office 365: modern workplace - peters & associates...office 365: modern workplace november 8,...
TRANSCRIPT
Helping you grow your business with
scalable IT services & solutionsfor today’s challenges & tomorrow’s vision.
© 2018 Peters & Associates, Inc. All rights reserved.
Office 365: Modern Workplace
November 8, 2018
Bruce Ward, VP of Business Strategy
+EMS E5
Azure AD Basic:
• Single sign-on (SSO) for O365
• Basic multi-factor authentication (MFA) for O365
• SSO for Cloud Apps
MDM for O365
• Device settings management
• Selective wipe
• Built into O365 management console
RMS for O365
• Protection for content stored in Office (on-premises or O365)
• Access to RMS SDK
Activity Logs
Azure Active Directory P2
• Risk based conditional access
• Identity Protection Portal
Identity and access management
Azure Active Directory P1
• Single sign-on (SSO) for all apps
• Conditional MFA, Password Self Service, Dynamic Groups
Cloud App Security - ALL
• Visibility and control for all cloud apps
Identity-driven security
Advanced Threat Analytics
• Identify advanced threats in on premises identities
Azure Information Protection Plan 2
• Automated intelligent classification and labeling of data + AIP Scanner
Information protection
Managed mobile productivity
Intune
• App management (MAM)
• Device management (MDM)
• PC management
Azure Information Protection Plan 1
• Tracking and notifications for shared documents
Office 365 ATP – email links, attachments, phishing
Skype/Teams Extension
• Voice
• Conferencing
Power BI
Advanced eDiscovery–search
Compliance
• Customer Lockbox, Customer Key, Privileged Access
Cloud App Security - O365
Portal with anomalous activity
+EMS E3
Features: Office ProPlus, Exchange (eDiscovery, DLP), Skype/Teams, SharePoint, Office Online, OneDrive, Video, Yammer, Delve, MyAnalytics, Planner, Stream, Flow, StaffHub, and more…
© 2016 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutionsNIST’s CyberSecurity Framework (CSF)
© 2018 Peters & Associates, Inc. All rights reserved.
O365 – Functionality and Features
+EMS E5
Azure AD Basic:
• Single sign-on (SSO) for O365
• Basic multi-factor authentication (MFA) for O365
• SSO for Cloud Apps
MDM for O365
• Device settings management
• Selective wipe
• Built into O365 management console
RMS for O365
• Protection for content stored in Office (on-premises or O365)
• Access to RMS SDK
Activity Logs
Azure Active Directory P2
• Risk based conditional access
• Identity Protection Portal
Identity and access management
Azure Active Directory P1
• Single sign-on (SSO) for all apps
• Conditional MFA, Password Self Service, Dynamic Groups
Cloud App Security - ALL
• Visibility and control for all cloud apps
Identity-driven security
Advanced Threat Analytics
• Identify advanced threats in on premises identities
Azure Information Protection Plan 2
• Automated intelligent classification and labeling of data + AIP Scanner
Information protection
Managed mobile productivity
Intune
• App management (MAM)
• Device management (MDM)
• PC management
Azure Information Protection Plan 1
• Tracking and notifications for shared documents
Office 365 ATP – email links, attachments, phishing
Skype/Teams Extension
• Voice
• Conferencing
Power BI
Advanced eDiscovery–search
Compliance
• Customer Lockbox, Customer Key, Privileged Access
Cloud App Security - O365
Portal with anomalous activity
+EMS E3
Features: Office ProPlus, Exchange (eDiscovery, DLP), Skype/Teams, SharePoint, Office Online, OneDrive, Video, Yammer, Delve, MyAnalytics, Planner, Stream, Flow, StaffHub, and more…
© 2018 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutionsWhiteboard
Conditions
Actions
Exceptions
8
© 2016 Peters & Associates, Inc. All rights reserved.
CollaborationSolutionsPowerApps
© 2018 Peters & Associates, Inc. All rights reserved.
O365 – E3 Features / Security
+EMS E5
Azure AD Basic:
• Single sign-on (SSO) for O365
• Basic multi-factor authentication (MFA) for O365
• SSO for Cloud Apps
MDM for O365
• Device settings management
• Selective wipe
• Built into O365 management console
RMS for O365
• Protection for content stored in Office (on-premises or O365)
• Access to RMS SDK
Activity Logs
Azure Active Directory P2
• Risk based conditional access
• Identity Protection Portal
Identity and access management
Azure Active Directory P1
• Single sign-on (SSO) for all apps
• Conditional MFA, Password Self Service, Dynamic Groups
Cloud App Security - ALL
• Visibility and control for all cloud apps
Identity-driven security
Advanced Threat Analytics
• Identify advanced threats in on premises identities
Azure Information Protection Plan 2
• Automated intelligent classification and labeling of data + AIP Scanner
Information protection
Managed mobile productivity
Intune
• App management (MAM)
• Device management (MDM)
• PC management
Azure Information Protection Plan 1
• Tracking and notifications for shared documents
Office 365 ATP – email links, attachments, phishing
Skype/Teams Extension
• Voice
• Conferencing
Power BI
Advanced eDiscovery–search
Compliance
• Customer Lockbox, Customer Key, Privileged Access
Cloud App Security - O365
Portal with anomalous activity
+EMS E3
Features: Office ProPlus, Exchange (eDiscovery, DLP), Skype/Teams, SharePoint, Office Online, OneDrive, Video, Yammer, Delve, MyAnalytics, Planner, Stream, Flow, StaffHub, and more…
© 2016 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutionsNIST’s CyberSecurity Framework (CSF)
— Identity and access management for employees, partners, and customers —
Conditional
Access
Multi-Factor
Authentication
Addition of
custom cloud
apps
Remote Access
to on-premises
apps
Privileged
Identity
Management
Dynamic GroupsIdentity
Protection
Azure AD DSOffice 365 App
Launcher
Group-Based
Licensing
Access
Panel/MyApps
Azure AD
Connect
Connect Health
Provisioning-
Deprovisioning
Azure AD Join
Self-Service
capabilities
MDM-auto
enrollment /
Enterprise State
Roaming
Security
Reporting
Access ReviewsHR App
Integration
B2B
collaboration
Azure AD
B2C
SSO to SaaS
Microsoft
Authenticator -
Password-less
Access
John Doe
lllllll
Azure AD
Connect
On-premises /Private cloud
Microsoft Azure Active Directory
I want to provide my employees
access to every app from any
location and any device
Hybrid made easy
1 Identity
Thousands of apps
Require MFA
Allow access
Deny access
Force password reset******
Limit access
Controls
On-premises apps
Web apps
Users
Devices
Location
Apps
Conditions
Machine
learning
Policies
Real timeEvaluationEngine
SessionRisk
3
10TB
Effectivepolicy
Azure AD MFA
Require MFA
Allow access
Deny access
Force password reset******
Limit access
Controls
Users
Devices
Location
Apps
Conditions
Machine
learning
Policies
Real timeEvaluationEngine
SessionRisk
3
10TB
Effectivepolicy
© 2016 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutionsNIST’s CyberSecurity Framework (CSF)
© 2017 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutionsAudit Walk-Thru
Category Feature Exchange ActiveSync
MDM for Office 365
Microsoft Intune(cloud only)
Intune + ConfigMgr (hybrid)
Devi
ce
config
ura
tio
n Inventory mobile devices that access corporate applications ● ● ● ●
Remote factory reset (full device wipe) ● ● ● ●
Mobile device configuration settings (PIN length, PIN required, lock time, etc.) ● ● ● ●
Self-service password reset (Office 365 cloud only users) ● ● ● ●
Off
ice 3
65
Provides reporting on devices that do not meet IT policy ● ● ●
Group-based policies and reporting (ability to use groups for targeted device configuration) ● ● ●
Root and jailbreak detection ● ● ●Remove Office 365 app data from mobile devices while leaving personal data and apps intact (selective
wipe) ● ● ●
Prevent access to corporate email and documents based upon device enrollment and compliance
policies ● ● ●
Pre
miu
m
m
ob
ile d
evi
ce &
ap
p m
anag
em
ent
Self-service Company Portal for users to enroll their own devices and install corporate apps ● ●
App deployment (Windows Phone, iOS, Android) ● ●
Deploy certificates, VPN profiles (including app-specific profiles), email profiles, and Wi-Fi profiles ● ●Prevent cut/copy/paste/save as of data from corporate apps to personal apps (mobile application
management) ● ●
Secure content viewing via Managed Browser, PDF Viewer, Image Viewer, and AV Player apps for Intune ● ●
Remote device lock via self-service Company Portal and via admin console ● ●
PC
m
anag
em
ent
Client PC management (e.g. Windows 8.1, inventory, antimalware, patch, policies, etc.) ● ●
PC software management ● ●Comprehensive PC management (e.g. Group Policy, login scripts, BitLocker management, virtual desktop
and power management, custom reporting, etc.) ●
Windows Server/Linux/UNIX/Mac OS X support ●
OS deployment and imaging ●
© 2018 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutionsMDM for Office 365
User
Policy EnforcementSelective Wipe
© 2017 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutionsRights Management Services (RMS)
Data protection at rest
Data protection at rest
Data protection at rest
Data Protection in motion Data Protection in motion
Information can be protected with RMS at rest or in motion
Data protection at rest
© 2018 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutionsWhiteboard
© 2018 Peters & Associates, Inc. All rights reserved.
O365 – E5 Features / Security
+EMS E5
Azure AD Basic:
• Single sign-on (SSO) for O365
• Basic multi-factor authentication (MFA) for O365
• SSO for Cloud Apps
MDM for O365
• Device settings management
• Selective wipe
• Built into O365 management console
RMS for O365
• Protection for content stored in Office (on-premises or O365)
• Access to RMS SDK
Activity Logs
Azure Active Directory P2
• Risk based conditional access
• Identity Protection Portal
Identity and access management
Azure Active Directory P1
• Single sign-on (SSO) for all apps
• Conditional MFA, Password Self Service, Dynamic Groups
Cloud App Security - ALL
• Visibility and control for all cloud apps
Identity-driven security
Advanced Threat Analytics
• Identify advanced threats in on premises identities
Azure Information Protection Plan 2
• Automated intelligent classification and labeling of data + AIP Scanner
Information protection
Managed mobile productivity
Intune
• App management (MAM)
• Device management (MDM)
• PC management
Azure Information Protection Plan 1
• Tracking and notifications for shared documents
Office 365 ATP – email links, attachments, phishing
Skype/Teams Extension
• Voice
• Conferencing
Power BI
Advanced eDiscovery–search
Compliance
• Customer Lockbox, Customer Key, Privileged Access
Cloud App Security - O365
Portal with anomalous activity
+EMS E3
Features: Office ProPlus, Exchange (eDiscovery, DLP), Skype/Teams, SharePoint, Office Online, OneDrive, Video, Yammer, Delve, MyAnalytics, Planner, Stream, Flow, StaffHub, and more…
© 2018 Peters & Associates, Inc. All rights reserved.
Anti-Malware:• SafeLinks
• SafeAttachments
Anti-Phishing:• Anti-Impersonation - Personal
• Anti-Impersonation - Domain
4) ATP IT SecuritySolutions
Safe
Exchange Online Protection
Links
RecipientSafe Links rewrite
Unsafe
Attachment
Safe Attachments detonation chamber (sandbox)
Sender
© 2018 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutionsTechnology - Limit Impersonators! IT SecuritySolutions
© 2018 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutionsWhiteboard
© 2016 Peters & Associates, Inc. All rights reserved.
Overall Posture
Recommendations
One-time Enable Advanced Security Management Console
One-time Enable MFA for all global admins
One-time Enable mailbox auditing for all users
Weekly Review signs-ins after multiple failures reports
Weekly Review sign-ins from unknown sources report
Weekly Review signs-ins from multiple geographies report
Weekly Review role changes
Weekly Review mailbox forwarding rules
Weekly Review mailbox access by non-owners report
Weekly Review malware detections report
Weekly Review sign-in devices report
Weekly O365 Security Check
❑ Mailbox Auditing❑ Inbox Forwarding❑ Mailbox Retention
❑ Office 365 Domains❑ Office 365 Settings❑ MFA Phone Numbers
❑ Foreign Mailbox Logons❑ Old / Unused Mailboxes❑ Roles assigned
© 2016 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutions
Compliance Walk-Thru
https://ServiceTrust.Microsoft.com
© 2018 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutions
Offers:
https://www.peters.com/phishing-test-free-trial/
https://www.peters.com/security-audit-free-trial/
© 2018 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutions
Reminder – Free XBOX Raffle
http://www.peters.com/events http://www.peters.com/blog/
Events, Webinars & Blogs
© 2015 Peters & Associates, Inc. All rights reserved.© 2018 Peters & Associates, Inc. All rights reserved.
To ask questions, either:
1) Take phone off mute, ask.
2) Type question in IM Window
1801 S. Meyers Road, Suite 120Oakbrook Terrace, IL 60181
(630) 832-0075
Thank you!
© 2018 Peters & Associates, Inc. All rights reserved.
Bruce Ward