Security in MS-365 Part 2: MS-365 ATP

00:00

Welcome back. Cybersecurity Sudbury Ins to the M s 3 65 Security Administration. Course

00:07

I'm Your Stronger Jim Daniels were a Model three. Invest 3 65. Threat Protection Lesson one. Security within industry 65. Part two

00:18

Invest 3 65 Advanced Threat Protection

00:21

In this lesson, we will undoubtably cover

00:25

standard email protection

00:28

E o p Staines Along protection,

00:30

the composition of M s 3 65 80 p Advanced threat protection

00:35

and the benefits of the secure score to an organization

00:40

exchange on protection. E O T

00:43

E O P WITH Microsoft 3 65 80 p.

00:47

Acronyms Right

00:49

technology

00:50

You can't escape back or names.

00:52

GOP provides protection against spoofing efficient attacks. Span an hour.

00:58

Uses a combination of I P in your oral reputation

01:02

domain reputation span and now we're filtering content. Build train in connection filtering.

01:07

You can be extended by enabling invest 3 65 80 p

01:11

within the tenant

01:14

exchange Online on comes with GOP included,

01:18

So the very basic bare minimum

01:21

once your organization goes to exchange on you, will have e a p. There.

01:26

You won't have the advanced features that come with 3 65 80 p or Invest rate 65 80. You won't have those advanced features, however.

01:34

You'll have a lot of foundational features with the A P

01:38

in this 3. 65 is a collection. It's a collective of features designed to combat advanced targeted threats.

01:48

M s 3 65 80 p is comprised of safe attachments,

01:53

safe links, spoof intelligence quarantine and anti fishing

02:00

Cloud AB. Security is a comprehensive cross SAS solution. Bring you visibility data controls and enhance threat protection to your cloud. APS.

02:09

With the service, you gain visibility in the shadow I t.

02:13

By discovering cloud apps that your users Youlus

02:16

has includes representation,

02:19

discovering insights and hands control.

02:23

If you have the license for cast and you're not using a shame when you

02:27

cloud up, security is a wonderful tool.

02:30

Quiz

02:30

exchange. Online protection comes standard with exchange online,

02:36

and it provides protection against spoofing

02:38

fishing span. And now, where true

02:43

we're faults.

02:44

What do you think?

02:47

That's true.

02:50

Our friend Cosmo just pointed that help

02:52

that is true.

02:53

Secure score.

02:55

It's based on system config,

02:58

user behavior and other security related measurements.

03:01

Some of the benefits of secure score

03:04

donuts

03:05

walking organization do to mitigate risk

03:07

comparison.

03:09

Compare your organization with what other organizations are doing

03:14

Sliding bar

03:15

so you can actually set a target. And it will tell you what needs to be done to achieve that target.

03:22

Dashboard

03:23

dashboards. The high level view

03:25

that you can export. You give access to take screenshots off to give to your SI SOS security managers stakeholders

03:35

a p I.

03:37

You can extend it with flexible A p I

03:39

encouragement.

03:42

As humans, we want to see

03:44

accomplishments. It's is about nature.

03:46

That's why I s m I says, Hey,

03:50

I'm gonna write a list of things to do. However,

03:53

I'm gonna put two things on the list I've already done

03:55

so I can see those two items being marked now.

04:00

It gives you motivation. The same thing was to hear score. Once you make a change and it's reflected and secure score, you can actually see it go up. You can see it increase. That encourages you and your team

04:12

to continue working for that goal of a more secure environment.

04:16

AP I can be fully integrated in with a Microsoft graph.

04:20

Some of the benefits of quite and secure scored data through the graph

04:25

Say you want to monitor and report when you're secure scoring and downstream reporting tools.

04:30

In other words, you want to take a crystal report where you want to take

04:32

something. Third party.

04:34

Maybe you want to do a power bi our report and great the FBI into it.

04:39

You want track your configuration baseline.

04:42

You were integrated that into compliance or cyber security instruments, applications.

04:46

A lot of times,

04:48

when we get that security insurance, they want to see proof of our environment. They want to see when we make it better. They want to see proof of that. So secure score through a P. I can allow that

05:00

you integrate your data into your security incident and of imagine, you're seem

05:04

or your casby solution.

05:06

This way you can drive a hybrid or multi cloud framework so you can see the total picture.

05:13

You have your secure score with any mystery 65. But you also have your seen whether be as your senator or something else that has your firewall snapshot.

05:23

Maybe it has different configuration.

05:25

All of that can roll into one

05:28

buzzword. Single pane of glass.

05:32

You're secure. Scored dashboard.

05:35

It analyzes your in Miss Trixie five Security based on security settings across the tennis

05:42

to secure score framework is based on score relative toe. What features you have enabled

05:47

what features are available to enable and want to risk was like either for

05:53

enabling those features, configuring them the way they are configured or ignoring those features and not enabling

06:00

On this screen shot, we can see that

06:01

85 out of 364.

06:04

It's probably not the best for

06:06

we, but we can see how it's compared to other ones

06:10

and we can actually see. Hey, maybe you're off to a good start.

06:14

While the dashboard provides a snapshot of the current security posture,

06:17

the analyzer could be used to manage the risk over time.

06:23

The animal, either Tan, provides a historical graph

06:26

that shows the score over the past 30 60 90 days. So if your security team is really working on improving the secure score,

06:33

this is a tangible graph you can show

06:36

to desist. Ah, or just a cold for say, Hey, this is our improvement.

06:42

This is something reported

06:45

a K T. I performance indicator, the Microsoft Secure score that shows we're heading in the right direction for organization

06:53

once you've used the secure score tool to determine the state of your security. Next steps to analyze your findings and plan how to improve conditions

07:02

during planning,

07:04

you should consider your potential forest

07:08

again. Wash your appetite for risk washer organizations. Security posture. What's their stance?

07:15

How difficult the provides solutions are to implement

07:17

timeframes. How long it's gonna take an impact to your rating based on East Action.

07:25

Every organization is different.

07:28

Most organizations go with the low hanging fruit

07:30

so they can go ahead and check a few items off the list and see a positive improvement

07:35

you want to look at. Is the juice worth the squeeze?

07:40

Some organizations if the implementation, is going to cost $100,000 a year,

07:45

but the end result of a materialization of that risk is only gonna be 5000. They're not even going to implement that. Control

07:53

doesn't make financial sense.

07:55

Each organization is different.

07:57

If you're consultant,

07:59

each one of these analysis is totally different. It's all dependent on that organization.

08:05

So to recap the lesson, invest 3 65 includes several security solutions that can help you protect your users. Resource is, and that including exchange alarm protection.

08:16

Oh, through C C five advanced threat protection and cloud APP Security.

08:20

The Microsoft secure score provides a numerical summary or rating of your security postural within an S 3 65.

08:28

This writing is based on assistant configurations.

08:31

Why you configured what you have available to configure and you haven't

08:35

use your behavior and other security related in measurements.