Gold Silver Bronze

Thanks for coming!

Important stuff you need to know

Toilets

Fire Escapes

Internet Access

Stick around til the end and provide feedback to win!

Digital Workplace Conference

Sofitel Sydney Wentworth

23rd to 24th August

We have some amazing things to give away today!

Wanna Twit about the day? Use either #O365Sat17 or #O365SatSyd17

Leave us feedback, not only cause it makes our events better but you win amazing prizes!

https://tinyurl.com/O365SatSyd17

Room 1 Room 2 Room 3

1:00-2:00

MS Graph Building Data and

Intelligent AppsAshish Trivedi

Extranet for partner CollaborationAlpesh Nakar

Team Sites | Teams |

Groups | Yammer –

Untangling the

Collaboration WebRuss Norton

2:05-3:05

SharePoint Framework – Build

integrated user experiencesAnupam Ranku

9 Months of Fun with SharePoint in

Azure and Office365 Colin Philips

Top 10 Adoption TipsKirsty McGrath

3:10 -4:10

What the heck is GraphAPI and

why should I care?Steven Hosking

Automate Office 365Robert Crane

TBAAdam Cogan

Room 1 Room 2 Room 3

9:00 -10:00

Introduction to SharePoint

Framework (SPFx)Sezai Komur

From Cloud Productivity to

Enterprise Business AppIgor Jericevich

SharePoint Branding for

Non-BrandersColin Gardner

10:05-11:05

Mayhem and Mischief with the

Outlook and Microsoft Graph

APIsSimon Waight

Mind blown: the Dynamite

Dynamics 365 ExperienceRoger Carran

Who said you have to be

a Power-User to create

Dynamic Forms? Ishai Sagi

11:10-12:10

Event Driven Development in

Office 365Amr Found

Office 365 Security Best PracticesBenoit Hamet

Making your first app

with Power AppsHaylee Fox

▶

▶

▶

▶

▶

▶

http://blog.hametbenoit.info

http://twitter.com/benoit_hamet

▶

▶

▶

▶

▶

▶

▶

▶

▶

When moving to cloud services, the security is a major concern

On Office 365, security is a 2 dimensional implementation:

▶ The first dimension is the Microsoft-managed service-level, including operational procedures or default policies

▶ The second dimension is the customer-managed control-level

Security and compliance is an ongoing process, not a steady state. It is constantly maintained, enhanced, and verified by highly-skilled, experienced and trained personnel

Objectives of this session is to give you some keys practices/implementation to help you stay secure on Office 365

Financial services

firms worry about

customer fraud and

advanced attacks.

47%Financial services

Business services pros

want to use managed

security services.

11%Business services

The nonprofit/

government

sector prioritizes

authentication

concerns

9%Nonprofit / government

Healthcare firms

focus on patient data

protection.

8%Healthcare

Forrester’s Inquiry Spotlight: Security And Risk, Q3 2015 To Q3 2016, Stephanie Balaouras, Claire O'Malley with Laura Koetzle, Trevor Lyness, Peggy Dostie, December 27, 2016Based: 1,731 inquiries from Q3 2015 to Q3 2016

$4 M - IDC Ponemom Institute, Cost of a Data Breach Report (2016)

63% - Verizon 2016 Data Breach Report

80% - Stratecast, December 2016

33% - VansonBourne, February 2014

Technical Objectives

• Get in reliably

• Obtain data I am assigned or can sell

• Avoid detection

Specialization

• Exploiting Stolen Data

• Selling Stolen Data

• Selling Attack Tools

• Sell Access to environments

Motivations

• Money / Profit

• Message / Activism

• Mission / Nation State

Daily Considerations

• Build or buy my tools?

• What is the target worth?

• Try the easy things first

Stats:

• 82% of Successful

cyberattacks are from

Cybercriminals via:

• Phishing

• Network Scans

• Strategic web site

compromise

• 11% are from insiders

• 7% are nation statesSecureWorks 2016 via eWeek

Good to know:

• Attacks aren’t random

• Likely has attacked before

• Very expensive to react to –preventative much better than reactive

▶ Know you risks

▶ Know your user’s behaviour

▶ Know your environment

▶ Know you data

▶ Know your legal/financial requirements

▶ Confidentially

▶ Privacy

▶ Regulatory

▶ Review / Audit

▶Never ending story

Apps and Data

SaaS

Malware Protection Center Cyber Hunting Teams Security Response Center

DeviceInfrastructure

CERTs

Identity

INTELLIGENT SECURITY GRAPH

Cyber Defense

Operations Center

Digital Crimes Unit

Antivirus NetworkIndustry Partners

PaaS IaaS

Office 365 includes tools to discover your environment

▶ Office 365 Secure Score

▶ Helps to assess your security configuration

▶ Provides actions/recommendations

▶ Proactive vs reactive

▶ Compliance Center

▶ Provides regulatory documentation

▶ Security and regulations standards implemented

▶ Cloud App Security (EMS E5) / Advanced Security Management (E5)

▶ Discovers application used by user

▶ Cloud identity management is similar to On Premises identity management▶ Provisioning / Management / Termination

▶ Integrates with your On Premises directory▶ Use latest version of Azure AD Connect▶ Authenticate with your On Premises credentials (ADFS /

Password synch / Pass Through)▶ Grant permissions using groups not to individuals

▶ Enable self-service (password reset)▶ Identity sensitive users / roles▶ Enable MFA▶ Automate Office 365 role assignment / approval workflow▶ Separate “day to day” and admin accounts

One small mistake can

lead to attacker control

Attackers Can

• Steal any data

• Modify

documents

• Impersonate

users

• Disrupt business

operations

Active Directory and Administrators control all the assets

Your users’ productivity and security is more challenged than ever by different types of attacks.

80 Billion

Inbound Messages to Office365 in 1 month –only 31% core business

mails

55 Billion

Spam and Bulk mails that could have crowded users’

mailboxes

Malware 600%

Volume of malware targeting O365 has

increased 600% in the past year

▶ Exchange Online Protection

▶ Spam protection

▶ Spoofing protection (SPF / DKIM / DMARC)

▶ ‘light’ malware protection

▶ Advanced Threats Protection

▶URL rewriting

▶ Attachments analysis

▶ SharePoint Online / OneDrive

▶Device Access

▶ Free for individuals (recipient only)

▶ Azure Right Management Services (RMS) included with Office 365 E plans

▶ Can be automatically applied to SharePoint library and Exchange mails

▶ Azure Information Protection included with Azure Premium / EMS

▶ Allows tagging

▶ Both can protects data by embedding authorization

Netskope Cloud Report, Summer 2015

▶ 17.9% of files violate DLP Policy

▶ 22.2% are shared publicly

▶ Almost all data leakage occurs inadvertently

▶Define labels

▶ Create DLP rules

▶ Built in

▶ Custom

▶ Retention ensures conservation of data

▶ Applies to Exchange and SharePoint (including Office 365 groups)

▶Not only used for compliance but can be used for recovery

▶ 2 options▶ Access Control Policy (ADFS)▶ Conditional Access (Azure AD Premium)

▶ Access Control Policy▶ On Premises configuration▶ Built in and custom conditions▶ Not only applies to Office 365

▶ Conditional Access▶ Azure AD configuration / Intune▶ Can work in conjunction with Azure AD Identity Protection

(Azure Premium P2)▶ Conditions: group membership, location, device platform

and state

▶ First to discover

▶ Identity existing usage/gap

▶ Continuous activities review

▶ Identify potential malicious activities

▶ Validate/Review configuration (DLP)

▶ All activities are audited

▶ Security is specific to you

▶ Common patterns to everybody

▶Meet your specific needs

▶Manage your identity

▶ Be as ‘end-user’ friendly as possible

▶ Automation

▶ Self service

▶ Communicate / Instruct

▶ No exceptions

▶ There is always exception, but the less the better

▶ Restrict privileges

▶ Lower permissions as possible

▶ Elevate security requirements for sensitive role (MFA)

▶ Conditional access

▶ Monitor

▶ Be proactive

▶ Review activities

▶ Identify your data

Gold Silver Bronze

Room 1 Room 2 Room 3

1:00-2:00

MS Graph Building Data and

Intelligent AppsAshish Trivedi

Extranet for partner CollaborationAlpesh Nakar

Team Sites | Teams |

Groups | Yammer –

Untangling the

Collaboration WebRuss Norton

2:05-3:05

SharePoint Framework – Build

integrated user experiencesAnupam Ranku

9 Months of Fun with SharePoint in

Azure and Office365 Colin Philips

Top 10 Adoption TipsKirsty McGrath

3:10 -4:10

What the heck is GraphAPI and

why should I care?Steven Hosking

Automate Office 365Robert Crane

TBAAdam Cogan

Room 1 Room 2 Room 3

9:00 -10:00

Introduction to SharePoint

Framework (SPFx)Sezai Komur

From Cloud Productivity to

Enterprise Business AppIgor Jericevich

SharePoint Branding for

Non-BrandersColin Gardner

10:05-11:05

Mayhem and Mischief with the

Outlook and Microsoft Graph

APIsSimon Waight

Mind blown: the Dynamite

Dynamics 365 ExperienceRoger Carran

Who said you have to be

a Power-User to create

Dynamic Forms? Ishai Sagi

11:10-12:10

Event Driven Development in

Office 365Amr Found

Office 365 Security Best PracticesBenoit Hamet

Making your first app

with Power AppsHaylee Fox

▶ Office 365 Microsoft Trust Center

https://www.microsoft.com/en-us/trustcenter/cloudservices/office365

▶ Secure Store

https://securescore.office.com

▶ Security and Compliance Portal

https://protection.office.com

▶ Cloud App Security

https://portal.cloudappsecurity.com

▶ Azure Self Service Portal

https://account.activedirectory.windowsazure.com

▶ Azure AD Conditional Access

https://portal.azure.com/#blade/Microsoft_AAD_IAM/ConditionalAccessBlade/Policies

▶ OneDrive Access Policy

https://admin.onedrive.com/?v=AccessPolicySettings

▶ Azure Privileged Identity Management

https://portal.azure.com/#blade/Microsoft_Azure_PIM/CommonMenuBlade/QuickStart

https://portal.azure.com/#blade/Microsoft_Azure_PIM/DirectoryRoleManagementMenuBlade/setting