M365 Security: Immersion Experience – Recap

by | Jan 26, 2022 | Event, Security | 0 comments

Thank you to all those who were able to attend.  We are working with a partner to facilitate Customer Immersion Experiences (CIE) to facilitate learning these topics hands-on.  We hope you liked it.  As a recap, here were some of the things we discussed:

  • Data Loss Prevention (DLP) – Most customers own DLP capability as part of their Office 365.  The goal is to shine a light (flashlight analogy) on sensitive data that is either in motion (email, chat) or stored (OneDrive, Teams, SharePoint).  While Microsoft provides sensitive data templates (SSN, credit card), most customers will customize these policies and set them up in testing (non-enforcement) mode to see what data is captured in a month.  Initial use case – monitor outbound emails for sensitive organizational data.
  • Sensitivity Labels – while DLP’s goal is to find data, once found that data can be “tagged” with labels.  These labels are applied by individuals manually unless automatic tagging is owned and configured.  Many customers find the idea of document classification daunting so we suggest you start with a small use case.  A good start might be around specific data for organizations with privacy needs (GDPR) or data isolation (such as CUI data for the CMMC regulation).
  • Multi-factor Authentication (MFA) – many organizations are implementing or expanding their use cases for MFA.  Cyber security insurance and compliance mandates have organizations leveraging MFA for all areas below.  Our goal is to make sure MFA is well-thought-out and activated for administrators and a pilot group of users.
    1. Email via website/service
    2. Remote Access including Citrix / VPN
    3. Network Infrastructure
    4. Privileged account access to endpoints/servers using RDP
    5. Backup administration
  • Intune – We demonstrated Intune’s ability to leverage Mobile Application Management (MAM).  Simply this allows for deployment, policy-based control, and partial-wipe for Microsoft applications and related data.  Many customers are really exploring this technology to help control today’s hybrid work environment. FYI – Microsoft combined the capabilities of System Center Configuration Manager and Intune into Microsoft Endpoint Manager.

Below are links for the following resources: