In this lecture-style class developed and presented by Marcus Pettersson (Senior Consultant), together with Viktor Hedberg (Senior Consultant Secure Infrastructure), you will learn how to protect and defend identities, devices, and data using the latest features in Microsoft 365. By understanding how the different products work and integrates with each other, you will see several new opportunities you may already have access to in your M365 subscriptions.
The training is divided in to four sessions, each covering different aspects of M365. The Sessions are held online at 3 pm to 5 pm CET. All sessions are presented in English.
First session will focus on Azure AD, where we will talk about the importance of Zero trust and why you need to change many of the default settings in Azure AD to secure your identities.
Second session will cover how to protect your infrastructure using Microsoft 365 Defender. We will cover the different defender services to ensure that we can protect our endpoints and identities from threats and how we can use the capabilities of M365 Defender to investigate suspicious activity in the environment.
Third session will focus on endpoints and how we can ensure that our devices can be secure and managed in the new hybrid work era. We will look at how Intune can help us secure both desktop and mobile operating systems.
Fourth session, we will look at the compliance features within Microsoft 365. Many organizations store sensitive information in Office 365, which makes it important to ensure that the information does not end up in the wrong place. We will use Microsoft Purview services to classify and protect sensitive information.
After these sessions, you will have a unique and deep understanding of the threat-protection and compliance stack in Microsoft 365, how you can leverage it in your own environment, and prepare for when the worst happens.
Session 1 – Securing Azure AD
Azure AD is the identity platform used by all Microsoft 365 services. In this module you will learn why it’s so important to have good security controls in place and how to configure Azure AD to ensure your users and sign-ins are protected.
- Why the default settings in Azure AD needs to be changed.
- Start your Zero Trust journey with Conditional Access.
- Secure your MFA registrations.
- Understand the possibilities (and dangers) with Enterprise Applications.
- Protect your sign-ins with Identity Protection.
- Protect your administrative roles with Privileged Identity Management.
- Understand why logging is so important and how Azure AD logs will help your investigations.
Session 2 – Understanding Microsoft 365 Defender
Microsoft 365 contains a lot of powerful security features. Microsoft 365 Defender is a collection of multiple security services aimed at different parts of your IT infrastructure. In this module, you will learn how the Defender suite help to secure your modern workplace and how to get the most out of the services.
- Protect your Endpoints with Defender for Endpoint.
- Get insight in your domain controller traffic with Defender for Identity.
- Ensure that your organization is protected from e-mail originating threats with Defender for Office365.
- Monitor and control your cloud application usage with Defender for Cloud Apps.
Session 3 – Protect your endpoints with Microsoft Endpoint Manager
With the new hybrid-work era, it’s important to have good management abilities on your endpoints wherever in the world they are located and weather you are using Windows, Mac, iOS, or Android devices. All of them needs to be managed and monitored so your users can feel safe while performing their day-to-day work. In this module, you will learn how Endpoint Manager can be used to properly manage and enforce security controls across your device platform.
- Configure Windows Autopilot.
- Onboard your mobile devices.
- What is Apple Business Manager and why is it important?
- Enforce security settings to your devices.
- Safeguard your corporate data on private and corporate owned mobile devices.
- Use your devices to strengthen your Zero Trust configuration.
- Ensure that only the devices you approve can be enrolled.
Session 4 – Compliance in Microsoft 365
With a lot of potential sensitive information used and stored within Microsoft 365, it’s important as an organization to ensure that this information does not end up in the wrong hands. In this module you will learn how to use the available Purview compliance features to protect your sensitive data.
- How Microsoft Purview Information Protection will classify and protect your documents and email messages.
- Use Purview Data Loss Protection to prevent information leakage to external parties.
- What is in-place and litigation hold and when should you use it.
- Understand how eDiscovery will help you to investigate mailbox, Teams, and SharePoint activities in your own environment.
Why it is so important to enable the Unified Audit Log, and how should you use it in case of a breach.
Quick facts / FAQ:
- What language will be used?
All sessions are held in English.
- Will you receive a recording after the sessions?
Yes, a recording of the session will be available for download after the session.
- We are a couple of colleagues who would like to participate, can we purchase one ticket and join from a conference room?
Tickets are priced per person, so all participants need to purchase their own. But joining from a conference room with colleagues sounds great!
- Can you join onsite at Truesec premises?
No, this is a remote only session.