Friday 12:30 PM - 1:40 PM · Room S105a

Securing Your Digital Workspace: Best Practices for Protecting Your Microsoft 365 from Cyber Threats

Peter Carson

President

Cyberattacks such as ransomware, financial theft, and data loss are a fact of life today. Microsoft invests massively both to provide the tools to protect organizations against these attacks, as well as to identify and defend against them actively. Unfortunately most organizations don't take full advantage of these tools, and many unfortunately leave themselves very exposed.

This will be a rapid fire session giving an overview of the myriad features and products that make up the Microsoft security landscape, and tips on how best to leverage them. The goal is to help you make your organization more secure, but also to do it in a way that appears simpler for everyone.

Identity - Identity Fundamentals (Azure AD Integration and Hybrid Authentication) - Azure AD Connect and Health Reporting - Assigned and Dynamic groups - Entitlement managed - Delegated user management

Security - Authentication ○ Pass-through ○ Password hash synchronization ○ Passwordless authentication ○ Federation ○ SMS - Multifactor Authentication (MFA) - Conditional Access - Self-Service Password reset - Identity Protection - Application Proxy - Password protection - Privileged Identity Management

Compliance - Auditing - Terms of use - Azure Information Protection - Azure Rights Management - Microsoft Purview compliance portal

Licensing - Microsoft Entra - Azure AD licensing - Free, Office 365, P1 and P2 - Enterprise Mobility + Security - Microsoft 365 and Office 365 subscriptions - Defender for Office 365 - External Identities

Scenarios that we will go through include the following:

- Navigating through the various different admin portals
- Azure AD
	○ Conditional Access Policies
		§ Report only
		§ Emergency accounts
		§ MFA
		§ Legacy Authentication
		§ Admin, Member, and Guest policies
	○ Branding
	○ External Identities configuration
		§ General settings
		§ Identity Providers - One time passcode, Google, Facebook
		§ Cross-tenant settings support for B2B collaboration and direct connect (Teams Shared Channels)
		§ Trust settings for external organizations and leveraging that in Conditional Access Policies
		§ Terms of use
	○ Identity Protection
- Improving your Microsoft Secure Score
- Attack simulation training
- Data classification
- Sensitivity labels in conjunction with Conditional Access Policies and Rights Management

The session will be jam-packed with links to articles both in Microsoft Docs, and articles written by presenter and Microsoft Office Apps and Services MVP Peter Carson.