Video Presentation of this can be found at

https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/ciso-workshop-module-3
 Lunch
Your strategy Security management
learnings and principles

Kickoff and

Threat protection
(A) Identify-Protect
(B) Detect-Respond-Recover
Information protection
• Identity Security Architects
• Identity Architects
• Identity Operations Teams Joint planning
• Collaboration/Productivity Lead
3. Assets increasingly leave network
• BYOD, WFH, Mobile, and SaaS

4. Attackers shift to identity attacks

• Phishing and credential theft
• Security teams often overwhelmed
~2004 2010 2014 2017
Network Access Forrester coins BeyondCorp
Control (NAC) “Zero Trust” Term Published
Architectures

Network – Expensive and challenging to implement

Google’s BeyondTrust success is rarely replicated
Never Trust. Always verify.
Zero Trust Model
Zero Trust User Access

Conditional Access App Control

6.5 Trillion Signals/Day

Death Star GoFetch

http://aka.ms/SPAroadmap http://aka.ms/cyber-services

http://aka.ms/securitystandards
A consistent set of controls between assets and threats
Office 365
 Intrusion Forward/Reverse Intranet Resources
Firewall
Detection/Prevention Proxy

Actions:
• Allow
• Block
Source: IP Address/Port Signatures Allow List
Destination: IP Address/Port Analytics Authentication

User Device
High

Medium

Actions:
Role Health/Integrity Low • Allow
Group Client • Allow Restricted
Device Config • Require MFA
Config Last seen • Block
Location Conditional • Force Remediation
Last Sign-in access risk
 Office resource
User Device High

Medium

Low Block access Sensitivity: Medium

Role: Sales Account Representative Health: Device compromised
Group: London Users Client: Browser Force threat
Device: Windows Config: Anonymous remediation
Config: Corp Proxy Last seen: Asia Conditional
Location: London, UK access risk
Last Sign-in: 5 hrs ago

Malicious activity detected on device

Anonymous IP

Your Pa$$word doesn't matter Unfamiliar sign-in location for this user
 Customers Business
Social IDs Azure AD B2C Apps

Securely authenticate customers

with their preferred identity provider
Provide branded registration Analytics
and login experiences
Business & Government Capture login, preference, and
IDs conversion data for customers
CRM and
Marketing
Automation
contoso
https://cloudblogs.microsoft.com/enterprisemobility/2018/03/05/azure-ad-and-adfs-best-
practices-defending-against-password-spray-attacks/

https://aka.ms/passwordguidance

https://channel9.msdn.com/events/Ignite/Microsoft-Ignite-Orlando-2017/BRK3016