Protecting your data with Azure AD

Slides:



Advertisements
Similar presentations
Yair Grindlinger, CEO and Co-Founder Do you know who your employees are sharing their credentials with? Do they?
Advertisements

FND2851. Mobile First | Cloud First Sixty-one percent of workers mix personal and work tasks on their devices* >Seventy-five percent of network intrusions.
Employees use multiple devices Employees use both corporate and personal applications Data is stored in various locations Cybersecurity is a top concern.
Enterprise Mobility Suite: Simplify security, stay productive Protect data and empower workers Unsecured company data can cost millions in lost research,
Protect your data Enable your users Desktop Virtualization Information protection Mobile device & application management Identity and Access Management.
Microsoft Ignite /1/ :41 PM BRK3249
Active Directory Modernization Technical competitive comparison
Implementing and Managing Azure Multi-factor Authentication
Microsoft 365 Security and Compliance: Training and Resources
Identity & Access Management for a cloud-first, mobile-first world
The time to address enterprise mobility is now
Deployment Planning Services
Deployment Planning Services
Microsoft Ignite /27/2018 9:00 AM THR2016
A Hitchhiker's Guide to Azure Active Directory
Enterprise Security in Practice
Identity & Access Management for a cloud-first, mobile-first world
Security as A Service Components
Accelerate GDPR compliance with Microsoft 365
5/30/ :25 AM BRK3016 Shut the door to cybercrime with Azure Active Directory risk-based identity protection Alex Weinert Group Program Manager, Identity.
Journey to Microsoft Secure Cloud
Azure Information Protection Strategy and Roadmap
6/10/2018 5:07 PM THR2218 Deploying Windows Defender AV and more with Intune and Configuration Manager Amitai Senior Program Manager,
SaaS Application Deep Dive
Azure AD for the client management guy (or gal!)
6/22/ :39 PM BRK3137 Secure Office 365 like a cybersecurity pro: Top priorities for the first 30 days, 90 days and beyond Mark Simos, Matt Kemelhar.
6/25/ :13 PM BRK1076 Make Windows devices more secure by taking them out of your existing infrastructure Chris Rhodes & Andrew Bettany MCTs & MVPs.
Microsoft Ignite /17/2018 1:49 PM BRK3092
The power of common identity across any cloud
Examine common architectures for hybrid identity
Protect sensitive information with Office 365 DLP
Secure Remote Access to on-premises Web Apps using Azure AD
9/4/2018 6:45 PM Secure your Office 365 environment with best practices recommended for political campaigns Ethan Chumley Campaign Technology Advisor Civic.
9/5/2018 8:22 PM The Microsoft information protection strategy across EMS, Office 365, and Windows © 2014 Microsoft Corporation. All rights reserved.
Wait, Microsoft is in the Security Game?
9/13/2018 4:54 PM BRK How to get Office 365 to the next level with Azure Active Directory Premium Brjann Brekkan Program Manager Lead – Customer.
Rights Management Services (RMS)
9/14/2018 2:22 AM THR2026 Set up secure and efficient collaboration for your organization with Office 365 Joe Davies Senior Content Developer Brenda Carter.
Understanding best practices in classifying sensitive data
Office 365 with confidence: security features for Office 365
Microsoft Intune MAM without Device Enrollment
Microsoft Ignite /18/2018 9:42 AM
Microsoft Virtual Academy
Company Overview & Strategy
Protect your OneDrive and SharePoint files on mobile devices
Office 365 Identity Management
11/15/2018 3:42 AM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
11/17/2018 9:32 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
Microsoft Ignite /20/2018 2:21 PM
Ensure users have the right access with Azure Active Directory
Access and Information Protection Product Overview October 2013
Microsoft Ignite NZ October 2016 SKYCITY, Auckland.
Microsoft Ignite NZ October 2016 SKYCITY, Auckland
12/5/2018 2:50 AM How to secure your front door with real-time risk assessments of your logons Jan Ketil Skanke COO and Principal Cloud Architect CloudWay.
Microsoft Virtual Academy
Everything Windows User Group Meeting, Aug 2016
Five mistakes to avoid when deploying Enterprise Mobility + Security
12/29/2018 8:46 AM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
1/3/2019 1:47 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS.
Create a Modern Workplace with Microsoft 365
Microsoft Ignite /18/2019 7:21 AM
4/3/2019 3:20 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS.
4/9/2019 5:05 AM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS.
4/9/ :42 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
Azure Multi-Factor Authentication (MFA)
Microsoft Data Insights Summit
Strengthening the GDPR business opportunity with Microsoft 365
Azure AD Simon May Technical Evangelist.
Azure Active Directory Identity Protection
INTRODUCTION TO AZURE AD
Presentation transcript:

Protecting your data with Azure AD

Arjan Cornelisssen SharePoint & Office 365 Architect WorkTogether.tech @arjancornelis

Is the new control plane Identity Is the new control plane De medewerker wordt nu het centrale punt om te beveiligen On-premises / Private cloud

Top attacks against Azure AD IAM for employees, partners, and customers lllllllll lllllllll Breach Replay Password Spray Phishing 4.6B attacker-driven sign-ins detected in May 2018 200K password spray attacks blocked in August 2018 23M high risk enterprise sign-in attempts detected in March 2018 John Doe lllllll Passwords are the problem 4

140+ 75%+ $6T $4M Sobering statistics 4/3/2019 6:35 PM Sobering statistics 140+ median # days attackers reside within a victim’s network before detection network intrusions due to compromised user credentials 75%+ $6T annual cost of cybercrime to the global economy $4M average cost of a data breach to a company The frequency and sophistication of cybersecurity attacks are escalating © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Conditions Controls 40TB Microsoft Cloud Cloud SaaS apps Corporate Network Geo-location MacOS Android iOS Windows Windows Defender ATP Client apps Browser apps Google ID MSA Azure AD ADFS Employee & Partner Users and Roles Trusted & Compliant Devices Location Client apps & Auth Method Conditions Force password reset Require MFA Allow/block access Terms of Use ****** Limited Controls Machine learning Policies Real time Evaluation Engine Session Risk 3 40TB Effective policy Cloud SaaS apps On-premises apps Microsoft Cloud App Security Microsoft Cloud

Multi Factor Authentication Custom Controls

Conditional Access with MFA

Block legacy authentication Block legacy auth using Azure AD Conditional access – majority of password spray attacks use legacy auth Over 5000 tenants block legacy auth using Conditional access

Demo Conditional Access Policies -> What If for Twitter Wazug test user NL IP: 84.86.200.150 Afghanistan IP: 43.230.209.0 Twitter Google -> Terms of use

Microsoft Enterprise Mobility + Security Technology Benefit E3 E5 Azure Active Directory Premium P1 Secure single sign-on to cloud and on-premises app MFA, conditional access, and advanced security reporting ● Azure Active Directory Premium P2 Identity and access management with advanced protection for users and privileged identities Microsoft Intune Mobile device and app management to protect corporate apps and data on any device Azure Information Protection P1 Encryption for all files and storage locations Cloud-based file tracking Azure Information Protection P2 Intelligent classification and encryption for files shared inside and outside your organization Microsoft Cloud App Security Enterprise-grade visibility, control, and protection for your cloud applications Microsoft Advanced Threat Analytics Protection from advanced targeted attacks leveraging user and entity behavioral analytics Identity and access management Managed mobile productivity Information protection Threat Detection

Admin side

Privileged Identity Management Discover, restrict, and monitor privileged identities User Administrator Administrator privileges expire after a specified interval User Enforce on-demand, just-in-time administrative access when needed Ensure policies are met with alerts, audit reports and access reviews Manage admins access in Azure AD and also in Azure RBAC

Privileged Identity

Demo PIM Role activate Azure resource demo

Identity Secure Score Insights into your Visibility into your Identity security position and how to improve it Guidance to increase your security level Insights into your Identity security position Set an ideal score. Choose controls to achieve ideal score based on impact. Ignore controls that are not valid for you. 3rd party product support. Easily compare score against other organizations View trends Checkout your Identity secure score now @ http://aka.ms/MyIdentitySecureScore

Secure Score http://aka.ms/securitysteps Checkout your Identity secure score now @ http://aka.ms/MyIdentitySecureScore

Azure monitoring

Preview features

Password-less with Microsoft Authenticator app Password-less for MSA accounts Available today Password-less for Azure AD accounts In Public preview today Now in preview https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-authentication-phone-sign-in aka.ms/gopasswordless

Demo

Our Security mindset needs to be updated

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.