Recording of monthly Need to Know webinar for July 2021 that focused on providing a deep dive into email security. The session also includes Microsoft Cloud news and updates along with an open Q and A session around Microsoft 365. Video recording is available at www.ciaopsacademy.com

1. Need to Know Microsoft 365
Webinar
July 2021
@directorcia
http://about.me/ciaops

2. Web cast has started
Web cast is being recorded
If you can’t hear anything check
your speaker settings

3. For questions after the event:
Email : director@ciaops.com
Twitter : @directorcia

4. Webinar recordings at:
www.ciaopsacademy.com
Free access for CIAOPS patrons

5. Please:
- Turn off your mobile
- Turn off your email
- Have somewhere to
take notes

6. http://www.ciaopslearn.com

7. Agenda
- Microsoft 365 Update
- Email Security
- Q & A

9. News
• Windows 365 announcement
• https://www.youtube.com/watch?v=V14Ia2uwrtk
• Introducing a new era of hybrid personal computing: the Windows 365
Cloud PC
• https://www.microsoft.com/en-us/microsoft-365/blog/2021/07/14/introducing-a-new-era-of-hybrid-
personal-computing-the-windows-365-cloud-pc/
• Microsoft 365 Lighthouse now in public preview
• https://techcommunity.microsoft.com/t5/small-and-medium-business-blog/microsoft-365-lighthouse-is-
now-in-public-preview/ba-p/2540515
• From collaborative apps in Microsoft Teams to Windows 365—here’s
what’s new in Microsoft 365 at Inspire
• https://www.microsoft.com/en-us/microsoft-365/blog/2021/07/14/from-collaborative-apps-in-microsoft-
teams-to-cloud-pc-heres-whats-new-in-microsoft-365-at-inspire/

10. Email
Security

11. Email is the prevalent attack vector
91%
300%
60% $26B
68%
20% in 5min

12. What Is The Issue?

13. • v=spf1 ip4:1.2.5.5 ip4:8.2.7.4 ip4:7.3.2.2 ip4:5.5.1.8
include:_spf.salesforce.com include:spf.protection.outlook.com -all
SPF
• "v=DKIM1; p=MIGfMA0GDQEBgQCrZ6z … 6UvqP3QIDAQAB"
DKIM
• v=DMARC1; p=reject; rua=mailto:dmarc@dmarc-aggregator.com;
ruf=mailto:dmarc-ruf@dmarc-aggregator.com
DMARC

14. Perimeter
Protection
Email is routed to EOP DC based on
MX record resolution
(Contoso-com.mail.protection.outlook.com)
Virus
Scanning
AV Engine 1
AV Engine 2
AV Engine 3
Spam Protection
Safe Sender/Recipient
Policy
Enforcement
Custom
transport rules
Content scanning and
heuristics
Bulk mail filtering
SPF & Sender ID filter
Quarantine
International spam
Advanced Spam
management
Customer
Feedback
False +ve / -ve
Spam Analysts
Corporate Network
or Exchange Online
IP-based edge
blocks
Envelope blocks
Directory based
edge blocks
Advanced Threat
Protection (ATP)
Safe attachments
policy
Safe links policy

15. Connector-Based
Higher Risk
Delivery Pool
High Score
Outbound Pool
Low Score
Spam Protection
Content scanning and
Heuristics
Advanced Spam
management
Virus
Scanning
AV Engine 1
AV Engine 2
AV Engine 3
Policy Enforcement
Custom transport
rules
Spam Analysts
Corporate Network
or Exchange Online
Customer Delivery
Pool
Outlook Safe Sender

16. Multi-Layered protection stack

17. Multi-Layered protection stack

23. https://aka.ms/PasswordSprayBestPractices

25. Shared
Mailboxes

29. DEMO

30. • Always apply best practices
• DMARC and DKIM are your friends
• Remove basic authentication
• Don’t add a hygiene service in front of Microsoft 365
• Reduce your attack surface by disabling POP and IMAP
• Train users
• Run attack simulations

31. Resources
• Recommended settings for EOP and Defender for Office 365 security -
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/recommended-
settings-for-eop-and-office365-atp?view=o365-worldwide
• How to Combat Fake Emails using SPF, DKIM, DMARC -
https://www.cyber.gov.au/acsc/view-all-content/publications/how-combat-fake-emails
• SPF, DKIM, DMARC and Exchange Online – https://docs.microsoft.com/en-
us/archive/blogs/fasttracktips/spf-dkim-dmarc-and-exchange-online
• Free DMARC monitor for Microsoft 365 – https://go.valimail.com/microsoft.html
• Email encryption - https://support.office.com/en-us/article/Email-encryption-in-Office-
365-c0d87cbe-6d65-4c03-88ad-5216ea5564e8?ui=en-US&rs=en-US&ad=US
• Protect yourself from phishing - https://support.microsoft.com/en-us/windows/protect-
yourself-from-phishing-0c7ea947-ba98-3bd9-7184-430e1f860a44
• Protect yourself from phishing - https://support.microsoft.com/en-us/windows/protect-
yourself-from-phishing-0c7ea947-ba98-3bd9-7184-430e1f860a44

32. CIAOPS Resources
• Blog – http://blog.ciaops.com
• Free Office 365, Azure Administration newsletter – http://bit.ly/cia-o365-tech
• Free Office 365, Azure video tutorials – http://www.youtube.com/directorciaops
• Free documents, presentations, eBooks – http://slideshare.net/directorcia
• Office 365, Azure, Cloud podcast – http://ciaops.podbean.com
• Office 365, Azure online training courses – http://www.ciaopsacademy.com
• Office 365 and Azure community – http://www.ciaopspatron.com
• CIAOPS Github – https://github.com/directorcia
Twitter
@directorcia
Facebook
https://www.facebook.com/ciaops
Email
director@ciaops.com
Skype for Business
admin@ciaops365.com

33. Get access to the latest
information by becoming a
Patron
http://www.ciaopspatron.com

35. That’s all folks!
Thanks for attending