Slides from CIAOPS March 2021 webinar that provided Microsoft 365 news update, open Q & A as well as a focus session on security. Video recording is available at www.ciaopsacademy.com

1. Need to Know Microsoft 365
Webinar
March 2021
@directorcia
http://about.me/ciaops

2. Web cast has started
Web cast is being recorded
If you can’t hear anything check
your speaker settings

3. For questions after the event:
Email : director@ciaops.com
Twitter : @directorcia

4. Webinar recordings at:
www.ciaopsacademy.com
Free access for CIAOPS patrons

6. Please:
- Turn off your mobile
- Turn off your email
- Have somewhere to
take notes

7. http://www.ciaopslearn.com

8. Agenda
- Microsoft 365 Update
- Security
- Q & A

10. News
• Microsoft Ignite recordings are available -
• https://myignite.microsoft.com/
• Analyzing attacks taking advantage of the Exchange Server vulnerabilities -
• https://www.microsoft.com/security/blog/2021/03/25/analyzing-attacks-taking-advantage-of-the-exchange-
server-vulnerabilities/
• Add Viva Connections for Microsoft Teams desktop -
• https://docs.microsoft.com/en-us/SharePoint/viva-connections?branch=new-viva-connections
• Best practices for migrating to SharePoint and OneDrive -
• https://techcommunity.microsoft.com/t5/microsoft-onedrive-blog/best-practices-for-migrating-to-sharepoint-and-
onedrive/ba-p/2221548
• Host webinars in Microsoft Teams | Deep dive on new presenter and
attendee experiences - https://www.youtube.com/watch?v=Q7ptat6LoVc&feature=emb_logo
• SharePoint's 20th birthday party - https://www.sharepointbirthday.com/

11. Security

12. The Security Dilemma

13. Notifiable Data Breaches (NDB) scheme in Australia
• Starting on 22nd February 2018
• Australian organisations are required to notify any
individuals likely to be at risk of serious harm by a data
breach.
• Examples of a data breach include when:
o a device containing customers’ personal
information is lost or stolen
o a database containing personal information is
hacked
o personal information is mistakenly provided to the
wrong person.
• For more information visit https://oaic.gov.au

14. Data
Device
Email
Connections Apps
Identity
Service
User

16. https://protection.office.com/unifiedauditlog

17. Email is the prevalent attack vector
91%
300%
60% $26B
68%
20% in 5min

19. • v=spf1 ip4:1.2.5.5 ip4:8.2.7.4 ip4:7.3.2.2 ip4:5.5.1.8
include:_spf.salesforce.com include:spf.protection.outlook.com -all
SPF
• "v=DKIM1; p=MIGfMA0GDQEBgQCrZ6z … 6UvqP3QIDAQAB"
DKIM
• v=DMARC1; p=reject; rua=mailto:dmarc@dmarc-aggregator.com;
ruf=mailto:dmarc-ruf@dmarc-aggregator.com
DMARC

20. Multi-Layered protection stack

25. What Is The Issue Enabling MFA?
https://www.coreview.com/resources/whitepaper/microsoft-365-app-security-governance-shadow-it-report/

26. Getting to a world without passwords
Microsoft Authenticator FIDO2 Security Keys
Windows Hello

27. User browses to a
website
Phishing
mail
Opens
attachment
Clicks on a URL
+
Exploitation
& Installation
Command
& Control
Brute force account or
use stolen account credentials
User account
is compromised
Attacker
attempts lateral
movement
Privileged
account
compromised
Domain
compromised
Attacker accesses
sensitive data
Exfiltrate data
Protection across
Azure AD Identity Protection
Identity protection &
conditional access
Cloud App Security
Extends protection & conditional
access to other cloud apps
Azure Defender
Azure AD Identity Protection
Identity protection &
conditional access
Identity protection
Defender for Endpoint
Endpoint protection
Defender for Office 365
Malware detection, safe links,
safe attachments
Attacker collects recon
and config data

31. Demo

32. Take aways
•Security is more important that it has ever been
•Start with the basics and build
•Simple things like MFA make a huge difference
•Understand what you have and what you can add
•Be careful of alert overload
•Test your security regularly
•Follow best practices

33. Resources
• Cyber Security: The Small Business Best Practice Guide -
https://www.asbfeo.gov.au/sites/default/files/documents/ASBFEO-cyber-security-research-report.pdf
• Australian Cyber Security Centre - https://www.cyber.gov.au/
• Office 365 Security and Compliance - https://docs.microsoft.com/en-
us/office365/securitycompliance/
• Your Pa$$word doesn’t matter - https://techcommunity.microsoft.com/t5/azure-active-directory-
identity/your-pa-word-doesn-t-matter/ba-p/731984
• Microsoft Trust Center - https://www.microsoft.com/en-us/trustcenter/security/office365-security
• Microsoft Secure Score - https://docs.microsoft.com/en-us/office365/securitycompliance/microsoft-
secure-score
• Microsoft 365 for Partners Security - https://www.microsoft.com/microsoft-365/partners/security
• CIAOPS Github – https://github.com/directorcia
• CIAOPS Best Practice slinks - https://github.com/directorcia/Office365/blob/master/best-practices.txt

34. CIAOPS Resources
• Blog – http://blog.ciaops.com
• Free SharePoint Training via email – http://bit.ly/cia-gs-spo
• Free Office 365, Azure Administration newsletter – http://bit.ly/cia-o365-tech
• Free Office 365, Azure video tutorials – http://www.youtube.com/directorciaops
• Free documents, presentations, eBooks – http://slideshare.net/directorcia
• Office 365, Azure, Cloud podcast – http://ciaops.podbean.com
• Office 365, Azure online training courses – http://www.ciaopsacademy.com
• Office 365 and Azure community – http://www.ciaopspatron.com
Twitter
@directorcia
Facebook
https://www.facebook.com/ciaops
Email
director@ciaops.com
Teams
admin@ciaops365.com

35. Get access to the latest
information by becoming a
Patron
http://www.ciaopspatron.com

37. That’s all folks!
Thanks for attending