Secure Productive Enterprise: Specifications for the Modern Enterprise

Written by John Stasick, Jeff Beckham & Todd Meadows – Introduction: During the second half of 2016, Microsoft introduced a new solution set: the Secure Productive Enterprise, or SPE for short. A combination of Windows 10, Office 365, and the Enterprise Mobility + Security platform, SPE represents a clear, simplified path for an enterprise to…

0

Stop Phishing Attacks with Mail Flow Rules in Exchange Online

Companies are more concerned than ever about email security. Targeted phishing attacks are becoming more calculated and frequent for large companies. My customers are reporting that HR users are receiving emails from what appear to be the CEO asking for an export of all employees and Social Security Numbers while Finance users are being asked…

0

Multi Factor Authentication in Challenging Environments (like no Internet access)

Your password probably starts with a capital letter and ends with either a number or exclamation mark.  You probably reuse passwords across multiple sites, many of which have been compromised.  Due to the weakness of traditional user names and passwords, Multi Factor Authentication has exploded in popularity over the past several years as customers look to…

0

Secure Productive Enterprise: Thoughts on Modern Enterprise Security with Sachin Gupta, Principal Security Evangelist at Microsoft

As Microsoft moves forward with a “cloud first, mobile first” mandate to enable customers to “achieve more,” security has become one of the most strategic investments that the company has ever made. Security is job #1 and goes beyond the funding of teams, R&D, digital crime centers and the like. Security really has become an integral part of…

0

Implementing Conditional Access with Exchange Online (updated using Azure Portal)

  Implementing Conditional Access with Exchange Online (updated using Azure Portal) I am updating this blog post using the new Conditional Access features in the Azure Portal. The new portal is accessed from https://portal.azure.com. I will demo using Exchange Online; however, these same steps can be used with all other Software as a Service applications…


Secure Productive Enterprise: 9 Modern Security & Productivity Pitfalls

Written by John Stasick (Microsoft) and Jake Mowrer (Microsoft) Introduction: A Critical Question, A Critical Reality “Top news today, <insert company name here> announced that their systems were breached by hackers dating back to at least 6 months ago.  Details are currently limited on what information was taken and the full financial impact of the incursion.”…


Implementing Conditional Access with Exchange Online

In this Blog Post, I will step through the process to enable the different features of Conditional Access for Office 365 Exchange Online.  However, these same steps can be used with other Software as a Service applications in Azure. Conditional Access will check the following:      User / Risk      Application      Location      Device…


Mobile Devices and Modern Threats

I had a customer the other day look at my Android device and ask me “Why do you use Android when everyone knows it has huge security flaws.” There is some truth behind this question.  The truth is that all mobile platforms are under attack.  These attackers commonly have a persona as an evil person living…


Microsoft Cloud App Security – Part 2: Threat Protection

Cloud App Security provides threat protection for your cloud applications that’s enhanced with vast Microsoft threat intelligence and research. Identify high-risk usage, security incidents, and detect abnormal user behavior to prevent threats. Cloud App Security helps you to stay ahead of attackers. You can identify anomalies in your cloud usage that may be indicative of…


Microsoft Cloud App Security – Part 1: Credit Card Numbers

Microsoft Cloud App Security (CAS) – https://www.microsoft.com/en-us/cloud-platform/cloud-app-security In this blog post, I am going to cover how to setup alerts and enforce Data Loss Prevention when a file containing credit card number is detected in a sanctioned cloud app.  A sanctioned app is a cloud application that has been approved in the Cloud App Security console. From…