6. Lack of expertise
Not enough resources
Less familiar
Overwhelmed
?
?
62% SMBs lack the skills in-house
to deal with security issues.3
62%
90% SMBs would consider hiring a new
managed services provider (MSP) if they
offered the right cybersecurity solution
89%
Why should partners care? Security creates recurring revenue opptunity
89% of SMB customers see cyber
security as the top priority in their orgs
3 Underserved and Unprepared: The State of SMB Cyber Security in 2019
90%
7.
8. Microsoft
surpasses $10
billion in
security
business
revenue, more
than 40
percent year-
over-year
growth
https://www.microsoft.com/securi
ty/blog/2021/01/27/microsoft-
surpasses-10-billion-in-security-
business-revenue-more-than-40-
percent-year-over-year-growth/
9. PCs, tablets, mobile
Office 365 Data Loss Prevention
Windows Information Protection
& BitLocker for Windows 10
Azure Information Protection
Exchange Online,
SharePoint Online,
Skype for Business &
OneDrive for Business
Highly
regulated
Microsoft Intune MDM & MAM
for Windows, iOS & Android Microsoft Cloud App Security
Office 365 Advanced Data Governance
Azure
Information
Protection
Comprehensive protection of sensitive data across devices, cloud services, and on-premises
Windows 10 Office 365 EM+S & Cloud
Services
Advanced Device
Management
20. What Is The Issue Enabling MFA?
https://www.coreview.com/resources/whitepaper/microsoft-365-app-security-governance-shadow-it-report/
21. Getting to a world without passwords
Microsoft Authenticator FIDO2 Security Keys
Windows Hello
22. Require MFA
Allow access
Deny access
Force
password reset
******
Limit access
Controls
On-premises apps
Web apps
Users
Devices
Location
Apps
Conditions
Policies
Real time
Evaluation
Engine
Session
Risk
3
40TB
Effective
policy
Azure AD Identity Protection + Azure AD conditional access
Maximize Security. Maximize Productivity.
Machine
learning
23.
24. Conditional Access GPS-based named locations now in public
preview
https://techcommunity.microsoft.com/t5/azure-active-directory-identity/conditional-access-gps-based-named-locations-
now-in-public/ba-p/2365687
25. Forrester names
Microsoft a Leader in
the 2021 Enterprise
Email Security Wave
https://www.microsoft.com/security/blog/2021/05/06/forr
ester-names-microsoft-a-leader-in-the-2021-enterprise-
email-security-wave/
32. Microsoft Cloud App
Security
What is Microsoft CAS ?
A multi-mode Cloud Access Security Broker
Insights into threats to identity and data
Raise alerts on user or file behavior anomalies in cloud apps
leveraging their API connectors
In scope for this engagement (with Office 365)
Ability to respond to detected threats, discover shadow IT
usage and configure application monitoring and control
Out of scope for this engagement
Requirements
Available to organizations with an Azure tenant or an Office 365
commercial subscription and who are in the multi-tenant and Office
365 U.S. Government Community cloud
33. Unusual file share activity
Unusual file download
Unusual file deletion activity
Ransomware activity
Data exfiltration to unsanctioned apps
Activity by a terminated employee
Indicators of a
compromised session
Malicious use of
an end-user account
Suspicious inbox rules (delete, forward)
Malware implanted in cloud apps
Malicious OAuth application
Multiple failed login attempts to app
Threat delivery
and persistence
!
!
!
Unusual impersonated activity
Unusual administrative activity
Unusual multiple delete VM activity
Malicious use of
a privileged user
Activity from suspicious IP addresses
Activity from anonymous IP addresses
Activity from an infrequent country
Impossible travel between sessions
Logon attempt from a suspicious user agent
34. Gartner names
Microsoft a Leader in
the 2021 Endpoint
Protection Platforms
Magic Quadrant
https://www.microsoft.com/security/blog/2021/05/11/gart
ner-names-microsoft-a-leader-in-the-2021-endpoint-
protection-platforms-magic-quadrant/
35.
36. Azure Sentinel
What is Azure Sentinel?
Microsoft Azure Sentinel is a scalable, cloud-native, security
information event management (SIEM) and security
orchestration automated response (SOAR) solution
Insights into threats
Get a birds-eye view across all data ingested and detect threats
using Microsoft's analytics and threat intelligence. Investigate
threats with artificial intelligence and hunt for suspicious activities
In scope for this engagement
Ability to automatically respond to detected threats
Out of scope for this engagement
Requirements
Available to organizations with an Azure tenant
38. ….and there isn’t enough time to mention
• Device Guard
• Exploit Guard
• Application Guard
• Credential Guard
• App Locker
• Attack Surface Reduction
• Bitlocker
• Security Baselines
• Azure Information Protection
• Azure Identity Protection
• And a whole lot more
39. Take aways
• Microsoft Security is a Leader in five Magic Quadrants-
https://www.microsoft.com/en-au/security/business/security-leaders-gartner-magic-
quadrant
• Many are not implementing protections Microsoft include with Microsoft
365 and Windows
• Look to all the different ‘scoring’ (i.e., Secure Score) as a place to start
• Don’t just think of Microsoft 365 when it comes to security
• Microsoft provides integration across its security services
• Microsoft provides automation across its security services
• ALL production accounts, user AND administrator MUST have MFA!
• Use machine intelligence and AI to make your life easier
40. Resources
• Cyber Security: The Small Business Best Practice Guide -
https://www.asbfeo.gov.au/sites/default/files/documents/ASBFEO-cyber-security-research-report.pdf
• Australian Cyber Security Centre - https://www.cyber.gov.au/
• Office 365 Security and Compliance - https://docs.microsoft.com/en-
us/office365/securitycompliance/
• Microsoft Trust Center - https://www.microsoft.com/en-us/trustcenter/security/office365-security
• Microsoft Secure Score - https://docs.microsoft.com/en-us/office365/securitycompliance/microsoft-
secure-score
• Microsoft 365 for Partners Security - https://www.microsoft.com/microsoft-365/partners/security
• What are Security defaults - https://docs.microsoft.com/en-gb/azure/active-
directory/fundamentals/concept-fundamentals-security-defaults
• Introducing conditional access for Office 365 - https://techcommunity.microsoft.com/t5/azure-
active-directory-identity/introducing-conditional-access-for-the-office-365-suite/ba-p/1131979