Windows 10 October 25, 2018 Helping you grow your business with Bruce Ward, VP of Business Strategy scalable IT services & solutions Dan Sharp, Senior Consultant for today s challenges & tomorrow s vision. Adam Gassensmith, Manager of Client Engagement 2017 Peters & Associates, Inc. All rights reserved.
Peters & Associates Security Wheel IT Security Solutions Controls surround Data DATA
Identity and access management Identity-driven security Managed mobile productivity Information protection +EMS E5 Azure Active Directory P2 Risk based conditional access Identity Protection Portal Cloud App Security - ALL Visibility and control for all cloud apps Azure Information Protection Plan 2 Automated intelligent classification and labeling of data + AIP Scanner +EMS E3 Azure Active Directory P1 Single sign-on (SSO) for all apps Conditional MFA, Password Self Service, Dynamic Groups Advanced Threat Analytics Identify advanced threats in on premises identities Intune App management (MAM) Device management (MDM) PC management Azure Information Protection Plan 1 Tracking and notifications for shared documents Office 365 ATP email links, attachments, phishing Cloud App Security - O365 Portal with anomalous activity Skype/Teams Extension Voice Advanced ediscovery search Compliance Conferencing Power BI Customer Lockbox, Customer Key, Privileged Access Azure AD Basic: Activity Logs MDM for O365 RMS for O365 Single sign-on (SSO) for O365 Basic multi-factor authentication (MFA) for O365 SSO for Cloud Apps Device settings management Selective wipe Built into O365 management console Protection for content stored in Office (on-premises or O365) Access to RMS SDK
IT Security Solutions Agenda Introduction Why Windows 10 Licensing and Features Design and Deploy Tools of the Trade Demo Time Wrap and Q&A
Why Windows 10
Some Reasons IT Security Solutions Top Employee Features Boot up MUCH faster Search = Find Touch Ready Surface, Windows Hello Modern, Everywhere Top Admin Features NOT 10-year old code Security Prevention Provisioning options and ease Bitlocker, Direct Access Secure Edge Browser
The Real Reason IT Security Solutions https://support.microsoft.com/en-us/help/13853/windows-lifecycle-fact-sheet
The Reality Today IT Security Solutions https://www.netmarketshare.com
Windows 10 96% of enterprise customers piloting 15% desktop management time savings* 33% reduction in security issues and time to resolve* * The Total Economic Impact(TM) Of Windows 10, a commissioned study conducted by Forrester Consulting on behalf of Microsoft, June 2016. Results are for a risk adjusted composite organization based on customer interviews.
Traditional on-prem Active Directory Domain Join Group Policy System Center Configuration Manager
Traditional Cloud on-prem Active Directory Domain Join Group Policy Azure Active Directory Azure AD Join MDM Policies System Center Configuration Microsoft Intune Manager and other MDM
Modern IT Traditional IT Cloud Windows 10 designed for modern IT
Licensing & Features
Licensing IT Security Solutions No Pro if you want these https://www.microsoft.com/en-us/windowsforbusiness/compare
Windows 10 Features IT Security Solutions
Windows 10 Features IT Security Solutions
Remember: 18 Months! IT Security Solutions Version History: Version 1507. Version 1511 (November Update). Version 1607 (Anniversary Update). Version 1703 (Creators Update) EOL on October 9, 2018 Current Versions: Version 1709 (Fall Creators Update). Version 1803 (April 2018 Update). Version 1809 https://www.peters.com/end-life-beginning-loss/
Windows Defender ATP IT Security Solutions Behavior-based, cloud-powered breach detection Forensic tools, rollback capabilities Operates independent of AV/Malware protection
Windows Virtual Desktop IT Security Solutions Announced Sept 18 th, Private Preview Azure-based. Rapid deploy / scale. Office 365 functionality. EMS security. Windows 10 capability. Individual apps or full desktop. Extend service via partners including: Citrix, Liquidware, and ThinPrint
Design & Deploy
Design Questions IT Security Solutions UEFI Management New Hardware Disk Encryption Bitlocker / MBAM Telemetry AAD Join / Co-Manage Windows Defender Secure / Lockdown
You re in control Granularly configured by device or user. Risk level determined by your business. Choose the level right for your organization Security Minimum data to keep your device secure Basic Simple device and quality data Enhanced Detailed activity data Full Enhanced Diagnostics 2018 Microsoft Corporation. Content is subject to change. See https://technet.microsoft.com/library/mt577208(v=vs.85).aspx for more information.
Windows Modern Deployment QUICKLY PREPARE NEW DEVICES FOR USER PRODUCTIVITY Refresh (Bare Metal, same hardware) - Keeping the same device but deploying a fresh image with user settings, data, and apps. Replace (Bare Metal, new hardware) - Deploy a new device with a fresh image and transition user settings, data, and apps from old device. In-Place Upgrade automated OS update including apps, settings, and data. Rollback data is saved in Windows.old. Subscription Activation - Switch from Windows 10 Pro to Enterprise AutoPilot selfmanaged, cloud-directed device image upgrades. Unique situations: Lab refresh / multicasting Internet-managed Road Warrior devices Kiosk machines
Tools of the Trade
Tools of the Trade IT Security Solutions
User State Migration Tool (USMT)
Task Sequence used via SCCM or WDS
Upgrade Readiness
Application Compatibility
Microsoft Deployment Toolkit (MDT)
Notable Security Mentions Group Policies (GPO) Software Updates (WSUS) Bitlocker Admin (MBAM) Local Account Passwords (LAPS)
Demo Time!
Reminder Free XBOX Raffle IT Security Solutions
Events, Webinars & Blogs http://www.peters.com/events http://www.peters.com/blog/
Offers: IT Security Solutions
To ask questions, either: 1) Take phone off mute, ask. 2) Type question in IM Window 2015 Peters & Associates, Inc. All rights reserved.
Thank you! Bruce Ward Bruce.Ward@peters.com 1801 S. Meyers Road, Suite 120 Oakbrook Terrace, IL 60181 (630) 832-0075
2015 Peters & Associates, Inc. All rights reserved.
Important URL s IT Security Solutions Windows 10 Roadmap (can be tested with Insider Builds for IT personnel) - https://www.microsoft.com/enus/windowsforbusiness/windows-roadmap Windows 10 AutoPilot Provisioning (leverages Intune/Azure AD licensing not owned and SCCM) - https://www.peters.com/leveraging-windows-autopilotdevice-provisioning/
Discussion Areas with URL s IT Security Solutions Microsoft Security Compliance Toolkit 1.0 - set of tools that allows enterprise security administrators to download, analyze, test, edit, and store Microsoft-recommended security configuration baselines for Windows and other Microsoft products. Windows 10 using a script to check for versions 1507/1511 (currently not getting updates) or 1607 (stopping in March 2018) - https://www.peters.com/end-life-beginning-loss/ LAPS (Local Administrator Password Solution) - https://www.peters.com/manage-windows-local-administratorpasswords-laps/