SlideShare une entreprise Scribd logo

What small businesses need to know about Azure AD premium

Télécharger en tant que PPTX, PDF
Miguel Tena
Miguel Tena

In this session I reflect on what Azure AD brings to the table for small businesses an do an introduction of key services in each tier of the identity platform to improve your security posture, improve onboarding/offboarding and enhance productivity through governance.

Technologie
1  sur  74
MICROSOFT 365 Virtual MARATHON May 27 & 28, 2020 36 hours / 2 days What small businesses need to know about Azure AD premium Miguel A. Tena Office 365 Consultant, 2toLead @mikeware_tena Broughtto youby: TheGlobalMicrosoft Community M365VirtualMarathon.com| #M365VM
MICROSOFT 365 Virtual MARATHON May 27 & 28, 2020 36 hours / 2 days Mark Your Calendars: March 23-25, 2021 MGM Grand Resort Las Vegas, Nevada, USA M365Conf.com #M365CONF TheSharePoint Conferenceis nowTheMicrosoft 365 CollaborationConference Broughtto youby: TheGlobalMicrosoft Community M365VirtualMarathon.com| #M365VM
Thank you to all our generous sponsors
 Miguel A. Tena  Office 365 Consultant, 2toLead / Digital Workplace Crusader  Participated in TAP for Office 12, immigrated to Canada in 2010.  Focused on M365, Identity, and SharePoint/Teams.  Born in Mexico City, “se habla Español” LET ME INTRODUCE MYSELF… Broughtto youby: TheGlobalMicrosoft Community M365VirtualMarathon.com| #M365VM
 Visit the Vendors Booth, Sessions and Watch the Videos  Submit Your Answers to Enter the Raffle  You need at least 5 correct answers then submit for a chance to win one of 3 (One in each Americas, APAC, EMEA) ARE YOU READY FOR A RAFFLE? We are giving away 3 Oculus Quest All In One! https://bit.ly/m365raffle
CONSIDER DONATING TO THE FOLLOWING CHARITY RELIEF FUNDS: UNITED WAY OR INTERNATIONAL MEDICAL CORPS THANK YOU FOR JOINING US! 10% OF FUNDS FROM SPONSORS GO TO SUPPORT COMMUNITY RELIEF United Way: https://give.uwkc.org/M365VM International Medical Corps: https://bit.ly/MedicalCorpsFund
Broughtto youby: TheGlobalMicrosoft Community M365VirtualMarathon.com| #M365VM https://www.microsoft.com/en-ca/microsoft-365/blog/2020/03/30/new-microsoft-365- offerings-small-and-medium-sized-businesses/
In April 2020, nothing changed. Broughtto youby: TheGlobalMicrosoft Community M365VirtualMarathon.com| #M365VM
Or did it… Broughtto youby: TheGlobalMicrosoft Community M365VirtualMarathon.com| #M365VM
Or did it… Broughtto youby: TheGlobalMicrosoft Community M365VirtualMarathon.com| #M365VM
May 27 & 28, 2020 Miguel Tena | EN #M365VM LET’S CHAT ABOUT…  What is Microsoft 365 Business? Is it right for my business?  What is Azure AD (Premium)?  Pain points of the “new normal”  Where can Azure AD Premium help my business?  Key next steps Broughtto youby: TheGlobalMicrosoft Community M365VirtualMarathon.com| #M365VM
 M365 = Productivity + Device Management + Security  Productivity = Office 365  Device Management = Intune  Azure Active Directory = Security  Business suite for < 300 seats (licenses) What is Microsoft 365 Business? Is it right for my business?
 Azure AD is your cloud-based identity and access management service.  If you have Office 365 or M365, you already have one.  Can help you secure:  External Resources: Azure, Office 365, 1000s of other SaaS Applications  Internal Resources: apps in your organization What is Azure AD?
Free Office 365 Apps Premium P1 Premium P2 Four “flavors” of Azure AD.
 Remote work is exploding, but the pandemic only accelerated an existing trend of the “gig” economy.  Global Talent Pool  Onboarding/Offboarding  Just enough access  Work from anywhere Opportunities and Pain Points of the “new normal”
 Safeguard corporate assets and information in a geo-dispersed organization  Monitoring for information, security and device management  Auditing, compliance and security Opportunities and Pain Points of the “new normal”
 Reduce your time to productivity  Provision assets (corporate/BYOD)  Provision access (guest/Internal) Opportunities and Pain Points of the “new normal”
 Ensuring the right people have the right access to apps and information  Standardize for creation, naming and use of groups for improving productivity and governance.  Support a remote workforce by simplifying tasks such as password resets, access to company resources, etc. Where can Azure AD Premium help my business?
 Single Sign on (SSO)  User (and group) management  Device Registration  Cloud Authentication  Azure AD Connect Sync  Self Service Password change for cloud accounts  Password Protection (Global banned password)  Azure AD Join for desktop SSO  Multi Factor Authentication  Basic reporting  Azure AD B2B Core Services in Azure AD
 Single Sign on (SSO)  User (and group) management  Device Registration  Cloud Authentication  Azure AD Connect Sync  Self Service Password change for cloud accounts  Password Protection (Global banned password)  Azure AD Join for desktop SSO  Multi Factor Authentication  Basic reporting  Azure AD B2B Core Services in Azure AD
AZURE AD REGISTERED VS JOINED DEVICES Join Model Ownership Org sign in to device required? Applies to: SSO Device Management Azure AD Registered User/Org No BYOD, Mobile Win 10, iOS, Android, MacOS Cloud Only Resources MDM (Intune) Azure AD Joined Org Yes Windows 10 Devices Cloud + On-Premises Resources MDM, Co-managed with Intune + Endpoint Config Manager Hybrid Azure AD Joined Org Yes Win 7-10, Win Server 2008 R2 - 2019 Cloud + On-Premises Resources GPO, SCCM and/or Intune
 Single Sign on (SSO)  User (and group) management  Device Registration  Cloud Authentication  Azure AD Connect Sync  Self Service Password change for cloud accounts  Password Protection (Global banned password)  Azure AD Join for desktop SSO  Multi Factor Authentication  Basic reporting  Azure AD B2B Core Services in Azure AD
 AD Connect Sync  Synchronize identities (users/groups) from your on-premises Active Directory  Sign-in methods:  Password Hash sync (auth on cloud using sync)  Passthrough Auth (auth happens on-prem using agent)  Federated auth (ADFS)  AD Connect Health  Monitor Federation service health Azure AD Connect
What auth method to use?
 Single Sign on (SSO)  User (and group) management  Device Registration  Cloud Authentication  Azure AD Connect Sync  Self Service Password change for cloud accounts  Password Protection (Global banned password)  Azure AD Join for desktop SSO  Multi Factor Authentication  Basic reporting  Azure AD B2B Core Services in Azure AD
Free Office 365 Apps Premium P1 Premium P2 Four “flavors” of Azure AD.
 Branding (login/logout)  Self Service Password reset for cloud accounts  Backed by SLA  Device write-back I & AM for Office 365 apps - Azure AD
 Branding (login/logout)  Self Service Password reset for cloud accounts  Backed by SLA  Device write-back I & AM for Office 365 apps - Azure AD
 Provide a personalized experience  Hint for avoiding being “phished”  Culture starts at the door. In remote work environments, sign-in page is the doormat. Apply your brand to your sign-in experience
 Branding (login/logout)  Self-service password reset for cloud accounts  Backed by SLA  Device write-back I & AM for Office 365 apps - Azure AD
 Branding (login/logout)  Self Service Password reset for cloud accounts  Backed by SLA  Device write-back I & AM for Office 365 apps - Azure AD
 Branding (login/logout)  Self Service Password reset for cloud accounts  Backed by SLA  Device write-back (two-way) I & AM for Office 365 apps - Azure AD
Free Office 365 Apps Premium P1 Premium P2 Four “flavors” of Azure AD.
 Password protection (custom banned password)  Password protection for Windows Server Active Directory (global & custom banned password)  Self-service password reset/change/unlock with on- premises write-back  Group access management  Microsoft Cloud App Discovery  Azure AD Join: MDM auto-enrolment & local admin policy customization  Azure AD Join: self-service bitlocker recovery, enterprise state roaming  Advanced security and usage reports Azure AD Premium (P1 - Now Included!!!)
 Password protection (custom banned password)  Password protection for Windows Server Active Directory (global & custom banned password) Azure AD Premium – Password Protection
• Users reset their expired or non-expired password without admin or helpdesk for support. • Writeback allows management of on-premises passwords and lockout though the cloud. • Activity reports for • SSPR Registration • Password Resets Azure AD Premium – Self Service Password Management
 Password protection (custom banned password)  Password protection for Windows Server Active Directory (global & custom banned password)  Group access management  Microsoft Cloud App Discovery  Azure AD Join: MDM auto-enrolment & local admin policy customization  Azure AD Join: self-service bitlocker recovery, enterprise state roaming  Advanced security and usage reports Azure AD Premium (P1 - Now Included!!!)
 Provide access to:  Cloud Apps  On-premises apps (requires App Proxy)  Resources: role assignments in Azure, Office 365, other SaaS apps, etc.  Groups synced from on-prem are managed there.  Distribution lists and email enabled groups are managed in Exchange admin center or M365 Admin portal. Azure AD Premium - Group access management
 Direct assignment  Group assignment  Rule-based assignment  (aka Dynamic groups)  External authority  On-premises AD or other SaaS apps manage group membership Azure AD Premium – Types of Rights Assignment
 Enable remote users to (SSO) access on-premises (internal network) resources from a remote client.  Instead of VPN, uses a Proxy Service in Azure and a connector on premises.  Can be used with:  Web Applications that use Integrated Windows Auth, form based or header-based access  Web APIs  Applications hosted behind a Remote Desktop Gateway  Rich client apps using ADAL. Azure AD Premium – Application Proxy
 Password protection (custom banned password)  Password protection for Windows Server Active Directory (global & custom banned password)  Group access management  Microsoft Cloud App Discovery  Azure AD Join: MDM auto-enrolment & local admin policy customization  Azure AD Join: self-service bitlocker recovery, enterprise state roaming  Advanced security and usage reports Azure AD Premium (P1 - Now Included!!!)
 Monitor and assess usage of Cloud Applications your workforce uses.  Detect shadow IT, risky usage and suspicious activities.  Apply governance for sanctioned/unsanctioned apps.  It analyzes traffic logs and can report on over 16k known apps.  Integration with major proxy/firewall (Zcaler, Juniper, etc.) and Microsoft Defender ATP  Can enforce access to applications using Conditional Access Policies Azure AD Premium – Cloud App Discovery
 Password protection (custom banned password)  Password protection for Windows Server Active Directory (global & custom banned password)  Group access management  Microsoft Cloud App Discovery  Azure AD Join: MDM auto-enrolment & local admin policy customization  Azure AD Join: self-service bitlocker recovery, enterprise state roaming  Advanced security and usage reports Azure AD Premium (P1 - Now Included!!!)
 MDM auto-enrolment & local admin policy customization  Enforce enrolment to your MDM (Intune) to manage device and set up policies  Configure local admins to support Help Desk and IT personnel to access devices  Self-service bitlocker recovery  Users can retrieve their bitlocker key without requiring help desk/IT Support  Enterprise state roaming  Ability to take settings (apps/themes/etc.) across devices Azure AD Premium – Azure AD Join
 Password protection (custom banned password)  Password protection for Windows Server Active Directory (global & custom banned password)  Group access management  Microsoft Cloud App Discovery  Azure AD Join: MDM auto-enrolment & local admin policy customization  Azure AD Join: self-service bitlocker recovery, enterprise state roaming  Advanced security and usage reports Azure AD Premium (P1 - Now Included!!!)
 Security Reports  Users flagged for risk  user accounts that might be compromised  Risky sign-ins  Sign-in attempts by others than the owner of account Advanced security and usage reports All types of Azure AD licenses provide some level of reporting. Premium licenses allow for additional details and/or control.
 Activity Reports  Audit logs  History of every task performed in your tenant.  Sign-ins  Correlate tasks with who has executed them Advanced security and usage reports
 Dynamic groups  Group creation permission delegation  Group naming policy  Group expiration  Usage guidelines  Default classification Azure AD Premium - Advanced Group access management
 Dynamic groups  Group creation permission delegation  Group naming policy  Group expiration  Usage guidelines  Default classification Azure AD Premium - Advanced Group access management
 Allow users in the organization to create and manage groups.  This is usually on for everyone by default.  To prevent group sprawl, can be restricted to a few members.  Users allowed to create groups require Premium licenses. Group creation permission delegation
 Dynamic groups  Group creation permission delegation  Group naming policy  Group expiration  Usage guidelines  Default classification Azure AD Premium - Advanced Group access management
 Prefix-suffix naming policies  Fixed  group_[GroupName]  User attributes  I.E. O365G [Department] [GroupName]  Supported: [Department], [Company], [Office], [StateOrProvince], [CountryOrRegion], [Title].  Blocked words  List of phrases to be blocked in group names and aliases  I.E: CEO, projectX. Group Naming Policy
 Groups can be set to expire after a certain period of inactivity  Active groups are automatically renews based on activities in:  SharePoint (view, edit, move, share or upload)  Outlook (Join, read/write group message from group space, Like message in OWA)  Teams: Visit a Teams Channel  Owners of groups near expiration receive email notifications 30/15/1 day prior to expiry and can renew group by just clicking on the email. Group Expiration
 Dynamic groups  Group creation permission delegation  Group naming policy  Group expiration  Usage guidelines  Default classification Azure AD Premium - Advanced Group access management
 Provide guidelines for using groups on group creation.  Can be defined for Guests and internal users.  Link is shown on any area where groups can be created. Usage Guidelines
 Dynamic groups  Group creation permission delegation  Group naming policy  Group expiration  Usage guidelines  Default classification Azure AD Premium - Advanced Group access management
 Define your Information classification for groups  For example:  Top Secret  Confidential  Operational  Public  Set a Default Classification for new groups Default Group Classification
 Conditional Access based on group, location and device status  Azure Information Protection integration  SharePoint limited access  Terms of Use (set up terms of use for specific access)  Multi-factor authentication with conditional access  Third-party identity governance partners integration Azure AD Premium - Conditional Access
 Conditional Access based on group, location and device status  Azure Information Protection integration  SharePoint limited access  Terms of Use (set up terms of use for specific access)  Multi-factor authentication with conditional access  Third-party identity governance partners integration Azure AD Premium - Conditional Access
Azure AD Premium - Conditional Access
 Conditional Access based on group, location and device status  Azure Information Protection integration  SharePoint limited access  Terms of Use (set up terms of use for specific access)  Multi-factor authentication with conditional access  Third-party identity governance partners integration Azure AD Premium - Conditional Access
 Classify and secure information based on labels.  Enforce certain rules such as forwarding, printing, etc.  Integrates with Conditional Access to ensure content of a specific label is accessed based on specific conditions. Azure Information Protection
 Conditional Access based on group, location and device status  Azure Information Protection integration  SharePoint limited access  Terms of Use (set up terms of use for specific access)  Multi-factor authentication with conditional access  Third-party identity governance partners integration Azure AD Premium - Conditional Access
 Using Conditional Access, you can set up rules that prevent access to SharePoint sites and OneDrive from users in certain groups, or conditions.  The access can be limited globally, or per-site basis.  Advanced scenarios for types of actions such as restricting editing, browse only view of files, limit file previews, etc. SharePoint limited access
 Conditional Access based on group, location and device status  Azure Information Protection integration  SharePoint limited access  Terms of Use (set up terms of use for specific access)  Multi-factor authentication with conditional access  Third-party identity governance partners integration Azure AD Premium - Conditional Access
 Present legal disclaimers or terms of use for legal or compliance.  Track who has accepted/declined Terms of use  Associate by group or conditional access policy Terms of use
Free Office 365 Apps Premium P1 Premium P2 Four “flavors” of Azure AD.
 Identity protection  Vulnerabilities and risky accounts detection  Risk events investigation  Risk-based Conditional Access policies  Identity Governance  Privileged Identity Management (PIM)  Access reviews  Entitlement management Azure AD Premium (P2 – need to buy)
Free Office 365 Apps Premium P1 Premium P2 Four “flavors” of Azure AD.
 Ensure you have M365 Business.  Leverage key resources to get started:  Microsoft Tech Community  Microsoft Docs  Partners  Have a plan, no need to light everything up on day one.  Consider change management/adoption Key next steps
MICROSOFT 365 Virtual MARATHON May 27 & 28, 2020 36 hours / 2 days THANK YOU FOR JOINING US! DO YOU HAVE ANY QUESTIONS? Let’s Connect! @mikeware_tena Broughtto youby: TheGlobalMicrosoft Community M365VirtualMarathon.com| #M365VM
ICON STORE SLIDE #1
ICON STORE SLIDE #2

Recommandé

NIC 2017 Did you like Azure RMS? You will like Azure Information Protection e...
NIC 2017 Did you like Azure RMS? You will like Azure Information Protection e...NIC 2017 Did you like Azure RMS? You will like Azure Information Protection e...
NIC 2017 Did you like Azure RMS? You will like Azure Information Protection e...
Morgan Simonsen
 
Slim omgaan met uw mobiele devices - EM+S
Slim omgaan met uw mobiele devices - EM+SSlim omgaan met uw mobiele devices - EM+S
Slim omgaan met uw mobiele devices - EM+S
Berry Schreuder
 
Azure Active Directory - An Introduction for Developers
Azure Active Directory - An Introduction for DevelopersAzure Active Directory - An Introduction for Developers
Azure Active Directory - An Introduction for Developers
John Garland
 
SPSNL17 - Securing Office 365 and Microsoft Azure like a rock star (or groupi...
SPSNL17 - Securing Office 365 and Microsoft Azure like a rock star (or groupi...SPSNL17 - Securing Office 365 and Microsoft Azure like a rock star (or groupi...
SPSNL17 - Securing Office 365 and Microsoft Azure like a rock star (or groupi...
DIWUG
 
Microsoft ecosystem 2021
Microsoft ecosystem 2021Microsoft ecosystem 2021
Microsoft ecosystem 2021
Bhanwar Chauhan
 
2018 November - AZUGDK - Azure AD
2018 November - AZUGDK - Azure AD 2018 November - AZUGDK - Azure AD
2018 November - AZUGDK - Azure AD
Peter Selch Dahl
 
Azure AD with Office 365 and Beyond!
Azure AD with Office 365 and Beyond!Azure AD with Office 365 and Beyond!
Azure AD with Office 365 and Beyond!
Ravikumar Sathyamurthy
 
Microsoft Cloud Identity and Access Management Poster - Atidan
Microsoft Cloud Identity and Access Management Poster - AtidanMicrosoft Cloud Identity and Access Management Poster - Atidan
Microsoft Cloud Identity and Access Management Poster - Atidan
David J Rosenthal
 

Recommandé

NIC 2017 Did you like Azure RMS? You will like Azure Information Protection e...
NIC 2017 Did you like Azure RMS? You will like Azure Information Protection e...NIC 2017 Did you like Azure RMS? You will like Azure Information Protection e...
NIC 2017 Did you like Azure RMS? You will like Azure Information Protection e...
Morgan Simonsen
 
Slim omgaan met uw mobiele devices - EM+S
Slim omgaan met uw mobiele devices - EM+SSlim omgaan met uw mobiele devices - EM+S
Slim omgaan met uw mobiele devices - EM+S
Berry Schreuder
 
Azure Active Directory - An Introduction for Developers
Azure Active Directory - An Introduction for DevelopersAzure Active Directory - An Introduction for Developers
Azure Active Directory - An Introduction for Developers
John Garland
 
SPSNL17 - Securing Office 365 and Microsoft Azure like a rock star (or groupi...
SPSNL17 - Securing Office 365 and Microsoft Azure like a rock star (or groupi...SPSNL17 - Securing Office 365 and Microsoft Azure like a rock star (or groupi...
SPSNL17 - Securing Office 365 and Microsoft Azure like a rock star (or groupi...
DIWUG
 
Microsoft ecosystem 2021
Microsoft ecosystem 2021Microsoft ecosystem 2021
Microsoft ecosystem 2021
Bhanwar Chauhan
 
2018 November - AZUGDK - Azure AD
2018 November - AZUGDK - Azure AD 2018 November - AZUGDK - Azure AD
2018 November - AZUGDK - Azure AD
Peter Selch Dahl
 
Azure AD with Office 365 and Beyond!
Azure AD with Office 365 and Beyond!Azure AD with Office 365 and Beyond!
Azure AD with Office 365 and Beyond!
Ravikumar Sathyamurthy
 
Microsoft Cloud Identity and Access Management Poster - Atidan
Microsoft Cloud Identity and Access Management Poster - AtidanMicrosoft Cloud Identity and Access Management Poster - Atidan
Microsoft Cloud Identity and Access Management Poster - Atidan
David J Rosenthal
 
15th December 2016 - Microsoft Paddington Vuzion Partner Event
15th December 2016 - Microsoft Paddington Vuzion Partner Event15th December 2016 - Microsoft Paddington Vuzion Partner Event
15th December 2016 - Microsoft Paddington Vuzion Partner Event
Vuzion
 
Identity Management for Office 365 and Microsoft Azure
Identity Management for Office 365 and Microsoft AzureIdentity Management for Office 365 and Microsoft Azure
Identity Management for Office 365 and Microsoft Azure
Sparkhound Inc.
 
M365 e3 and identity and threat protection and compliance new skus
M365 e3 and identity and threat protection and compliance new skusM365 e3 and identity and threat protection and compliance new skus
M365 e3 and identity and threat protection and compliance new skus
SpencerLuke2
 
How to Migrate G Suite to Office 365 Readily!
How to Migrate G Suite to Office 365 Readily! How to Migrate G Suite to Office 365 Readily!
How to Migrate G Suite to Office 365 Readily!
Dee Negi
 
M365 reinvinting digital environment for modern workplace nv
M365 reinvinting digital environment for modern workplace nvM365 reinvinting digital environment for modern workplace nv
M365 reinvinting digital environment for modern workplace nv
Ahmad Almarzouk
 
Securing your Azure Identity Infrastructure
Securing your Azure Identity InfrastructureSecuring your Azure Identity Infrastructure
Securing your Azure Identity Infrastructure
Vignesh Ganesan I Microsoft MVP
 
Azure AD and Office 365 - Deja Vu All Over Again
Azure AD and Office 365 - Deja Vu All Over AgainAzure AD and Office 365 - Deja Vu All Over Again
Azure AD and Office 365 - Deja Vu All Over Again
Sean Deuby
 
Security and compliance in Office 365 -Part 1
Security and compliance in Office 365 -Part 1Security and compliance in Office 365 -Part 1
Security and compliance in Office 365 -Part 1
Vignesh Ganesan I Microsoft MVP
 
All Plans Comparison - Office 365 and Microsoft 365 Plans
All Plans Comparison - Office 365 and Microsoft 365 PlansAll Plans Comparison - Office 365 and Microsoft 365 Plans
All Plans Comparison - Office 365 and Microsoft 365 Plans
GetMax DMCC
 
From classification to protection of your data, secure your business with azu...
From classification to protection of your data, secure your business with azu...From classification to protection of your data, secure your business with azu...
From classification to protection of your data, secure your business with azu...
Joris Faure
 
Modern Workplace - Shift to Cloud
Modern Workplace - Shift to CloudModern Workplace - Shift to Cloud
Modern Workplace - Shift to Cloud
InTTrust S.A.
 
Microsoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewMicrosoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 Overview
David J Rosenthal
 
Microsoft Enterprise Mobility Suite Poster
Microsoft Enterprise Mobility Suite PosterMicrosoft Enterprise Mobility Suite Poster
Microsoft Enterprise Mobility Suite Poster
David J Rosenthal
 
SharePoint Conference 2018 - Understanding Office 365 Usage Reporting
SharePoint Conference 2018 - Understanding Office 365 Usage ReportingSharePoint Conference 2018 - Understanding Office 365 Usage Reporting
SharePoint Conference 2018 - Understanding Office 365 Usage Reporting
Scott Hoag
 
M365 reinventing digital environment for modern workplace
M365 reinventing digital environment for modern workplaceM365 reinventing digital environment for modern workplace
M365 reinventing digital environment for modern workplace
Ahmad Almarzouk
 
SPSNL17 - Secure Collaboration: Start classifying, labeling, and protecting y...
SPSNL17 - Secure Collaboration: Start classifying, labeling, and protecting y...SPSNL17 - Secure Collaboration: Start classifying, labeling, and protecting y...
SPSNL17 - Secure Collaboration: Start classifying, labeling, and protecting y...
DIWUG
 
Microsoft 365
Microsoft 365Microsoft 365
Microsoft 365
Jeannette Browning
 
Get your Hybrid Identity in 4 steps with Azure AD Connect
Get your Hybrid Identity in 4 steps with Azure AD ConnectGet your Hybrid Identity in 4 steps with Azure AD Connect
Get your Hybrid Identity in 4 steps with Azure AD Connect
Ronny de Jong
 
Windows 10 Modern Management
Windows 10 Modern ManagementWindows 10 Modern Management
Windows 10 Modern Management
David J Rosenthal
 
AzureAAD
AzureAADAzureAAD
AzureAAD
TonyHotko
 
Hitchhiker's Guide to Azure AD - SPS St Louis 2018
Hitchhiker's Guide to Azure AD - SPS St Louis 2018Hitchhiker's Guide to Azure AD - SPS St Louis 2018
Hitchhiker's Guide to Azure AD - SPS St Louis 2018
Max Fritz
 
Azure Active Directory
Azure Active DirectoryAzure Active Directory
Azure Active Directory
Sovelto
 

Contenu connexe

Tendances

From classification to protection of your data, secure your business with azu...
From classification to protection of your data, secure your business with azu...From classification to protection of your data, secure your business with azu...
From classification to protection of your data, secure your business with azu...
Joris Faure
 
SharePoint Conference 2018 - Understanding Office 365 Usage Reporting
SharePoint Conference 2018 - Understanding Office 365 Usage ReportingSharePoint Conference 2018 - Understanding Office 365 Usage Reporting
SharePoint Conference 2018 - Understanding Office 365 Usage Reporting
Scott Hoag
 
SPSNL17 - Secure Collaboration: Start classifying, labeling, and protecting y...
SPSNL17 - Secure Collaboration: Start classifying, labeling, and protecting y...SPSNL17 - Secure Collaboration: Start classifying, labeling, and protecting y...
SPSNL17 - Secure Collaboration: Start classifying, labeling, and protecting y...
DIWUG
 
Get your Hybrid Identity in 4 steps with Azure AD Connect
Get your Hybrid Identity in 4 steps with Azure AD ConnectGet your Hybrid Identity in 4 steps with Azure AD Connect
Get your Hybrid Identity in 4 steps with Azure AD Connect
Ronny de Jong
 

Tendances (20)

15th December 2016 - Microsoft Paddington Vuzion Partner Event
15th December 2016 - Microsoft Paddington Vuzion Partner Event15th December 2016 - Microsoft Paddington Vuzion Partner Event
15th December 2016 - Microsoft Paddington Vuzion Partner Event
 
Identity Management for Office 365 and Microsoft Azure
Identity Management for Office 365 and Microsoft AzureIdentity Management for Office 365 and Microsoft Azure
Identity Management for Office 365 and Microsoft Azure
 
M365 e3 and identity and threat protection and compliance new skus
M365 e3 and identity and threat protection and compliance new skusM365 e3 and identity and threat protection and compliance new skus
M365 e3 and identity and threat protection and compliance new skus
 
How to Migrate G Suite to Office 365 Readily!
How to Migrate G Suite to Office 365 Readily! How to Migrate G Suite to Office 365 Readily!
How to Migrate G Suite to Office 365 Readily!
 
M365 reinvinting digital environment for modern workplace nv
M365 reinvinting digital environment for modern workplace nvM365 reinvinting digital environment for modern workplace nv
M365 reinvinting digital environment for modern workplace nv
 
Securing your Azure Identity Infrastructure
Securing your Azure Identity InfrastructureSecuring your Azure Identity Infrastructure
Securing your Azure Identity Infrastructure
 
Azure AD and Office 365 - Deja Vu All Over Again
Azure AD and Office 365 - Deja Vu All Over AgainAzure AD and Office 365 - Deja Vu All Over Again
Azure AD and Office 365 - Deja Vu All Over Again
 
Security and compliance in Office 365 -Part 1
Security and compliance in Office 365 -Part 1Security and compliance in Office 365 -Part 1
Security and compliance in Office 365 -Part 1
 
All Plans Comparison - Office 365 and Microsoft 365 Plans
All Plans Comparison - Office 365 and Microsoft 365 PlansAll Plans Comparison - Office 365 and Microsoft 365 Plans
All Plans Comparison - Office 365 and Microsoft 365 Plans
 
From classification to protection of your data, secure your business with azu...
From classification to protection of your data, secure your business with azu...From classification to protection of your data, secure your business with azu...
From classification to protection of your data, secure your business with azu...
 
Modern Workplace - Shift to Cloud
Modern Workplace - Shift to CloudModern Workplace - Shift to Cloud
Modern Workplace - Shift to Cloud
 
Microsoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewMicrosoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 Overview
 
Microsoft Enterprise Mobility Suite Poster
Microsoft Enterprise Mobility Suite PosterMicrosoft Enterprise Mobility Suite Poster
Microsoft Enterprise Mobility Suite Poster
 
SharePoint Conference 2018 - Understanding Office 365 Usage Reporting
SharePoint Conference 2018 - Understanding Office 365 Usage ReportingSharePoint Conference 2018 - Understanding Office 365 Usage Reporting
SharePoint Conference 2018 - Understanding Office 365 Usage Reporting
 
M365 reinventing digital environment for modern workplace
M365 reinventing digital environment for modern workplaceM365 reinventing digital environment for modern workplace
M365 reinventing digital environment for modern workplace
 
SPSNL17 - Secure Collaboration: Start classifying, labeling, and protecting y...
SPSNL17 - Secure Collaboration: Start classifying, labeling, and protecting y...SPSNL17 - Secure Collaboration: Start classifying, labeling, and protecting y...
SPSNL17 - Secure Collaboration: Start classifying, labeling, and protecting y...
 
Microsoft 365
Microsoft 365Microsoft 365
Microsoft 365
 
Get your Hybrid Identity in 4 steps with Azure AD Connect
Get your Hybrid Identity in 4 steps with Azure AD ConnectGet your Hybrid Identity in 4 steps with Azure AD Connect
Get your Hybrid Identity in 4 steps with Azure AD Connect
 
Windows 10 Modern Management
Windows 10 Modern ManagementWindows 10 Modern Management
Windows 10 Modern Management
 
AzureAAD
AzureAADAzureAAD
AzureAAD
 

Similaire à What small businesses need to know about Azure AD premium

MS Cloud Identity and Access Infographic 2015 (1)
MS Cloud Identity and Access Infographic 2015 (1)MS Cloud Identity and Access Infographic 2015 (1)
MS Cloud Identity and Access Infographic 2015 (1)
Luís Serra Libório
 

Similaire à What small businesses need to know about Azure AD premium (20)

Hitchhiker's Guide to Azure AD - SPS St Louis 2018
Hitchhiker's Guide to Azure AD - SPS St Louis 2018Hitchhiker's Guide to Azure AD - SPS St Louis 2018
Hitchhiker's Guide to Azure AD - SPS St Louis 2018
 
Azure Active Directory
Azure Active DirectoryAzure Active Directory
Azure Active Directory
 
Cloud Identity and Access Management
Cloud Identity and Access ManagementCloud Identity and Access Management
Cloud Identity and Access Management
 
What is Microsoft Enterprise Mobility Suite and how to deploy it
What is Microsoft Enterprise Mobility Suite and how to deploy itWhat is Microsoft Enterprise Mobility Suite and how to deploy it
What is Microsoft Enterprise Mobility Suite and how to deploy it
 
Ms cloud identity and access infographic 2015
Ms cloud identity and access infographic 2015Ms cloud identity and access infographic 2015
Ms cloud identity and access infographic 2015
 
MS Cloud Identity and Access Infographic 2015 (1)
MS Cloud Identity and Access Infographic 2015 (1)MS Cloud Identity and Access Infographic 2015 (1)
MS Cloud Identity and Access Infographic 2015 (1)
 
Cloudreach Voices - Azure AD and the Public Cloud
Cloudreach Voices - Azure AD and the Public CloudCloudreach Voices - Azure AD and the Public Cloud
Cloudreach Voices - Azure AD and the Public Cloud
 
What's new in Azure Active Directory and what's coming new ?
What's new in Azure Active Directory and what's coming new ?What's new in Azure Active Directory and what's coming new ?
What's new in Azure Active Directory and what's coming new ?
 
I1 - Securing Office 365 and Microsoft Azure like a rockstar (or like a group...
I1 - Securing Office 365 and Microsoft Azure like a rockstar (or like a group...I1 - Securing Office 365 and Microsoft Azure like a rockstar (or like a group...
I1 - Securing Office 365 and Microsoft Azure like a rockstar (or like a group...
 
Análisis de riesgos en Azure y protección de la información
Análisis de riesgos en Azure y protección de la informaciónAnálisis de riesgos en Azure y protección de la información
Análisis de riesgos en Azure y protección de la información
 
Agile IT EMS webinar series, session 1
Agile IT EMS webinar series, session 1Agile IT EMS webinar series, session 1
Agile IT EMS webinar series, session 1
 
SharePoint Conference 2018 - Securing Office 365 and SharePoint Online with A...
SharePoint Conference 2018 - Securing Office 365 and SharePoint Online with A...SharePoint Conference 2018 - Securing Office 365 and SharePoint Online with A...
SharePoint Conference 2018 - Securing Office 365 and SharePoint Online with A...
 
O365Con19 - Azure Blackbelt - Jussi Roine
O365Con19 - Azure Blackbelt - Jussi RoineO365Con19 - Azure Blackbelt - Jussi Roine
O365Con19 - Azure Blackbelt - Jussi Roine
 
Protect your data in / with the Cloud
Protect your data in / with the CloudProtect your data in / with the Cloud
Protect your data in / with the Cloud
 
Azure Community Tour 2019 - AZUGDK
Azure Community Tour 2019 - AZUGDKAzure Community Tour 2019 - AZUGDK
Azure Community Tour 2019 - AZUGDK
 
[4] dt mark deakin
[4] dt mark deakin[4] dt mark deakin
[4] dt mark deakin
 
Azure Day 1.pptx
Azure Day 1.pptxAzure Day 1.pptx
Azure Day 1.pptx
 
Modern Workplace with Microsoft 365
Modern Workplace with Microsoft 365Modern Workplace with Microsoft 365
Modern Workplace with Microsoft 365
 
SCU Berlín | Cloud identity for maximum productivity
SCU Berlín | Cloud identity for maximum productivity SCU Berlín | Cloud identity for maximum productivity
SCU Berlín | Cloud identity for maximum productivity
 
Windays14 - How to (remote) control Office 365 with Azure
Windays14 - How to (remote) control Office 365 with AzureWindays14 - How to (remote) control Office 365 with Azure
Windays14 - How to (remote) control Office 365 with Azure
 

Dernier

Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Orbitshub
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 

Dernier (20)

Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 

What small businesses need to know about Azure AD premium

  • 1. MICROSOFT 365 Virtual MARATHON May 27 & 28, 2020 36 hours / 2 days What small businesses need to know about Azure AD premium Miguel A. Tena Office 365 Consultant, 2toLead @mikeware_tena Broughtto youby: TheGlobalMicrosoft Community M365VirtualMarathon.com| #M365VM
  • 2. MICROSOFT 365 Virtual MARATHON May 27 & 28, 2020 36 hours / 2 days Mark Your Calendars: March 23-25, 2021 MGM Grand Resort Las Vegas, Nevada, USA M365Conf.com #M365CONF TheSharePoint Conferenceis nowTheMicrosoft 365 CollaborationConference Broughtto youby: TheGlobalMicrosoft Community M365VirtualMarathon.com| #M365VM
  • 3. Thank you to all our generous sponsors
  • 4.  Miguel A. Tena  Office 365 Consultant, 2toLead / Digital Workplace Crusader  Participated in TAP for Office 12, immigrated to Canada in 2010.  Focused on M365, Identity, and SharePoint/Teams.  Born in Mexico City, “se habla Español” LET ME INTRODUCE MYSELF… Broughtto youby: TheGlobalMicrosoft Community M365VirtualMarathon.com| #M365VM
  • 5.  Visit the Vendors Booth, Sessions and Watch the Videos  Submit Your Answers to Enter the Raffle  You need at least 5 correct answers then submit for a chance to win one of 3 (One in each Americas, APAC, EMEA) ARE YOU READY FOR A RAFFLE? We are giving away 3 Oculus Quest All In One! https://bit.ly/m365raffle
  • 6. CONSIDER DONATING TO THE FOLLOWING CHARITY RELIEF FUNDS: UNITED WAY OR INTERNATIONAL MEDICAL CORPS THANK YOU FOR JOINING US! 10% OF FUNDS FROM SPONSORS GO TO SUPPORT COMMUNITY RELIEF United Way: https://give.uwkc.org/M365VM International Medical Corps: https://bit.ly/MedicalCorpsFund
  • 7. Broughtto youby: TheGlobalMicrosoft Community M365VirtualMarathon.com| #M365VM https://www.microsoft.com/en-ca/microsoft-365/blog/2020/03/30/new-microsoft-365- offerings-small-and-medium-sized-businesses/
  • 8.
  • 9. In April 2020, nothing changed. Broughtto youby: TheGlobalMicrosoft Community M365VirtualMarathon.com| #M365VM
  • 10. Or did it… Broughtto youby: TheGlobalMicrosoft Community M365VirtualMarathon.com| #M365VM
  • 11. Or did it… Broughtto youby: TheGlobalMicrosoft Community M365VirtualMarathon.com| #M365VM
  • 12. May 27 & 28, 2020 Miguel Tena | EN #M365VM LET’S CHAT ABOUT…  What is Microsoft 365 Business? Is it right for my business?  What is Azure AD (Premium)?  Pain points of the “new normal”  Where can Azure AD Premium help my business?  Key next steps Broughtto youby: TheGlobalMicrosoft Community M365VirtualMarathon.com| #M365VM
  • 13.  M365 = Productivity + Device Management + Security  Productivity = Office 365  Device Management = Intune  Azure Active Directory = Security  Business suite for < 300 seats (licenses) What is Microsoft 365 Business? Is it right for my business?
  • 14.  Azure AD is your cloud-based identity and access management service.  If you have Office 365 or M365, you already have one.  Can help you secure:  External Resources: Azure, Office 365, 1000s of other SaaS Applications  Internal Resources: apps in your organization What is Azure AD?
  • 15. Free Office 365 Apps Premium P1 Premium P2 Four “flavors” of Azure AD.
  • 16.  Remote work is exploding, but the pandemic only accelerated an existing trend of the “gig” economy.  Global Talent Pool  Onboarding/Offboarding  Just enough access  Work from anywhere Opportunities and Pain Points of the “new normal”
  • 17.  Safeguard corporate assets and information in a geo-dispersed organization  Monitoring for information, security and device management  Auditing, compliance and security Opportunities and Pain Points of the “new normal”
  • 18.  Reduce your time to productivity  Provision assets (corporate/BYOD)  Provision access (guest/Internal) Opportunities and Pain Points of the “new normal”
  • 19.  Ensuring the right people have the right access to apps and information  Standardize for creation, naming and use of groups for improving productivity and governance.  Support a remote workforce by simplifying tasks such as password resets, access to company resources, etc. Where can Azure AD Premium help my business?
  • 20.  Single Sign on (SSO)  User (and group) management  Device Registration  Cloud Authentication  Azure AD Connect Sync  Self Service Password change for cloud accounts  Password Protection (Global banned password)  Azure AD Join for desktop SSO  Multi Factor Authentication  Basic reporting  Azure AD B2B Core Services in Azure AD
  • 21.  Single Sign on (SSO)  User (and group) management  Device Registration  Cloud Authentication  Azure AD Connect Sync  Self Service Password change for cloud accounts  Password Protection (Global banned password)  Azure AD Join for desktop SSO  Multi Factor Authentication  Basic reporting  Azure AD B2B Core Services in Azure AD
  • 22. AZURE AD REGISTERED VS JOINED DEVICES Join Model Ownership Org sign in to device required? Applies to: SSO Device Management Azure AD Registered User/Org No BYOD, Mobile Win 10, iOS, Android, MacOS Cloud Only Resources MDM (Intune) Azure AD Joined Org Yes Windows 10 Devices Cloud + On-Premises Resources MDM, Co-managed with Intune + Endpoint Config Manager Hybrid Azure AD Joined Org Yes Win 7-10, Win Server 2008 R2 - 2019 Cloud + On-Premises Resources GPO, SCCM and/or Intune
  • 23.  Single Sign on (SSO)  User (and group) management  Device Registration  Cloud Authentication  Azure AD Connect Sync  Self Service Password change for cloud accounts  Password Protection (Global banned password)  Azure AD Join for desktop SSO  Multi Factor Authentication  Basic reporting  Azure AD B2B Core Services in Azure AD
  • 24.  AD Connect Sync  Synchronize identities (users/groups) from your on-premises Active Directory  Sign-in methods:  Password Hash sync (auth on cloud using sync)  Passthrough Auth (auth happens on-prem using agent)  Federated auth (ADFS)  AD Connect Health  Monitor Federation service health Azure AD Connect
  • 25. What auth method to use?
  • 26.  Single Sign on (SSO)  User (and group) management  Device Registration  Cloud Authentication  Azure AD Connect Sync  Self Service Password change for cloud accounts  Password Protection (Global banned password)  Azure AD Join for desktop SSO  Multi Factor Authentication  Basic reporting  Azure AD B2B Core Services in Azure AD
  • 27. Free Office 365 Apps Premium P1 Premium P2 Four “flavors” of Azure AD.
  • 28.  Branding (login/logout)  Self Service Password reset for cloud accounts  Backed by SLA  Device write-back I & AM for Office 365 apps - Azure AD
  • 29.  Branding (login/logout)  Self Service Password reset for cloud accounts  Backed by SLA  Device write-back I & AM for Office 365 apps - Azure AD
  • 30.  Provide a personalized experience  Hint for avoiding being “phished”  Culture starts at the door. In remote work environments, sign-in page is the doormat. Apply your brand to your sign-in experience
  • 31.  Branding (login/logout)  Self-service password reset for cloud accounts  Backed by SLA  Device write-back I & AM for Office 365 apps - Azure AD
  • 32.  Branding (login/logout)  Self Service Password reset for cloud accounts  Backed by SLA  Device write-back I & AM for Office 365 apps - Azure AD
  • 33.  Branding (login/logout)  Self Service Password reset for cloud accounts  Backed by SLA  Device write-back (two-way) I & AM for Office 365 apps - Azure AD
  • 34. Free Office 365 Apps Premium P1 Premium P2 Four “flavors” of Azure AD.
  • 35.  Password protection (custom banned password)  Password protection for Windows Server Active Directory (global & custom banned password)  Self-service password reset/change/unlock with on- premises write-back  Group access management  Microsoft Cloud App Discovery  Azure AD Join: MDM auto-enrolment & local admin policy customization  Azure AD Join: self-service bitlocker recovery, enterprise state roaming  Advanced security and usage reports Azure AD Premium (P1 - Now Included!!!)
  • 36.  Password protection (custom banned password)  Password protection for Windows Server Active Directory (global & custom banned password) Azure AD Premium – Password Protection
  • 37. • Users reset their expired or non-expired password without admin or helpdesk for support. • Writeback allows management of on-premises passwords and lockout though the cloud. • Activity reports for • SSPR Registration • Password Resets Azure AD Premium – Self Service Password Management
  • 38.  Password protection (custom banned password)  Password protection for Windows Server Active Directory (global & custom banned password)  Group access management  Microsoft Cloud App Discovery  Azure AD Join: MDM auto-enrolment & local admin policy customization  Azure AD Join: self-service bitlocker recovery, enterprise state roaming  Advanced security and usage reports Azure AD Premium (P1 - Now Included!!!)
  • 39.  Provide access to:  Cloud Apps  On-premises apps (requires App Proxy)  Resources: role assignments in Azure, Office 365, other SaaS apps, etc.  Groups synced from on-prem are managed there.  Distribution lists and email enabled groups are managed in Exchange admin center or M365 Admin portal. Azure AD Premium - Group access management
  • 40.  Direct assignment  Group assignment  Rule-based assignment  (aka Dynamic groups)  External authority  On-premises AD or other SaaS apps manage group membership Azure AD Premium – Types of Rights Assignment
  • 41.  Enable remote users to (SSO) access on-premises (internal network) resources from a remote client.  Instead of VPN, uses a Proxy Service in Azure and a connector on premises.  Can be used with:  Web Applications that use Integrated Windows Auth, form based or header-based access  Web APIs  Applications hosted behind a Remote Desktop Gateway  Rich client apps using ADAL. Azure AD Premium – Application Proxy
  • 42.  Password protection (custom banned password)  Password protection for Windows Server Active Directory (global & custom banned password)  Group access management  Microsoft Cloud App Discovery  Azure AD Join: MDM auto-enrolment & local admin policy customization  Azure AD Join: self-service bitlocker recovery, enterprise state roaming  Advanced security and usage reports Azure AD Premium (P1 - Now Included!!!)
  • 43.  Monitor and assess usage of Cloud Applications your workforce uses.  Detect shadow IT, risky usage and suspicious activities.  Apply governance for sanctioned/unsanctioned apps.  It analyzes traffic logs and can report on over 16k known apps.  Integration with major proxy/firewall (Zcaler, Juniper, etc.) and Microsoft Defender ATP  Can enforce access to applications using Conditional Access Policies Azure AD Premium – Cloud App Discovery
  • 44.  Password protection (custom banned password)  Password protection for Windows Server Active Directory (global & custom banned password)  Group access management  Microsoft Cloud App Discovery  Azure AD Join: MDM auto-enrolment & local admin policy customization  Azure AD Join: self-service bitlocker recovery, enterprise state roaming  Advanced security and usage reports Azure AD Premium (P1 - Now Included!!!)
  • 45.  MDM auto-enrolment & local admin policy customization  Enforce enrolment to your MDM (Intune) to manage device and set up policies  Configure local admins to support Help Desk and IT personnel to access devices  Self-service bitlocker recovery  Users can retrieve their bitlocker key without requiring help desk/IT Support  Enterprise state roaming  Ability to take settings (apps/themes/etc.) across devices Azure AD Premium – Azure AD Join
  • 46.  Password protection (custom banned password)  Password protection for Windows Server Active Directory (global & custom banned password)  Group access management  Microsoft Cloud App Discovery  Azure AD Join: MDM auto-enrolment & local admin policy customization  Azure AD Join: self-service bitlocker recovery, enterprise state roaming  Advanced security and usage reports Azure AD Premium (P1 - Now Included!!!)
  • 47.  Security Reports  Users flagged for risk  user accounts that might be compromised  Risky sign-ins  Sign-in attempts by others than the owner of account Advanced security and usage reports All types of Azure AD licenses provide some level of reporting. Premium licenses allow for additional details and/or control.
  • 48.  Activity Reports  Audit logs  History of every task performed in your tenant.  Sign-ins  Correlate tasks with who has executed them Advanced security and usage reports
  • 49.  Dynamic groups  Group creation permission delegation  Group naming policy  Group expiration  Usage guidelines  Default classification Azure AD Premium - Advanced Group access management
  • 50.  Dynamic groups  Group creation permission delegation  Group naming policy  Group expiration  Usage guidelines  Default classification Azure AD Premium - Advanced Group access management
  • 51.  Allow users in the organization to create and manage groups.  This is usually on for everyone by default.  To prevent group sprawl, can be restricted to a few members.  Users allowed to create groups require Premium licenses. Group creation permission delegation
  • 52.  Dynamic groups  Group creation permission delegation  Group naming policy  Group expiration  Usage guidelines  Default classification Azure AD Premium - Advanced Group access management
  • 53.  Prefix-suffix naming policies  Fixed  group_[GroupName]  User attributes  I.E. O365G [Department] [GroupName]  Supported: [Department], [Company], [Office], [StateOrProvince], [CountryOrRegion], [Title].  Blocked words  List of phrases to be blocked in group names and aliases  I.E: CEO, projectX. Group Naming Policy
  • 54.  Groups can be set to expire after a certain period of inactivity  Active groups are automatically renews based on activities in:  SharePoint (view, edit, move, share or upload)  Outlook (Join, read/write group message from group space, Like message in OWA)  Teams: Visit a Teams Channel  Owners of groups near expiration receive email notifications 30/15/1 day prior to expiry and can renew group by just clicking on the email. Group Expiration
  • 55.  Dynamic groups  Group creation permission delegation  Group naming policy  Group expiration  Usage guidelines  Default classification Azure AD Premium - Advanced Group access management
  • 56.  Provide guidelines for using groups on group creation.  Can be defined for Guests and internal users.  Link is shown on any area where groups can be created. Usage Guidelines
  • 57.  Dynamic groups  Group creation permission delegation  Group naming policy  Group expiration  Usage guidelines  Default classification Azure AD Premium - Advanced Group access management
  • 58.  Define your Information classification for groups  For example:  Top Secret  Confidential  Operational  Public  Set a Default Classification for new groups Default Group Classification
  • 59.  Conditional Access based on group, location and device status  Azure Information Protection integration  SharePoint limited access  Terms of Use (set up terms of use for specific access)  Multi-factor authentication with conditional access  Third-party identity governance partners integration Azure AD Premium - Conditional Access
  • 60.  Conditional Access based on group, location and device status  Azure Information Protection integration  SharePoint limited access  Terms of Use (set up terms of use for specific access)  Multi-factor authentication with conditional access  Third-party identity governance partners integration Azure AD Premium - Conditional Access
  • 61. Azure AD Premium - Conditional Access
  • 62.  Conditional Access based on group, location and device status  Azure Information Protection integration  SharePoint limited access  Terms of Use (set up terms of use for specific access)  Multi-factor authentication with conditional access  Third-party identity governance partners integration Azure AD Premium - Conditional Access
  • 63.  Classify and secure information based on labels.  Enforce certain rules such as forwarding, printing, etc.  Integrates with Conditional Access to ensure content of a specific label is accessed based on specific conditions. Azure Information Protection
  • 64.  Conditional Access based on group, location and device status  Azure Information Protection integration  SharePoint limited access  Terms of Use (set up terms of use for specific access)  Multi-factor authentication with conditional access  Third-party identity governance partners integration Azure AD Premium - Conditional Access
  • 65.  Using Conditional Access, you can set up rules that prevent access to SharePoint sites and OneDrive from users in certain groups, or conditions.  The access can be limited globally, or per-site basis.  Advanced scenarios for types of actions such as restricting editing, browse only view of files, limit file previews, etc. SharePoint limited access
  • 66.  Conditional Access based on group, location and device status  Azure Information Protection integration  SharePoint limited access  Terms of Use (set up terms of use for specific access)  Multi-factor authentication with conditional access  Third-party identity governance partners integration Azure AD Premium - Conditional Access
  • 67.  Present legal disclaimers or terms of use for legal or compliance.  Track who has accepted/declined Terms of use  Associate by group or conditional access policy Terms of use
  • 68. Free Office 365 Apps Premium P1 Premium P2 Four “flavors” of Azure AD.
  • 69.  Identity protection  Vulnerabilities and risky accounts detection  Risk events investigation  Risk-based Conditional Access policies  Identity Governance  Privileged Identity Management (PIM)  Access reviews  Entitlement management Azure AD Premium (P2 – need to buy)
  • 70. Free Office 365 Apps Premium P1 Premium P2 Four “flavors” of Azure AD.
  • 71.  Ensure you have M365 Business.  Leverage key resources to get started:  Microsoft Tech Community  Microsoft Docs  Partners  Have a plan, no need to light everything up on day one.  Consider change management/adoption Key next steps
  • 72. MICROSOFT 365 Virtual MARATHON May 27 & 28, 2020 36 hours / 2 days THANK YOU FOR JOINING US! DO YOU HAVE ANY QUESTIONS? Let’s Connect! @mikeware_tena Broughtto youby: TheGlobalMicrosoft Community M365VirtualMarathon.com| #M365VM

Notes de l'éditeur

  1. AKA Free tier
  2. AKA Free tier
  3. AKA Free tier
  4. Bulk add using CSV
  5. AKA Free tier
  6. Device write-back (device objects two-way synchronization between on-premises directories and Azure)
  7. Device write-back (device objects two-way synchronization between on-premises directories and Azure)
  8. Device write-back (device objects two-way synchronization between on-premises directories and Azure)
  9. Device write-back (device objects two-way synchronization between on-premises directories and Azure)
  10. Device write-back (device objects two-way synchronization between on-premises directories and Azure)
  11. Global: pass@word1 Custom: CompanyName123, Product@Company!
  12. Device write-back (device objects two-way synchronization between on-premises directories and Azure)
  13. Device write-back (device objects two-way synchronization between on-premises directories and Azure)
  14. Device write-back (device objects two-way synchronization between on-premises directories and Azure)
  15. Setting up Cloud Discovery: https://docs.microsoft.com/en-us/cloud-app-security/set-up-cloud-discovery https://docs.microsoft.com/en-us/cloud-app-security/editions-cloud-app-security-o365#office-365-cloud-app-security
  16. Device write-back (device objects two-way synchronization between on-premises directories and Azure)
  17. https://docs.microsoft.com/en-us/azure/active-directory/devices/enterprise-state-roaming-enable
  18. Device write-back (device objects two-way synchronization between on-premises directories and Azure)
  19. What Azure AD license do you need to access a security report? All editions of Azure AD provide you with users flagged for risk and risky sign-ins reports. However, the level of report granularity varies between the editions: In the Azure Active Directory Free and Basic editions, you get a list of users flagged for risk and risky sign-ins. The Azure Active Directory Premium 1 edition extends this model by also enabling you to examine some of the underlying risk detections that have been detected for each report. The Azure Active Directory Premium 2 edition provides you with the most detailed information about the underlying risk detections and it also enables you to configure security policies that automatically respond to configured risk levels.
  20. What Azure AD license do you need to access a security report? All editions of Azure AD provide you with users flagged for risk and risky sign-ins reports. However, the level of report granularity varies between the editions: In the Azure Active Directory Free and Basic editions, you get a list of users flagged for risk and risky sign-ins. The Azure Active Directory Premium 1 edition extends this model by also enabling you to examine some of the underlying risk detections that have been detected for each report. The Azure Active Directory Premium 2 edition provides you with the most detailed information about the underlying risk detections and it also enables you to configure security policies that automatically respond to configured risk levels.
  21. Device write-back (device objects two-way synchronization between on-premises directories and Azure)
  22. Device write-back (device objects two-way synchronization between on-premises directories and Azure)
  23. Device write-back (device objects two-way synchronization between on-premises directories and Azure)
  24. Device write-back (device objects two-way synchronization between on-premises directories and Azure)
  25. https://docs.microsoft.com/en-us/sharepoint/control-access-from-unmanaged-devices?redirectSourcePath=%252fen-us%252farticle%252fControl-access-from-unmanaged-devices-5ae550c4-bd20-4257-847b-5c20fb053622#block-or-limit-access-to-a-specific-sharepoint-site-or-onedrive
  26. https://techcommunity.microsoft.com/t5/small-and-medium-business-blog/practical-guide-to-securing-remote-work-using-microsoft-365/ba-p/1354772 https://techcommunity.microsoft.com/t5/small-and-medium-business-blog/using-microsoft-365-business-premium-to-secure-your-remote/ba-p/1298623