SlideShare una empresa de Scribd logo

Reducing the Chance of an Office 365 Security Breach

Quest
Quest

Office 365 includes some security features, however those may not be enough. Join Orin Thomas and Quest's Todd Mera as they discuss what you can do to reduce the risk of an Office 365 security breach.

Tecnología
1 de 26
Descargar para leer sin conexión
Reducing the Chance of an Office 365 Security Breach Orin Thomas @orinthomas orin@windowsitpro.com
In This Session … • Responsibilities • Threats • Hybrid AD security risks • Backup and recovery • Policy enforcement • Auditing • Overcoming breach • Improving security
What Your Responsibility Is • Even when you move files off premises into the cloud, it doesn’t mean that Microsoft is responsible for everything to do with those files – You need to back them up – You need to ensure that only appropriate people have access to those files
What Your Responsibility Is • It’s very important to understand what Office 365 is responsible for and can do and what it cannot do: – Can’t stop users getting phishing email – Can’t stop ransomware – Can’t stop malicious insiders
Threats • External Threats – Ransomware – Compromise – Exfiltration • Internal Threats – Malicious insiders – Rogue administrators
Hybrid AD Security Risks • Compromised on-premises account gives access to O365 data • Poor on-premises account management practices lead to access to Office 365
Backup and Recovery • Data stored in Office 365 must be backed up in case it is deleted or becomes corrupted • Settings need to be regularly exported so that they can be restored if unauthorized or ill-informed changes are made • What steps would you need to take to recover if your O365 sub was deleted tomorrow?
Policy Enforcement Allow you to control how things happen in deployment through policy • DLP policies • Supervisory review policies • Device security policies
Auditing • To know what happened, you need to have records • Audit data recording • Enable mailbox auditing • Review audit data
Overcoming Breach • Determine source of breach • Remediate cause of breach • Improve security practices – Enable MFA for users – Remove Global Admin rights from multiple users
Reducing the Chance of a Breach • SecureScore.Office.Com • Enable MFA for all users • Enable audit data recording • Review sign-ins after multiple failures report on a weekly basis • Review sign-ins from unknown geographies report weekly • Review role changes weekly • Enable IRM services • Audit user data • Review mailbox forwarding rules weekly • Review malware detection report weekly • Review account provisioning activity report weekly
Summary … • Responsibilities • Threats • Hybrid AD security risks • Backup and recovery • Policy enforcement • Auditing • Overcoming breach • Improving security
Quest Hybrid Active Directory Security Todd Mera, Systems Consultant todd.mera@quest.com
Confidential14 Confidential14 • Office 365 requires an Azure AD instance • Azure AD provides the Directory Service for Office 365 applications • Azure AD integrates with On- premise AD creating a Hybrid Directory environment Hybrid Environment: Azure Active Directory (AAD)
So, what’s the problem?
1. Attacker targets workstations en masse 2. User running as local admin is compromised, attacker harvests credentials 3. Attacker uses credentials for lateral movement or privilege escalation 4. Attacker acquires domain admin credentials 5. Attacker exercises full control of data and systems in the environment
Hybrid Active Directory Security
Confidential18 Confidential18 Know Your Users • Who are your users? • What can they do? • What are they doing? • Do they have the right access? Hybrid Active Directory Security
Who Are They And What Can They Do? Privileged Accounts, do you know who they are? Helpdesk User Accounts Service Accounts Admin Accounts
What Are They Doing? It’s 9pm, do you know what your Privileged Accounts are up to? • Auditing - Detect and Alert
Is Access to Resource Appropriate? Can you tell how long a user has been with the company by how many groups they belong to? Application / Data Owners Create Users/Groups Create Groups Reset Pwrds, Unlock Accounts Computers Domain Controllers APAC EMEA North America AD Architect New York Mexico City Sr. Administrator OU Admins / Help Desk Create OUs Create Objects Join Computers Access Management Assign Assistants Exchange Admins Create/Remove Mailboxes Move Mailbox Update Addresses AD / AD LDS Cross-platformUpdate personal Information Update Phone # User Profile Editor Applications User Profile Editor Day-to-Day Admin App/Data Owners Mailbox Admin Service Desk Databases Directories Platforms
GPOs – The Good: Powerful, The Bad: Powerful Change Management and Security • Version comparisons Side-by-side GPO version comparisons at various intervals. • Protected settings policies Define a list of GPO settings with predetermined values that must exist and cannot be modified.
GPOs – The Good: Powerful, The Bad: Powerful Change Management and Security • Support change management best practices and • Enable effective approval processes
Recovery Manager for Active Directory Forest Edition Recover Quickly When Things Go Wrong
Confidential25 Quest Hybrid Active Directory Security Solution Continually assess Detect and alert Remediate and mitigate Investigate and recover Active Directory Unified AD Fine-Grained Provisioning UNIX Servers SP2K PROD AZUREAD O365 INDIA ASIAPAC EMEA US Aqusiition AD. SAAS Apps. Exchange SQL File Servers On Prem. Apps AAD Connect
Thank you! Watch the On-demand: http://ow.ly/YzDn30b47u5

Recomendados

Office 365 Security, Privacy and Compliance - SMB Nation 2015
Office 365 Security, Privacy and Compliance - SMB Nation 2015Office 365 Security, Privacy and Compliance - SMB Nation 2015
Office 365 Security, Privacy and Compliance - SMB Nation 2015Robert Crane
 
Intro to Office 365 Security & Compliance Center
Intro to Office 365 Security & Compliance CenterIntro to Office 365 Security & Compliance Center
Intro to Office 365 Security & Compliance CenterCraig Jahnke
 
Office 365 Saturday - Office 365 Security Best Practices
Office 365 Saturday - Office 365 Security Best PracticesOffice 365 Saturday - Office 365 Security Best Practices
Office 365 Saturday - Office 365 Security Best PracticesBenoit HAMET
 
SharePoint Saturday Cambridge: Security & compliance
SharePoint Saturday Cambridge: Security & complianceSharePoint Saturday Cambridge: Security & compliance
SharePoint Saturday Cambridge: Security & complianceAlbert Hoitingh
 
Microsoft 365 Security and Compliance
Microsoft 365 Security and ComplianceMicrosoft 365 Security and Compliance
Microsoft 365 Security and ComplianceDavid J Rosenthal
 
Microsoft 365 Compliance
Microsoft 365 ComplianceMicrosoft 365 Compliance
Microsoft 365 ComplianceDavid J Rosenthal
 
Security and compliance in Office 365 -Part 1
Security and compliance in Office 365 -Part 1Security and compliance in Office 365 -Part 1
Security and compliance in Office 365 -Part 1Vignesh Ganesan I Microsoft MVP
 
2020-03-05 Secure IT day 2020 Abalon - comment protéger votre environnement ...
2020-03-05 Secure IT day 2020 Abalon - comment protéger votre environnement ...2020-03-05 Secure IT day 2020 Abalon - comment protéger votre environnement ...
2020-03-05 Secure IT day 2020 Abalon - comment protéger votre environnement ...Patrick Guimonet
 

Recomendados

Office 365 Security, Privacy and Compliance - SMB Nation 2015
Office 365 Security, Privacy and Compliance - SMB Nation 2015Office 365 Security, Privacy and Compliance - SMB Nation 2015
Office 365 Security, Privacy and Compliance - SMB Nation 2015Robert Crane
 
Intro to Office 365 Security & Compliance Center
Intro to Office 365 Security & Compliance CenterIntro to Office 365 Security & Compliance Center
Intro to Office 365 Security & Compliance CenterCraig Jahnke
 
Office 365 Saturday - Office 365 Security Best Practices
Office 365 Saturday - Office 365 Security Best PracticesOffice 365 Saturday - Office 365 Security Best Practices
Office 365 Saturday - Office 365 Security Best PracticesBenoit HAMET
 
SharePoint Saturday Cambridge: Security & compliance
SharePoint Saturday Cambridge: Security & complianceSharePoint Saturday Cambridge: Security & compliance
SharePoint Saturday Cambridge: Security & complianceAlbert Hoitingh
 
Microsoft 365 Security and Compliance
Microsoft 365 Security and ComplianceMicrosoft 365 Security and Compliance
Microsoft 365 Security and ComplianceDavid J Rosenthal
 
Microsoft 365 Compliance
Microsoft 365 ComplianceMicrosoft 365 Compliance
Microsoft 365 ComplianceDavid J Rosenthal
 
Security and compliance in Office 365 -Part 1
Security and compliance in Office 365 -Part 1Security and compliance in Office 365 -Part 1
Security and compliance in Office 365 -Part 1Vignesh Ganesan I Microsoft MVP
 
2020-03-05 Secure IT day 2020 Abalon - comment protéger votre environnement ...
2020-03-05 Secure IT day 2020 Abalon - comment protéger votre environnement ...2020-03-05 Secure IT day 2020 Abalon - comment protéger votre environnement ...
2020-03-05 Secure IT day 2020 Abalon - comment protéger votre environnement ...Patrick Guimonet
 
Softchoice - Microsoft Office 365 - Discussing legal concerns and informatio...
Softchoice - Microsoft Office 365 - Discussing legal concerns and informatio...Softchoice - Microsoft Office 365 - Discussing legal concerns and informatio...
Softchoice - Microsoft Office 365 - Discussing legal concerns and informatio...Softchoice Corporation
 
Understanding Security and Compliance in Microsoft Teams - M365 Saturday Pune...
Understanding Security and Compliance in Microsoft Teams - M365 Saturday Pune...Understanding Security and Compliance in Microsoft Teams - M365 Saturday Pune...
Understanding Security and Compliance in Microsoft Teams - M365 Saturday Pune...Chirag Patel
 
Overview of Microsoft Teams and Data Loss Prevention(DLP)
Overview of Microsoft Teams and Data Loss Prevention(DLP)Overview of Microsoft Teams and Data Loss Prevention(DLP)
Overview of Microsoft Teams and Data Loss Prevention(DLP)Radhakrishnan Govindan
 
Azure saturday 2017 - Protecting cloud identities using ems
Azure saturday 2017 - Protecting cloud identities using emsAzure saturday 2017 - Protecting cloud identities using ems
Azure saturday 2017 - Protecting cloud identities using emsRonni Pedersen
 
Mct summit 2021
Mct summit 2021Mct summit 2021
Mct summit 2021Kushantha Gunawardana
 
Opportunity to Peek: A Longitudinal Investigation of Unauthorized Access Atte...
Opportunity to Peek: A Longitudinal Investigation of Unauthorized Access Atte...Opportunity to Peek: A Longitudinal Investigation of Unauthorized Access Atte...
Opportunity to Peek: A Longitudinal Investigation of Unauthorized Access Atte...Lerner College of Business and Economics, University of Delaware
 
Atelier Technique - Symantec - #ACSS2019
Atelier Technique - Symantec - #ACSS2019Atelier Technique - Symantec - #ACSS2019
Atelier Technique - Symantec - #ACSS2019African Cyber Security Summit
 
Driving the successful adoption of Microsoft Office 365
Driving the successful adoption of Microsoft Office 365Driving the successful adoption of Microsoft Office 365
Driving the successful adoption of Microsoft Office 365Forcepoint LLC
 
3 Modern Security - Secure identities to reach zero trust with AAD
3 Modern Security - Secure identities to reach zero trust with AAD3 Modern Security - Secure identities to reach zero trust with AAD
3 Modern Security - Secure identities to reach zero trust with AADAndrew Bettany
 
Softchoice & Microsoft: Public Cloud Security Webinar
Softchoice & Microsoft: Public Cloud Security WebinarSoftchoice & Microsoft: Public Cloud Security Webinar
Softchoice & Microsoft: Public Cloud Security WebinarSoftchoice Corporation
 
Windows 10 Enterprise E3 - Best in Class Security and Control - Presented by ...
Windows 10 Enterprise E3 - Best in Class Security and Control - Presented by ...Windows 10 Enterprise E3 - Best in Class Security and Control - Presented by ...
Windows 10 Enterprise E3 - Best in Class Security and Control - Presented by ...David J Rosenthal
 
Office365 security in depth
Office365 security in depthOffice365 security in depth
Office365 security in depthAlberto Pascual
 
Get Ahead of Cyber Attacks with Microsoft Enterprise Mobility + Security
Get Ahead of Cyber Attacks with Microsoft Enterprise Mobility + SecurityGet Ahead of Cyber Attacks with Microsoft Enterprise Mobility + Security
Get Ahead of Cyber Attacks with Microsoft Enterprise Mobility + SecurityDavid J Rosenthal
 
Global Azure Bootcamp 216 - Azure Rights Management
Global Azure Bootcamp 216 - Azure Rights ManagementGlobal Azure Bootcamp 216 - Azure Rights Management
Global Azure Bootcamp 216 - Azure Rights ManagementRiwut Libinuko
 
Zero-compromise IDaaS: Achieve Both Security and Workforce Productivity
Zero-compromise IDaaS: Achieve Both Security and Workforce ProductivityZero-compromise IDaaS: Achieve Both Security and Workforce Productivity
Zero-compromise IDaaS: Achieve Both Security and Workforce ProductivityOneLogin
 
Microsoft Azure Rights Management
Microsoft Azure Rights ManagementMicrosoft Azure Rights Management
Microsoft Azure Rights ManagementDavid J Rosenthal
 
Solving the security & compliance puzzle for Office 365 and Microsoft 365
Solving the security & compliance puzzle for Office 365 and Microsoft 365Solving the security & compliance puzzle for Office 365 and Microsoft 365
Solving the security & compliance puzzle for Office 365 and Microsoft 365Albert Hoitingh
 
Secure Productive Enterprise from Microsoft and Atidan
Secure Productive Enterprise from Microsoft and AtidanSecure Productive Enterprise from Microsoft and Atidan
Secure Productive Enterprise from Microsoft and AtidanDavid J Rosenthal
 
Securing Sensitive Data in Your Hybrid Cloud
Securing Sensitive Data in Your Hybrid CloudSecuring Sensitive Data in Your Hybrid Cloud
Securing Sensitive Data in Your Hybrid CloudRightScale
 
Power Saturday 2019 E1 - Office 365 security
Power Saturday 2019 E1 - Office 365 securityPower Saturday 2019 E1 - Office 365 security
Power Saturday 2019 E1 - Office 365 securityPowerSaturdayParis
 
Mitigating Risk in a Complex Hybrid Directory Environment
Mitigating Risk in a Complex Hybrid Directory EnvironmentMitigating Risk in a Complex Hybrid Directory Environment
Mitigating Risk in a Complex Hybrid Directory EnvironmentQuest
 
Identifying Hybrid AD Security Risks with Continuous Assessment
Identifying Hybrid AD Security Risks with Continuous Assessment Identifying Hybrid AD Security Risks with Continuous Assessment
Identifying Hybrid AD Security Risks with Continuous Assessment Quest
 

Más contenido relacionado

La actualidad más candente

Softchoice - Microsoft Office 365 - Discussing legal concerns and informatio...
Softchoice - Microsoft Office 365 - Discussing legal concerns and informatio...Softchoice - Microsoft Office 365 - Discussing legal concerns and informatio...
Softchoice - Microsoft Office 365 - Discussing legal concerns and informatio...Softchoice Corporation
 
Understanding Security and Compliance in Microsoft Teams - M365 Saturday Pune...
Understanding Security and Compliance in Microsoft Teams - M365 Saturday Pune...Understanding Security and Compliance in Microsoft Teams - M365 Saturday Pune...
Understanding Security and Compliance in Microsoft Teams - M365 Saturday Pune...Chirag Patel
 
Overview of Microsoft Teams and Data Loss Prevention(DLP)
Overview of Microsoft Teams and Data Loss Prevention(DLP)Overview of Microsoft Teams and Data Loss Prevention(DLP)
Overview of Microsoft Teams and Data Loss Prevention(DLP)Radhakrishnan Govindan
 
Azure saturday 2017 - Protecting cloud identities using ems
Azure saturday 2017 - Protecting cloud identities using emsAzure saturday 2017 - Protecting cloud identities using ems
Azure saturday 2017 - Protecting cloud identities using emsRonni Pedersen
 
Driving the successful adoption of Microsoft Office 365
Driving the successful adoption of Microsoft Office 365Driving the successful adoption of Microsoft Office 365
Driving the successful adoption of Microsoft Office 365Forcepoint LLC
 
3 Modern Security - Secure identities to reach zero trust with AAD
3 Modern Security - Secure identities to reach zero trust with AAD3 Modern Security - Secure identities to reach zero trust with AAD
3 Modern Security - Secure identities to reach zero trust with AADAndrew Bettany
 
Softchoice & Microsoft: Public Cloud Security Webinar
Softchoice & Microsoft: Public Cloud Security WebinarSoftchoice & Microsoft: Public Cloud Security Webinar
Softchoice & Microsoft: Public Cloud Security WebinarSoftchoice Corporation
 
Windows 10 Enterprise E3 - Best in Class Security and Control - Presented by ...
Windows 10 Enterprise E3 - Best in Class Security and Control - Presented by ...Windows 10 Enterprise E3 - Best in Class Security and Control - Presented by ...
Windows 10 Enterprise E3 - Best in Class Security and Control - Presented by ...David J Rosenthal
 
Office365 security in depth
Office365 security in depthOffice365 security in depth
Office365 security in depthAlberto Pascual
 
Get Ahead of Cyber Attacks with Microsoft Enterprise Mobility + Security
Get Ahead of Cyber Attacks with Microsoft Enterprise Mobility + SecurityGet Ahead of Cyber Attacks with Microsoft Enterprise Mobility + Security
Get Ahead of Cyber Attacks with Microsoft Enterprise Mobility + SecurityDavid J Rosenthal
 
Global Azure Bootcamp 216 - Azure Rights Management
Global Azure Bootcamp 216 - Azure Rights ManagementGlobal Azure Bootcamp 216 - Azure Rights Management
Global Azure Bootcamp 216 - Azure Rights ManagementRiwut Libinuko
 
Zero-compromise IDaaS: Achieve Both Security and Workforce Productivity
Zero-compromise IDaaS: Achieve Both Security and Workforce ProductivityZero-compromise IDaaS: Achieve Both Security and Workforce Productivity
Zero-compromise IDaaS: Achieve Both Security and Workforce ProductivityOneLogin
 
Microsoft Azure Rights Management
Microsoft Azure Rights ManagementMicrosoft Azure Rights Management
Microsoft Azure Rights ManagementDavid J Rosenthal
 
Solving the security & compliance puzzle for Office 365 and Microsoft 365
Solving the security & compliance puzzle for Office 365 and Microsoft 365Solving the security & compliance puzzle for Office 365 and Microsoft 365
Solving the security & compliance puzzle for Office 365 and Microsoft 365Albert Hoitingh
 
Secure Productive Enterprise from Microsoft and Atidan
Secure Productive Enterprise from Microsoft and AtidanSecure Productive Enterprise from Microsoft and Atidan
Secure Productive Enterprise from Microsoft and AtidanDavid J Rosenthal
 
Securing Sensitive Data in Your Hybrid Cloud
Securing Sensitive Data in Your Hybrid CloudSecuring Sensitive Data in Your Hybrid Cloud
Securing Sensitive Data in Your Hybrid CloudRightScale
 
Power Saturday 2019 E1 - Office 365 security
Power Saturday 2019 E1 - Office 365 securityPower Saturday 2019 E1 - Office 365 security
Power Saturday 2019 E1 - Office 365 securityPowerSaturdayParis
 

La actualidad más candente (20)

Softchoice - Microsoft Office 365 - Discussing legal concerns and informatio...
Softchoice - Microsoft Office 365 - Discussing legal concerns and informatio...Softchoice - Microsoft Office 365 - Discussing legal concerns and informatio...
Softchoice - Microsoft Office 365 - Discussing legal concerns and informatio...
 
Understanding Security and Compliance in Microsoft Teams - M365 Saturday Pune...
Understanding Security and Compliance in Microsoft Teams - M365 Saturday Pune...Understanding Security and Compliance in Microsoft Teams - M365 Saturday Pune...
Understanding Security and Compliance in Microsoft Teams - M365 Saturday Pune...
 
Overview of Microsoft Teams and Data Loss Prevention(DLP)
Overview of Microsoft Teams and Data Loss Prevention(DLP)Overview of Microsoft Teams and Data Loss Prevention(DLP)
Overview of Microsoft Teams and Data Loss Prevention(DLP)
 
Azure saturday 2017 - Protecting cloud identities using ems
Azure saturday 2017 - Protecting cloud identities using emsAzure saturday 2017 - Protecting cloud identities using ems
Azure saturday 2017 - Protecting cloud identities using ems
 
Mct summit 2021
Mct summit 2021Mct summit 2021
Mct summit 2021
 
Opportunity to Peek: A Longitudinal Investigation of Unauthorized Access Atte...
Opportunity to Peek: A Longitudinal Investigation of Unauthorized Access Atte...Opportunity to Peek: A Longitudinal Investigation of Unauthorized Access Atte...
Opportunity to Peek: A Longitudinal Investigation of Unauthorized Access Atte...
 
Atelier Technique - Symantec - #ACSS2019
Atelier Technique - Symantec - #ACSS2019Atelier Technique - Symantec - #ACSS2019
Atelier Technique - Symantec - #ACSS2019
 
Driving the successful adoption of Microsoft Office 365
Driving the successful adoption of Microsoft Office 365Driving the successful adoption of Microsoft Office 365
Driving the successful adoption of Microsoft Office 365
 
3 Modern Security - Secure identities to reach zero trust with AAD
3 Modern Security - Secure identities to reach zero trust with AAD3 Modern Security - Secure identities to reach zero trust with AAD
3 Modern Security - Secure identities to reach zero trust with AAD
 
Softchoice & Microsoft: Public Cloud Security Webinar
Softchoice & Microsoft: Public Cloud Security WebinarSoftchoice & Microsoft: Public Cloud Security Webinar
Softchoice & Microsoft: Public Cloud Security Webinar
 
Windows 10 Enterprise E3 - Best in Class Security and Control - Presented by ...
Windows 10 Enterprise E3 - Best in Class Security and Control - Presented by ...Windows 10 Enterprise E3 - Best in Class Security and Control - Presented by ...
Windows 10 Enterprise E3 - Best in Class Security and Control - Presented by ...
 
Office365 security in depth
Office365 security in depthOffice365 security in depth
Office365 security in depth
 
Get Ahead of Cyber Attacks with Microsoft Enterprise Mobility + Security
Get Ahead of Cyber Attacks with Microsoft Enterprise Mobility + SecurityGet Ahead of Cyber Attacks with Microsoft Enterprise Mobility + Security
Get Ahead of Cyber Attacks with Microsoft Enterprise Mobility + Security
 
Global Azure Bootcamp 216 - Azure Rights Management
Global Azure Bootcamp 216 - Azure Rights ManagementGlobal Azure Bootcamp 216 - Azure Rights Management
Global Azure Bootcamp 216 - Azure Rights Management
 
Zero-compromise IDaaS: Achieve Both Security and Workforce Productivity
Zero-compromise IDaaS: Achieve Both Security and Workforce ProductivityZero-compromise IDaaS: Achieve Both Security and Workforce Productivity
Zero-compromise IDaaS: Achieve Both Security and Workforce Productivity
 
Microsoft Azure Rights Management
Microsoft Azure Rights ManagementMicrosoft Azure Rights Management
Microsoft Azure Rights Management
 
Solving the security & compliance puzzle for Office 365 and Microsoft 365
Solving the security & compliance puzzle for Office 365 and Microsoft 365Solving the security & compliance puzzle for Office 365 and Microsoft 365
Solving the security & compliance puzzle for Office 365 and Microsoft 365
 
Secure Productive Enterprise from Microsoft and Atidan
Secure Productive Enterprise from Microsoft and AtidanSecure Productive Enterprise from Microsoft and Atidan
Secure Productive Enterprise from Microsoft and Atidan
 
Securing Sensitive Data in Your Hybrid Cloud
Securing Sensitive Data in Your Hybrid CloudSecuring Sensitive Data in Your Hybrid Cloud
Securing Sensitive Data in Your Hybrid Cloud
 
Power Saturday 2019 E1 - Office 365 security
Power Saturday 2019 E1 - Office 365 securityPower Saturday 2019 E1 - Office 365 security
Power Saturday 2019 E1 - Office 365 security
 

Similar a Reducing the Chance of an Office 365 Security Breach

Mitigating Risk in a Complex Hybrid Directory Environment
Mitigating Risk in a Complex Hybrid Directory EnvironmentMitigating Risk in a Complex Hybrid Directory Environment
Mitigating Risk in a Complex Hybrid Directory EnvironmentQuest
 
Identifying Hybrid AD Security Risks with Continuous Assessment
Identifying Hybrid AD Security Risks with Continuous Assessment Identifying Hybrid AD Security Risks with Continuous Assessment
Identifying Hybrid AD Security Risks with Continuous Assessment Quest
 
How to Secure Access Control in Office 365 Environments
How to Secure Access Control in Office 365 EnvironmentsHow to Secure Access Control in Office 365 Environments
How to Secure Access Control in Office 365 EnvironmentsQuest
 
TACOM 2014: Back To Basics
TACOM 2014: Back To BasicsTACOM 2014: Back To Basics
TACOM 2014: Back To BasicsJoel Cardella
 
A Study in Borderless Over Perimeter
A Study in Borderless Over PerimeterA Study in Borderless Over Perimeter
A Study in Borderless Over PerimeterForgeRock
 
Dell and Deloitte: Managing Risk in the Cloud with Salesforce
Dell and Deloitte: Managing Risk in the Cloud with SalesforceDell and Deloitte: Managing Risk in the Cloud with Salesforce
Dell and Deloitte: Managing Risk in the Cloud with SalesforceDreamforce
 
Deep dive into Microsoft Purview Data Loss Prevention
Deep dive into Microsoft Purview Data Loss PreventionDeep dive into Microsoft Purview Data Loss Prevention
Deep dive into Microsoft Purview Data Loss PreventionDrew Madelung
 
Webinar Metalogix "Auf der Zielgeraden zur DSGVO!"
Webinar Metalogix "Auf der Zielgeraden zur DSGVO!"Webinar Metalogix "Auf der Zielgeraden zur DSGVO!"
Webinar Metalogix "Auf der Zielgeraden zur DSGVO!"Ragnar Heil
 
Identity and Security in the Cloud
Identity and Security in the CloudIdentity and Security in the Cloud
Identity and Security in the CloudRichard Diver
 
Top Five Security Must-Haves for Office 365
Top Five Security Must-Haves for Office 365Top Five Security Must-Haves for Office 365
Top Five Security Must-Haves for Office 365Imperva
 
Learning about Security and Compliance in Office 365
Learning about Security and Compliance in Office 365Learning about Security and Compliance in Office 365
Learning about Security and Compliance in Office 365Aptera Inc
 
Security in an age of collaboration 201903 - tvaug
Security in an age of collaboration 201903 - tvaugSecurity in an age of collaboration 201903 - tvaug
Security in an age of collaboration 201903 - tvaugAlan Eardley
 
Protect your Database with Data Masking & Enforced Version Control
Protect your Database with Data Masking & Enforced Version Control Protect your Database with Data Masking & Enforced Version Control
Protect your Database with Data Masking & Enforced Version Control DBmaestro - Database DevOps
 
Breakdown of Microsoft Purview Solutions
Breakdown of Microsoft Purview SolutionsBreakdown of Microsoft Purview Solutions
Breakdown of Microsoft Purview SolutionsDrew Madelung
 
Community IT Innovators - IT Security Best Practices
Community IT Innovators - IT Security Best PracticesCommunity IT Innovators - IT Security Best Practices
Community IT Innovators - IT Security Best PracticesCommunity IT Innovators
 
Security, Administration & Governance for SharePoint On-Prem, Online, & Every...
Security, Administration & Governance for SharePoint On-Prem, Online, & Every...Security, Administration & Governance for SharePoint On-Prem, Online, & Every...
Security, Administration & Governance for SharePoint On-Prem, Online, & Every...Christian Buckley
 

Similar a Reducing the Chance of an Office 365 Security Breach (20)

Mitigating Risk in a Complex Hybrid Directory Environment
Mitigating Risk in a Complex Hybrid Directory EnvironmentMitigating Risk in a Complex Hybrid Directory Environment
Mitigating Risk in a Complex Hybrid Directory Environment
 
Identifying Hybrid AD Security Risks with Continuous Assessment
Identifying Hybrid AD Security Risks with Continuous Assessment Identifying Hybrid AD Security Risks with Continuous Assessment
Identifying Hybrid AD Security Risks with Continuous Assessment
 
Data Leakage Prevention
Data Leakage PreventionData Leakage Prevention
Data Leakage Prevention
 
How to Secure Access Control in Office 365 Environments
How to Secure Access Control in Office 365 EnvironmentsHow to Secure Access Control in Office 365 Environments
How to Secure Access Control in Office 365 Environments
 
SmartERP PeopleSoft Security
SmartERP PeopleSoft Security SmartERP PeopleSoft Security
SmartERP PeopleSoft Security
 
TACOM 2014: Back To Basics
TACOM 2014: Back To BasicsTACOM 2014: Back To Basics
TACOM 2014: Back To Basics
 
A Study in Borderless Over Perimeter
A Study in Borderless Over PerimeterA Study in Borderless Over Perimeter
A Study in Borderless Over Perimeter
 
Dell and Deloitte: Managing Risk in the Cloud with Salesforce
Dell and Deloitte: Managing Risk in the Cloud with SalesforceDell and Deloitte: Managing Risk in the Cloud with Salesforce
Dell and Deloitte: Managing Risk in the Cloud with Salesforce
 
Deep dive into Microsoft Purview Data Loss Prevention
Deep dive into Microsoft Purview Data Loss PreventionDeep dive into Microsoft Purview Data Loss Prevention
Deep dive into Microsoft Purview Data Loss Prevention
 
Webinar Metalogix "Auf der Zielgeraden zur DSGVO!"
Webinar Metalogix "Auf der Zielgeraden zur DSGVO!"Webinar Metalogix "Auf der Zielgeraden zur DSGVO!"
Webinar Metalogix "Auf der Zielgeraden zur DSGVO!"
 
Identity and Security in the Cloud
Identity and Security in the CloudIdentity and Security in the Cloud
Identity and Security in the Cloud
 
Top Five Security Must-Haves for Office 365
Top Five Security Must-Haves for Office 365Top Five Security Must-Haves for Office 365
Top Five Security Must-Haves for Office 365
 
Learning about Security and Compliance in Office 365
Learning about Security and Compliance in Office 365Learning about Security and Compliance in Office 365
Learning about Security and Compliance in Office 365
 
Security in an age of collaboration 201903 - tvaug
Security in an age of collaboration 201903 - tvaugSecurity in an age of collaboration 201903 - tvaug
Security in an age of collaboration 201903 - tvaug
 
Protect your Database with Data Masking & Enforced Version Control
Protect your Database with Data Masking & Enforced Version Control Protect your Database with Data Masking & Enforced Version Control
Protect your Database with Data Masking & Enforced Version Control
 
Harsha CV
Harsha CVHarsha CV
Harsha CV
 
Breakdown of Microsoft Purview Solutions
Breakdown of Microsoft Purview SolutionsBreakdown of Microsoft Purview Solutions
Breakdown of Microsoft Purview Solutions
 
Community IT Innovators - IT Security Best Practices
Community IT Innovators - IT Security Best PracticesCommunity IT Innovators - IT Security Best Practices
Community IT Innovators - IT Security Best Practices
 
SPS Toronto 2015
SPS Toronto 2015SPS Toronto 2015
SPS Toronto 2015
 
Security, Administration & Governance for SharePoint On-Prem, Online, & Every...
Security, Administration & Governance for SharePoint On-Prem, Online, & Every...Security, Administration & Governance for SharePoint On-Prem, Online, & Every...
Security, Administration & Governance for SharePoint On-Prem, Online, & Every...
 

Más de Quest

DBA vs Deadlock: How to Out-Index a Deadly Blocking Scenario
DBA vs Deadlock: How to Out-Index a Deadly Blocking ScenarioDBA vs Deadlock: How to Out-Index a Deadly Blocking Scenario
DBA vs Deadlock: How to Out-Index a Deadly Blocking ScenarioQuest
 
Got Open Source?
Got Open Source?Got Open Source?
Got Open Source?Quest
 
SQL Server 2017 Enhancements You Need To Know
SQL Server 2017 Enhancements You Need To KnowSQL Server 2017 Enhancements You Need To Know
SQL Server 2017 Enhancements You Need To KnowQuest
 
Quest to the Cloud - Identifying the Barriers to Accelerate Office 365 Adoption
Quest to the Cloud - Identifying the Barriers to Accelerate Office 365 AdoptionQuest to the Cloud - Identifying the Barriers to Accelerate Office 365 Adoption
Quest to the Cloud - Identifying the Barriers to Accelerate Office 365 AdoptionQuest
 
Top 10 Enterprise Reporter Reports You Didn't Know You Needed
Top 10 Enterprise Reporter Reports You Didn't Know You NeededTop 10 Enterprise Reporter Reports You Didn't Know You Needed
Top 10 Enterprise Reporter Reports You Didn't Know You NeededQuest
 
Migrating to Windows 10: Starting Fast. Finishing Strong
Migrating to Windows 10: Starting Fast. Finishing StrongMigrating to Windows 10: Starting Fast. Finishing Strong
Migrating to Windows 10: Starting Fast. Finishing StrongQuest
 
The Cost of Doing Nothing: A Ransomware Backup Story
The Cost of Doing Nothing: A Ransomware Backup StoryThe Cost of Doing Nothing: A Ransomware Backup Story
The Cost of Doing Nothing: A Ransomware Backup StoryQuest
 
Ensuring Rock-Solid Unified Endpoint Management
Ensuring Rock-Solid Unified Endpoint ManagementEnsuring Rock-Solid Unified Endpoint Management
Ensuring Rock-Solid Unified Endpoint ManagementQuest
 
Effective Patch and Software Update Management
Effective Patch and Software Update ManagementEffective Patch and Software Update Management
Effective Patch and Software Update ManagementQuest
 
Predicting the Future of Endpoint Management in a Mobile World
Predicting the Future of Endpoint Management in a Mobile WorldPredicting the Future of Endpoint Management in a Mobile World
Predicting the Future of Endpoint Management in a Mobile WorldQuest
 
Investigating and Recovering from a Potential Hybrid AD Security Breach
Investigating and Recovering from a Potential Hybrid AD Security BreachInvestigating and Recovering from a Potential Hybrid AD Security Breach
Investigating and Recovering from a Potential Hybrid AD Security BreachQuest
 
Who’s Watching the Watchers? Fixing and Preventing Inappropriate Privileged A...
Who’s Watching the Watchers? Fixing and Preventing Inappropriate Privileged A...Who’s Watching the Watchers? Fixing and Preventing Inappropriate Privileged A...
Who’s Watching the Watchers? Fixing and Preventing Inappropriate Privileged A...Quest
 
Sounding the Alarm with Real-Time AD Detection and Alerting
Sounding the Alarm with Real-Time AD Detection and AlertingSounding the Alarm with Real-Time AD Detection and Alerting
Sounding the Alarm with Real-Time AD Detection and AlertingQuest
 
Office 365 Best Practices That You Are Not Thinking About
Office 365 Best Practices That You Are Not Thinking AboutOffice 365 Best Practices That You Are Not Thinking About
Office 365 Best Practices That You Are Not Thinking AboutQuest
 
How to Restructure Active Directory with ZeroIMPACT
How to Restructure Active Directory with ZeroIMPACTHow to Restructure Active Directory with ZeroIMPACT
How to Restructure Active Directory with ZeroIMPACTQuest
 
Understanding "Red Forest" - The 3-Tier ESAE and Alternative Ways to Protect ...
Understanding "Red Forest" - The 3-Tier ESAE and Alternative Ways to Protect ...Understanding "Red Forest" - The 3-Tier ESAE and Alternative Ways to Protect ...
Understanding "Red Forest" - The 3-Tier ESAE and Alternative Ways to Protect ...Quest
 
Your Biggest Systems Management Challenges – and How to Overcome Them
Your Biggest Systems Management Challenges – and How to Overcome ThemYour Biggest Systems Management Challenges – and How to Overcome Them
Your Biggest Systems Management Challenges – and How to Overcome ThemQuest
 
Top Five Office 365 Migration Headaches and How to Avoid Them
Top Five Office 365 Migration Headaches and How to Avoid ThemTop Five Office 365 Migration Headaches and How to Avoid Them
Top Five Office 365 Migration Headaches and How to Avoid ThemQuest
 
KACE Endpoint Systems Management Appliances - What’s New for 2017
KACE Endpoint Systems Management Appliances - What’s New for 2017KACE Endpoint Systems Management Appliances - What’s New for 2017
KACE Endpoint Systems Management Appliances - What’s New for 2017Quest
 
How to Restructure and Modernize Active Directory
How to Restructure and Modernize Active DirectoryHow to Restructure and Modernize Active Directory
How to Restructure and Modernize Active DirectoryQuest
 

Más de Quest (20)

DBA vs Deadlock: How to Out-Index a Deadly Blocking Scenario
DBA vs Deadlock: How to Out-Index a Deadly Blocking ScenarioDBA vs Deadlock: How to Out-Index a Deadly Blocking Scenario
DBA vs Deadlock: How to Out-Index a Deadly Blocking Scenario
 
Got Open Source?
Got Open Source?Got Open Source?
Got Open Source?
 
SQL Server 2017 Enhancements You Need To Know
SQL Server 2017 Enhancements You Need To KnowSQL Server 2017 Enhancements You Need To Know
SQL Server 2017 Enhancements You Need To Know
 
Quest to the Cloud - Identifying the Barriers to Accelerate Office 365 Adoption
Quest to the Cloud - Identifying the Barriers to Accelerate Office 365 AdoptionQuest to the Cloud - Identifying the Barriers to Accelerate Office 365 Adoption
Quest to the Cloud - Identifying the Barriers to Accelerate Office 365 Adoption
 
Top 10 Enterprise Reporter Reports You Didn't Know You Needed
Top 10 Enterprise Reporter Reports You Didn't Know You NeededTop 10 Enterprise Reporter Reports You Didn't Know You Needed
Top 10 Enterprise Reporter Reports You Didn't Know You Needed
 
Migrating to Windows 10: Starting Fast. Finishing Strong
Migrating to Windows 10: Starting Fast. Finishing StrongMigrating to Windows 10: Starting Fast. Finishing Strong
Migrating to Windows 10: Starting Fast. Finishing Strong
 
The Cost of Doing Nothing: A Ransomware Backup Story
The Cost of Doing Nothing: A Ransomware Backup StoryThe Cost of Doing Nothing: A Ransomware Backup Story
The Cost of Doing Nothing: A Ransomware Backup Story
 
Ensuring Rock-Solid Unified Endpoint Management
Ensuring Rock-Solid Unified Endpoint ManagementEnsuring Rock-Solid Unified Endpoint Management
Ensuring Rock-Solid Unified Endpoint Management
 
Effective Patch and Software Update Management
Effective Patch and Software Update ManagementEffective Patch and Software Update Management
Effective Patch and Software Update Management
 
Predicting the Future of Endpoint Management in a Mobile World
Predicting the Future of Endpoint Management in a Mobile WorldPredicting the Future of Endpoint Management in a Mobile World
Predicting the Future of Endpoint Management in a Mobile World
 
Investigating and Recovering from a Potential Hybrid AD Security Breach
Investigating and Recovering from a Potential Hybrid AD Security BreachInvestigating and Recovering from a Potential Hybrid AD Security Breach
Investigating and Recovering from a Potential Hybrid AD Security Breach
 
Who’s Watching the Watchers? Fixing and Preventing Inappropriate Privileged A...
Who’s Watching the Watchers? Fixing and Preventing Inappropriate Privileged A...Who’s Watching the Watchers? Fixing and Preventing Inappropriate Privileged A...
Who’s Watching the Watchers? Fixing and Preventing Inappropriate Privileged A...
 
Sounding the Alarm with Real-Time AD Detection and Alerting
Sounding the Alarm with Real-Time AD Detection and AlertingSounding the Alarm with Real-Time AD Detection and Alerting
Sounding the Alarm with Real-Time AD Detection and Alerting
 
Office 365 Best Practices That You Are Not Thinking About
Office 365 Best Practices That You Are Not Thinking AboutOffice 365 Best Practices That You Are Not Thinking About
Office 365 Best Practices That You Are Not Thinking About
 
How to Restructure Active Directory with ZeroIMPACT
How to Restructure Active Directory with ZeroIMPACTHow to Restructure Active Directory with ZeroIMPACT
How to Restructure Active Directory with ZeroIMPACT
 
Understanding "Red Forest" - The 3-Tier ESAE and Alternative Ways to Protect ...
Understanding "Red Forest" - The 3-Tier ESAE and Alternative Ways to Protect ...Understanding "Red Forest" - The 3-Tier ESAE and Alternative Ways to Protect ...
Understanding "Red Forest" - The 3-Tier ESAE and Alternative Ways to Protect ...
 
Your Biggest Systems Management Challenges – and How to Overcome Them
Your Biggest Systems Management Challenges – and How to Overcome ThemYour Biggest Systems Management Challenges – and How to Overcome Them
Your Biggest Systems Management Challenges – and How to Overcome Them
 
Top Five Office 365 Migration Headaches and How to Avoid Them
Top Five Office 365 Migration Headaches and How to Avoid ThemTop Five Office 365 Migration Headaches and How to Avoid Them
Top Five Office 365 Migration Headaches and How to Avoid Them
 
KACE Endpoint Systems Management Appliances - What’s New for 2017
KACE Endpoint Systems Management Appliances - What’s New for 2017KACE Endpoint Systems Management Appliances - What’s New for 2017
KACE Endpoint Systems Management Appliances - What’s New for 2017
 
How to Restructure and Modernize Active Directory
How to Restructure and Modernize Active DirectoryHow to Restructure and Modernize Active Directory
How to Restructure and Modernize Active Directory
 

Último

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 

Último (20)

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 

Reducing the Chance of an Office 365 Security Breach

  • 1. Reducing the Chance of an Office 365 Security Breach Orin Thomas @orinthomas orin@windowsitpro.com
  • 2. In This Session … • Responsibilities • Threats • Hybrid AD security risks • Backup and recovery • Policy enforcement • Auditing • Overcoming breach • Improving security
  • 3. What Your Responsibility Is • Even when you move files off premises into the cloud, it doesn’t mean that Microsoft is responsible for everything to do with those files – You need to back them up – You need to ensure that only appropriate people have access to those files
  • 4. What Your Responsibility Is • It’s very important to understand what Office 365 is responsible for and can do and what it cannot do: – Can’t stop users getting phishing email – Can’t stop ransomware – Can’t stop malicious insiders
  • 5. Threats • External Threats – Ransomware – Compromise – Exfiltration • Internal Threats – Malicious insiders – Rogue administrators
  • 6. Hybrid AD Security Risks • Compromised on-premises account gives access to O365 data • Poor on-premises account management practices lead to access to Office 365
  • 7. Backup and Recovery • Data stored in Office 365 must be backed up in case it is deleted or becomes corrupted • Settings need to be regularly exported so that they can be restored if unauthorized or ill-informed changes are made • What steps would you need to take to recover if your O365 sub was deleted tomorrow?
  • 8. Policy Enforcement Allow you to control how things happen in deployment through policy • DLP policies • Supervisory review policies • Device security policies
  • 9. Auditing • To know what happened, you need to have records • Audit data recording • Enable mailbox auditing • Review audit data
  • 10. Overcoming Breach • Determine source of breach • Remediate cause of breach • Improve security practices – Enable MFA for users – Remove Global Admin rights from multiple users
  • 11. Reducing the Chance of a Breach • SecureScore.Office.Com • Enable MFA for all users • Enable audit data recording • Review sign-ins after multiple failures report on a weekly basis • Review sign-ins from unknown geographies report weekly • Review role changes weekly • Enable IRM services • Audit user data • Review mailbox forwarding rules weekly • Review malware detection report weekly • Review account provisioning activity report weekly
  • 12. Summary … • Responsibilities • Threats • Hybrid AD security risks • Backup and recovery • Policy enforcement • Auditing • Overcoming breach • Improving security
  • 13. Quest Hybrid Active Directory Security Todd Mera, Systems Consultant todd.mera@quest.com
  • 14. Confidential14 Confidential14 • Office 365 requires an Azure AD instance • Azure AD provides the Directory Service for Office 365 applications • Azure AD integrates with On- premise AD creating a Hybrid Directory environment Hybrid Environment: Azure Active Directory (AAD)
  • 15. So, what’s the problem?
  • 16. 1. Attacker targets workstations en masse 2. User running as local admin is compromised, attacker harvests credentials 3. Attacker uses credentials for lateral movement or privilege escalation 4. Attacker acquires domain admin credentials 5. Attacker exercises full control of data and systems in the environment
  • 18. Confidential18 Confidential18 Know Your Users • Who are your users? • What can they do? • What are they doing? • Do they have the right access? Hybrid Active Directory Security
  • 19. Who Are They And What Can They Do? Privileged Accounts, do you know who they are? Helpdesk User Accounts Service Accounts Admin Accounts
  • 20. What Are They Doing? It’s 9pm, do you know what your Privileged Accounts are up to? • Auditing - Detect and Alert
  • 21. Is Access to Resource Appropriate? Can you tell how long a user has been with the company by how many groups they belong to? Application / Data Owners Create Users/Groups Create Groups Reset Pwrds, Unlock Accounts Computers Domain Controllers APAC EMEA North America AD Architect New York Mexico City Sr. Administrator OU Admins / Help Desk Create OUs Create Objects Join Computers Access Management Assign Assistants Exchange Admins Create/Remove Mailboxes Move Mailbox Update Addresses AD / AD LDS Cross-platformUpdate personal Information Update Phone # User Profile Editor Applications User Profile Editor Day-to-Day Admin App/Data Owners Mailbox Admin Service Desk Databases Directories Platforms
  • 22. GPOs – The Good: Powerful, The Bad: Powerful Change Management and Security • Version comparisons Side-by-side GPO version comparisons at various intervals. • Protected settings policies Define a list of GPO settings with predetermined values that must exist and cannot be modified.
  • 23. GPOs – The Good: Powerful, The Bad: Powerful Change Management and Security • Support change management best practices and • Enable effective approval processes
  • 24. Recovery Manager for Active Directory Forest Edition Recover Quickly When Things Go Wrong
  • 25. Confidential25 Quest Hybrid Active Directory Security Solution Continually assess Detect and alert Remediate and mitigate Investigate and recover Active Directory Unified AD Fine-Grained Provisioning UNIX Servers SP2K PROD AZUREAD O365 INDIA ASIAPAC EMEA US Aqusiition AD. SAAS Apps. Exchange SQL File Servers On Prem. Apps AAD Connect
  • 26. Thank you! Watch the On-demand: http://ow.ly/YzDn30b47u5