Workshop: Understanding and securing your threat surface
Join our MVP, Maurice Daly as he walks you through understanding and securing your threat surface. With the transition of many organisations to the Microsoft 365 platform, security is often overlooked in the goal of cloud enablement. In this one day session, we will take you through the common pitfalls which can leave your tenant exposed. Here we will discuss the security features that are built in, and those which you need to consider when undertaking this journey.
Securing the tenant from legacy protocol exposure, to utilizing e-Discovery to undertake forensics, and to using portals / notifications to monitor for exposures, each element is vital. This will help you mitigate against exposure to potential data extractions, fraud, or at the worst case deletion of our tenant.
So join our virtual event to see real world examples of these threats and more importantly understand how to prevent them being an issue in the first place. Register with our partner MicroWarehouse today
Presenter: Maurice Daly is Senior Cloud Architect at CloudWay. He is a Microsoft MVP in the area of Enterprise Mobility. He is an international speaker, speaking at numerous Microsoft focused user group events, and sessions at Microsoft Ignite. With a background of over 20 years in the IT industry in both in-house and consultancy roles, he prides himself on being able to analyse the entire solution from both sides of the fence.
- Welcome / Introduction
- Understand The Risk
- What is invoice fraud
- How to attackers use legacy protocols, Exchange rules, and social engineering
- How exposed is a default tenant? How big an issue can it be?
- Microsoft 365 licensing features
- Portals, Portals, Portals
- Understand and know each of the Microsoft portals associated with Microsoft 365
- Protecting Users
- Optimised anti-spam and anti-malware
- Office 365 Advanced Threat Protection
- What is Conditional access? Why you need to implement it
- Auditing / Threat Discovery
- Using Azure AD logs
- Using e-Discovery for SMTP analysis
- Exchange online auditing
- Conditioning Users
- Using Office ATP attack simulator