Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Azure Security Dojo: Live!

Published byMarilynn Haynes Modified over 7 years ago

Similar presentations

Presentation on theme: "The Azure Security Dojo: Live!"— Presentation transcript:

1 The Azure Security Dojo: Live!
Microsoft 2016 11/23/2017 6:36 PM THR2075 The Azure Security Dojo: Live! Andy Malone (MVP) Founder: Cybercrime Security Forum © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

2 Andy Malone (UK) Andy Malone MVP Microsoft MVP (10 Years)
MCT Microsoft Certified Trainer (20 years) Founder: Cybercrime Security Forum! Worldwide Event Speaker Since 2004 Winner: of the first Microsoft Speaker Idol contest in 2006 Author of the award winning Sci-Fi Thriller The Seventh Day Sequel Coming Soon … Out now in Paperback & eBook © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

3 Number 5 Eye in the Sky … Azure AD Privileged Identity Management

4 Remember Role Based Admin Control?

5 Azure AD Privileged Identity Management
Azure AD Privileged Identity Management helps you See which users are Azure AD administrators Enable on-demand, "just in time" administrative access to Microsoft Online Services like Office 365 and Intune Get reports about administrator access history and changes in administrator assignments Get alerts about access to a privileged role

6 Azure AD Privileged Identity Management
Alerts that point out opportunities to improve security The number of users who are assigned to each privileged role The number of eligible and permanent admins Ongoing access reviews

7 Demo Azure AD Privileged Identity Management

8 Top Tip: JIT & JEA AD Privileged Admins
11/23/2017 6:36 PM Top Tip: JIT & JEA AD Privileged Admins Global Admins can update which users are permanently assigned to roles in Azure AD. PowerShell cmdlets like Add-MsolRoleMember and Remove-MsolRoleMember The Azure classic portal as described in assigning administrator roles in Azure Active Directory Cannot be done in the Office 365 Portal yet! Global Admins can make temporary role assignments by making users eligible for a role An eligible admin can activate the role when they need it, and then their permissions expire once they're done. © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

9 Number 4 Deploying Multi Factor Authentication

10 Azure Multi Factor Authentication!
Method of authentication requiring more than one verification method Combines device as something you have or Somewhere you are Password Something you know Fully supports Biometrics (Something you are) Adds a critical second layer of security to user sign-ins and transactions Available for Azure, Office 365 & Hybrid Deployments User Logs in

11 Azure Multi Factor Authentication!
Authentication Methods: Phone call Text message Mobile app notification Users can choose the method they prefer Mobile app verification code 3rd party OAUTH tokens

12 Azure Multi Factor Authentication!

13 Azure Multi Factor Authentication!

14 Number 4 Protecting your Information

15 The Changing Structure of Data!
TRADITIONAL HIERARCHIES RESPONSIVE NETWORKS INFORMATION MOVES SLOWLY COMMAND AND CONTROL INFORMATION TRAVELS FAST LEARN AND ADAPT

16 Azure Information Protection: Wild West Hero
Permissions Bleed Once data is outside organization, its beyond the realm of your control Anyone can plagiarise Content easily copied Potential Copyright Infringement Issues Plausible Deniability Reins Lack of Compliance

17 Azure Information Protection
Document Classification & Labelling File Encryption Rights Management Detailed Auditing, Tracking & Reporting Simple Configuration

18 Azure AD Rights Management Services

19 Azure AD Rights Management Services

20 Number 3 The Identity Game …

21 Ok now you know AAD-Connect Right?
On-premises Cloud Manage a single, unified global address list Eliminates the need to manage users and groups in two places Simplifies user provisioning Enables scenarios such as a hybrid deployment On-premises Active Directory Azure Active Directory

22 Ok Andy Tell me Something I don’t Know!
The AAD Sync Engine actually has two Sync Processes, a primary and an undocumented Secondary Process For an urgent delta sync, AAD-Connect sends out a secondary sync pulse to check for account deletions, password resets etc every 2mins This is not configurable and cannot be amended The Primary sync engine can be edited via PowerShell Primary Sync Secondary Sync On-premises Active Directory

23 Azure Identity Protection
Azure AD Identity Protection Date / Time Location Alert Triggers Detailed Logs User Logs in Reporting Services Detailed Heuristics Risk Evaluation Azure Identity Protection

24 Number 2 Nuggets of Gold!

25 Top Tip: Here’s Lookin’ at you Kid!

26 Where do you want (your data) to go today?

27 Top Tip: JIT & JEA Come to OneDrive for Business

28 Number 1 Cool … My very own Security Centre!

29 Azure Security Centre

30 Session Review Azure AD Privileged Identity Management
Multi Factor Authentication The Identity Game Nuggets of Gold Azure Security Portal

31 Thanks for attending! Follow me @AndyMalone

32 Please evaluate this session
11/23/2017 6:36 PM Please evaluate this session Your feedback is important to us! From your PC or Tablet visit MyIgnite at From your phone download and use the Ignite Mobile App by scanning the QR code above or visiting © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

33

Download ppt "The Azure Security Dojo: Live!"

Similar presentations

Office 365 Discover 10 killer features that you never knew existed

Office 365 Discover 10 killer features that you never knew existed
How Windows 10 marks the end of Roaming Profiles

How Windows 10 marks the end of Roaming Profiles
Deployment Planning Services

Deployment Planning Services
Enterprise Security in Practice

Enterprise Security in Practice
The top ten PowerShell commands for Exchange

The top ten PowerShell commands for Exchange
3 Essential Tips for User Adoption of SharePoint and Office 365

3 Essential Tips for User Adoption of SharePoint and Office 365
Deployment Planning Services

Deployment Planning Services
5/29/2018 1:51 AM THR2071 Managing enterprise applications, permissions, and consent in Azure Active Directory Adam Steenwyk & Jeff Sakowicz Program Managers.

5/29/2018 1:51 AM THR2071 Managing enterprise applications, permissions, and consent in Azure Active Directory Adam Steenwyk & Jeff Sakowicz Program Managers.
Migrating home folders to OneDrive for Business

Migrating home folders to OneDrive for Business
O365 & AZURE ADDS Mladen Baranek, Miadria

O365 & AZURE ADDS Mladen Baranek, Miadria
Microsoft 2016 6/4/2018 8:21 AM BRK3082 Build solutions and apps with Microsoft OneDrive API and Microsoft Graph API Ryan Gregg Principal Program Manger,

Microsoft /4/2018 8:21 AM BRK3082 Build solutions and apps with Microsoft OneDrive API and Microsoft Graph API Ryan Gregg Principal Program Manger,
Deployment Planning Services

Deployment Planning Services
Azure Cloud Shell Magic of Modern Command-line Management

Azure Cloud Shell Magic of Modern Command-line Management
Developing Hybrid Apps on Microsoft Azure Stack

Developing Hybrid Apps on Microsoft Azure Stack
6/25/2018 11:13 PM BRK1076 Make Windows devices more secure by taking them out of your existing infrastructure Chris Rhodes & Andrew Bettany MCTs & MVPs.

6/25/ :13 PM BRK1076 Make Windows devices more secure by taking them out of your existing infrastructure Chris Rhodes & Andrew Bettany MCTs & MVPs.
Microsoft Virtual Academy

Microsoft Virtual Academy
Decoding audit events in Microsoft Office 365

Decoding audit events in Microsoft Office 365
Optimizing Microsoft OneDrive for the enterprise

Optimizing Microsoft OneDrive for the enterprise
The power of common identity across any cloud

The power of common identity across any cloud
Examine common architectures for hybrid identity

Examine common architectures for hybrid identity

Similar presentations

Ads by Google