Securing the Remote WorkplaceRapidly deploy and secure Microsoft Teams

Synergy Advisors• What we do?

• Design and deploy end-to-end Cyber security solutions, based on Microsoft and partner products

• Services

• Consulting

• Training and Events

• New! Managed Services

• Custom Solutions

• Enterprise Analytics, secure collaboration and data protection

• E-Suite: E-Visor, E-Cryptor, & E-Inspector

• Partner Solutions

• Cymulate, IONIC, Secude, Thales, Lookout

• Sharegate, BitTitan

• Offices

• 130+ Consultants

• US [SEA, CLT, NYC], Latam [NI, CR, CO, PR]

• Recognitions (2015 – 2020)• 20/20 Security Workshop Partner of the Year• WW EM+S Highest Activation Partner FY2018 [Q4]• US EPG Partner of the Year [West Coast]

• Finalist 2017

• WW Microsoft Partner Case Study – Cloud Adoption

• Winner - FY 2016

• WW EMS Partner of the Year• Finalist 2016, Nominated 2015

• Alliance Partner of the year • Nominated FY 2015 & 2016

• National Solution Partner of the Year• Nominated FY 2015 & 2016

• Compete Partner of the Year• Nominated FY 2015 & 2016

• Cloud Partner of the Year • Nominated FY 2015 & 2016

• Specialty Partner Apps and IP• Nominated FY 2015 & 2016

Agenda• New landscape for Teamwork #WFH (Work From Home - #covid-19)

• Microsoft Teams Adoption

• Use cases

• Fundamental function• Best Practices/ Lessons learned from the field• Corporate Culture• Service Management of Microsoft Teams

• Governance, Management and Lifecycle• Group and team expiration, retention, and archiving

• Security and Compliance• Advance Threat Protection (ATP), Safe Links, Retention Policies, Data Loss Prevention (DLP),

eDiscovery

Microsoft Teams is Transforming the way people work

Enabling Remote Work Community

Microsoft Teams hits 44M daily active users Spiking

37% in one week amid remote work surge

• Make the most of meetings

• Be inclusive and use your video

• Track notes and action items, share frequently used documents

• Customize your virtual workspace

Staying productive while working remotely with Microsoft Teams

• Set up your workspace

• Communicate, communicate, communicate

• Maintain healthy boundaries

• Embrace online meetings

• Be mindful and inclusive

• Make up for missing hallway talk

• Bring the team together

Best Practices for Working from Home (WFH)

Microsoft Teams Adoption

Like: Plan > Build > Deploy

1. Start

2. Experiment

3. Scale

Put Aside the Traditional Steps

aka.ms/SuccessWithTeams.

Teams admin center> Planning > Teams Advisor

Start

• Validate adoption prerequisites

• Assemble your team

• Understand teams and channels

• Set up your first teams on Teams to build your technical knowledge

• Assess your organization's readiness for change

Teams admin center> Planning > Network Planner

Experiment

• Create your champions program

• Governance quick start

• Define usage scenarios

• Onboard early adopters and gather feedback

• Onboard support

Scale• Define outcomes and success

• Optimize feedback and reporting

• Drive awareness and implement training

• Schedule service health reviews

Governance, Management & Lifecycle

Apps

One identity Federated resources Loose coupling

Azure AD is the master for group

identity & membership

Office 365 services extend with

their data

Service notify each other of

changes to a group

Attributes

FlowUser creates new group

for teamwork

Group experience

populated in app of choice

Group identity created in

Azure Active Directory

Office 365 Groups is a Membership Service

What Do I Get with Office 365 Groups?

Entry-points for self-service creation

Planner “Outlook

“Team”

“Team”

“Team”

“Yammer

Connected”

Group”

X

X

X X=

=

=

Why Ensure Governance?

Administrative efficiency

Accurate cataloging & monitoring of adoption, usage and governance attributes for collaboration workspaces

Provable compliance with internal and external policies and regulatory requirements

Repeatable and consistent service delivery

How Teams are

requested, approved

and created

For Microsoft Teams, you need to govern:

Provisioning

How information,

access and containers

are managed

Operations

How to

retain/expire/dispose of

information as

appropriate

Information Lifecycle

Governance Focus

Azure AD Licensing Requirements

Govern Provisioning

• Sprawl

• Duplication

• Appropriateness

• Convention

• Cataloging

Restrict who can create Groups

Documentation: Manage who can create Office 365 groups | Populate groups dynamically based on object attributes

Set naming policy & custom blocked words

Documentation: Office 365 Groups Naming Policy

https://aad.portal.azure.com/

Provisioning Gotcha: Privacy

Make sure privacy is set accordingly

Public or Private?

Govern Operations

• Monitor usage and adoption

• Ensure users aren’t doing what they shouldn’t

• Quota enforcement

• SharePoint governance

Native “Dynamic Membership”Based on AAD

Attributes

▪ AAD properties drive

membership

▪ Not based on Security

Group Membership

Requires clean AAD

▪ AAD properties must

be current and

complete

Monitor adoption and usage

Security & Compliance for Microsoft Teams

PrivacySecurity

Security by design

• Data Encryption at rest and in transit

• Dedicated security professionals

• Threat models, Security Reviews, Automated

Security Tools

• Penetration testing with regular rotation of

3rd party penetration testers

• All keys stored in Azure Key Vault

• Admin: Screening, training, access control

• Host: Access control, anti-malware, patch

management, AAD Modern Authentication

• Network: Firewalls, edge routers

• Facility: Physical controls, video surveillance,

access control

• Bug Bounty Program (We pay friends, hackers

and researchers to find security bugs)

Privacy by design

• Data stored in-region based on tenant affinity

• No customer content accessible in logs or

telemetry

• Grant least privilege required to complete task

• Dedicated Privacy professionals

• Adhere to Office 365 data classification and

data handling standards

• Access to Production environments is locked

down

• GDPR

Security & Privacy

How compliant is Microsoft Teams?

http://aka.ms/STP is where you can

download the audit reports

https://aka.ms/MicrosoftComplianceStan

dards for Microsoft Compliance

Standards DownloadMore than 950 Office 365 controls

• Access control

• Auditing and logging

• Identification and authorization

• Awareness and training

• Continuity planning

• Incident response

• Risk assessment

• Communication protection

• Information integrity

• Deployment Approvals and management

Ongoing compliance processes

• Recurring audits like SOC, FEDRAMP, ISO+

independent verification

Microsoft Teams Certification

Microsoft Cloud Services Verified with

International, Regional and Industry

specific standards and terms

Strong Privacy and Security Commitments

• ISO 27001

• ISO 27018

• EU Model Clauses (EUMC)

• GDPR

• HIPAA Business Associated Agreement

• SSAE 16 SOC 1 & SOC 2 Reports

• FedRAMP Moderate and High

• IRS 1075, UK Official (IL2)

• Health Information Trust Alliance

(HITRUST)

Contractual commitment to meet US and

EU data residency requirements

Controls

Ava

ilab

le T

od

ay

Compliance Features availableCapability Description

Archive Any content stored in any Teams related workload needs to be preserved immutably

Compliance Content search Search content stored in any workload through rich filtering capabilities and export to a container for compliance and litigation.

eDiscovery – Messaging/FilesRich in-place eDiscovery capabilities including case management, preservation, search, analysis and export to help our customers simplify the eDiscovery process to quickly identify relevant data while decreasing cost and risk.

Legal hold When any team or individual is put on In-Place Hold or litigation hold, the hold is placed on the primary and archive messages.

Auditing and reporting All Team activities and business events must be captured and available for customer search and export.

Conditional Access and Intune MAM

Ensure that access to Microsoft Teams is restricted to devices that are compliant with IT Admin or Corporate Organization setpolicies and security rules both for the Teams Apps and the services it uses under the hood. Includes MAC Support for Conditional Access as well.

Moderator supportThe ability to have a moderator (owner of team) of a Team delete data from any user in the team that is inappropriate and mute users in a team/channel.

Windows Information ProtectionWIP, previously known as enterprise data protection (EDP), helps to protect against this potential data leakage without otherwise interfering with the employee experience. WIP also helps to protect enterprise apps like MS Teams.

Allowed List of Apps An Admin can control the list of 3P apps (bots, connectors, tabs) that can be used by end users within a tenant.

Retention / PreservationHelp organizations reduce the liabilities associated with messaging. The Customer can configure their tenant to retain data for a fixed period of time or retain it with unlimited storage for different Teams workloads.

eDiscovery – Calling/MeetingsRich in-place eDiscovery capabilities including case management, preservation, search, analysis and export to help our customers simplify the eDiscovery process to quickly identify relevant data while decreasing cost and risk.

Data loss prevention (DLP)Identify any sensitive data stored being transferred within or outside of Customer Organization in Teams to intercept and prevent leakage for Files and Chat/Channel Messages.

Advanced Threat ProtectionSupport for safe files and safe links in Microsoft Teams to protect your organization from malicious attacks with the power of Office 365 Advanced threat protection

Business information Barriers Prevent exchanges or communication that could lead to conflicts of interest. (a.k.a. Ethical walls)

VDI Virtual Desktop support for Teams to serve requirements of regulated industries and users with virtual desktops

Chat

service

Microsoft

Teams

O365 Information

Protection tools

▪ eDiscovery

▪ Legal Hold

▪ Compliance content

search

▪ Archive

▪ Retention

▪ Audit Logs

▪ Email

▪ 1:1 chats

▪ Group chats

▪ Channel messages

▪ SharePoint Files

▪ OneNote/Wiki

▪ OneDrive for Business

O365

substrate

Refresher: How Teams Enables Information Protection

Retention Policies for Microsoft TeamsFeatures Available

Retention Policies for Teams Chat and Channel MessagesNote: includes ability to target specific Teams for channel messages and Users for 1xN chat

Now

Support for retention policies for Teams Files

Now

Support for Preservation and Deletion policies > 30 days

Now

Support for Deletion Policies under 30 days

Coming soon

Support for Advanced Retention settings

Future

https://protection.office.com/retention

▪ Files Protected through OneDrive and SharePoint DLP

▪ Support for Office 365 DLP (80sensitive types supported)

▪ Support for 3rd Party DLP providers through:

▪ Graph Webhook (an event API) to listen to all Teams messages via admin approved 3rd Party app

▪ Graph API to update message with DLP Violation

DLP Mode

- Passive

- Intercept

Sharing of data

- Internal

- External

DLP Provider

- Microsoft

- 3rd Party

Protection

- Messaging

- Files

Data Loss Prevention Scenarios

https://aad.portal.azure.com/

MFA with Conditional Access

• Protecting your company data at the app level

• End-user productivity isn't affected, and policies don't apply when using the app in a personal context

• App protection policies

make ensure app-layer

protections are in place

• MDM, in addition to MAM,

makes sure that the device

is protected

Microsoft Intune App Protection Policies

https://devicemanagement.microsoft.com/

https://protection.office.com/safeattachment

Protect files Microsoft Teams with Office 365 ATP

Security & Compliance Resources

Teams Documentation

• All Compliance features in a nutshell

• Content Added based on request from IT Pro audience

https://aka.ms/TeamsSecurityandCompliance

Office 365 SCC documentation

• Each Information Protection Feature in detail

• Teams specific sections

• Examples and Samples

https://aka.ms/SCCOverview

Ignite Recordings

• Learn by watching videos and demos

• Ignite 2017

• Ignite 2018 placeholder

https://channel9.msdn.com

AI in Teams − Available today!

Mobile companion

mode

Inline message

translation

Meeting recording

transcription

Background

blur

Next Steps

Delivery Framework

Security, collaboration and

infrastructure maintenance and

change management

Monitoring

Incident Response

[2-3 year agreement]

Time and Materials (customized)

NEW!

Managed Services

Training sessions and workshops to

develop customer’s knowledge of M365 and Azure in cloud,

hybrid and On-premises scenarios

-Microsoft workloads

-Third-Party Solutions

[2-5 Days]

Price per Attendee

Workshops, Training and Events

Advanced implementation and

configuration of M365 / Azure

Includes additional M365 components

- Microsoft workloads

-Third-Party Solutions

Time and Materials (customized)

Production Deployment +

Basic implementation focused on up to

four use cases and configuration of

M365 / Azure

Integration with up to two workloads

[3-4 Weeks]

Fixed Price

Rapid Production Deployment

Security Assessments

•M365

•Azure

•Infrastructure

Compliance Assessments

•NIST/CIS

•ISO 2700x

Penetration Testing

•Controlled scanning

•ISO 2700x

[2-3 Weeks]

Fixed Price

NEW! Cyber Security and Compliance

Assessments

Testing environment to

evaluate the M365/Azure

solution against customer’s specific

use cases

[2-3 Weeks]

Fixed Price

Staging/PoC in a Box

Sessions to evaluate customer’s current

use cases and define a proposed

M365 / Azure architecture

[3-4 Days]

Fixed Price

Architecture Design Sessions [ADS]

Why Synergy?

• Expert team of consultants with proven field experience since 2003

• Deep experience integrating Microsoft 365 identity and security solutions and complimentary technologies to achieve strategic requirements

• Focused on designing and deploying identity and security platforms

• Knowledgeable writing team helps you understand how to optimize the solution platform using a variety of mediums

Q & A

Thank You!• Cristian Mora, Owner

• Synergy Advisors

• www.synergyadvisors.biz

• Twitter: @SYNERGYSEC

• Facebook: https://www.facebook.com/SynergyAdvisorsLLC

• YouTube: https://www.youtube.com/user/SynergyAdvisors