Office 365: Modern Workplace November 8, 2018 Bruce Ward, VP of Business Strategy Helping you grow your business with scalable IT services & solutions for today s challenges & tomorrow s vision. 2018 Peters & Associates, Inc. All rights reserved.
Identity and access management Identity-driven security Managed mobile productivity Information protection +EMS E5 Azure Active Directory P2 Risk based conditional access Identity Protection Portal Cloud App Security - ALL Visibility and control for all cloud apps Azure Information Protection Plan 2 Automated intelligent classification and labeling of data + AIP Scanner +EMS E3 Azure Active Directory P1 Single sign-on (SSO) for all apps Conditional MFA, Password Self Service, Dynamic Groups Advanced Threat Analytics Identify advanced threats in on premises identities Intune App management (MAM) Device management (MDM) PC management Azure Information Protection Plan 1 Tracking and notifications for shared documents Office 365 ATP email links, attachments, phishing Cloud App Security - O365 Portal with anomalous activity Skype/Teams Extension Voice Advanced ediscovery search Compliance Conferencing Power BI Customer Lockbox, Customer Key, Privileged Access Azure AD Basic: Activity Logs MDM for O365 RMS for O365 Single sign-on (SSO) for O365 Basic multi-factor authentication (MFA) for O365 SSO for Cloud Apps Device settings management Selective wipe Built into O365 management console Protection for content stored in Office (on-premises or O365) Access to RMS SDK Features: Office ProPlus, Exchange (ediscovery, DLP), Skype/Teams, SharePoint, Office Online, OneDrive, Video, Yammer, Delve, MyAnalytics, Planner, Stream, Flow, StaffHub, and more
NIST s CyberSecurity Framework (CSF) IT Security Solutions 2016 Peters & Associates, Inc. All rights reserved.
O365 Functionality and Features 2018 Peters & Associates, Inc. All rights reserved.
Identity and access management Identity-driven security Managed mobile productivity Information protection +EMS E5 Azure Active Directory P2 Risk based conditional access Identity Protection Portal Cloud App Security - ALL Visibility and control for all cloud apps Azure Information Protection Plan 2 Automated intelligent classification and labeling of data + AIP Scanner +EMS E3 Azure Active Directory P1 Single sign-on (SSO) for all apps Conditional MFA, Password Self Service, Dynamic Groups Advanced Threat Analytics Identify advanced threats in on premises identities Intune App management (MAM) Device management (MDM) PC management Azure Information Protection Plan 1 Tracking and notifications for shared documents Office 365 ATP email links, attachments, phishing Cloud App Security - O365 Portal with anomalous activity Skype/Teams Extension Voice Advanced ediscovery search Compliance Conferencing Power BI Customer Lockbox, Customer Key, Privileged Access Azure AD Basic: Activity Logs MDM for O365 RMS for O365 Single sign-on (SSO) for O365 Basic multi-factor authentication (MFA) for O365 SSO for Cloud Apps Device settings management Selective wipe Built into O365 management console Protection for content stored in Office (on-premises or O365) Access to RMS SDK Features: Office ProPlus, Exchange (ediscovery, DLP), Skype/Teams, SharePoint, Office Online, OneDrive, Video, Yammer, Delve, MyAnalytics, Planner, Stream, Flow, StaffHub, and more
Whiteboard IT Security Solutions 2018 Peters & Associates, Inc. All rights reserved.
Conditions Actions Exceptions 8
PowerApps Collaboration Solutions 2016 Peters & Associates, Inc. All rights reserved.
O365 E3 Features / Security 2018 Peters & Associates, Inc. All rights reserved.
Identity and access management Identity-driven security Managed mobile productivity Information protection +EMS E5 Azure Active Directory P2 Risk based conditional access Identity Protection Portal Cloud App Security - ALL Visibility and control for all cloud apps Azure Information Protection Plan 2 Automated intelligent classification and labeling of data + AIP Scanner +EMS E3 Azure Active Directory P1 Single sign-on (SSO) for all apps Conditional MFA, Password Self Service, Dynamic Groups Advanced Threat Analytics Identify advanced threats in on premises identities Intune App management (MAM) Device management (MDM) PC management Azure Information Protection Plan 1 Tracking and notifications for shared documents Office 365 ATP email links, attachments, phishing Cloud App Security - O365 Portal with anomalous activity Skype/Teams Extension Voice Advanced ediscovery search Compliance Conferencing Power BI Customer Lockbox, Customer Key, Privileged Access Azure AD Basic: Activity Logs MDM for O365 RMS for O365 Single sign-on (SSO) for O365 Basic multi-factor authentication (MFA) for O365 SSO for Cloud Apps Device settings management Selective wipe Built into O365 management console Protection for content stored in Office (on-premises or O365) Access to RMS SDK Features: Office ProPlus, Exchange (ediscovery, DLP), Skype/Teams, SharePoint, Office Online, OneDrive, Video, Yammer, Delve, MyAnalytics, Planner, Stream, Flow, StaffHub, and more
NIST s CyberSecurity Framework (CSF) IT Security Solutions 2016 Peters & Associates, Inc. All rights reserved.
Identity and access management for employees, partners, and customers B2B collaboration Provisioning- Deprovisioning Addition of custom cloud apps Access Panel/MyApps Dynamic Groups Identity Protection Self-Service capabilities Connect Health Remote Access to on-premises apps Azure AD B2C Group-Based Licensing Privileged Identity Management Azure AD Connect Conditional Access Microsoft Authenticator - Password-less Access Azure AD Join MDM-auto enrollment / Enterprise State Roaming Security Reporting SSO to SaaS Multi-Factor Authentication Azure AD DS Office 365 App Launcher HR App Integration Access Reviews
John Doe I want to provide my employees access to every app from any location and any device Microsoft Azure Active Directory Hybrid made easy 1 Identity Azure AD Connect Thousands of apps On-premises / Private cloud
Conditions Controls 10TB Devices Users Machin e learnin g Session Risk 3 Allow access Limit access On-premises apps Real time Evaluation Engine Require MFA Location Apps Policies Effective policy ****** Force password reset Web apps Deny access
Conditions Controls 10TB Devices Users Machin e learnin g Session Risk 3 Allow access Limit access Azure AD MFA Real time Evaluation Engine Require MFA Location Apps Policies Effective policy ****** Force password reset Deny access
NIST s CyberSecurity Framework (CSF) IT Security Solutions 2016 Peters & Associates, Inc. All rights reserved.
Audit Walk-Thru IT Security Solutions 2017 Peters & Associates, Inc. All rights reserved.
PC management Premium mobile device & app management Office 365 Device configuration Category Feature Exchange ActiveSync MDM for Office 365 Microsoft Intune (cloud only) Intune + ConfigMgr (hybrid) Inventory mobile devices that access corporate applications Remote factory reset (full device wipe) Mobile device configuration settings (PIN length, PIN required, lock time, etc.) Self-service password reset (Office 365 cloud only users) Provides reporting on devices that do not meet IT policy Group-based policies and reporting (ability to use groups for targeted device configuration) Root and jailbreak detection Remove Office 365 app data from mobile devices while leaving personal data and apps intact (selective wipe) Prevent access to corporate email and documents based upon device enrollment and compliance policies Self-service Company Portal for users to enroll their own devices and install corporate apps App deployment (Windows Phone, ios, Android) Deploy certificates, VPN profiles (including app-specific profiles), email profiles, and Wi-Fi profiles Prevent cut/copy/paste/save as of data from corporate apps to personal apps (mobile application management) Secure content viewing via Managed Browser, PDF Viewer, Image Viewer, and AV Player apps for Intune Remote device lock via self-service Company Portal and via admin console Client PC management (e.g. Windows 8.1, inventory, antimalware, patch, policies, etc.) PC software management Comprehensive PC management (e.g. Group Policy, login scripts, BitLocker management, virtual desktop and power management, custom reporting, etc.) Windows Server/Linux/UNIX/Mac OS X support OS deployment and imaging
MDM for Office 365 IT Security Solutions User Selective Wipe Policy Enforcement 2018 Peters & Associates, Inc. All rights reserved.
Rights Management Services (RMS) IT Security Solutions Data Protection in motion Data Protection in motion Information can be protected with RMS at rest or in motion Data protection at rest Data protection at rest Data protection at rest Data protection at rest 2017 Peters & Associates, Inc. All rights reserved.
Whiteboard IT Security Solutions 2018 Peters & Associates, Inc. All rights reserved.
O365 E5 Features / Security 2018 Peters & Associates, Inc. All rights reserved.
Identity and access management Identity-driven security Managed mobile productivity Information protection +EMS E5 Azure Active Directory P2 Risk based conditional access Identity Protection Portal Cloud App Security - ALL Visibility and control for all cloud apps Azure Information Protection Plan 2 Automated intelligent classification and labeling of data + AIP Scanner +EMS E3 Azure Active Directory P1 Single sign-on (SSO) for all apps Conditional MFA, Password Self Service, Dynamic Groups Advanced Threat Analytics Identify advanced threats in on premises identities Intune App management (MAM) Device management (MDM) PC management Azure Information Protection Plan 1 Tracking and notifications for shared documents Office 365 ATP email links, attachments, phishing Cloud App Security - O365 Portal with anomalous activity Skype/Teams Extension Voice Advanced ediscovery search Compliance Conferencing Power BI Customer Lockbox, Customer Key, Privileged Access Azure AD Basic: Activity Logs MDM for O365 RMS for O365 Single sign-on (SSO) for O365 Basic multi-factor authentication (MFA) for O365 SSO for Cloud Apps Device settings management Selective wipe Built into O365 management console Protection for content stored in Office (on-premises or O365) Access to RMS SDK Features: Office ProPlus, Exchange (ediscovery, DLP), Skype/Teams, SharePoint, Office Online, OneDrive, Video, Yammer, Delve, MyAnalytics, Planner, Stream, Flow, StaffHub, and more
4) ATP Anti-Malware: Sender SafeLinks SafeAttachments Unsafe Safe Attachment s detonation chamber (sandbox) Safe Attachment Anti-Phishing: IT Security Solutions Anti-Impersonation - Personal Anti-Impersonation - Domain Links Safe Links rewrite Exchange Online Protection Recipient 2018 Peters & Associates, Inc. All rights reserved.
Technology - Limit Impersonators! IT Security Solutions 2018 Peters & Associates, Inc. All rights reserved.
Whiteboard IT Security Solutions 2018 Peters & Associates, Inc. All rights reserved.
Overall Posture 2016 Peters & Associates, Inc. All rights reserved.
Recommendations One-time Enable Advanced Security Management Console One-time Enable MFA for all global admins One-time Enable mailbox auditing for all users Weekly Review signs-ins after multiple failures reports Weekly Review sign-ins from unknown sources report Weekly Weekly Weekly Weekly Weekly Weekly Review signs-ins from multiple geographies report Review role changes Review mailbox forwarding rules Review mailbox access by non-owners report Review malware detections report Review sign-in devices report
Weekly O365 Security Check Mailbox Auditing Inbox Forwarding Mailbox Retention Office 365 Domains Office 365 Settings MFA Phone Numbers Foreign Mailbox Logons Old / Unused Mailboxes Roles assigned
Compliance Walk-Thru IT Security Solutions https://servicetrust.microsoft.com 2016 Peters & Associates, Inc. All rights reserved.
Offers: IT Security Solutions https://www.peters.com/phishing-test-free-trial/ https://www.peters.com/security-audit-free-trial/ 2018 Peters & Associates, Inc. All rights reserved.
Reminder Free XBOX Raffle IT Security Solutions 2018 Peters & Associates, Inc. All rights reserved.
Events, Webinars & Blogs http://www.peters.com/events http://www.peters.com/blog/
To ask questions, either: 1) Take phone off mute, ask. 2) Type question in IM Window 2018 Peters & Associates, Inc. All rights reserved. 2015 Peters & Associates, Inc. All rights reserved.
Thank you! Bruce Ward Bruce.Ward@peters.com 1801 S. Meyers Road, Suite 120 Oakbrook Terrace, IL 60181 (630) 832-0075 2018 Peters & Associates, Inc. All rights reserved.