Slides from CIAOPS March 2021 webinar that provided Microsoft 365 news update, open Q & A as well as a focus session on security. Video recording is available at www.ciaopsacademy.com
10. News
โข Microsoft Ignite recordings are available -
โข https://myignite.microsoft.com/
โข Analyzing attacks taking advantage of the Exchange Server vulnerabilities -
โข https://www.microsoft.com/security/blog/2021/03/25/analyzing-attacks-taking-advantage-of-the-exchange-
server-vulnerabilities/
โข Add Viva Connections for Microsoft Teams desktop -
โข https://docs.microsoft.com/en-us/SharePoint/viva-connections?branch=new-viva-connections
โข Best practices for migrating to SharePoint and OneDrive -
โข https://techcommunity.microsoft.com/t5/microsoft-onedrive-blog/best-practices-for-migrating-to-sharepoint-and-
onedrive/ba-p/2221548
โข Host webinars in Microsoft Teams | Deep dive on new presenter and
attendee experiences - https://www.youtube.com/watch?v=Q7ptat6LoVc&feature=emb_logo
โข SharePoint's 20th birthday party - https://www.sharepointbirthday.com/
13. Notifiable Data Breaches (NDB) scheme in Australia
โข Starting on 22nd February 2018
โข Australian organisations are required to notify any
individuals likely to be at risk of serious harm by a data
breach.
โข Examples of a data breach include when:
o a device containing customersโ personal
information is lost or stolen
o a database containing personal information is
hacked
o personal information is mistakenly provided to the
wrong person.
โข For more information visit https://oaic.gov.au
25. What Is The Issue Enabling MFA?
https://www.coreview.com/resources/whitepaper/microsoft-365-app-security-governance-shadow-it-report/
26. Getting to a world without passwords
Microsoft Authenticator FIDO2 Security Keys
Windows Hello
27. User browses to a
website
Phishing
mail
Opens
attachment
Clicks on a URL
+
Exploitation
& Installation
Command
& Control
Brute force account or
use stolen account credentials
User account
is compromised
Attacker
attempts lateral
movement
Privileged
account
compromised
Domain
compromised
Attacker accesses
sensitive data
Exfiltrate data
Protection across
Azure AD Identity Protection
Identity protection &
conditional access
Cloud App Security
Extends protection & conditional
access to other cloud apps
Azure Defender
Azure AD Identity Protection
Identity protection &
conditional access
Identity protection
Defender for Endpoint
Endpoint protection
Defender for Office 365
Malware detection, safe links,
safe attachments
Attacker collects recon
and config data
32. Take aways
โขSecurity is more important that it has ever been
โขStart with the basics and build
โขSimple things like MFA make a huge difference
โขUnderstand what you have and what you can add
โขBe careful of alert overload
โขTest your security regularly
โขFollow best practices
33. Resources
โข Cyber Security: The Small Business Best Practice Guide -
https://www.asbfeo.gov.au/sites/default/files/documents/ASBFEO-cyber-security-research-report.pdf
โข Australian Cyber Security Centre - https://www.cyber.gov.au/
โข Office 365 Security and Compliance - https://docs.microsoft.com/en-
us/office365/securitycompliance/
โข Your Pa$$word doesnโt matter - https://techcommunity.microsoft.com/t5/azure-active-directory-
identity/your-pa-word-doesn-t-matter/ba-p/731984
โข Microsoft Trust Center - https://www.microsoft.com/en-us/trustcenter/security/office365-security
โข Microsoft Secure Score - https://docs.microsoft.com/en-us/office365/securitycompliance/microsoft-
secure-score
โข Microsoft 365 for Partners Security - https://www.microsoft.com/microsoft-365/partners/security
โข CIAOPS Github โ https://github.com/directorcia
โข CIAOPS Best Practice slinks - https://github.com/directorcia/Office365/blob/master/best-practices.txt
34. CIAOPS Resources
โข Blog โ http://blog.ciaops.com
โข Free SharePoint Training via email โ http://bit.ly/cia-gs-spo
โข Free Office 365, Azure Administration newsletter โ http://bit.ly/cia-o365-tech
โข Free Office 365, Azure video tutorials โ http://www.youtube.com/directorciaops
โข Free documents, presentations, eBooks โ http://slideshare.net/directorcia
โข Office 365, Azure, Cloud podcast โ http://ciaops.podbean.com
โข Office 365, Azure online training courses โ http://www.ciaopsacademy.com
โข Office 365 and Azure community โ http://www.ciaopspatron.com
Twitter
@directorcia
Facebook
https://www.facebook.com/ciaops
Email
director@ciaops.com
Teams
admin@ciaops365.com
35. Get access to the latest
information by becoming a
Patron
http://www.ciaopspatron.com