You are here because you believe in the value you are receiving from Microsoft in your current subscription, what you need or want to know is how you can recognise further value by consuming more of your entitlement for Enterprise Mobility and Security under your subscription and improving your risk posture.
It is no longer a case of “if” but “When” a breach will occur. The fact that you are here means you are ready to be proactive rather than becoming a statistic.
Knowing who has access to your environment, from where, and when will significantly reduce the risk of credential theft, unauthorised access, and ultimately data loss, IP theft and/or reputational damage when a breach has to be disclosed.
Visibility into the Microsoft One Security capability and how you can rationalise vendors, products, and 3rd party subscriptions by Leveraging the built in capabilities of Windows will help you recognise costs savings.
In more than 63% of data breaches, attackers gain corporate network access through weak, default, or stolen user credentials. Conditional access focuses on securing the user identity. It slams the door on credential theft by managing and protecting your identities, whether privileged or non-privileged
Every 53 Seconds a laptop is stolen
63% of attacks involve weak, default, or stolen passwords
WHAT YOU NEED TO KNOW
Are people accessing your environment who they say you are, should they have access, and to do what? We will be covering Identity access & management, including credential management, conditional access, Azure AD Identity protection & privileged identity protection.
HOW DO WE DO IT
Understand how to manage user and location based conditional access – The same user cannot login from Sydney at 10am and then from Hong Kong at 10:30am this is an impossible travel scenario.
Understand how to reduce risk with “just-in-time” access for super users or global admins – reducing the number of shared or global admins and associated risks (more global admins – more targets)
WHAT YOU NEED TO CONSIDER
You might be thinking I don’t have the problem – why should I need this?
Can you be sure that individuals connecting with your business are not malicious, can you verify that a user is who they say they are, can you ensure that “just in time” access is granted for admins to do what they need to do and no more?