Post on 24-Mar-2020
Office 365Optimize your Microsoft Investment
Join Velosio SME’s as they describe how Microsoft Office 365 is a differentiator for email, productivity, and security. Learn about Security, Teams, and Document Management. Hear about Best Practices in O365 from our SME’s, and real-world examples from participating clients. Learn how clients leveraged O365 functionality and support from Velosio to benefit their organization. Participate in the open Q&A session to get direct answers to your specific questions from peers and O365 SME’s.
Office 365Optimize your Microsoft Investment
01
02
03
04
05
Agenda
Why Move to Office 365?
O365 Core Products
Security Benefits
Compliance & Security Solutions
Q & A Session
Raise of Hands -
Why Move to Office 365?
No Servers to Upgrade, Patch, or MaintainGrows with your BusinessWork anywhere from any deviceOffice apps get feature updatesBuilt-in Security, Compliance, and Data Loss Prevention
Top Business Values
Cloud is Integral to Business Transformation
“71% of strategic buyers cite scalability, cost and business agility as the most important drivers for using cloud services.“
– Gigaom Research
Leverage economies of scale and expertise
Reshape how you engage with customers
Drive new and more rapid sources of innovation
SSECURITY and IDENTITY STRATEGIES
Innovation Modernization Transformation Efficiency
Business innovation
Tension Between Innovation and Security Risks
Security risks
Data loss Downtime Privacy breach Malware attacks
Mil
2018 Average cost of a Data Breach in the US
3.86
$
individual records were breached in 2018
More than
5 Billionseconds
Cyber attacks occur every
39
Global number of Reported Breeches
6,515 Average time to identify a data breach
196
Global Attacks are Increasing, and Costs are Rising
in 2018
days
Security in a cloud enabled world
Cloud service provider responsibility (Microsoft)
Tenant responsibility
Moving to O365 Software as a Service (SaaS), your organization’s responsibility for security is focused to data, identity, devices, and app layer.
Cybersecurity threats make security more challenging – however the public cloud makes it easier for you to manage as the security load shifts to Microsoft (service provider).
Microsoft Office 365 Core Products
Exchange Online & Outlook
OneDrive for Business
SharePoint Online
Teams & Skype for Business
Office Applications
Category Leader
Co-Creating ContentOffice 365 ProPlus
Co-authoringacross desktop, mobile, web
Mail &CalendarOutlook
Undisputed leader in mail and calendar
Voice, Video& MeetingsSkype
100M meetings each month
IntroducingMicrosoftTeams
Chat-based WorkspaceMicrosoft Teams
Sites & Content ManagementSharePoint
190M end users
EnterpriseSocialYammer
85% ofFortune 500
Collaboration is how work gets done
Geographically Distributed Need varied ways to connect across locations and time-zones
Internal & External Team MembersTeam members outside the firewall need unfettered access
Multi-Generation WorkforceDifferent expectations and preferences for tools
Employees work on nearly
the number of teams,compared to 5 years ago
Microsoft Teams is a chat-based workspace in Office 365
Securityteams trust
Get the enterprise-level security and compliance features you expect from
Office 365.
Chat for today’s teams
Communicate in the moment and keep everyone
in the know
Customizablefor each team
Tailor your workspace to include content and
capabilities your team needs every day.
A hub for teamwork
Give your team quick access to information they need
right in Office 365
Chat for today’s teams to keep everyone in the know
A hub for teamwork integrated with Office 365
Security teams trust with enterprise-level protection
Customizable for each team with content and capabilities
Microsoft Teams, a chat-centered workspace
Text, meet, and call, across devices, with VoIP & PSTN
Reduce travel using audio, HD video & web conferencing
Unify your global phone systems with Cloud PBX
Reach out to your employees with Skype Meeting Broadcast
Engage your customers, using Skype in your web pages & apps
Complete cloud communications with Teams/Skype
Co-author together in real time in Office applications
Store, sync & share files inside or outside your org
Find, follow & discover content from anywhere on any device
Manage document revisions with integrated feed & version history
Receive comments & changes while on the go with notifications
Create, share, find content with Office & OneDrive
Modern content, sharing & discovery with SharePoint
Access sites & content anywhere with your Intranet in your pocket
Manage & collaborate on content with your team
Navigate your intranet with intelligent recommendations
Create beautiful team sites & publishing sites quickly
Automate business processes with Microsoft Flow & PowerApps
Foster open team discussions with the group feed
Tap into collective knowledge with search & discovery
Crowdsource ideas & share best practices across the org
Get the pulse of your company using polls, praise & follows
Drive employee engagement with actionable updates & alerts
Connect with Yammer, the social network for work
Secure Score
Secure Score
Actionable Roadmap to Tighten SecurityAnalyzes your organization's security based on your regular activities andsecurity settings, then assigns a score
O365 Security Benefits
Secure Score… Allows you to see how you compare
1 2 3 4 5
Secure Score: Actionable Roadmap
Identity Device InfrastructureAzure AD Accounts/Roles MDM, Intune, Windows ATP Azure Resources
(Coming Soon)
DataO365 Documents
AppsEmail and Cloud Apps
Cloud directoryIdentity and Access managementApplication provisioning and access managementFederation hubOpen standards-based application platformConditional access (enforce MFA)SAAS App Discovery and Usage MonitoringCloud app security for existing app accessDevice registration, identity and attestation Built in auditing, security, and operational monitoring
Secure Score: IdentityAzure Active Directory
Self-service Singlesign on
•••••••••••
Username
Simple connection
Cloud
SaaSAzureee
Office 365Publiccloud
Microsoft Azure Active Directory
Other Directories
Windows ServerActive Directory
On-premises
Existing Applications
Auditing, security, and operational monitoring and reporting
Identity as the control plane
Secure Score: Identity
AAD App Proxy
Public CloudsPublic
SaaS apps
udsClou
Azure Active Directory
Windows Server Active Directory
apps
LOB and Custom Apps
apps
Microsoft Azure
Azure AD identity and access management scenarios
Simplify access and control of both Cloud and on-premises applications
Reduce IT burden with self-service IAM
Improve security posture with cloud services
Easily meet reporting requirements
Rapidly develop and deploy new enterprise capabilities
Secure Score: Identity
Password hashes
User accounts
Authentication
Sign
-on
On-premisesdirectory
Identity models
SAML token-based authentication
Password synchronization
Two-factor authentication
Client-based access control
Windows Azure
User
AAD Sync
Azure Active Directory offering comparison
Why Multi-Factor Authentication?
MMobile Apps Phone Calls Text Messages
Push NotificationOne-Time-Passcode
(OTP) Token
Phone callOne-Time-Passcode
(OTP) Token
TextOne-time passcode
(OTP) by text
Multi-Factor Authentication
Azure MFA offering comparisonMFA for O365/Azure
AdministratorsWindows Azure Multi-Factor
Authentication / EMS
Secure Score: Data
Encryption
Data loss prevention (DLP)
Anti-spam and antivirus
Windows Azurere
User
SMTP to partners: TLS protected
Rights Management Service
S/MIME
Office 365 Message Encryption
Transport Layer Security
Encryption Technologies
Exchange server
Message Delivery
RMS, S/MIME protected
Office 365 Message
Encryption
Data diskExchange server
Exchange online email archiving and retention
Governance
In-Place Archive
Secondary mailbox with separate quota
Managed through EAC or PowerShellAvailable on-premises, online, or through EOA
Automated and time-based criteria
Set policies at item or folder levelExpiration date shown in email message
Pres
erve
Governance
Capture deleted and edited email messagesTime-Based In-Place Hold Granular Query-Based In-Place Hold
Optional notification
eDiscovery
Web-based eDiscovery Center and multi-mailbox search
Search primary, In-Place Archive, and recoverable items
Delegate through roles-based administration
De-duplication after discovery
Auditing to validate controls are met
Sear
ch
Data Loss Prevention (DLP)
DLP –Exchange Online document fingerprinting
Scan email and attachments to look for patterns that match document templates
Protect sensitive documents from being accidently shared outside of your organization
No coding required; simply upload sample documents to create fingerprints
Multi-engine antimalware protects against 100% of known virusesContinuously updated anti-spam protection captures 98%+ of all inbound spamWorld-class fingerprinting technologies that Identify and stop spam and phishing vectors in real timeMark all bulk messages as spamBlock unwanted email based on language or Geographic origin
Exchange online anti-spam/anti-virusComprehensive protection
Mobility is a game changerIn order for modern IT to provide controlled access to the right services while minimizing the risk of leakage, the very foundations of your identity and security systems must be adapted to mobile devices through innovative supplemental capabilities
Help secure your data that is in transit or
is stored on devices
Deploy more secure devices
Define and deployyour mobile identity
Manage your devices life cycle
Secure Score: Device
DDevice management
Built-in Microsoft Intune
Conditional access
Selective wipe
Advanced application management
LoB app
Mobile device management
First-time access to corporate resources (Microsoft Exchange, Microsoft OneDrive for Business) is conditional, based on the device being managedSelectively wipe corporate data and appsManage line of business apps alongside Office Mobile Apps in “walled garden”Administrator can manage policy around how data is shared between managed and non-managed appsGive users familiar, full-featured Office applications; maintain document formatting across platforms
Managing Office 365 Mobile Apps with IntuneOffice 365 and Intune protect data without sacrificing productivity
Intune: Simplify app delivery and deployment
Consistent experience across:
• Windows
• Android
• iOS
Discover and install corporate apps
Manage devices and data
Customizable terms and conditions
Ability to contact IT
+ Deploy automatically without user intervention
Device Management Feature Comparison
Dev
ice
con
fig-
ura
tion
Inventory mobile devices that access corporate applicationsRemote factory reset (full device wipe)Mobile device configuration settings (PIN length, PIN required, lock time, etc.)Self-service password reset (Office 365 cloud only users)
Off
ice
365
Provides reporting on devices that do not meet IT policyGroup-based policies and reporting (ability to use groups for targeted device configuration)
Root cert and jailbreak detectionRemove Office 365 app data from mobile devices while leaving personal data and apps intact (Selective wipe)
Prevent access to corporate email and documents based upon device enrollment and compliance policies
Pre
miu
m m
obil
e d
evic
e an
d a
pp
m
anag
emen
t
Self-service Company Portal for users to enroll their own devices and install corporate apps
Deploy certificates, VPN profiles (including app-specific profiles), and Wi-Fi profilesPrevent cut/copy/paste/save as of data from corporate apps to personal apps (Mobile application management) Secure content viewing via Managed browser, PDF viewer, Imager viewer, and AV player apps for Intune
Remote device lock via self-service Company Portal and via admin console
PC
m
anag
emen
t PC management (e.g. inventory, antimalware, patch, policies, etc.)OS deployment (via System Center ConfigMgr)PC software management Single management console for PCs and mobile devices (through integration with System Center ConfigMgr)
Enterprise Mobility Suite
EMS IT manageability benefits for Office 365 customersMMobile device and app
management Information protection
Basic identity management via Azure AD for Office 365Single sign-on for Office 365
Basic multifactor authentication for Office 365
Basic mobile device management via MDM for Office 365Device settings management
Selective wipe
Built into Office 365 Management Console
RMS protection via RMS for Office 365Protection for content stored in Office (on-premises or Office 365)
Access to RMS SDK
Bring Your Own Key
Azure AD for Office 365+Single sign-on for all cloud apps Advanced multifactor authentication for all workloadsSelf-service group management and password reset with write back to on-premises directoryAdvanced security reportsFIM (now MIM), Server + CAL
MDM for Office 365+ PC management
Mobile app management (prevent cutting/copying/pasting/saving from corporate apps to personal apps)
Secure content viewers
Certificate provisioning
System Center integration
RMS for Office 365+ Protection for on-premises Windows Server file shares
Email notifications when sharing documents
Email notifications when shared documents are forwarded
Identity and Access Management
Develop policies for how to evaluate, adopt, and use cloud services to minimize creation of inconsistencies and vulnerabilities that attackers can exploit. • Identity policies• Data policies• Compliance policies and documentation
Governance and security policy
Your keys to success
IT administrators are a dependency for cloud security. The privileged accounts, credentials, and workstations—where the accounts are used—must be protected and monitored.
Administrative privilege management
Secure identity systems at or above the level of cloud services.
Identity systems and identity mgmt.
Evaluate the threats that apply to your organization and put them into context by leveraging resources like threat intelligence, information sharing, and analysis centers. (ISACs)
Threat awareness
You own your data. Classify your sensitive data and ensure it is protected and monitored wherever it is stored.
Data protection
O365 Migration Success Story -
• Leveraged Velosio for tenant to tenant O365 migration• Successfully migrated the tenant• Successfully migrated (262) mailboxes and data• Currently exploring ZeroSpam filtering tool
Situation: Six Red Marbles was breaking away fromthe parent company, and needed to separate existingO365 tenant from the parent organization. Theyselected Velosio for it’s deep O365 experience andability to handle complex O365 migrations.