Post on 22-Jan-2018
SAY THANK YOU TO OUR SPONSORS!
Sponsor Raffle!!!
Each sponsor stamp will opt you into their raffle prize and mailings
Collect 9+ sponsor stamps on your Badge to be eligible for the Xbox
Hand entire Badge/ ribbon back into registration desk at end of day
We will draw Badges for prizes at 5pm in Cromwell (if you are drawn and do not have the pre-requisite stamp/s….. You lose!)
Social
Make sure you tweet on #spscambridge or #sqlsatcambridge
During the event we have Giant Jenga, Sack races and Conker Fights!
After event, join us for a post event SharePint/ SQLPint from our bar
Don’t forget to thank Sponsors, Volunteers and Speakers!
The event will close at 6.30pm
What’s it all about?
Using Office 365 securely
Knowing and protecting
your content
Complying with ISO and
GDPR
Protection levels and Office 365 – CIA Triad
C3 - Confidential
C4 - Secret
C2 - Internal
C1 - Public
https://www.checkmarx.com/
Protection levels and Office 365
Standard Office 365 protection
Additional Office 365 protection
Additional Azure and/or EMS protection
Data loss prevention
Data governance
Conditional access
Flow environments
Azure Information Protection
Rights Management
Advanced Threat Analysis
Risk based conditional access
The required tooling depends on the classification level of content. Based on this classification you can have one or more tools or combination of tools.
C2C1
C3
C4
Confidentiality Basic toolset Example tooling
Azure/EMSAdvanced multifactor authenticationAdvanced Threat AnalysisAudit log searchAzure AD identity protectionAzure AD privileged account managementAzure Information ProtectionB2B CollaborationBring your own keyCertificate provisioningCloud App SecurityConditional accessseDiscoveryEncrypted e-mailFull MDM (Intune)Risk based conditional accessSingle sign-in SaaS applicationsSQL Always encryptedUsers self-service managementWorkstation management
Office 365Advance Data governanceAdv. Security management Office 365Basic Mobile Device ManagementBasic multifactor authentication Conditional accessCustomer lock-boxData loss preventionRMS for Office 365Single sign-on Office 365
Today’s session
Security & compliance center
Not included in E1
• Data loss prevention
• eDiscovery export
• Manual retention/deletion policies
Not included in E1 or E3
• Adv. security management
• Adv. threat management
• Adv. data governance
• Adv. eDiscovery
Included in E5
• Everything
https://technet.microsoft.com/en-us/library/dn933793.aspx
Permissions and roles
https://support.office.com/en-us/article/Permissions-in-the-Office-365-Security-Compliance-Center-d10608af-7934-490a-818e-e68f17d0e9c1?ui=en-US&rs=en-US&ad=US
DEMOData governance
&
Classifications
To recap
Data governance | Retention: location/condition based
Classifications | Label policies: content/user based
Data governance: behind the scenes
Classification labels: in front
Publish a label to create a label policy
Label policy is published to (one or more) locations
New (August 2017):
Classification labels, policies
Disposition dashboard
Supervision
DEMOData loss prevention
SharePoint Online
To recap
Build-in sensitivity types
Based on search (takes some time to become visisible)
Device management is based on Intune, but only for Office 365
Small sidestep: Threat Management
Insights into e-mail threat and protection
Spam filtering
Malware detection
Enable/disable Dkim signing of e-mails
Quarantine: all e-mails seen as malware, spam, phish, or bulk
DEMOFinding sensitive information
Searching the audit log
To recap
Case management
Content search based on sensitivetypes
Audit log search is very powerfull
Advanced eDiscovery (E5)
DEMOUsing alerts and recommendations
Alerts and recommendations
DEMOUsing PowerShell with the Security &
Compliance center
PowerShell
That’s about itBut there’s some more info….
More information
Office 365 security & compliance center
Security & compliance security roles
PowerShell cmdlets
Find sensitive data
Sensitive data queries
Data loss prevention
Thank you for your time….
Reach out to us on Twitter:
Or check out our blogs:
https://alberthoitingh.com
https://www.O365dude.com
@AlbertHoitingh
@Laskewitz