Thank you for joining us! The web seminar will start promptly at 2:00 ET.

Welcome to today’s University Business web seminar

Protect Your Campus

With a Zero-Trust Cybersecurity Approach

Kurt Eisele-Dyrli

Web Seminar Editor

University Business

Chris Irwin

Partner and CTO

Forsyte IT Solutions

Sam Buckhalter

Security and

Compliance Technical

Specialist

Microsoft

lobby

Thank you for joining us!

The web seminar will start shortly at 2:00 ET.

For technical support:

Use the Chat panel at the right of your screen. Select the name of our event

Host, Jason York, and type your message.

No computer speakers? Prefer to listen privately?

Dial the phone number and access code posted in the Chat window.

To submit a question to our panel:

Use the Q&A panel at the right of your screen. Send your question to All

Panelists, the default option.

Don’t see a panel?

Click the “expand panel” triangle in front of the panel name.

Need to access the presentation at a later time?

Everyone will receive an email with links to the slides and the archive

recording.

Protect Your Campus

With a Zero-Trust Cybersecurity Approach

“Chat” for tech support

“Q&A” for panelist questions

Welcome to today’s University Business web seminar

Welcome to today’s University Business web seminar

Protect Your Campus

With a Zero-Trust Cybersecurity Approach

Kurt Eisele-Dyrli

Web Seminar Editor

University Business

Chris Irwin

Partner and CTO

Forsyte IT Solutions

Sam Buckhalter

Security and

Compliance Technical

Specialist

Microsoft

This web seminar is sponsored by:

Welcome to today’s University Business web seminar

Welcome to today’s University Business web seminar

Protect Your Campus

With a Zero-Trust Cybersecurity Approach

Kurt Eisele-Dyrli

Web Seminar Editor

University Business

Chris Irwin

Partner and CTO

Forsyte IT Solutions

Sam Buckhalter

Security and

Compliance Technical

Specialist

Microsoft

lobby

Housekeeping

Protect Your Campus

With a Zero-Trust Cybersecurity Approach

For technical support:

Use the Chat panel at the right of your screen. Select the name of our event

Host, Jason York, and type your message.

No computer speakers? Prefer to listen privately?

Dial the phone number and access code posted in the Chat window.

To submit a question to our panel:

Use the Q&A panel at the right of your screen. Send your question to All

Panelists, the default option.

Don’t see a panel?

Click the “expand panel” triangle in front of the panel name.

Need to access the presentation at a later time?

Everyone will receive an email with links to the slides and the archive

recording.

“Chat” for tech support

“Q&A” for panelist questions

Welcome to today’s University Business web seminar

Protect Your Campus

With a Zero-Trust Cybersecurity Approach

Kurt Eisele-Dyrli

Web Seminar Editor

University Business

Chris Irwin

Partner and CTO

Forsyte IT Solutions

Sam Buckhalter

Security and

Compliance Technical

Specialist

Microsoft

Sam Buckhalter

Microsoft Technical Specialist

Security & Compliance

Chris Irwin

Chief Technology Officer

Forsyte I.T. Solutions

What is Zero-Trust?

• Literal – You can’t build and manage a

practical strategy around absolutes

• Adjective – You aren’t going to “be” Zero-Trust

• Product – There is no such thing as “Zero-Trust

technology”

• Revolution – You can build on what you have

What Zero-Trust Isn’t:

• Everything is open to the Internet

• Trust NO single source

• Breach containment

• There aren’t enough people

What it means to have a Zero-Trust Mindset …

Identity Challenges for Today’s Organizations

Explosion of apps, devices,

and users outside of the

corporate network

Increase in identity

attacks and lack of

visibility and control

Evolving data privacy and

security regulations to

comply with

Demands for increased

productivity and

IT modernization

The intelligent, connected cloud introduces

both opportunity and risk

81%of hacking breaches leverage

stolen/ weak passwordsVerizon 2017 Data Breach Investigation Report

73%of passwords are duplicatesMicrosoft 2018

80%of employees use non-approved

apps for workMicrosoft 2018

TECHNOLOGY HAS CHANGED THE WAY WE DO BUSINESS.

PROTECTING COMPANY ASSETS REQUIRES A NEW APPROACH.

Common identity platform:

Office 365

Active

Directory

Domain

Services

Azure

Active

Directory

Synchronization

Service

Azure

Active

Directory

Azure Active Directory (AAD or Azure AD) is the underlying

identity platform for multiple cloud services

Att

rib

ute

Sto

reA

uth

entica

tio

n

Azure Active

Directory3rd party applications

810,000active apps integrated with

Azure Active Directory

September 2018

ServiceNow

Google Apps

Workday

SuccessFactors

Schoology

Concur

Salesforce

Workplace

by Facebook

Myday

Canvas

Cornerstone

OnDemand

Blackboard

Learn

Clever

Box

Firefly# monthly active users

20Mmonthly active users

of 3rd party apps

Seamless access to apps:

Azure AD

Connect

On-premises /Private cloud

Microsoft Azure Active Directory

Identity is the new control plane.

Assume every resource is on the open internet.

Never trust. Always verify.

Microsoft Threat

Protection

Identities Endpoints User Data Cloud Apps Infrastructure

Users and admins Devices and sensors Email messages and documents

SaaS applications and data stores

Servers, virtual machines, databases,

networks

Microsoft Intelligent Security Graph6.5 trillion signals per day

Microsoft Intelligent Security Graph

Microsoft Zero-Trust Solution

Device

Managed or BYOD

Health & compliance

Device risk

Type and OS version

Encryption status

MicrosoftAzure AD

MicrosoftDefender ATP

MicrosoftIntune

Azure Sentinel

MicrosoftInformation Protection

MicrosoftCloud App

Security

MicrosoftAzure ATP

User

Groups/Role

Location

Privileges

Session risk

User Risk

Security &

Compliance

Policy Engine

Technical Details – Zero Trust User Access

University Use Case: Large University System

• Azure B2B accounts, offloading the identity

management lifecycle to participating schools

• Azure SSO for SaaS apps

• Azure Application Proxy for legacy on-prem apps

• Privileged Identity Management (PIM)

• mCAS to assist with security

SCENARIO: Large university system was looking to build a central Azure environment to

provide hosting and shared services, as well as increased collaboration between schools.

TACTICS

University Use Case: 18K Student School

• Azure SSO for SaaS apps

Azure app proxy for legacy applications

• Azure Conditional Access w/MFA

• Azure AD Identity Protection

SCENARIO: Mid-sized university with roughly 18k students on-premise had a fast-growing

distance learning program with an increasing number of users who never come to campus.

TACTICS

University Use Case: University System with Hospital

• Azure AD

• Windows Virtual Desktop to provide

VDI for med apps

• Azure Conditional Access

• Privileged Identity Management (PIM)

• mCAS

• Azure ATP

• Defender ATP

SCENARIO: University with a hospital provides IT services to local clinics and doctors.

TACTICS

Best Practices, Strategies & Key Takeaways

Use mCAS to help discover “Shadow IT.” mCAS also couples well with Windows Defender ATP.

While we are still a ways away from getting rid of

passwords entirely, there are several technologies

that will help make the move easier:

• Microsoft Passwordless Authentication

• Biometrics

• Windows Hello

• FIDO2

Azure conditional access

is a great way to reduce

auth fatigue and drive

user adoption.

Use mCAS to monitor your

Microsoft SaaS solutions:

mCAS is a valuable tool and

can also monitor a variety of

3rd party apps (Box, Google,

ServiceNow).

Have a question for our presenters? Submit it through the Q&A at the right. Q&A

Protect Your Campus

With a Zero-Trust Cybersecurity Approach

Q&A

Kurt Eisele-Dyrli

Web Seminar Editor

University Business

Chris Irwin

Partner and CTO

Forsyte IT Solutions

Sam Buckhalter

Security and

Compliance Technical

Specialist

Microsoft

University Business is the leader in editorial coverage of news, trends

and current issues in higher education.

Subscribe for FREE and stay up-to-date through our print magazine, digital edition, enewsletters

and web seminars.

Print magazine

UB Daily, Campus CIO

and other enewsletters

Web seminars

Digital edition and website

Thank you for joining us!

The archive recording of this web seminar will be available

for you to review, or share with members of your team, at:

http://www.UniversityBusiness.com/Web-Seminars

You will also receive an email

later with a link to the slides.