Follow me on Twitter @AntonioMaio2

Monday, August 14, 2017

Raise Your Office 365 Secure Score

Thanks to everyone that attended our webinar last week on Office 365 Secure Score.

For many organizations moving to Office 365 or other Cloud services, the concepts of security, compliance and risk are complex. They require learning about how these security concepts have changed and how they’re now implemented in a Cloud first, Mobile friendly world. They often require working with security experts to evaluate the current state of the security for the Cloud application that you’re concerned about… and determining which security capabilities and features you are and are not yet making use of.

When we worked in on premise server environments, things seemed almost easier in some ways because our server farms which hosted Exchange, SharePoint, Skype for Business and so on were all within our corporate networks. They were more under our control, and we felt some level of comfort from being able to stop internet traffic at the network boundary, usually through our firewalls or gateways.
Regardless of how truly secure our not our networks and applications in fact were, we often gained some comfort from this boundary.

With the advent of Cloud computing, with the desire to do work on a whole range of Mobile devices, even our own personal devices, and with the desire to access our services for work from anywhere in the world, moving to services which are hosted on servers and in data centers that are not under our control often feels like we’ve lost that comfort… that assurance that we’re controlling the security of our critical IT services, or it feels that we’ve given the management of our security over to someone else (that we can’t see, that we can’t talk to and that we don’t know).

When, in actuality, often services like Office 365 are more secure than we could have ever hoped to deploy in our own environments… often we have more control over how our services are secured than we’ve ever had. We often just aren’t aware yet of the security benefits that come out of box with Office 365, and we’re not aware of the security capabilities that are available for us to use.

Office 365 Secure Score is a security analytics tool from Microsoft that comes with your Office 365 subscription. Its built to help us understand and navigate all of the security options that are available to us in Office 365.

It’s a relatively new feature from Microsoft, released early this year. Its purpose is really to:
  • Help us understand our current security posture
  • Help us understand which security features we are using and not yet using
  • Help us understand the impact of rolling out new security features to our end users and administrators, and what the security benefits are to us
  • Help us understand how we can improve our security posture, and it even tracks our progress over time

My presentation slides are available here:


Please reach out and let me know if you have any questions.

Enjoy.
-Antonio

Monday, July 31, 2017

SPSNYC: Office 365 Security - MacGyver, Ninja or SWAT Team

Thanks to everyone that attended my session at SharePoint Saturday NYC this past weekend. We had a great group in the room and some really good questions.

This presentation was designed to address 3 different roles that may be charged with the responsibility of managing and securing their organization's Office 365 environment:
  • MacGyver - or the IT Team Member that's self-trained, has been handed Office 365 and told to manage and secure it for the organization
  • Ninja - or the Security Expert who is formally trained, knows their stuff when it comes to information security and was given responsibility for securing their organization's Office 365 environment
  • SWAT Team - or the Information Security Team comprised of multiple security experts, with distributed roles and responsibilities

You can find the slides from my presentation here:

Please feel free to reach out to me if you have any questions at all.

Enjoy.
-Antonio

Tuesday, May 16, 2017

SharePoint Virtual Summit 2017 - Share with Confidence! #SPSummit


Today Microsoft hosted one of the most highly anticipated SharePoint events:
SharePoint Virtual Summit!

Many of us have been looking forward to this event for weeks and today's event did not disappoint. I tend to focus on the security and governance capabilities when it comes to SharePoint and Office 365, and one of the lines in today's #SPSummit that struck me most was the phrase 'Share with Confidence'! Those of us that work with information every day, even those whose job it is to secure information or oversee the security of information systems, we want to share information with others. Information sharing is a key principle of any collaboration solutions like SharePoint Online. However, we want to be confident that we're sharing with the right people, under the right conditions, and that the information we share is still being protected. Some of today's SharePoint Online announcements really do help improve the Sharing experience in Office 365 so that we can Share with Confidence!


Here are some of my favorite announcements from today that I believe help us better secure our content and share it confidently with others...

Monday, April 10, 2017

Office 365 Audit Log Data - How long are my logs retained for?

I'm a big fan of the Unified Audit Log in Office 365. Its a fantastic tool for monitoring user activity for suspicious behavior, getting automated alerts when particular activities occur and investigating data breaches. I'm talking about the central logging facility within Office 365 that collects log data from many Office 365 workloads, and can be searched in the Office 365 Security and Compliance Center: Go to https://protection.office.com > Click Search & Investigate > Click Audit Log Search.

I often get asked the question, how long are Office 365 log entries stored or retained for? There are several answers...

Monday, April 3, 2017

Security Controls in the OneDrive for Business Admin Center

Microsoft recently added a new and extremely helpful Admin Center to Office 365 specifically for OneDrive for Business.

In terms of additional security controls this is a great addition because it allows us to more easily control access and sharing specifically in OneDrive for Business, and not just SharePoint Online. Many of the external sharing settings overlap with those already available for SharePoint Online sites. However, this is a very good start and we look forward to seeing more capabilities added over time to help us control and manage how our users share content with those outside of our organizations.

For now, let's take a closer look at the security controls now available for OneDrive for Business..

Friday, February 10, 2017

A Practical Overview of Office 365 Advanced Security Management - Part 3
Security Policies

Microsoft Office 365 Advanced Security Management is a capability within the Office 365 platform that allows organizations to go above and beyond the typical security management features, helping them to better secure users, permissions, content and apps. This multi-part blog series will look at how to use the features that make up Advanced Security Management (ASM) and share technical details that will help you to understand the benefits of these robust tools.

In part 1, we provided an Introduction to Advanced Security Management and shared technical information about how it works with the Office 365 Unified Audit Log: A Practical Overview of Office 365 Advanced Security Management - Part 1.

In part 2, we reviewed ASM's Productivity App Discovery Dashboard in depth to see how log files can be imported, how to create reports & interpret the analysis results and how you can try it with built-in sample logs: A Practical Overview of Office 365 Advanced Security Management - Part 2.

In part 3, we review the Security Policies that may be configured to control, monitor and alert on specific user behaviors.

Wednesday, January 25, 2017

A Practical Overview of Office 365 Advanced Security Management - Part 2
Productivity App Discovery Dashboard

In the middle of 2016, Microsoft released the first version of Office 365 Advanced Security Management, a new capability within the Office 365 platform that allows organizations to go above and beyond the typical security management features, helping them to better secure users, permissions, content and apps. This multi-part blog series will look at how to use the features that make up Advanced Security Management (ASM) and share technical details that will help you to understand the benefits of these robust tools.

In part 1, we introduced Advanced Security Management and shared technical information about how it works with the Office 365 Unified Audit Log:
A Practical Overview of Office 365 Advanced Security Management - Part 1.


In part 2, we review the Productivity App Discovery Dashboard capability of ASM to see how log files are imported, how to create reports and review the results of ASM's analysis of those logs, and how you can try it out with some built-in sample logs.


Monday, December 19, 2016

A Practical Overview of Office 365 Advanced Security Management - Part 1
Introduction & Audit Logs

In June 2016, Microsoft released its first iteration of Office 365 Advanced Security Management, a new capability within the Office 365 platform that allows organizations to go above and beyond the typical security management features that let them secure users, permissions, content and apps. In September the team added the Productivity App Discovery feature, and in October the solution continued to progress with additional capabilities to manage app permissions.

This multi-part blog series will look at how to use the features that make up Advanced Security Management and share some technical details that you will hopefully find helpful.

In part 1 of this series we introduce Advanced Security Management and share technical details about how it works with the Office 365 Unified Audit Log.
Let's jump in...

SharePoint 2010 Security Patches - How Vulnerable Are You?
UPDATED: December 2016

YES, this blog post is about SharePoint 2010! 

YES, SharePoint 2010 is old, over 6 years old actually. 
YES, its no longer officially supported by Microsoft, without very specific Premiere Support that is.
YES, we still see a lot of it out there!
YES, if you're going to continue to stick with SharePoint 2010 for now, you must keep current with security patches!

One of the most common security issues we see with SharePoint 2010 farms is that administrators have not kept up with security patches and updates.  This not only makes it difficult to support and maintain the environment, but it also opens your farm up to security vulnerabilities - security vulnerabilities that have already been fixed! 

This article reviews all SharePoint 2010 security updates that have been released in the last 5+ years since Service Pack 1, and discusses the importance of keeping up to date with those patches.

Sunday, December 4, 2016

SharePoint Saturday Ottawa: How Secure is My Data in Office 365? [Updated Slides]

Thanks to everyone that attended my session in Ottawa this weekend. There were some good questions and I hope everyone found it helpful. Please let me know if you have any questions.  For those folks who think that Office 365 is not secure, please read this previous post and my slides carefully and please reach out with questions!

You can also find another post of mine with some discussion about just how secure your data is in Office 365 here: http://www.trustsharepoint.com/2016/10/how-secure-is-my-data-in-office-365.html.

My most up to date slides, which I presented this past weekend, can be found here:



Enjoy!
-Antonio

Thursday, November 3, 2016

Office 365 Security
New Innovations Announced at Microsoft Ignite 2016

I had the privilege of attending the Microsoft Ignite 2016 conference in Atlanta, GA this past September.  It was of course full of great sessions, demos and announcements.  I was impressed at how many of those sessions focused on the security capabilities of the Office 365 platform. I left with the feeling that, through these sessions, announcements, demos and innovations, that Microsoft is clearly demonstrating their commitment and continued investment in providing a secure environment for our corporate data in Office 365.  They've robust feature set that enables both them as operators of the service, and us as customers and users of the service, to protect our sensitive data in Office 365.

That said, the security of our data, even within the Microsoft cloud, is always a shared responsibility. Microsoft provides the most secure cloud platform available and with that robust feature set, they give customers the ability to control how information is secured, accessed, shared, governed and monitored.  Its still up to us as customers to make efficient use of those controls in ways that protect our businesses and keep our users productive.

As we saw at Ignite, Microsoft has continued to innovate providing us ever more robust security controls for Office 365.  In this blog we're going to look at some of the great new security features that were demo'ed and revealed that Microsoft Ignite.  At the end of this blog, I've also included the slides from today's webinar.

Monday, October 24, 2016

When to Use What in Office 365 +
What Can We Share Externally in SharePoint Online?

On October 4th I gave a presentation at the Microsoft Technology Center in Houston on When to Use What in Office 365. It was part of a free roundtable seminar series offered by Protiviti. We had a great turn out and a lot of really good questions. Thank you to everyone that came and my sincere apologies for the delay in posting this presentation.  I wanted to share my slides with the attendees and anyone that reads my blog, and answer a particularly interesting question that came up during the presentation.