This post is to summarize the configuration to make your MS 365 and Azure secure.
MS 365
Checking User's Logs1. Check View Account page from https://myaccount.microsoft.com/?ref=MeControl , then check My Sign-Ins
2. From https://admin.microsoft.com/ -> Monitoring & health -> Sign-in logs
2. From https://admin.microsoft.com/ -> Monitoring & health -> Sign-in logs
3. Reports -> Usage
MFA
1. From https://admin.microsoft.com/ portal , then Users - Active Users - Multi-factor authentication
Security Benchmark
The CIS Microsoft Azure Foundations Benchmark is the security guidance provided by Center for Internet Security for establishing a secure baseline configuration for Azure. The scope of the benchmark is to establish the foundation level of security while adopting Azure Cloud. This benchmark is in alignment with the Azure Security Benchmark v2.
https://learn.microsoft.com/en-us/security/benchmark/azure/
MS provide a mapping between the CIS Microsoft Azure Foundations Benchmark latest version v1.3.0 and Azure Security Benchmark v2. This will help you to understand how the recommendations for both benchmarks are aligned. You can download the complete mapping here.
Azure Security Technologies
EMS - Licensing Details - E3 vs E5
Enterprise Mobility and Security = EMS
If you do not wish to make the step to Microsoft 365 E5 but want the security capabilities, then there is a security addon (‘Microsoft 365 E5 Security’ addon) that you can purchase on top of Microsoft 365 E3 that comes with the E5 security features across Office 365, EMS and Windows 10.Another feature comparing between EMS E3 vs E5
The Complete Office 365 and Microsoft 365 Licensing Comparison
Technologies
Threat Protection
- Exchange Online Protection
- Office 365 Advanced Threat Protection (Protection for email, Office clients, Sharepoint Online, OneDrive for Business, Microsoft Teams)
- Office 365 Threat Intelligence (from user accounts, Attacks, Phishing, Enterprise security, System updates, Denial of service, Spam, User log-ins, Malware, Device Log-ins, Data Encryption, Unauthorized data access, MFA)
Information Protection
- Data Loss Prevention
- Office Message Encryption
- Security & Compliance Center
- Microsoft Cloud App Security
- Secure Score
- Advanced Data Governance (enables customers to achieve organizational compliance by intelligently leveraging machine assisted insights to find, import, classify, set policy and take actions on the data that is most important to them)
- Advanced eDiscovery
- Compliance Manager - GDPR-Compliance Manager Tool
- Customer Lockbox
- Secure Assurance
Other Security Tools
- CASB
- SIEM
- MDR
Azure Security Features:
Office Malicious Content Detection
References
- https://www.youtube.com/watch?v=uw-lwS_4pvU
No comments:
Post a Comment