office 365: modern workplace - peters & associates...office 365: modern workplace november 8,...

Helping you grow your business with

scalable IT services & solutionsfor today’s challenges & tomorrow’s vision.

© 2018 Peters & Associates, Inc. All rights reserved.

Office 365: Modern Workplace

November 8, 2018

Bruce Ward, VP of Business Strategy

+EMS E5

Azure AD Basic:

• Single sign-on (SSO) for O365

• Basic multi-factor authentication (MFA) for O365

• SSO for Cloud Apps

MDM for O365

• Device settings management

• Selective wipe

• Built into O365 management console

RMS for O365

• Protection for content stored in Office (on-premises or O365)

• Access to RMS SDK

Activity Logs

Azure Active Directory P2

• Risk based conditional access

• Identity Protection Portal

Identity and access management

Azure Active Directory P1

• Single sign-on (SSO) for all apps

• Conditional MFA, Password Self Service, Dynamic Groups

Cloud App Security - ALL

• Visibility and control for all cloud apps

Identity-driven security

Advanced Threat Analytics

• Identify advanced threats in on premises identities

Azure Information Protection Plan 2

• Automated intelligent classification and labeling of data + AIP Scanner

Information protection

Managed mobile productivity

Intune

• App management (MAM)

• Device management (MDM)

• PC management

Azure Information Protection Plan 1

• Tracking and notifications for shared documents

Office 365 ATP – email links, attachments, phishing

Skype/Teams Extension

• Voice

• Conferencing

Power BI

Advanced eDiscovery–search

Compliance

• Customer Lockbox, Customer Key, Privileged Access

Cloud App Security - O365

Portal with anomalous activity

+EMS E3

Features: Office ProPlus, Exchange (eDiscovery, DLP), Skype/Teams, SharePoint, Office Online, OneDrive, Video, Yammer, Delve, MyAnalytics, Planner, Stream, Flow, StaffHub, and more…

© 2016 Peters & Associates, Inc. All rights reserved.

IT SecuritySolutionsNIST’s CyberSecurity Framework (CSF)

© 2018 Peters & Associates, Inc. All rights reserved.

O365 – Functionality and Features

+EMS E5

Azure AD Basic:

• Single sign-on (SSO) for O365

• Basic multi-factor authentication (MFA) for O365

• SSO for Cloud Apps

MDM for O365

• Device settings management

• Selective wipe

• Built into O365 management console

RMS for O365

• Protection for content stored in Office (on-premises or O365)

• Access to RMS SDK

Activity Logs

Azure Active Directory P2

• Risk based conditional access

• Identity Protection Portal

Identity and access management

Azure Active Directory P1

• Single sign-on (SSO) for all apps

• Conditional MFA, Password Self Service, Dynamic Groups

Cloud App Security - ALL

• Visibility and control for all cloud apps

Identity-driven security

Advanced Threat Analytics

• Identify advanced threats in on premises identities

Azure Information Protection Plan 2

• Automated intelligent classification and labeling of data + AIP Scanner

Information protection

Managed mobile productivity

Intune

• App management (MAM)

• Device management (MDM)

• PC management

Azure Information Protection Plan 1

• Tracking and notifications for shared documents

Office 365 ATP – email links, attachments, phishing

Skype/Teams Extension

• Voice

• Conferencing

Power BI

Advanced eDiscovery–search

Compliance

• Customer Lockbox, Customer Key, Privileged Access

Cloud App Security - O365

Portal with anomalous activity

+EMS E3

Features: Office ProPlus, Exchange (eDiscovery, DLP), Skype/Teams, SharePoint, Office Online, OneDrive, Video, Yammer, Delve, MyAnalytics, Planner, Stream, Flow, StaffHub, and more…

© 2018 Peters & Associates, Inc. All rights reserved.

IT SecuritySolutionsWhiteboard

Conditions

Actions

Exceptions

8

© 2016 Peters & Associates, Inc. All rights reserved.

CollaborationSolutionsPowerApps

© 2018 Peters & Associates, Inc. All rights reserved.

O365 – E3 Features / Security

+EMS E5

Azure AD Basic:

• Single sign-on (SSO) for O365

• Basic multi-factor authentication (MFA) for O365

• SSO for Cloud Apps

MDM for O365

• Device settings management

• Selective wipe

• Built into O365 management console

RMS for O365

• Protection for content stored in Office (on-premises or O365)

• Access to RMS SDK

Activity Logs

Azure Active Directory P2

• Risk based conditional access

• Identity Protection Portal

Identity and access management

Azure Active Directory P1

• Single sign-on (SSO) for all apps

• Conditional MFA, Password Self Service, Dynamic Groups

Cloud App Security - ALL

• Visibility and control for all cloud apps

Identity-driven security

Advanced Threat Analytics

• Identify advanced threats in on premises identities

Azure Information Protection Plan 2

• Automated intelligent classification and labeling of data + AIP Scanner

Information protection

Managed mobile productivity

Intune

• App management (MAM)

• Device management (MDM)

• PC management

Azure Information Protection Plan 1

• Tracking and notifications for shared documents

Office 365 ATP – email links, attachments, phishing

Skype/Teams Extension

• Voice

• Conferencing

Power BI

Advanced eDiscovery–search

Compliance

• Customer Lockbox, Customer Key, Privileged Access

Cloud App Security - O365

Portal with anomalous activity

+EMS E3

Features: Office ProPlus, Exchange (eDiscovery, DLP), Skype/Teams, SharePoint, Office Online, OneDrive, Video, Yammer, Delve, MyAnalytics, Planner, Stream, Flow, StaffHub, and more…

© 2016 Peters & Associates, Inc. All rights reserved.

IT SecuritySolutionsNIST’s CyberSecurity Framework (CSF)

— Identity and access management for employees, partners, and customers —

Conditional

Access

Multi-Factor

Authentication

Addition of

custom cloud

apps

Remote Access

to on-premises

apps

Privileged

Identity

Management

Dynamic GroupsIdentity

Protection

Azure AD DSOffice 365 App

Launcher

Group-Based

Licensing

Access

Panel/MyApps

Azure AD

Connect

Connect Health

Provisioning-

Deprovisioning

Azure AD Join

Self-Service

capabilities

MDM-auto

enrollment /

Enterprise State

Roaming

Security

Reporting

Access ReviewsHR App

Integration

B2B

collaboration

Azure AD

B2C

SSO to SaaS

Microsoft

Authenticator -

Password-less

Access

John Doe

lllllll

Azure AD

Connect

On-premises /Private cloud

Microsoft Azure Active Directory

I want to provide my employees

access to every app from any

location and any device

Hybrid made easy

1 Identity

Thousands of apps

Require MFA

Allow access

Deny access

Force password reset******

Limit access

Controls

On-premises apps

Web apps

Users

Devices

Location

Apps

Conditions

Machine

learning

Policies

Real timeEvaluationEngine

SessionRisk

3

10TB

Effectivepolicy

Azure AD MFA

Require MFA

Allow access

Deny access

Force password reset******

Limit access

Controls

Users

Devices

Location

Apps

Conditions

Machine

learning

Policies

Real timeEvaluationEngine

SessionRisk

3

10TB

Effectivepolicy

© 2016 Peters & Associates, Inc. All rights reserved.

IT SecuritySolutionsNIST’s CyberSecurity Framework (CSF)

© 2017 Peters & Associates, Inc. All rights reserved.

IT SecuritySolutionsAudit Walk-Thru

Category Feature Exchange ActiveSync

MDM for Office 365

Microsoft Intune(cloud only)

Intune + ConfigMgr (hybrid)

Devi

ce

config

ura

tio

n Inventory mobile devices that access corporate applications ● ● ● ●

Remote factory reset (full device wipe) ● ● ● ●

Mobile device configuration settings (PIN length, PIN required, lock time, etc.) ● ● ● ●

Self-service password reset (Office 365 cloud only users) ● ● ● ●

Off

ice 3

65

Provides reporting on devices that do not meet IT policy ● ● ●

Group-based policies and reporting (ability to use groups for targeted device configuration) ● ● ●

Root and jailbreak detection ● ● ●Remove Office 365 app data from mobile devices while leaving personal data and apps intact (selective

wipe) ● ● ●

Prevent access to corporate email and documents based upon device enrollment and compliance

policies ● ● ●

Pre

miu

m

m

ob

ile d

evi

ce &

ap

p m

anag

em

ent

Self-service Company Portal for users to enroll their own devices and install corporate apps ● ●

App deployment (Windows Phone, iOS, Android) ● ●

Deploy certificates, VPN profiles (including app-specific profiles), email profiles, and Wi-Fi profiles ● ●Prevent cut/copy/paste/save as of data from corporate apps to personal apps (mobile application

management) ● ●

Secure content viewing via Managed Browser, PDF Viewer, Image Viewer, and AV Player apps for Intune ● ●

Remote device lock via self-service Company Portal and via admin console ● ●

PC

m

anag

em

ent

Client PC management (e.g. Windows 8.1, inventory, antimalware, patch, policies, etc.) ● ●

PC software management ● ●Comprehensive PC management (e.g. Group Policy, login scripts, BitLocker management, virtual desktop

and power management, custom reporting, etc.) ●

Windows Server/Linux/UNIX/Mac OS X support ●

OS deployment and imaging ●

© 2018 Peters & Associates, Inc. All rights reserved.

IT SecuritySolutionsMDM for Office 365

User

Policy EnforcementSelective Wipe

© 2017 Peters & Associates, Inc. All rights reserved.

IT SecuritySolutionsRights Management Services (RMS)

Data protection at rest

Data protection at rest

Data protection at rest

Data Protection in motion Data Protection in motion

Information can be protected with RMS at rest or in motion

Data protection at rest

© 2018 Peters & Associates, Inc. All rights reserved.

IT SecuritySolutionsWhiteboard

© 2018 Peters & Associates, Inc. All rights reserved.

O365 – E5 Features / Security

+EMS E5

Azure AD Basic:

• Single sign-on (SSO) for O365

• Basic multi-factor authentication (MFA) for O365

• SSO for Cloud Apps

MDM for O365

• Device settings management

• Selective wipe

• Built into O365 management console

RMS for O365

• Protection for content stored in Office (on-premises or O365)

• Access to RMS SDK

Activity Logs

Azure Active Directory P2

• Risk based conditional access

• Identity Protection Portal

Identity and access management

Azure Active Directory P1

• Single sign-on (SSO) for all apps

• Conditional MFA, Password Self Service, Dynamic Groups

Cloud App Security - ALL

• Visibility and control for all cloud apps

Identity-driven security

Advanced Threat Analytics

• Identify advanced threats in on premises identities

Azure Information Protection Plan 2

• Automated intelligent classification and labeling of data + AIP Scanner

Information protection

Managed mobile productivity

Intune

• App management (MAM)

• Device management (MDM)

• PC management

Azure Information Protection Plan 1

• Tracking and notifications for shared documents

Office 365 ATP – email links, attachments, phishing

Skype/Teams Extension

• Voice

• Conferencing

Power BI

Advanced eDiscovery–search

Compliance

• Customer Lockbox, Customer Key, Privileged Access

Cloud App Security - O365

Portal with anomalous activity

+EMS E3

Features: Office ProPlus, Exchange (eDiscovery, DLP), Skype/Teams, SharePoint, Office Online, OneDrive, Video, Yammer, Delve, MyAnalytics, Planner, Stream, Flow, StaffHub, and more…

© 2018 Peters & Associates, Inc. All rights reserved.

Anti-Malware:• SafeLinks

• SafeAttachments

Anti-Phishing:• Anti-Impersonation - Personal

• Anti-Impersonation - Domain

4) ATP IT SecuritySolutions

Safe

Exchange Online Protection

Links

RecipientSafe Links rewrite

Unsafe

Attachment

Safe Attachments detonation chamber (sandbox)

Sender

© 2018 Peters & Associates, Inc. All rights reserved.

IT SecuritySolutionsTechnology - Limit Impersonators! IT SecuritySolutions

© 2018 Peters & Associates, Inc. All rights reserved.

IT SecuritySolutionsWhiteboard

© 2016 Peters & Associates, Inc. All rights reserved.

Overall Posture

Recommendations

One-time Enable Advanced Security Management Console

One-time Enable MFA for all global admins

One-time Enable mailbox auditing for all users

Weekly Review signs-ins after multiple failures reports

Weekly Review sign-ins from unknown sources report

Weekly Review signs-ins from multiple geographies report

Weekly Review role changes

Weekly Review mailbox forwarding rules

Weekly Review mailbox access by non-owners report

Weekly Review malware detections report

Weekly Review sign-in devices report

Weekly O365 Security Check

❑ Mailbox Auditing❑ Inbox Forwarding❑ Mailbox Retention

❑ Office 365 Domains❑ Office 365 Settings❑ MFA Phone Numbers

❑ Foreign Mailbox Logons❑ Old / Unused Mailboxes❑ Roles assigned

© 2016 Peters & Associates, Inc. All rights reserved.

IT SecuritySolutions

Compliance Walk-Thru

https://ServiceTrust.Microsoft.com

© 2018 Peters & Associates, Inc. All rights reserved.

IT SecuritySolutions

Offers:

https://www.peters.com/phishing-test-free-trial/

https://www.peters.com/security-audit-free-trial/

© 2018 Peters & Associates, Inc. All rights reserved.

IT SecuritySolutions

Reminder – Free XBOX Raffle

http://www.peters.com/events http://www.peters.com/blog/

Events, Webinars & Blogs

© 2015 Peters & Associates, Inc. All rights reserved.© 2018 Peters & Associates, Inc. All rights reserved.

To ask questions, either:

1) Take phone off mute, ask.

2) Type question in IM Window

1801 S. Meyers Road, Suite 120Oakbrook Terrace, IL 60181

(630) 832-0075

Thank you!

© 2018 Peters & Associates, Inc. All rights reserved.

Bruce Ward

Bruce.Ward@peters.com