Securing Office 365 with Privileged Identity...

17
#ITDEVCONNECTIONS | ITDEVCONNECTIONS.COM Securing Office 365 with Privileged Identity Management

Transcript of Securing Office 365 with Privileged Identity...

Page 1: Securing Office 365 with Privileged Identity Managementfiles.informatandm.com/.../Securing_Office_365_with...Securing Office 365 with Privileged Identity Management. #ITDEVCONNECTIONS

#ITDEVCONNECTIONS | ITDEVCONNECTIONS.COM

Securing Office 365 with Privileged Identity Management

Page 2: Securing Office 365 with Privileged Identity Managementfiles.informatandm.com/.../Securing_Office_365_with...Securing Office 365 with Privileged Identity Management. #ITDEVCONNECTIONS

#ITDEVCONNECTIONS | ITDEVCONNECTIONS.COM

Nathan O’Bryan

MVP: Office Apps and Services

MCSM: Messaging

@MCSMLabhttps://www.mcsmlab.com

Page 3: Securing Office 365 with Privileged Identity Managementfiles.informatandm.com/.../Securing_Office_365_with...Securing Office 365 with Privileged Identity Management. #ITDEVCONNECTIONS

#ITDEVCONNECTIONS | ITDEVCONNECTIONS.COM

Security in the Cloud Era

• Shared responsibility model

• Microsoft is responsible for the infrastructure, you are responsible for your data

• Microsoft has put a lot of work into security features, we have to understand and properly implement those features

• Security is a constantly evolving requirement – we are never done!

Page 4: Securing Office 365 with Privileged Identity Managementfiles.informatandm.com/.../Securing_Office_365_with...Securing Office 365 with Privileged Identity Management. #ITDEVCONNECTIONS

#ITDEVCONNECTIONS | ITDEVCONNECTIONS.COM

Microsoft security

• Physical security• Internal datacenter networks are segregated

• Customer data is unintelligible to those with physical access

• Logical security• Lockbox

• Servers run only whitelisted code

• Data security

Page 5: Securing Office 365 with Privileged Identity Managementfiles.informatandm.com/.../Securing_Office_365_with...Securing Office 365 with Privileged Identity Management. #ITDEVCONNECTIONS

#ITDEVCONNECTIONS | ITDEVCONNECTIONS.COM

Microsoft security

• User controls• Encryption

• Data loss prevention

• Azure Rights Management

• Admin controls• MFA

• MDM/MAM

• Exchange Online Protection

• Cloud App Security

Page 6: Securing Office 365 with Privileged Identity Managementfiles.informatandm.com/.../Securing_Office_365_with...Securing Office 365 with Privileged Identity Management. #ITDEVCONNECTIONS

#ITDEVCONNECTIONS | ITDEVCONNECTIONS.COM

Your security

• Patch!

• Understand your options• 1st party and 3rd party options

• Balance add-on services with cost• EM+S features are complex and expensive

• Auditing is your responsiblity

Page 7: Securing Office 365 with Privileged Identity Managementfiles.informatandm.com/.../Securing_Office_365_with...Securing Office 365 with Privileged Identity Management. #ITDEVCONNECTIONS

#ITDEVCONNECTIONS | ITDEVCONNECTIONS.COM

What is Privileged Identity Management?

• A new Azure Active Directory tool that allows you to assign “just in time” administrator rights

• Simplified auditing of changes made by administrators

• Managers don’t need to have admin privileges themselves

• Approvals can include additional documentation (reason for elevated rights, ticket information)

• 5 demos in this session

Page 8: Securing Office 365 with Privileged Identity Managementfiles.informatandm.com/.../Securing_Office_365_with...Securing Office 365 with Privileged Identity Management. #ITDEVCONNECTIONS

#ITDEVCONNECTIONS | ITDEVCONNECTIONS.COM

Controlling Office 365 admin rights with limited roles• Preconfigured roles for administrators

• Limit administrators to specific job role functions

• Easy to use

Page 9: Securing Office 365 with Privileged Identity Managementfiles.informatandm.com/.../Securing_Office_365_with...Securing Office 365 with Privileged Identity Management. #ITDEVCONNECTIONS

#ITDEVCONNECTIONS | ITDEVCONNECTIONS.COM

Controlling Office 365 admin rights with RBAC• Role Based Access Control

• Allows you to assign limited admin rights in Office 365 services

• Complex to customize

• Generally not used for JIT access

Page 10: Securing Office 365 with Privileged Identity Managementfiles.informatandm.com/.../Securing_Office_365_with...Securing Office 365 with Privileged Identity Management. #ITDEVCONNECTIONS

#ITDEVCONNECTIONS | ITDEVCONNECTIONS.COM

Azure management groups

• System for controlling multiple subscriptions within an organization

• Put subscriptions in containers and apply governance conditions to the groups

Page 11: Securing Office 365 with Privileged Identity Managementfiles.informatandm.com/.../Securing_Office_365_with...Securing Office 365 with Privileged Identity Management. #ITDEVCONNECTIONS

#ITDEVCONNECTIONS | ITDEVCONNECTIONS.COM

PIM PowerShell module

• Install-Module -Name Microsoft.Azure.ActiveDirectory.PIM.PSModule

• Limited cmdlets• Connect-PimService

• Disable-PrivilegedRoleAssignment

• Disconnect-PimService

• Enable-PrivilegedRoleAssignment

• Get-PrivilegedRoleAssignment

• Show-PimServiceConnection

Page 12: Securing Office 365 with Privileged Identity Managementfiles.informatandm.com/.../Securing_Office_365_with...Securing Office 365 with Privileged Identity Management. #ITDEVCONNECTIONS

#ITDEVCONNECTIONS | ITDEVCONNECTIONS.COM

Demo 1: Start using PIM

• Configuring PIM for the first time

• License requirements

• Manage admin role assignments

Page 13: Securing Office 365 with Privileged Identity Managementfiles.informatandm.com/.../Securing_Office_365_with...Securing Office 365 with Privileged Identity Management. #ITDEVCONNECTIONS

#ITDEVCONNECTIONS | ITDEVCONNECTIONS.COM

Demo 2: Activate Azure AD roles in PIM

• Request activation of a role

• Activated admin rights vs normal user rights

Page 14: Securing Office 365 with Privileged Identity Managementfiles.informatandm.com/.../Securing_Office_365_with...Securing Office 365 with Privileged Identity Management. #ITDEVCONNECTIONS

#ITDEVCONNECTIONS | ITDEVCONNECTIONS.COM

Demo 3: PIM management with PowerShell• Install and use PIM PowerShell module

• PowerShell cmdlets

Page 15: Securing Office 365 with Privileged Identity Managementfiles.informatandm.com/.../Securing_Office_365_with...Securing Office 365 with Privileged Identity Management. #ITDEVCONNECTIONS

#ITDEVCONNECTIONS | ITDEVCONNECTIONS.COM

Demo 4: PIM for Azure Resources

• Use PIM to control access to Azure resources

Page 16: Securing Office 365 with Privileged Identity Managementfiles.informatandm.com/.../Securing_Office_365_with...Securing Office 365 with Privileged Identity Management. #ITDEVCONNECTIONS

#ITDEVCONNECTIONS | ITDEVCONNECTIONS.COM

Demo 5: Administrators working with PIM assigned permissions• Auditing changes

• Controlling admin rights

Page 17: Securing Office 365 with Privileged Identity Managementfiles.informatandm.com/.../Securing_Office_365_with...Securing Office 365 with Privileged Identity Management. #ITDEVCONNECTIONS

#ITDEVCONNECTIONS | ITDEVCONNECTIONS.COM

Thank you

• Questions?

• @MCSMLab

• https://www.mcsmlab.com