Microsoft Cloud and M365 Security Fundamentals
The beginner guide to secure Azure Active Directory and the Microsoft 365 environment against common attacks!
Description
In this course you will learn how security in the Microsoft Cloud services basically works and what you need to do to protect your Azure / M365 tenant against common attacks and insecure Microsoft default configurations.
Cloud services are reachable from everywhere around the world, which shifts the security from firewalls and VPNs to identities - identities are the new firewall.
Azure AD is the Microsoft cloud identity service for authentication and autorization and thus keeps all your users, groups and additional attributes.
You will learn what kind of identities exist in the Azure world and how you can protect them.
When starting a new tenant, Microsoft provides some default settings - most of them do not have security as the first priority.
Ask yourself, if you want that ..
.. every user can register Enterprise Applications?
.. every user can create new (Sub-) tenants?
.. every user can create subscriptions in your tenant?
.. every user can use the Azure admin portals?
.. guest with non-Azure accounts can be invited?
.. Teams and M365 groups can be created by every user?
.. security groups can be created by every user?
.. passwords can be weak?
After dealing with those basics, the course will give an introduction as well as recommendations for security considerations of:
Multifaktor-Authentication including authentication strength
Conditional Access policies
Device Compliance using Intune
Dangerous Azure AD roles
Logging and Alerting
Security Score and more guides to improve the tenant security
The course switches between theoretical introductions based on slides and practical configuration sessions using the current state of the Azure configuration portals in 2023.
What You Will Learn!
- Learn the security basics about Microsoft Azure and Microsoft 365 cloud Tenants.
- Secure your Micorosoft Entra / Azure AD and Microsoft Tenant against common attacks with focus on identities.
- Understand attacks against M365 and Azure Tenants and identities.
- Understand and adapt the insecure Microsoft default settings when starting with an Entra ID.
- Learn how identities are used and protected Teams, SharePoint and OneDrive.
- Securely manage Azure B2B and guest invitation settings.
Who Should Attend!
- Administrators who start using the Microsoft Cloud services.
- IT leaders who want to understand the M365 security basics.
- IT providers that want to learn how to secure their customers M365 Tenant.
- Security consultants who are new to M365 or Microsoft Azure.
- Security analysts who want to understand Entra ID / Azure AD security fundamentals.