Slides from CIAOPS May 2020 webinar that provided Microsoft 365 news update, open Q & A as well as a focus session on security best practices. Video recording is available at www.ciaopsacademy.com

1. Need to Know Microsoft 365
Webinar
May 2020
@directorcia
http://about.me/ciaops

2. Web cast has started
Web cast is being recorded
If you can’t hear anything check
your speaker settings

3. For questions after the event:
Email : director@ciaops.com
Twitter : @directorcia

4. Webinar recordings at:
www.ciaopsacademy.com
Free access for CIAOPS patrons

7. Please:
- Turn off your mobile
- Turn off your email
- Have somewhere to
take notes

8. http://www.ciaopslearn.com

9. Agenda
- Microsoft 365 Update
- Security
- Q & A

11. News
• Making it easier to stay caught up with Cortana in Microsoft 365
• https://www.microsoft.com/en-us/microsoft-365/blog/2020/05/27/making-easier-stay-caught-cortana-microsoft-365/
• Project Cortex walk through demo
• https://demobuilderwebcpptxz.blob.core.windows.net/microsoft-365-knowledge-sharing/startdemo.html
• What’s New in Microsoft Teams | Build Edition 2020
• https://techcommunity.microsoft.com/t5/microsoft-teams-blog/what-s-new-in-microsoft-teams-build-edition-
2020/ba-p/1394224
• Announcing Microsoft Lists - Your smart information tracking app in Microsoft
365
• https://techcommunity.microsoft.com/t5/microsoft-365-blog/announcing-microsoft-lists-your-smart-information-
tracking-app/ba-p/1372233
• Now Live – SharePoint home sites: a landing for your organization in the
intelligent intranet
• https://techcommunity.microsoft.com/t5/microsoft-sharepoint-blog/now-live-sharepoint-home-sites-a-landing-for-
your-organization/ba-p/1399822

12. New name, same great value, same price.
Microsoft 365 for business
Office 365 Business Essentials
Cloud services
Microsoft 365 Business Basic
Cloud services
Office 365 Business Premium
Cloud services and desktop apps
Microsoft 365 Business Standard
Cloud services and desktop apps
Microsoft 365 Business
Cloud services, desktop apps, and advanced security
Microsoft 365 Business Premium
Cloud services, desktop apps, and advanced security

13. Microsoft 365 Apps
Office 365 Business
Cloud-connected Desktop Apps
Microsoft 365 Apps for business
Cloud-connected Desktop Apps
Office 365 ProPlus
Cloud-connected Desktop Apps
Microsoft 365 Apps for enterprise
Cloud-connected Desktop Apps

14. Security

15. The Security Dilemma

16. Defence in Depth

17. 300%
increase in identity attacks
over the past year.
Phishing
23M
high risk enterprise sign-in
attempts detected in March 2018
Password
Spray
350K
compromised accounts
detected in April 2018
lllllllll
Breach
Replay
4.6B
attacker-driven sign-ins
detected in May 2018
lllllllll

18. Where should you start?

19. PCs, tablets, mobile
Office 365 Data Loss PreventionWindows Information Protection
& BitLocker for Windows 10
Azure Information Protection
Exchange Online,
SharePoint Online,
Skype for Business &
OneDrive for Business
Highly
regulated
Microsoft Intune MDM & MAM
for Windows, iOS & Android Microsoft Cloud App Security
Office 365 Advanced Data Governance
Azure
Information
Protection
Comprehensive protection of sensitive data across devices, cloud services, and on-premises
Windows 10 Office 365 EM+S & Cloud
Services
Advanced Device
Management

21. MICROSOFT CLOUD APP SECURITY
Visibility into 15k+ cloud apps, data access & usage,
potential abuse
AZURE SECURITY CENTER INFORMATION PROTECTION
Classify & label sensitive structured data in Azure SQL, SQL
Server and other Azure repositories
OFFICE APPS
Protect sensitive information while working in Excel, Word,
PowerPoint, Outlook
AZURE INFORMATION PROTECTION
Classify, label & protect files – beyond Office 365, including
on-premises & hybrid
OFFICE 365 DATA LOSS PREVENTION
Prevent data loss across Exchange Online, SharePoint Online,
OneDrive for Business
SHAREPOINT & GROUPS
Protect files in libraries and lists
OFFICE 365 ADVANCED DATA GOVERNANCE
Apply retention and deletion policies to sensitive and
important data in Office 365
ADOBE PDFs
Natively view and protect PDFs on Adobe Acrobat Reader
WINDOWS INFORMATION PROTECTION
Separate personal vs. work data on Windows 10 devices,
prevent work data from traveling to non-work locations
OFFICE 365 MESSAGE ENCRYPTION
Send encrypted emails in Office 365 to anyone
inside or outside of the company
CONDITIONAL ACCESS
Control access to files based on policy, such as identity, machine
configuration, geo location
Discover | Classify | Protect | Monitor
SDK FOR PARTNER ECOSYSTEM & ISVs
Enable ISVs to consume labels, apply protection

24. • v=spf1 ip4:1.2.5.5 ip4:8.2.7.4 ip4:7.3.2.2 ip4:5.5.1.8
include:_spf.salesforce.com include:spf.protection.outlook.com -allSPF
• "v=DKIM1; p=MIGfMA0GDQEBgQCrZ6z … 6UvqP3QIDAQAB"
DKIM
• v=DMARC1; p=reject; rua=mailto:dmarc@dmarc-aggregator.com;
ruf=mailto:dmarc-ruf@dmarc-aggregator.comDMARC

25. Perimeter
Protection
Email is routed to EOP DC based on
MX record resolution
(Contoso-com.mail.protection.outlook.com)
Virus
Scanning
AV Engine 1
AV Engine 2
AV Engine 3
Spam Protection
Safe Sender/Recipient
Policy
Enforcement
Custom
transport rules
Content scanning and
heuristics
Bulk mail filtering
SPF & Sender ID filter
Quarantine
International spam
Advanced Spam
management
Customer
Feedback
False +ve / -ve
Spam Analysts
Corporate Network
or Exchange Online
IP-based edge
blocks
Envelope blocks
Directory based
edge blocks
Advanced Threat
Protection (ATP)
Safe attachments
policy
Safe links policy

26. Connector-Based
Higher Risk
Delivery Pool
High Score
Outbound Pool
Low Score
Spam Protection
Content scanning and
Heuristics
Advanced Spam
management
Virus
Scanning
AV Engine 1
AV Engine 2
AV Engine 3
Policy Enforcement
Custom transport
rules
Spam Analysts
Corporate Network
or Exchange Online
Customer Delivery
Pool
Outlook Safe Sender

30. https://aka.ms/PasswordSprayBestPractices

31. ✓ Enable Multi-factor authentication
for Office 365 users
✓ Secure your Office 365
environments from leaked
credentials

32. MFA and Password-less

33. User browses to a
website
Phishing
mail
Opens
attachment
Clicks on a URL
+
Exploitation
& Installation
Command
& Control
Brute force account or
use stolen account credentials
User account
is compromised
Attacker
attempts lateral
movement
Privileged
account
compromised
Domain
compromised
Attacker accesses
sensitive data
Exfiltrate data
Protection across
Azure AD Identity Protection
Identity protection &
conditional access
Cloud App Security
Extends protection & conditional
access to other cloud apps
Azure ATP
Azure AD Identity Protection
Identity protection &
conditional access
Identity protection
Windows Defender
ATP
Endpoint protection
Office 365 ATP
Malware detection, safe links,
safe attachments
Attacker collects recon
and config data

34. DEMO

35. Take aways
• Change the defaults
• Security is a journey
• Security will cause some pain but prevents disaster
• Microsoft 365 has many security options
• Implement the basics but continue to enhance
• Getting alerts and keeping logs should be mandatory
• Become ‘hard to kill’

36. Resources
• Cyber Security: The Small Business Best Practice Guide -
https://www.asbfeo.gov.au/sites/default/files/documents/ASBFEO-cyber-security-research-report.pdf
• Australian Cyber Security Centre - https://www.cyber.gov.au/
• Office 365 Security and Compliance - https://docs.microsoft.com/en-
us/office365/securitycompliance/
• Microsoft Trust Center - https://www.microsoft.com/en-us/trustcenter/security/office365-security
• Microsoft Secure Score - https://docs.microsoft.com/en-us/office365/securitycompliance/microsoft-
secure-score
• Microsoft 365 for Partners Security - https://www.microsoft.com/microsoft-365/partners/security
• CIAOPS Github – https://github.com/directorcia

37. CIAOPS Resources
• Blog – http://blog.ciaops.com
• Free SharePoint Training via email – http://bit.ly/cia-gs-spo
• Free Office 365, Azure Administration newsletter – http://bit.ly/cia-o365-tech
• Free Office 365, Azure video tutorials – http://www.youtube.com/directorciaops
• Free documents, presentations, eBooks – http://slideshare.net/directorcia
• Office 365, Azure, Cloud podcast – http://ciaops.podbean.com
• Office 365, Azure online training courses – http://www.ciaopsacademy.com
• Office 365 and Azure community – http://www.ciaopspatron.com
Twitter
@directorcia
Facebook
https://www.facebook.com/ciaops
Email
director@ciaops.com
Teams
admin@ciaops365.com

38. Get access to the latest
information by becoming a
Patron
http://www.ciaopspatron.com

40. That’s all folks!
Thanks for attending