Managing today’s risks and threats so you can sleep

Let our Certified Technology experts manage your internal and external systems support and security

Here is a more detailed explanation of how our Microsoft Gold Certified Technology experts help and secure your organization

SOLUTION-DRIVEN TECHNOLOGY EXPERTISE EXPLAINED

Glossary of Terms – What is: (?)

Active Directory

A directory is a hierarchical structure that stores information about objects on the network. A directory service, such as Active Directory Domain Services (AD DS), provides the methods for storing directory data and making this data available to network users and administrators. For example, AD DS stores information about user accounts, such as names, passwords, phone numbers, and so on, and enables other authorized users on the same network to access this information.

Active Directory stores information about objects on the network and makes this information easy for administrators and users to find and use. Active Directory uses a structured data store as the basis for a logical, hierarchical organization of directory information.

This data store, also known as the directory, contains information about Active Directory objects. These objects typically include shared resources such as servers, volumes, printers, and the network user and computer accounts.

Security is integrated with Active Directory through logon authentication and access control to objects in the directory. With a single network logon, administrators can manage directory data and organization throughout their network, and authorized network users can access resources anywhere on the network. Policy-based administration eases the management of even the most complex network.

https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/get-started/virtual-dc/active-directory-domain-services-overview

Azure AD

Azure Active Directory (Azure AD) is Microsoft’s cloud-based identity and access management service. Azure AD helps your employees sign in and access resources in:

  • External resources, such as Microsoft Office 365, the Azure portal, and thousands of other “software as a service” (SaaS) applications.
  • Internal resources, such as apps on your corporate network and intranet, along with any cloud apps developed by your own organization.

More information can be found at:

https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-whatis

Azure AD Tenant

The Microsoft identity platform allows developers to build apps targeting a wide variety of custom Microsoft 365 environments and identities. To get started using Microsoft identity platform, you will need access to an environment, also called an Azure AD tenant, that can register and manage apps, have access to Microsoft 365 data, and deploy custom Conditional Access and tenant restrictions.

A tenant is a representation of an organization. It’s a dedicated instance of Azure AD that an organization or app developer receives when the organization or app developer creates a relationship with Microsoft– like signing up for Azure, Microsoft Intune, or Microsoft 365.

Each Azure AD tenant is distinct and separate from other Azure AD tenants and has its own representation of work and school identities, consumer identities (if it’s an Azure AD B2C tenant), and app registrations. An app registration inside of your tenant can allow authentications from accounts only within your tenant or all tenants.

https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-create-new-tenant

Azure AD Connect

Azure AD Connect is the Microsoft tool designed to meet and accomplish your hybrid identity goals. It provides the following features:

  • Password hash synchronization – A sign-in method that synchronizes a hash of a users’ on-premises AD password with Azure AD.
  • Pass-through authentication – A sign-in method that allows users to use the same password on-premises and in the cloud, but doesn’t require the additional infrastructure of a federated environment.
  • Federation integration – Federation is an optional part of Azure AD Connect and can be used to configure a hybrid environment using an on-premises AD FS infrastructure. It also provides AD FS management capabilities such as certificate renewal and additional AD FS server deployments.
  • Synchronization – Responsible for creating users, groups, and other objects. As well as, making sure identity information for your on-premises users and groups is matching the cloud. This synchronization also includes password hashes.
  • Health Monitoring – Azure AD Connect Health can provide robust monitoring and provide a central location in the Azure portal to view this activity.

https://docs.microsoft.com/en-us/azure/active-directory/hybrid/whatis-azure-ad-connect

Conditional Access in Azure AD

Security is a top concern for organizations using the cloud. A key aspect of cloud security is identity and access when it comes to managing your cloud resources. In a mobile-first, cloud-first world, users can access your organization’s resources using a variety of devices and apps from anywhere. As a result of this, just focusing on who can access a resource is not sufficient anymore. To master the balance between security and productivity, you also need to factor how a resource is accessed into an access control decision.

The following are some common access concerns that conditional access can help you with:

  • Sign-in risk
    • Azure AD Identity Protection detects sign-in risks. How do you restrict access if a detected sign-in risk indicates a bad actor? What if you would like to get stronger evidence that a sign-in was performed by the legitimate user? What if your doubts are strong enough to even block specific users from accessing an app?
  • Network location
    • Azure AD is accessible from anywhere. What if an access attempt is performed from a network location that is not under the control of your IT department? A username and password combination might be good enough as proof of identity for access attempts from your corporate network. What if you demand a stronger proof of identity for access attempts that are initiated from other unexpected countries or regions of the world? What if you even want to block access attempts from certain locations?
  • Device management
    • In Azure AD, users can access cloud apps from a broad range of devices including mobile and also personal devices. What if you demand that access attempts should only be performed with devices that are managed by your IT department? What if you even want to block certain device types from accessing cloud apps in your environment?
  • Client application
    • Today, you can access many cloud apps using different app types such as web-based apps, mobile apps, or desktop apps. What if an access attempt is performed using a client app type that causes known issues? What if you require a device that is managed by your IT department for certain app types?

A conditional access policy is a definition of an access scenario using the pattern:  When this happens à Then do this

https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/overview

Azure Active Directory Identity Protection

Azure Active Directory Identity Protection is a feature of the Azure AD Premium P2 edition that enables you to:

  • Detect potential vulnerabilities affecting your organization’s identities
  • Configure automated responses to detected suspicious actions that are related to your organization’s identities
  • Investigate suspicious incidents and take appropriate action to resolve them

https://docs.microsoft.com/en-CA/azure/active-directory/identity-protection/overview

Azure Advanced Threat Protection

Azure offers built in advanced threat detection functionality through services such as Azure Active Directory (Azure AD), Azure Monitor logs, and Azure Security Center. This collection of security services and capabilities provides a simple and fast way to understand what is happening within your Azure deployments.

Azure provides a wide array of options to configure and customize security to meet the requirements of your app deployments. This article discusses how to meet these requirements.

https://docs.microsoft.com/en-CA/azure/security/azure-threat-detection

Azure Rights Management

Azure Rights Management (often abbreviated to Azure RMS) is the protection technology used by Azure Information Protection.

This cloud-based protection service uses encryption, identity, and authorization policies to help secure your files and email, and it works across multiple devices—phones, tablets, and PCs. Information can be protected both within your organization and outside your organization because that protection remains with the data, even when it leaves your organization’s boundaries.

As an example, employees might email a document to a partner company, or save a document to their cloud drive. The persistent protection that Azure RMS provides not only helps to secure your company data, but might also be legally mandated for compliance, legal discovery requirements, or simply for good information management practices.

But very importantly, authorized people and services (such as search and indexing) can continue to read and inspect the protected data. This capability is not easily accomplished with other information protection solutions that use peer-to-peer encryption. You might have heard this capability referred to as “reasoning over data” and it is a crucial element in maintaining control of your organization’s data.

Protection is supported by the popular end-user devices that run Windows, macOS, iOS, and Android.

https://docs.microsoft.com/en-us/azure/information-protection/what-is-azure-rms

Azure Information Protection

Azure Information Protection (sometimes referred to as AIP) is a cloud-based solution that helps an organization to classify and optionally, protect its documents and emails by applying labels. Labels can be applied automatically by administrators who define rules and conditions, manually by users, or a combination where users are given recommendations.

The following picture shows an example of Azure Information Protection in action on a user’s computer. The administrator has configured a label with rules that detect sensitive data and in this example, it is credit card information. When a user saves a Word document that contains a credit card number, she sees a custom tooltip that recommends the label that the administrator has configured. This label classifies the document and protects it.

After your content is classified (and optionally protected), you can then track and control how it is used. You can analyze data flows to gain insight into your business, detect risky behaviors and take corrective measures, track access to documents, prevent data leakage or misuse, and so on.

https://docs.microsoft.com/en-us/azure/information-protection/what-is-information-protection

Click-to-Run

Click-to-Run is the technology used to install Office 365 subscription and most versions of Office 2013 and newer. Windows Installer technology (MSI) was used to install the volume license editions of older versions of Office 2016 and older, such as Microsoft Office Professional Plus and Microsoft Office Standard.

Traditional software downloads require a complete (and sometimes lengthy) download before the product can be unpackaged, installed and used on an endpoint computer. Click-to-Run streams Office installs over a network, much the same way YouTube streams videos to website visitors. Streaming allows the end user to open and use Office before the entire software suite has been downloaded. If the end user clicks on a part of Office that has not yet been downloaded, Click-to-Run will jump ahead to that part of Office and make it available. Once the entire download is complete and the software has been installed, the end user can run Office offline.

You can’t install the same version of Office products that use two different installation technologies installed on the same computer. This also applies to standalone applications like Access, Visio, Project, Skype for Business, or OneDrive for Business.

https://support.office.com/en-us/article/office-installed-with-click-to-run-and-windows-installer-on-same-computer-isn-t-supported-30775ef4-fa77-4f47-98fb-c5826a6926cd

Domain

A domain, in the context of networking, refers to any group of users, workstations, devices, printers, computers and database servers that share different types of data via network resources. There are also many types of subdomains.

A domain has a domain controller that governs all basic domain functions and manages network security. Thus, a domain is used to manage all user functions, including username/password and shared system resource authentication and access. A domain is also used to assign specific resource privileges, such as user accounts.

eDiscovery

Electronic discovery, or eDiscovery, is the process of identifying and delivering electronic information that can be used as evidence in legal cases. You can use eDiscovery in Office 365 to search for content in Exchange Online mailboxes, Office 365 Groups, Microsoft Teams, SharePoint Online and OneDrive for Business sites, and Skype for Business conversations. You can search mailboxes and sites in the same eDiscovery search by using the Content Search tool in the Security & Compliance Center. And you can use eDiscovery cases in the Security & Compliance Center to identify, hold, and export content found in mailboxes and sites. If your organization has an Office 365 E5 subscription, you can further analyze content by using Office 365 Advanced eDiscovery.

Office 365 provides the following eDiscovery tools:

  • Content Search in the Security & Compliance Center
  • eDiscovery Cases in the Security & Compliance Center
  • Office 365 Advanced eDiscovery

https://docs.microsoft.com/en-us/office365/securitycompliance/ediscovery

Microsoft Cloud App Security

Moving to the cloud increases flexibility for employees and reduces IT cost. However, it also introduces new challenges and complexities for keeping your organization secure. To get the full benefit of cloud applications, an IT team must find the right balance of supporting access while maintaining control to protect critical data.

Cloud App Security is a critical component of the Microsoft Cloud Security stack. It’s a comprehensive solution that can help your organization as you move to take full advantage of the promise of cloud applications, but keeps you in control through improved visibility into activity. It also helps increase the protection of critical data across cloud applications. With tools that help uncover shadow IT, assess risk, enforce policies, investigate activities, and stop threats, your organization can more safely move to the cloud while maintaining control of critical data.

https://docs.microsoft.com/en-CA/cloud-app-security/what-is-cloud-app-security

Microsoft Intune

Microsoft Intune is a cloud-based service in the enterprise mobility management (EMM) space that helps enable your workforce to be productive while keeping your corporate data protected. Similar to other Azure services, Microsoft Intune is available in the Azure portal. With Intune, you can:

  • Manage the mobile devices and PCs your workforce uses to access company data.
  • Manage the mobile apps your workforce uses.
  • Protect your company information by helping to control the way your workforce accesses and shares it.
  • Ensure devices and apps are compliant with company security requirements.

Common business problems that Intune helps solve:

  • Protect your on-premises email and data so that it can be accessed by mobile devices
  • Protect your Office 365 mail and data so that it can be safely accessed by mobile devices
  • Issue corporate-owned phones to your workforce
  • Offer a bring-your-own-device (BYOD) or personal device program to all employees
  • Enable your employees to securely access Office 365 from an unmanaged public kiosk
  • Issue limited-use shared tablets to your task workers

https://docs.microsoft.com/en-ca/intune/what-is-intune

Microsoft Secure Score

Ever wonder how secure your organization really is in Office 365? Secure Score analyzes your organization’s security based on your regular activities and security settings in Office 365, and assigns a score. Read the article at the following link to get an overview of Secure Score and how you can use it.

https://docs.microsoft.com/en-us/office365/securitycompliance/office-365-secure-score

Multi-Factor Authentication

Multi-factor authentication (MFA) is a method of authentication that requires the use of more than one verification method and adds a second layer of security to user sign-ins and transactions. It works by requiring any two or more of the following verification methods:

  • A randomly generated pass code
  • A phone call
  • A smart card (virtual or physical)
  • A biometric device

Office 365 Advanced Threat Protection

Office 365 Advanced Threat Protection (ATP) safeguards your organization against malicious threats posed by email messages, links (URLs) and collaboration tools. ATP includes:

  • Threat protection policies: Define threat-protection policies to set the appropriate level of protection for your organization.
  • Reports: View real-time reports to monitor ATP performance in your organization.
  • Threat investigation and response capabilities: Use leading-edge tools to investigate, understand, simulate, and prevent threats.
  • Automated investigation and response capabilities: Save time and effort investigating and mitigating threats.

https://docs.microsoft.com/en-CA/office365/securitycompliance/office-365-atp

Windows Defender Advanced Threat Protection

Windows Defender Advanced Threat Protection is a platform designed to help enterprise networks prevent, detect, investigate, and respond to advanced threats.

https://docs.microsoft.com/en-CA/windows/security/threat-protection/windows-defender-atp/windows-defender-advanced-threat-protection

Windows 10 AutoPilot

Windows Autopilot is a collection of technologies used to set up and pre-configure new devices, getting them ready for productive use. You can also use Windows Autopilot to reset, repurpose and recover devices.

This solution enables an IT department to achieve the above with little to no infrastructure to manage, with a process that’s easy and simple.

Windows Autopilot is designed to simplify all parts of the lifecycle of Windows devices, for both IT and end users, from initial deployment through the eventual end of life. Leveraging cloud-based services, it can reduce the overall costs for deploying, managing, and retiring devices by reducing the amount of time that IT needs to spend on these processes and the amount of infrastructure that they need to maintain, while ensuring ease of use for all types of end users.

https://docs.microsoft.com/en-us/windows/deployment/windows-autopilot/windows-autopilot

Advisicon is a Project, Program & Portfolio Management Company. We transform your organization's project management with a mix of methodology and technology that delivers results. Our team specializes in technology implementations, application and workflow development, training and consulting.
5411 NE 107th Ave, Suite 200
Vancouver
WA
98662
United States