A tale of Modern Management Part 1

Similar documents
Today s focus Microsoft 365 powered devices

Adnan Cloud Solutions Architect. SAFFA living in Netherlands, work globally. Microsoft Trainer +25y (xrl MSLearning)

Use EMS to protect your mobile data and mobile app

M365 Powered Device Proof of Concept

MD-101: Modern Desktop Administrator Part 2

Mastering the Move to Modern Management using ConfigMgr

Managing Microsoft 365 Identity and Access

Customer Success with Windows as a Service. John Cable Windows Servicing and Delivery

Hybrid Identity de paraplu in de cloud

IT Security Training MS-500: Microsoft 365 Security Administration. Upcoming Dates. Course Description. Course Outline $2,

GET YOUR HOUSE IN ORDER. Patching and Imaging Creation Strategies

Speaker Introduction Who Mate Barany, VMware Manuel Mazzolin, VMware Peter Schmitt, Deutsche Bahn Systel Why VMworld 2017 Understanding the modern sec

Office 365: Modern Workplace

Go mobile. Stay in control.

Simplify Application Access with Azure Active Directory

Windows 10. scalable IT services & solutions. October 25, Bruce Ward, VP of Business Strategy. Dan Sharp, Senior Consultant

WORKPLACE Data Leak Prevention: Keeping your sensitive out of the public domain. Frans Oudendorp Ronny de Jong

Use Microsoft EMS. to Protect your Mobile Data and Mobile Apps. Chris Nackers Nackers Consulting

DATACENTER MANAGEMENT Goodbye ADFS, Hello Modern Authentication! Osman Akagunduz

Who am I? Identity Product Group, CXP Team. Premier Field Engineer. SANS STI Student GWAPT, GCIA, GCIH, GCWN, GMOB

[ Sean TrimarcSecurity.com ]

What s new in System Center Configuration Manager Current Branch? Ievgen Liashov

Single Sign-On Showdown

9 Years in Consulting. Broad experience in Microsoft Infrastructure solutions. Specialised in Windows 10 & Surface familly

Microsoft 365 powered device webinar series Microsoft 365 powered device Assessment Kit. Alan Maddison, Architect Amit Bhatia, Architect

Deployment Genval November 2018

Identity as the core of enterprise mobility

Keeping Current with Windows 10. Jon Anderson Senior Systems Consultant, Now Micro December 5 th, 2018

CONDITIONAL ACCESS FROM A TO Z

EXPERTS LIVE SUMMER NIGHT. Close your datacenter and give your users-wings

Microsoft Security Management

Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting

Cloud Customer Architecture for Securing Workloads on Cloud Services

President Interlink Cloud Advisors. Mike Wilson Vice President Interlink Cloud Advisors. Kirk Terrell Consultant Interlink Cloud Advisors

News and Updates June 1, 2017

Identity as the Entrée to the Microsoft Cloud

Planning for and Managing Devices in the Enterprise: Enterprise Management Suite (EMS) & On-Premises Tools

Microsoft 365. A complete, intelligent, secure solution to empower employees. Integrated for simplicity. Built for teamwork. Unlocks creativity

Mobility Windows 10 Bootcamp

How Microsoft s Enterprise Mobility Suite Provides helps with those challenges

Planning for and Managing Devices in the Enterprise: Enterprise Mobility Suite (EMS) & On- Premises Tools

Microsoft. MS-101 EXAM Microsoft 365 Mobility and Security. m/ Product: Demo File

Cloud Security, Mobility and Current Threats. Tristan Watkins, Head of Research and Innovation

Co se změnilo ve Windows 10 z pohledu IT administrátora

Optimizing IT: Toward Modern Workplace Management With Windows 10

M365 Powered Device Proof of Concept Overview

CAN MICROSOFT HELP MEET THE GDPR

Planning for and Managing Devices in the Enterprise: Enterprise Mobility Suite (EMS) & On-Premises Tools

OFFICE 365 GOVERNANCE: Top FAQ s & Best Practices. Internal Audit, Risk, Business & Technology Consulting

Today s workforce is Mobile. Cloud and SaaSbased. are being deployed and used faster than ever. Most applications are Web-based apps

Crash course in Azure Active Directory

Exam : Implementing Microsoft Azure Infrastructure Solutions

Windows 10 for enterprise. Pramiti Bhatnagar

Phil Schwan Technical

Accelerate GDPR compliance with the Microsoft Cloud Agustín Corredera

HOW TO UNLOCK EMS. 3 Things You Need to Know to Capitalize on Enterprise Mobility Suite

WHITE PAPER AIRWATCH SUPPORT FOR OFFICE 365

Doug Wilson Systems Consultant at Now

Who am I? Identity Product Group, CXP Team. Premier Field Engineer. SANS STI Student GWAPT, GCIA, GCIH, GCWN, GMOB

Microsoft Intune App Protection Policies Integration. VMware Workspace ONE UEM 1811

Cloud Print Migration Step-by-Step Deployment Guide

Next-Gen CASB. Patrick Koh Bitglass

20398: Planning for and Managing Devices in the Enterprise: Enterprise Mobility Suite (EMS) and On- Premises Tools

MCSA Office 365 Bootcamp

HCX SERVER PRODUCT BRIEF & TECHNICAL FEATURES SUMMARY

905M 67% of the people who use a smartphone for work and 70% of people who use a tablet for work are choosing the devices themselves

At Course Completion After completing this course, students will be able to:

Windows Azure Question-Answer Part V- Azure Active Directory

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

Why Choose MS Azure?

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

VMware AirWatch and Office 365 Application Data Loss Prevention Policies

Exchange 2007 End of Service: Modernize with Office 365. Todd Sweetser Technical Solutions Professional

Windows 10 Management Technologies: What s New. Michael Niehaus Senior Product Marketing Manager, Windows Microsoft

Universal Windows Applications

Active Directory Services with Windows Server

ARCHITECTURAL OVERVIEW REVISED 6 NOVEMBER 2018

This module provides an overview of multiple Access and Information Protection (AIP) technologies

COURSE OUTLINE: OD10969B Active Directory Services with Windows Server

White Paper Securing and protecting enterprise data on mobile devices

COURSE OUTLINE MOC 10969: ACTIVE DIRECTORY SERVICES WITH WINDOWS SERVER MODULE 1: OVERVIEW OF ACCESS AND INFORMATION PROTECTION

Design and deliver cloud-based apps and data for flexible, on-demand IT

Guide Series. How to upgrade to Microsoft Windows 10? Guide Series

Innovate or die!? Modern IT Workplace Security. Alex Verboon Cyber Security Consultant

Secure access to your enterprise. Enforce risk-based conditional access in real time

Enterprise Ransomware Mitigations

2016 BITGLASS, INC. mobile. solution brief

AirLift Configuration. VMware Workspace ONE UEM 1902 VMware Workspace ONE AirLift 1.1

Day One Success for DevSecOps and Automation on Azure

Securing Office 365 with Conditional Access #ITDEVCONNECTIONS ITDEVCONNECTIONS.COM

Active Directory Services with Windows Server

Conditional Access Policies

Course 20533B: Implementing Microsoft Azure Infrastructure Solutions

Government IT Modernization and the Adoption of Hybrid Cloud

Citrix Education Learning Journey

Course Outline 20742B

Office 365 and Azure Active Directory Identities In-depth

Jay Ferron. CEHi, CISSP, CHFIi, C)PTEi, CISM, CRISC, CVEi, MCITP, MCSE, MCT, MVP, NSA-IAM blog.mir.

Digital Workspace SHOWDOWN

How your network can take on the cloud and win. Think beyond traditional networking toward a secure digital perimeter

Transcription:

A tale of Modern Management Part 1

Speaker introduction @JankeSkanke @okieselb jan.ketil.skanke@cloudway.no oliver.kieselbach@glueckkanja.com Principal Cloud Architect - CloudWay Lead Cloud Architect Glück & Kanja Consulting AG

The Cloud is Coming A tale of Modern Management Part 1

Where do you want to be? vs

Get Current Get to Windows 10 Get to a Modern version of Office Get started on Modern Management

STAY CURRENT U P D A T E A G I L E U P D A T E C Y C L E U P D A T E Being up to date is the foundation of modern IT 2 U P D AT E S P E R Y E A R

STAY CURRENT 2018 2019 2020 Windows 10 1709 Office 365 ProPlus 1708 Windows 10 1803 Aligned with Office For simpler deployment planning Office 365 ProPlus 1802 Windows 10 1809 Office 365 ProPlus 1808

Windows as a service Internal Deployment rings Plan and Prepare Targeted Pilot Validation Deployment Decision Deploy and Use IT/Developer IT Selfhost Pilot All Users

Example: Office Support O365 ProPlus will not be supported on Windows 10 Semi-Annual Channel (SAC) versions that are no longer being serviced. Effective January 14, 2020, O365 ProPlus will no longer be supported on the following versions of Windows. This will ensure that both Office and Windows receive regular, coordinated updates to provide the most secure environment with the latest capabilities. Any Windows 10 LTSC release Windows Server 2016 and older Windows 8.1 and older Office 2019 apps will be supported on: Any supported Windows 10 SAC release Windows 10 Enterprise LTSC 2018 The next LTSC release of Windows Server

Traditional IT Modern IT Single Device Business Owned Corporate Network & Legacy Apps Manual Reactive High-touch Multiple Devices User and Business Owned Cloud Managed & SaaS Apps Automated Proactive Self-Service

Intune OEM Image Windows Update for Business Traditional Modern Corpnet Connection Advanced Threat Protection (ATP) Any Internet Connection Azure Active Directory (AAD) Microsoft Store for Business

CHALLENGES WHEN MOVING TO MODERN MANAGEMENT The monolithic Partner and home Feature gaps Windows 7 "One Day" problem grown solutions

Components in Modern IT Identity Multifactor Auth Conditional Access Information Protection Application Access Threat protection

Securing the Identity is Crucial 7.100.000 300.000 5000 82 1% 9% 3% 5% 7% 72% 18% 69% 16%

Step 1 Securing the Identity / Access Multifactor Authentication Hybrid Identity Hybrid Password Protection Smart Lookout Banned Passwords Password Hash Sync Passthrough Authentication AAD Identity Protection Conditional Access Privileged Access Management

Conditional access User attributes Group membership Devices Hybrid Domain Joined Compliant Platform type Threat Level Application Per app policy Type of client (Web, mobile, legacy) Location IP Range, Country ALLOW ENFORCE MFA BLOCK Cloud and On-premises applications Risk Session risk Device Risk User risk London 2018

Hybrid Password Protection architecture DC agent(s) download new policies via proxies (shared via sysvol) User submits password change DC Agent evaluates new password against local copy of policy (using same logic as Azure) User sees standard Windows error message (no change to Windows clients) Audit mode available for evaluation purposes London 2018

Step 2 Control your devices Pick n Choose your tools Intune / ConfigMgr / Co-Managed Stay Current / Think Modern Servicing Deployment Rings Modern Threat Protection Behavior analytics / Advanced Threat Protection Risk Score on Devices

Monitoring WUFB with analytics

Windows ANALYTICS Setup OMS Workspace for Analytics Subscribe to Windows Analytics Copy Commercial ID Turn on Telemetry After 1803- DeviceName not reported unless Opt-In GPO or Script 27

Conditional access - Device risk Integrated Intune and Defender ATP for Risk Scoring 28

Conditional access - Device risk Integrated Intune and Defender ATP for Risk Scoring 29

Conditional access - Device risk Integrated Intune and Defender ATP for Risk Scoring 30

Step 3 Control your data Intune APP / MAM / O365 DLP / WIP ++ Protect against accidental leakages Azure Information Protection Protect against accidental leakages Prevent unauthorized access to data In Transit and at rest

Paths to Modern Management Cloud-first A new organization starting with modern workplace Big Switch Transition Group by Group Transition Many workloads need to be modernized at the same time Doesn't address the needs of the full organization Iterative (Co-management) Iteratively move workloads to modern

Different scenarios for Management Co-management Configuration Manager and Intune A practical way to migrate over time Modern is not all or nothing Minimize risk

BRIDGING TO MODERN MANAGEMENT Adopt & Connect Transition to Modern ConfigMgr Local Content Delivery to Cloud Content Delivery Win32 to Modern Apps Kerberos to Modern Auth GPO to MDM Policy Imaging to Signature Image WSUS to WUFB Adopt Windows 10 Modernizing with a co-management bridge AD/AAD connect Adopt Office 365/ProPlus Today 1/2020 London 2018

Get in touch @JankeSkanke @okieselb jan.ketil.skanke@cloudway.no oliver.kieselbach@glueckkanja.com

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback