
PDF
Security as a Service with Microsoft Presented by Razor Technology
byDavid J Rosenthal
 
PDF
Is the Cloud Safe? Ensuring Security in the Cloud
byTechSoup
 
PDF
Security As A Service
byOlav Tvedt
 
PDF
Securing Office 365
bySymantec
 
PDF
Global Mandate to Secure Cloud Computing
byCloudSecurityAllianceAustralia
 
PPTX
NIC 2017 Azure AD Identity Protection and Conditional Access: Using the Micro...
byMorgan Simonsen
 
PDF
Why CSA Australia
byCloudSecurityAllianceAustralia
 
PPTX
Should You Be Automating
bySiemplify
 
PDF
Cybersecurity frameworks globally and saudi arabia
byFaysal Ghauri
 
Zero Trust 20211105
byThomas Treml
 
Microsoft Zero Trust
byDavid J Rosenthal
 
IMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONS
byPreetiDevidas
 
Working with MS Endpoint Manager
byGeorge Grammatikos
 
Management of all the devices using Microsoft 365 Business
byRobert Crane
 
Azure Sentinel Tips
byMario Worwell
 
cyber-security-reference-architecture
byBirendra Negi ☁️
 
Security and Compliance In Microsoft Office 365 Whitepaper
byDavid J Rosenthal
 
Microsoft 365 Compliance and Security Overview
byDavid J Rosenthal
 
EC-Council Products and career path
byKushantha Gunawardana
 
Microsoft EMS Enterprise Mobility and Security Architecture Poster
byAmmar Hasayen
 
Security as a Service with Microsoft Presented by Razor Technology
byDavid J Rosenthal
 
Is the Cloud Safe? Ensuring Security in the Cloud
byTechSoup
 
Security As A Service
byOlav Tvedt
 
Securing Office 365
bySymantec
 
Global Mandate to Secure Cloud Computing
byCloudSecurityAllianceAustralia
 
NIC 2017 Azure AD Identity Protection and Conditional Access: Using the Micro...
byMorgan Simonsen
 
Why CSA Australia
byCloudSecurityAllianceAustralia
 
Should You Be Automating
bySiemplify
 
Cybersecurity frameworks globally and saudi arabia
byFaysal Ghauri
 

Similar to Utilizing Microsoft 365 Security for Remote Work

PPTX
Securing Teams with Microsoft 365 Security for Remote Work
byPerficient, Inc.
 
PPTX
Zero trust deck 2020
byGuido Marchetti
 
PPTX
Microsoft Security Advice ISSA Slides.pptx
byMike Brannon
 
PDF
Mobility & security Microsoft SPE5 By Bipeen Sinha
byBipeen Sinha
 
PPTX
Microsoft Cloud Application Security Overview
bySyed Sabhi Haider
 
PDF
Microsoft Enterprise Mobility and Security EMS
byDavid J Rosenthal
 
PPTX
Securing your Organization with Microsoft 365
byRavikumar Sathyamurthy
 
PDF
Secure remote work
byAllessandra Negri
 
PDF
Softwerx Microsoft 365 Security Webinar Presentation
byPatrick Leckie
 
PPTX
In t trustm365ems_v3
byInTTrust S.A.
 
PDF
O365Con18 - Deep Dive into Microsoft 365 - Jussi Roine
byNCCOMMS
 
PDF
Being more secure using Microsoft 365 Business
byRobert Crane
 
PDF
CIO Forum June Microsoft.pdf
byErick Alejandro Antonio
 
PDF
2018-10-23 2B - a deep dive into Microsoft 365 security - Muditha Chathuranga
byaOS Community
 
PPTX
Get ahead of cybersecurity with MS Enterprise Mobility + Security
byKjetil Lund-Paulsen
 
PDF
Power Saturday 2019 E1 - Office 365 security
byPowerSaturdayParis
 
PDF
December 2019 Microsoft 365 Need to Know Webinar
byRobert Crane
 
PPTX
SharePoint Conference 2018 - Securing Office 365 and SharePoint Online with A...
byScott Hoag
 
PDF
Get Ahead of Cyber Attacks with Microsoft Enterprise Mobility + Security
byDavid J Rosenthal
 
PPTX
ECS19 - Nicki Borell - Microsoft Cybersecurity Reference Architecture
byEuropean Collaboration Summit
 
Securing Teams with Microsoft 365 Security for Remote Work
byPerficient, Inc.
 
Zero trust deck 2020
byGuido Marchetti
 
Microsoft Security Advice ISSA Slides.pptx
byMike Brannon
 
Mobility & security Microsoft SPE5 By Bipeen Sinha
byBipeen Sinha
 
Microsoft Cloud Application Security Overview
bySyed Sabhi Haider
 
Microsoft Enterprise Mobility and Security EMS
byDavid J Rosenthal
 
Securing your Organization with Microsoft 365
byRavikumar Sathyamurthy
 
Secure remote work
byAllessandra Negri
 
Softwerx Microsoft 365 Security Webinar Presentation
byPatrick Leckie
 
In t trustm365ems_v3
byInTTrust S.A.
 
O365Con18 - Deep Dive into Microsoft 365 - Jussi Roine
byNCCOMMS
 
Being more secure using Microsoft 365 Business
byRobert Crane
 
CIO Forum June Microsoft.pdf
byErick Alejandro Antonio
 
2018-10-23 2B - a deep dive into Microsoft 365 security - Muditha Chathuranga
byaOS Community
 
Get ahead of cybersecurity with MS Enterprise Mobility + Security
byKjetil Lund-Paulsen
 
Power Saturday 2019 E1 - Office 365 security
byPowerSaturdayParis
 
December 2019 Microsoft 365 Need to Know Webinar
byRobert Crane
 
SharePoint Conference 2018 - Securing Office 365 and SharePoint Online with A...
byScott Hoag
 
Get Ahead of Cyber Attacks with Microsoft Enterprise Mobility + Security
byDavid J Rosenthal
 
ECS19 - Nicki Borell - Microsoft Cybersecurity Reference Architecture
byEuropean Collaboration Summit
 

More from Perficient, Inc.

PPTX
Cardtronics Future Ready with Oracle EPM Cloud
byPerficient, Inc.
 
PPTX
Empower Your Organization with Teams & Remote Work Crisis Management
byPerficient, Inc.
 
PPTX
Content, Commerce, and... COVID
byPerficient, Inc.
 
PPTX
Transforming Pharmacovigilance Workflows with AI & Automation
byPerficient, Inc.
 
PPTX
Oracle Strategic Modeling Live: Defined. Discussed. Demonstrated.
byPerficient, Inc.
 
PPTX
Automate Medical Coding With WHODrug Koda
byPerficient, Inc.
 
PPTX
Centene's Financial Transformation Journey: A OneStream Success Story
byPerficient, Inc.
 
PDF
The Secret to Acquiring and Retaining Customers in Financial Services
byPerficient, Inc.
 
PPTX
Preparing for Your Oracle, Medidata, and Veeva CTMS Migration Project
byPerficient, Inc.
 
PPTX
Adoption & Change Management Overview
byPerficient, Inc.
 
PDF
Teams Summit - What is New and Coming
byPerficient, Inc.
 
PPTX
Preparing for Project Cortex and the Future of Knowledge Management
byPerficient, Inc.
 
PDF
Accelerating Partner Management: How Manufacturers Can Navigate Covid-19
byPerficient, Inc.
 
PPTX
Accelerate Adoption for Microsoft Teams
byPerficient, Inc.
 
PPTX
The Critical Role of Audience Intelligence with Eric Enge and Rand Fishkin
byPerficient, Inc.
 
PPTX
Infrastructure Best Practices for Teams Remote Workers
byPerficient, Inc.
 
PPTX
Driving Strong 2020 Holiday Season Results
byPerficient, Inc.
 
PPTX
Microsoft Teams: Measuring Activity of Employees Working from Home
byPerficient, Inc.
 
PPTX
Cancer Center’s Forward-Looking Rolling Forecast with Oracle Cloud
byPerficient, Inc.
 
PPTX
Eric Enge and Jay Baer: Key Factors for Delivering Seamless UX
byPerficient, Inc.
 
Cardtronics Future Ready with Oracle EPM Cloud
byPerficient, Inc.
 
Empower Your Organization with Teams & Remote Work Crisis Management
byPerficient, Inc.
 
Content, Commerce, and... COVID
byPerficient, Inc.
 
Transforming Pharmacovigilance Workflows with AI & Automation
byPerficient, Inc.
 
Oracle Strategic Modeling Live: Defined. Discussed. Demonstrated.
byPerficient, Inc.
 
Automate Medical Coding With WHODrug Koda
byPerficient, Inc.
 
Centene's Financial Transformation Journey: A OneStream Success Story
byPerficient, Inc.
 
The Secret to Acquiring and Retaining Customers in Financial Services
byPerficient, Inc.
 
Preparing for Your Oracle, Medidata, and Veeva CTMS Migration Project
byPerficient, Inc.
 
Adoption & Change Management Overview
byPerficient, Inc.
 
Teams Summit - What is New and Coming
byPerficient, Inc.
 
Preparing for Project Cortex and the Future of Knowledge Management
byPerficient, Inc.
 
Accelerating Partner Management: How Manufacturers Can Navigate Covid-19
byPerficient, Inc.
 
Accelerate Adoption for Microsoft Teams
byPerficient, Inc.
 
The Critical Role of Audience Intelligence with Eric Enge and Rand Fishkin
byPerficient, Inc.
 
Infrastructure Best Practices for Teams Remote Workers
byPerficient, Inc.
 
Driving Strong 2020 Holiday Season Results
byPerficient, Inc.
 
Microsoft Teams: Measuring Activity of Employees Working from Home
byPerficient, Inc.
 
Cancer Center’s Forward-Looking Rolling Forecast with Oracle Cloud
byPerficient, Inc.
 
Eric Enge and Jay Baer: Key Factors for Delivering Seamless UX
byPerficient, Inc.
 

Recently uploaded

PDF
Zero Trust & Defense-in-Depth: The Future of Critical Infrastructure Security
byYasir Naveed Riaz
 
PDF
How Mobile Apps Are Shaping the Future of Digital Innovation
byWilliam Taylor
 
PDF
TrustArc Webinar - Assessing AI Risk with Confidence
byTrustArc
 
PDF
Accelerating Responsible AI Adoption in Public Sector and Private Organizations.
byYasir Naveed Riaz
 
PDF
December Patch Tuesday
byIvanti
 
PPTX
The Landscape of Computer Software Development Companies
byYash Singh
 
PDF
ElyriaSoftware — Powering the Future with Blockchain Innovation
byElyria Software
 
PDF
Top 7 Manufacturing Software for Small Businesses Boosting Growth in 2025
byEnvertis Software Solutions
 
PDF
Empowering Productivity with Clever Prompts and Intelligent Agents
byUni Systems S.M.S.A.
 
PDF
Top Cybersecurity Threats 2025 Guide by Sureshdas
byPrintersassist
 
PDF
The year in review - MarvelClient in 2025
bypanagenda
 
PDF
Security Technologys: Access Control, Firewall, VPN
byShielaLasala
 
PDF
Unser Jahresrückblick – MarvelClient in 2025
bypanagenda
 
PDF
Usage Control for Process Discovery through a Trusted Execution Environment
byValerioGoretti
 
PDF
Knowing and Doing: Knowledge graphs, AI, and work
bymarainglezakis1
 
PDF
Session 1 - Solving Semi-Structured Documents with Document Understanding
byDianaGray10
 
PDF
eResource Scheduler Enterprise Resource Management and Scheduling Software.pdf
byeResource Scheduler
 
PPTX
Ethics in AI - Artificial Intelligence Fundamentals.pptx
byemenyiblessing
 
PDF
Innovative AI Solutions for Business Growth.pdf
byVox Works
 
PDF
8 LLM Surveys https://tinyurl.com/bdz8e6fp
byBob Marcus
 
Zero Trust & Defense-in-Depth: The Future of Critical Infrastructure Security
byYasir Naveed Riaz
 
How Mobile Apps Are Shaping the Future of Digital Innovation
byWilliam Taylor
 
TrustArc Webinar - Assessing AI Risk with Confidence
byTrustArc
 
Accelerating Responsible AI Adoption in Public Sector and Private Organizations.
byYasir Naveed Riaz
 
December Patch Tuesday
byIvanti
 
The Landscape of Computer Software Development Companies
byYash Singh
 
ElyriaSoftware — Powering the Future with Blockchain Innovation
byElyria Software
 
Top 7 Manufacturing Software for Small Businesses Boosting Growth in 2025
byEnvertis Software Solutions
 
Empowering Productivity with Clever Prompts and Intelligent Agents
byUni Systems S.M.S.A.
 
Top Cybersecurity Threats 2025 Guide by Sureshdas
byPrintersassist
 
The year in review - MarvelClient in 2025
bypanagenda
 
Security Technologys: Access Control, Firewall, VPN
byShielaLasala
 
Unser Jahresrückblick – MarvelClient in 2025
bypanagenda
 
Usage Control for Process Discovery through a Trusted Execution Environment
byValerioGoretti
 
Knowing and Doing: Knowledge graphs, AI, and work
bymarainglezakis1
 
Session 1 - Solving Semi-Structured Documents with Document Understanding
byDianaGray10
 
eResource Scheduler Enterprise Resource Management and Scheduling Software.pdf
byeResource Scheduler
 
Ethics in AI - Artificial Intelligence Fundamentals.pptx
byemenyiblessing
 
Innovative AI Solutions for Business Growth.pdf
byVox Works
 
8 LLM Surveys https://tinyurl.com/bdz8e6fp
byBob Marcus
 

Utilizing Microsoft 365 Security for Remote Work

  • 2.
    Introductions . Ron Jones Director, ModernWorkplace Microsoft National Business Unit Email: Ron.Jones@Perficient.com Tweet: @ronjones03 Connect: LinkedIn.com/in/jones33 Mark Dobberstein Practice Architect, Modern Workplace Microsoft National Business Unit Email: Mark.Dobberstein@Perficient.com Connect: LinkedIn.com/in/mark- dobberstein-6103a1/
  • 4.
    5 Million 350+ 125+50+ $500M+OCM 95% 85% AZURE CONSUMPTION GROWTH A W A R D S & R E C O G N I T I O N I N D U S T R Y T E A M S
  • 5.
    We’re Here toHelp! Amidst the uncertainty, you need a partner you can count on. With nearly 4,000 team members across the globe we're remote ready, and here to help move your digital transformation projects forward! Microsoft 365 Rapid Response Offerings: • Free Virtual Consultations and Workshops • Teams in 10 Days • Crisis Management Communication Solutions • Accelerated Adoption
  • 6.
  • 7.
    Introduction Network-based security isno longer an adequate option when organizations are looking to securely block potential threats. With an increasingly mobile workforce, and the spread of shadow IT, the rapid rise of cybercrime - companies must find unique ways to effectively manage their sprawling SaaS portfolio. Impacting Businesses Should I • Cloud and SaaS Sprawl • Shadow/Stealth IT • Rapid Obsolescence of Network-based Security Architecture • Continued Threat of Cybercrime
  • 8.
    Zero Trust Cybersecurity issteadily becoming an arms race. Improvements in detection, protection, and response are met with more diverse and effective attack tactics. There is no impermeable perimeter. It’s not a matter of if, but when, there will be an incident — you may have already been hacked but just don’t know it yet. The Zero Trust framework is the pragmatic model for today’s hostile reality that includes a mindset, operating model, and architecture tuned to the threat. The best way to prep and implement a new security framework is to start with “no trust but verify” model. The model has been promoted by Forrester as “Zero Trust” since 2010. "Every service request made by a user or machine is properly authenticated, authorized, and encrypted end-to-end."
  • 9.
    Microsoft 365: APath to Zero Trust Microsoft has identified 12 key tasks to help security teams implement the most important security capabilities as quickly as possible with COVID-19 in mind. 1) Enable Azure multi-factor authentication (MFA) 2) Protect against threats in Office 365 3) Configure Office 365 advanced threat protection 4) Configure Azure advanced threat protection 5) Turn on Microsoft Advanced Threat Protection 6) Configure intune mobile app protection for phones and tablets 7. Configure MFA and conditional access for guests, including intune mobile app protection 8. Enroll PCs into Device Management and require compliant PCs 9. Optimize your network for cloud connectivity 10. Train Users 11. Get started with Microsoft cloud app security 12. Monitor for threats and take action
  • 10.
    Security Capabilities & Licensing Utilizingour enterprise plans, Microsoft recommends you complete the tasks listed in the following table that apply to your service plan. If, instead of purchasing a Microsoft 365 enterprise plan, you are combining subscriptions, note the following: • Microsoft 365 E3 includes Enterprise Mobility + Security (EMS) E3 and Azure AD P1 • Microsoft 365 E5 includes EMS E5 and Azure AD P2 Task All Office 365 Enterprise Plans Microsoft 365 E3 Microsoft 365 E5 1. Enable Azure Multi-factor Authentication (MFA)    2. Protect Against Threats In Office 365    3. Configure Office 365 Advanced Threat Protection  4. Configure Azure Advanced Threat Protection (ATP)  5. Turn On Microsoft Advanced Threat Protection  6. Configure Intune Mobile App Protection For Phones And Tablets   7. Configure MFA And Conditional Access For Guests, Including Intune Mobile App Protection   8. Enroll Pcs Into Device Management And Require Compliant Pcs   9. Optimize Your Network For Cloud Connectivity    10. Train Users    11. Get Started With Microsoft Cloud App Security    12. Monitor For Threats And Take Action   
  • 11.
    1. Enable AzureMulti-Factor Authentication (MFA) The single best thing you can do to improve security for employees working from home is to turn on MFA. If you don't already have processes in place, treat this as an emergency pilot and make sure you have support folks ready to help employees who get stuck. Recommendations: For organizations without Azure AD P1 or P2 • Enable Security defaults in Azure AD • Security defaults in Azure AD include MFA for users and administrators For organizations with Azure AD P1 (Microsoft 365 E3) • Require MFA for administrators • Require MFA for all users • Block legacy authentication For organizations with Azure AD P2 (Microsoft 365 E5) • Require MFA when sign-in risk is medium or high • Block clients that don't support modern authentication • High risk users must change password
  • 12.
    2. Protect AgainstThreats In Office 365 • • •
  • 13.
    3. Configure Office365 Advanced Threat Protection (E5 Only) • • •
  • 14.
    4. Configure AzureAdvanced Threat Protection (ATP) • • • •
  • 15.
    5. Turn onMicrosoft Threat Protection (E5 Only) Now that you have Office 365 ATP and Azure ATP configured, you can view the combined signals from these capabilities in one dashboard. Microsoft Threat Protection (MTP) brings together alerts, incidents, automated investigation and response, and advanced hunting across workloads (Azure ATP, Office 365 ATP, Microsoft Defender ATP, and Microsoft Cloud App Security) into a single pane at security.microsoft.com.
  • 16.
    6. Configure IntuneMobile App Protection For Phones And Tablets (E3 And E5) Microsoft Intune Mobile Application Management (MAM), now known as Endpoint Manager, allows you to manage and protect your organization's data on phones and tablets without managing these devices (BYOD). Here's How It Works: • Create an App Protection Policy (APP) that determines which apps on a device are managed and what behaviors are allowed (such as preventing data from a managed app from being copied to an unmanaged app). Create one policy for each platform (iOS, Android). • After creating the app protection policies, enforce these by creating a conditional access rule in Azure AD to require approved apps and APP data protection. Start With Common Identity And Device Management Policies Use the article located here to get started. It illustrates the recommended set of policies. It shows which tier of protections each policy applies to and whether the policies apply to PCs or phones and tablets, or both categories of devices.
  • 17.
    7. Configure MFA& Conditional Access for Guests, Including Intune App Protection (E3 And E5) Next, ensure you can continue to collaborate and work with guests. If you're using the Microsoft 365 E3 plan and implemented MFA for all users, you're set. If you're using the Microsoft 365 E5 plan and you're taking advantage of Azure Identity Protection for risk-based MFA, you need to make a couple of adjustments (because Azure AD Identity protection doesn't extend to guests): • Create a new conditional access rule to always require MFA for guests and external users. • Update the risk-based MFA conditional access rule to exclude guests and external users. Use guidance from Updating the common policies to allow and protect guest and external access to understand how guest access works with Azure AD and to update the affected policies. The Intune mobile app protection policies you created, together with the conditional access rule to require approved apps and APP protection, apply to guests accounts and will help protect your organization data.
  • 18.
    8. Enroll PCsInto Device Management & Require Compliant PCs (E3 And E5) There are several methods to enroll your workforce's devices. Each method depends on the device's ownership (personal or corporate), device type (iOS, Windows, Android), and management requirements (resets, affinity, locking). After enrolling devices, use the guidance in Common identity and device access policies to create these policies: • Define device-compliance policies - The recommended settings for Windows 10 include requiring antivirus protection. If you have Microsoft 365 E5, use Microsoft Defender Advanced Threat Protection to monitor the health of employee devices. Be sure compliance policies for other operating systems include antivirus protection and end-point protection software. • Require compliant PCs - This is the conditional access rule in Azure AD that enforces the device compliance policies. Only one organization can manage a device, so be sure to exclude guest accounts from the conditional access rule in Azure AD. If you don't exclude guest and external users from policies that require device compliance, these policies will block these users. For more information, see updating the Common Policies” to allow and protect guest and external access
  • 19.
    9. Optimize YourNetwork For Cloud Connectivity If you are rapidly enabling the bulk of employees to work from home, this sudden switch of connectivity patterns can have a significant impact on corporate network infrastructure, here is why: • Many networks were scaled and designed before cloud services were adopted. • In many cases, networks were not designed to be used remotely by all users simultaneously. • Central internet bandwidth and network security stack are strained under additional user load from additional “boomerang” network usage. This results in poor performance and productivity, and a poor user experience. Some protections are provided by the cloud apps your users are accessing. If you've implemented cloud security controls for M365 services and data you have controls in place and may be ready to route remote users' traffic directly to O365. If you still require a VPN link for access to other apps, you can improve performance and user experience by implementing split tunneling. Most organizations are running lots of business-critical apps on-premises, many of which may not be accessible from outside the corporate network. Azure AD Application Proxy is a ligh go here.
  • 20.
    10. Train Users Whenusers don't know about threat protection features at work in your organization, they can get frustrated by protection features that are perceived as slowing them down or preventing them from getting their work done. In addition, if they know ahead of time what to watch for with respect to suspicious email messages or URLs, they'll be far less likely to open questionable artifacts. Training users can save your users and security operations team a lot of time and frustration. Microsoft 365 Resources: Concept Resources Microsoft 365 Learning Pathways Site These resources can help you put together training for end users in your organization Microsoft 365 Security Learning module: Secure your organization with built-in, intelligent security from Microsoft 365 This module enables you to describe how Microsoft 365 security features work together and to articulate the benefits of these security features. Multi-factor Authentication Two-step verification: What is the additional verification page? This article helps end users understand what multi-factor authentication is and why it's being used at your organization.
  • 21.
    11. Get StartedWith Microsoft Cloud App Security (E5 Uses Full MCAS) Microsoft Cloud App Security provides rich visibility, control over data travel, and sophisticated analytics to identify and combat cyberthreats across all your cloud services. Once you get started with Cloud App Security, anomaly detection policies are automatically enabled, but Cloud App Security has an initial learning period of 7 days during which not all anomaly detection alerts are raised. Get Started With Cloud App Security Now: • QuickStart: Get started with Cloud App Security • Get instantaneous behavioral analytics and anomaly detection • Learn more about Microsoft Cloud App Security • Review new features and capabilities • See basic setup instructions
  • 22.
    12. Monitor ForThreats & Take Action Microsoft 365 includes several ways to monitor status and take appropriate actions. Your best starting point is the Microsoft 365 Security Center, where you can view your organization's Microsoft Secure Score, and any alerts or entities that require your attention. Get Started: • Get Started With The Microsoft 365 Security Center • Monitor And View Reports • See The Security Portals In Microsoft 365
  • 23.
    Stay Tuned… Upcoming WeeklyWebinars 4/9 Utilizing Microsoft 365 Security for Remote Work 4/16 Accelerating Adoption and Change Management for Teams for Remote Work 4/16 Preparing for Project Cortex and the Future of Knowledge Management 4/20 Virtual Teams Summit
  • 24.
    Q&A . Ron Jones Director, ModernWorkplace Microsoft National Business Unit Email: Ron.Jones@Perficient.com Tweet: @ronjones03 Connect: LinkedIn.com/in/jones33 Mark Dobberstein Practice Architect, Modern Workplace Microsoft National Business Unit Email: Mark.Dobberstein@Perficient.com Connect: LinkedIn.com/in/mark- dobberstein-6103a1/

Editor's Notes

  • #11 https://techcommunit Microsoft Teams is a powerful hub for teamwork, whether you’re working at the office, on the road, or from home. It enables your team to work seamlessly together, integrating chat, calling, meetings, business process, task management and file collaboration. Communities, on the other hand, connect with people across teams, and across the organization, to share knowledge and experience. In the past, Yammer and Teams were separate experiences, adding friction by requiring people to bounce back and forth between applications. Today, you can add an important Yammer community to your team.  Click “+” to add a tab, pick Yammer, and configure the community you want to display. For example, you can add a crisis response tab to your team, allowing you to follow and engage with conversations in the community without leaving your hub for teamwork. Very soon, Microsoft will be releasing the new Yammer app for Teams, which will bring the new Yammer experience, in full fidelity, into Teams. This will give Teams customers a more powerful hub for teamwork that integrates their investments in Yammer. Stay tuned for more as we near the release of the Yammer app for Teams. y.microsoft.com/t5/yammer-blog/keeping-employees-informed-and-engaged-during-difficult-times/ba-p/1216032
  • #12 he single best thing you can do to improve security for employees working from home is to turn on MFA. If you don't already have processes in place, treat this as an emergency pilot and make sure you have support folks ready to help employees who get stuck. As you probably can't distribute hardware security devices, use Windows Hello biometrics and smartphone authentication apps like Microsoft Authenticator. Normally, Microsoft recommends you give users 14 days to register their device for Multi-Factor Authentication before requiring MFA. However, if your workforce is suddenly working from home, go ahead and require MFA as a security priority and be prepared to help users who need it. Applying these policies will take only a few minutes, but be prepared to support your users over the next several days. 365 plans (without Azure AD P1 or P2)Enable Security defaults in Azure AD. Security defaults in Azure AD include MFA for users and administrators. Microsoft 365 E3 (with Azure AD P1)Use Common Conditional Access policies to configure the following policies: - Require MFA for administrators - Require MFA for all users - Block legacy authentication Microsoft 365 E5 (with Azure AD P2)Taking advantage of Azure AD Identity Protection, begin to implement Microsoft's recommended set of conditional access and related policies by creating these two policies: - Require MFA when sign-in risk is medium or high - Block clients that don't support modern authentication - High risk users must change password
  • #13 All Office 365 plans include a variety of threat protection features. Bumping up protection for these features takes just a few minutes. Anti-malware protection Protection from malicious URLs and files Anti-phishing protection Anti-spam protection See Protect against threats in Office 365 for guidance you can use as a starting point.
  • #14 Office 365 Advanced Threat Protection (ATP), included with Microsoft 365 E5 and Office 365 E5, safeguards your organization against malicious threats posed by email messages, links (URLs) and collaboration tools. This can take several hours to configure. Office 365 ATP: Protects your organization from unknown email threats in real-time by using intelligent systems that inspect attachments and links for malicious content. These automated systems include a robust detonation platform, heuristics, and machine learning models. Protects your organization when users collaborate and share files, by identifying and blocking malicious files in team sites and document libraries. Applies machine learning models and advanced impersonation-detection algorithms to avert phishing attacks. For an overview, including a summary of plans, see Office 365 Advanced Threat Protection. Your Global Administrator can configure these protections: Set up ATP Safe Links Set up ATP Safe Attachments policies Set up a custom "do not rewrite" URLs list Set up a custom blocked URLs list You'll need to work with your Exchange Online administrator and SharePoint Online administrator to configure ATP for these workloads: Turn on ATP for SharePoint, OneDrive, and Microsoft Teams
  • #18 5 to 1 ratio for Azure AD Premium licensing P1 and P2
  • #20 Protections traditionally provided by routing traffic back through a corporate network, are provided by cloud apps your users are accessing