Description: This article is about outlook 365 login, which shows you Microsoft’s approach to security with Microsoft 365. You will learn about the spectrum of built-in security defenses that protect your users, information and devices.
Today we’ll look at Microsoft 365 security in the face of increased mobility, security breaches through cyber attacks and new data protection regulations like GDPR. The protection of your information, users, apps, and devices is probably the biggest challenge now facing us in IT.
Now our approach with Microsoft 365 is to give you a spectrum of built-in security defenses to protect your users, information and devices, and we give you a rich capability set that spans Windows 10, Office 365, enterprise mobility and security, and leverages a number of services within Microsoft Azure.
These include identity and access management of your users, their granular permissions to access services and content, how they’re able to authenticate in real-time detection of anomalies, such as risk related location and device, continuous protection against threats, starting with the protection against internet-based threats that block unsafe links and attachments and more through to application-based threats.
Application-based threats include browser-based exploits, malicious macros or other processes through the protections on the device level that isolate and maintain the integrity of processes running on the device, and tools to detect and investigate and respond to attacks in order to be able to analyze and contain them.
So you can recover quickly from threats, plus controls for persistent safeguarding of your information as it flows between people, devices, and apps, and the ability to holistically monitor your security posture and harden your defenses.
At the core, these are powered by the Microsoft Intelligent Security Graph to give you the most up to date protection against the latest attack vectors. This collects billions of security related signals from consumer and commercial services, email and device endpoints, authentication from Asure AD and Microsoft accounts, URLs and IPs are scanned by our search engine, as well as signals from third party sources.
Machine learning and analytics identifies threat signals, for example, DDoS attacks or phishing, spam and suspicious logins, which allow us to quickly adapt and deploy new defenses and orchestrate remediation across Microsoft 365 when we discover new vulnerabilities.
Now lets take a look at the end product experiences starting with identity and access management. Some highlights are Azure active directory, the identity control plane for apps and devices and cloud services, and it’s the modern way to connect to Office 365 and other Microsoft cloud services.
Conditionally access allows us to define different authentication requirements based on where you are logging in from and which device you’re using, as well as things like anomalous behaviors. At the device level we think about biometrics as a unique identifier for simpler and more secure access to your devices and apps.
Windows Hello offers device space multi-factor authentication. It relies on the device itself, your PIN or unique biometric identifier such as your face or fingerprint, which you can enforce via policy. Now beyond identity, we enable continuous protection detection response against known and unknown threats.
At the endpoint, Windows 10 uses virtualization-based security at the core to ensure boot integrity, and code integrity using Secure Boot. Now we protect against unauthorized apps using application control. We can also stop credential theft with Credential Guard, and the new Exploit Guard will reduce the attack surface for running applications.
Lastly, I’ll show you the Application Guard which is going to isolate and mitigate browser-based threats by running the browser in an isolated container. On the Office side of things, beyond email, we’ve introduced safe links across the Office apps to protect you against the dynamic list of known malicious websites.
Safe attachments in Outlook, which goes beyond email filtering and specs attachments, we inform the user of any malicious attachment as we replace it with a text file. Now behind the scenes, we’re running the attachment in an isolated detonation chamber to determine if the attachment is safe to be delivered, or if it isn’t.
Also, Defender application control in Windows 10 operates off an approved allow and deny list of application that we’ve checked for safety and all that’s configured by an endpoint protection policies inside of Microsoft Intune.
We do a number of things for threat detection response. I’m in Windows Defender advance threat protection, which will give you a full history of the anatomy of an attack, 80% of attacks use stolen credentials.
In this case we can see an elevation of privileges attack. Ultimately though we want to prevent things from ever reaching your users. So in the Office Threat Management Dashboard, we provide you a view of trending malware and attacks, recent alerts within your environment, top targeted users, and the origins of those attacks.
Now via Office 365 Threat Explorer, you can also get richer information about those attack types. In fact, threats detected on any of the services feed back into the Microsoft Intelligent Security Graph and benefit everyone using the Microsoft Cloud.
The main reason for keeping threats in check is to protect information. Now to ensure that only intended recipients with the right identity can read an email message with its content, we give you Office message encryption.
This not only works in Outlook, but also across other email clients. Now beyond email, we have Azure Information Protection, which gives your users a way to classify and label their documents, ensuring that the protection also travels with the file.
We give controls to IT to trigger the right set of protections based on sensitivity of information. And one thing to note, the information classification engines and AIP can also be applied to label content in services outside of Microsoft services using cloud app security.
Beyond labels on files, within your intranet, you can use SharePoint and apply privacy settings, for example, if a site is public or if it’s private, it’s invite only, I can also do things like apply classification labels, so it will automatically apply differentiated policies based on the confidentiality of the contents within the site.
Across email and files on SharePoint and OneDrive, data loss prevention helps educate users, limits sharing, and can also enforce encryption where sensitive information is detected. I’m in OneDrive and I can see that DLP is detected sensitive information.
If I right-click on the policy tip, I can see more details about the information in that document. This information gets rolled up into the advanced data governance center inside Office 365, and that’s going to give you intelligent recommendations to improve your data governance based on the industry and region that you’re in.
Moving on to security management, with Windows Defender Advanced Threat Protection, you can see what resources in your org need attention, you can see active alerts, users at risk, and machines at risk.
If I go into security analytics, I can also get a nice view of the security updates that I need to apply to the machines in my organization. If I export that CSV, I’ll see all the details in one view. We can take further control of endpoint security with robust management capabilities, for example, I can go in and turn on things like application control, and enforce that from within the Intune console.
You can also better manage security compliance settings for your productivity services all in a single web console in the Office 365 Security and Compliance Center. As you plan your implementation of security controls in Microsoft 365, you can also assess your current security technologies and build an implementation plan with the new IT Roadmap Tool.
It’s going to help you assess which services you have configured and the current tools for security across Microsoft 365. The security technologies we’ve got have spread across multiple services. I’m going to select Shared services for identity, security and compliance, Ground collaboration services, and PC deployment and management.
Within access management, I can see a nice continuum of the four different levels. I’m going to select level four in this case, and that’s going to expose all the things I need to do. So I’ll pick the things I already have in place, in this case I’ve got my directory service synchronizing.
I can see a nice list of all the things I need to do, as well as resources to create a detailed IT Roadmap action plan from moving from what I have to my desired future state.
So that was a quick overview of how you can protect your users, information, and device endpoints using Microsoft 365. Be sure to check out the Microsoft 365 security playlist on Microsoft Mechanics to learn more about the topics I’ve covered today.
About every single tool and process was explained in-depth, to learn more, you can explore and go hands-on with our labs online. Thanks for reading.