Microsoft 365 Business Premium Understanding the Nuts and Bolts New name same great value same price Microsoft 365 for business Office 365 Business Essentials Cloud services Microsoft 365 Business ID: 935553
Download Presentation The PPT/PDF document "Microsoft 365 SMB Advanced Security" is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.
Slide1
Microsoft 365 SMB Advanced Security
Microsoft 365 Business Premium: Understanding the Nuts and Bolts
Slide2New name, same great value, same price.
Microsoft 365 for business
Office 365 Business
Essentials
Cloud services
Microsoft 365 Business
BasicCloud services
Office 365 Business
PremiumCloud services and desktop apps
Microsoft 365 Business StandardCloud services and desktop apps
Microsoft 365
BusinessCloud services, desktop apps, and advanced security
Microsoft 365 Business PremiumCloud services, desktop apps, and advanced security
Effective on April 21
st
, 2020
Slide3Microsoft 365 for business
New name, same great value, same price.
Exchange
Teams
SharePoint
OneDrive
Outlook
Word
Excel
PowerPoint
Publisher
Access
Exchange
TeamsSharePointOneDrive
Exchange
Teams
SharePoint
OneDrive
Outlook
Word
Excel
PowerPoint
Publisher
Access
Intune
Azure Information Protection
Conditional Access
Defender
Windows Virtual Desktop
Microsoft 365 Business
Basic
Cloud services
Microsoft 365 Business
Standard
Cloud services and desktop apps
Microsoft 365 Business
Premium
Cloud services, desktop apps, and advanced security
Note: Not all features/product logos shown.
Slide4Layered approach to security
Compromised login
Weak credentials
Suspicious locations
Malware/ ransomware (compromised device)
Unmanaged device –BYOD – has your corp data
Weak pin – anyone can accessUsers can copy/paste/save corp data to personal appsUsing 3
rd party apps with weak securityEmail malware vulnerabilitiesRansomware threats/phishingProtecting sensitive data from being shared
Important documents need to be protected internally and externallyMaking sure only the right people have access
Making sure departing employees don’t have accessSecurity Issues at each layer
User
Device
ApplicationEmailDocument
10 Pro
Slide5AAD
Features like MFA
Self Service Password Reset
Conditional Access
Microsoft Defender AV
Full Centralized Management of Mobile and Laptops with IntuneRemote wipe of data of lost & stolen devicesBitLocker Encryption
Enforce Strong Pin requirements along with WiFi, VPN profilesRestrict copy/paste/save corp data to personal appsAccessing sensitive apps securely (Windows Virtual Desktop)
Advanced Threat Protection for protection against malware and zero day attacksData Loss Prevention to monitor sensitive data from being transmittedEmail restrictions like “Do Not Forward” or “Encrypt Email”
Azure Information Protection protects, classifies Documents for secure sharingRevoke access to DocumentsTrack Sensitive documents
Identity SecurityDevice SecurityApplication Security
Email SecurityDocument Security
Microsoft 365 Business Premium
Securing each & every layer of productivity seamlesslyWhat is Microsoft 365 Business Premium
User
Device
Application
Email
Document
10 Pro
Slide6Active Directory
Azure AD
Intune
Windows 10 Pro device
Mobile Devices
Device & Application Security
Office 365
Exchange Online: Email Calendar
SharePoint Online:
ODFB
, Sites
Teams: Persistent Chat
Office Client: Word, Excel PowerPoint
External Threat Protection
Office 365 Advanced Threat Protection
Office 365 Multi-Factor Authentication
Controlling Data Access
Data Loss Prevention
Preservation with Exchange Online archiving
Information Rights Management & Encryption
Azure Information Protection
Email Security
Self Service Password Reset
MFA
Conditional Access
New
Device Management
Microsoft Defender AV
Centralized Windows Security Enablement
E2E MDM for iOS/Android
Wifi
, VPN, Profile; Certificate Management
Identity Security
Document Security
Intune Application Management
Restriction on Cut/Copy/Paste on personal apps
10 Pro
What is Microsoft 365 Business Premium
Slide7Identity
1. Self Service Password Reset
2. Multi Factor Authentication for:
Microsoft Services3rd Party Apps3. Conditional Access
NewUser
LocationDevicesAppsHybrid ConfigurationAAD Connect enables a single username/password for cloud and on premises apps
Self Service Password Reset with writebackLet’s your users change password easily and that’s written back to AD to maintain uniform Password PoliciesMFA for additional security for:Microsoft Services (incl. Office services)3rd Party Apps
Conditional AccessEnforce access controls based on location, user state, device state and appsActive Directory
Azure AD
Slide8Intune does two things:
Device & Application Security
Device Management
For Windows & Mobile Devices
Mobile Application Management
for iOS & Android
Intune
Windows 10 Pro device
Mobile Devices
10 Pro
MDM + MAM
Slide9Intune does two things:
Device Management
For Windows & Mobile Devices
Win 10 Auto enrollment benefits: Central Management of windows by enabling Microsoft Defender AV, Ransomware end point protection and BitLocker enablement
Device Security
Intune
Windows 10 Pro device
10 Pro
Slide10Intune does two things:
Device Management
For Windows & Mobile Devices
End-to-end
Device registration
Certificate managementWifi, VPN profileDevice wipe for stolen devicesDevice Management
Intune
Windows 10 Pro device
10 Pro
Mobile Devices
Slide11Application Security
Intune
MAM
Corp
Personal
Ring fencing Apps
@hotmail.com
@contsoso.com
Email attachment
Paste
Copy
Can’t paste to personal apps
Save
OneDrive for Business
Can’t save to personal storage
Intune does two things:
Mobile Application Management
for iOS & Android
Restricting Cut/Copy/Paste/Save on Personal apps
Slide12Email Security
Office 365
External Threat Protection
Office 365 Advanced Threat Protection
Controlling Data Access
Data Loss Prevention
Preservation with Exchange Online archiving
Information Rights Management & EncryptionExchange Online: Email Calendar
SharePoint Online: ODFB, Sites
Teams: Persistent ChatOffice Client: Word, Excel PowerPoint
Slide13External Threat Protection
Office 365 Advanced Threat Protection
Controlling Data Access
Data Loss Prevention Preservation with Exchange Online archiving Information Rights Management & Encryption
Advanced Security
Saf
e
Safe Links rewrite
Multiple filters + three antivirus engines
with Exchange Online protectionRecipientUnsafe
Suspicious attachment
Sender
Office 365
Detonation chamber
(sandbox)
Executable?
Registry call?
Elevation?
……?
Malicious links
Protection against unknown malware/Viruses
Behavioral analysis with machine learning
Admin alerts
Time-of-click Protection
Real-time protection against
malicious URLs
Growing URL coverage
Rich Reporting and Tracing
Built-in URL trace
Reports for advanced threats
Slide14Advanced Security
Controlling Data Access
Data Loss Prevention
Data Loss Prevention
Offers Policy Tips
to prevent users from sharing sensitive contentDetects sensitive content based on pattern matching engine for various sensitive dataBank Routing NumbersSSNs
PHITakes ActionBlocksReports to admin
Slide15Controlling Data Access
Exchange Online Archiving
Advanced Security
Exchange Online Archiving
Unlimited archiving mailbox
eDiscovery features to help produce data/contentProvides long term retention of content based on compliance requirementRetains even deleted items for long term retention & eDiscovery
Slide16Controlling Data Access
Information Rights Management & Encryption
Advanced Security
Information Rights Management and Encryption
Set Permissions like ‘Do Not Forward’
Enable External Encryption – where recipients get fully encrypted emails
Slide17Document Security
Azure Information Protection
User 1
User 2
Classification & labeling: “
Highly Confidential
”
Encryption
Tracking
Revocation
Document
Azure Information Protection
Classification & labeling:
Manually classify documents based on labels like “Highly Confidential” that is associated with a certain group access
Encryption: The encryption follows classification labels
Tracking: who/where document is accessed
Revoke access previously granted
Slide18AAD
Features like MFA
Self Service Password Reset
Conditional Access
Microsoft Defender AV
Full Centralized Management of Mobile and Laptops with IntuneRemote wipe of data of lost & stolen devicesBitLocker Encryption
Enforce Strong Pin requirements along with WiFi, VPN profilesRestrict copy/paste/save corp data to personal appsAccessing sensitive apps securely (Windows Virtual Desktop)
Advanced Threat Protection for protection against malware and zero day attacksData Loss Prevention to monitor sensitive data from being transmittedEmail restrictions like “Do Not Forward” or “Encrypt Email”
Azure Information Protection protects, classifies Documents for secure sharingRevoke access to DocumentsTrack Sensitive documents
Identity SecurityDevice SecurityApplication Security
Email SecurityDocument Security
Microsoft 365 Business Premium
Securing each & every layer of productivity seamlesslyWhat is Microsoft 365 Business Premium
User
Device
Application
Email
Document
10 Pro
Slide19Active Directory
Azure AD
Intune
Windows 10 Pro device
Mobile Devices
Device & Application Security
Office 365
Exchange Online: Email Calendar
SharePoint Online:
ODFB
, Sites
Teams: Persistent Chat
Office Client: Word, Excel PowerPoint
External Threat Protection
Office 365 Advanced Threat Protection
Office 365 Multi-Factor Authentication
Controlling Data Access
Data Loss Prevention
Preservation with Exchange Online archiving
Information Rights Management & Encryption
Azure Information Protection
Email Security
Self Service Password Reset
MFA
Conditional Access
New
Device Management
Microsoft Defender AV
Centralized Windows Security Enablement
E2E MDM for iOS/Android
Wifi
, VPN, Profile; Certificate Management
Identity Security
Document Security
Intune Application Management
Restriction on Cut/Copy/Paste on personal apps
10 Pro
What is Microsoft 365 Business Premium
Slide20Thank You!
SMB Technical Community: aka.ms/
smbtc