Security & Compliance: Core Concepts Explained

Editor's Notes

• #4: Problem – Why is it so hard to explain security and compliance? In fact what is the difference, and where does governance come in to it? Solution – Use images and stories to explain the features Benefits – hopefully much easier to remember Next steps – what should you do if you need to assess and implement changes to your tenant
• #5: Why is it so hard to explain security and compliance? In fact what is the difference, and where does governance come in to it?
• #13: Do I have data to compare your answers to? Password only
• #14: Please provide two forms of identification As well as seeing your passport, I want to check that you are the same person so I will check that your physical attributes match those stored on the passport I will check that you have another device that you can use to enter the right information - I trust you if you have two devices that are both aligned to your identity
• #15: Imagine a fairground with many rides. Single sign-on would be paying to get in at the entrance to the fair ground and then being able to go on every ride without having to pay any more The alternative is not paying at the front gate and then paying for every ride individually
• #17: If the device you are using doesn’t have a PIN, it may not be secure, it may not be you If the Apps are not allowed by the organisation Even apps need to have security so that in a restaurant when your child is playing they can’t accidentally send your boss or a client an email
• #19: When you suddenly turn up in a Ferrari rather than the Ford you usually drive, that will trigger a warning If your credentials have been found on the dark web You may be asked to go through a higher level of authentication, or have your access blocked Security Posture assessments – check for known vulnerabilities Alerts aligned to industry standard events and monitoring tools Monitor and profile user behaviour and activities Protect user identities and reduce the attack surface What is Microsoft Defender for Identity? | Microsoft Docs
• #21: I choose the level of authentication based different factors: Where have you authenticated What device are you using Where you are coming from Where you want to go - Are you passing through or staying for a while Is your identity safe? What application are you logging in to? Terms of Use Different level of authentication
• #24: Some doors are open Some doors are locked You have a bunch of keys that you have been given that allow you in to certain rooms You can ask for other keys
• #26: Complex set of controls Invite a user into our environment Send a link to a specific item and change the permissions on that item What application? What location Sensitivity classification of location
• #28: Each room contains content Documents, data To be created and edited
• #30: Marking – make sure people know that the document is important Secure documents by forcing people to have a key to open If you borrow a book We may want you to use the key every time to open the book - encrypted You might be able to use the book for a while without a key – time between auth
• #31: Warnings Set off an alarm if a book or document passes out of the organisation Prevention Slam the shutters down to prevent the book leaving
• #32: Check for malicious content in emails arriving Check that links are to safe locations – Email and Teams Anti-virus Anti-phising policies Attack simulation
• #35: Keep content for a period of time Tax records Guarantees Design documents
• #36: When should content be removed? Should it be deleted Should it be reviewed
• #37: When you need to find information from the whole library
• #39: Monitor activity React to activity Notifications Rules based on frequency or quantity Pro-actively add sensitivity to content What is Cloud App Security? | Microsoft Docs
• #40: Microsoft 365 Defender - Microsoft 365 security | Microsoft Docs Unified management of For EndPoint For Office 365 For Identity MCAS Manage incidents and see timeline of attack Manage investigations
• #41: Listening not just to Microsoft 365 but any system Azure Firewalls Custom solutions Complex rules on how to identify anomalous behaviour Sophisticated responses What is Azure Sentinel? | Microsoft Docs
• #43: Compare your configuration to required legislation Get recommendations on how to improve the scores Manage tasks to improve your score
• #44: Send an emails to test how well staff respond to threats Identify where more awareness and training is needed