Security as Code in Office 365

Paul Colmer
25 July, 2018 10:36
email
Bookmark
Share this post
- facebook facebook
- slashdot slashdot
- digg digg
- Reddit Reddit
- stumbleupon stumbleupon
- linkedin linkedin
- twitter twitter

Paul Colmer

Lead digital architect ALC Training and Consulting
Website
Twitter

Paul Colmer is the lead digital architect ALC Training and Consulting. He is responsible for creating and running all the cloud security courses, which include CCSP, AWS, Azure, Office 365 and cloud foundation certifications.

A few months back, I was running a course in Auckland , where I demo the Office 365 Security & Compliance Center. The great thing about this new tool, is that it is policy-based, interactive and extremely visual.

What does that really mean?

You need to firstly determine the important information around your corporate security posture. Then you can translate this into the Security & Compliance Center, via a series of rules. This allows you to maintain compliance with the law, a regulated industry and your company polices.

Once the policies are in place, you have a series of interactive visualisations and methods, for determining how end-users are using the platform and whether they are in breach of your policies.

Here is a simple example. I always recommend starting with the Secure Score, once you have your Office 365 tenant running. You’ll need an E1 / E3 or E5 licence to be able to follow this through:

Go to Home.
Click on the Customise button.
Click onto Add Widget, click the Office 365 Secure Score tile and click Add:

Don’t forget to Save the customised home screen and then access the tile by clicking on Go to Secure Score:

Depending on the security posture of your organisation, you can choose to increase or decrease your target secure score. A way of benchmarking this is to have a look at other clients with a similar profile, using the comparison bar chart:

The types of recommendations the tool makes can include the following:

Multi-Factor authentication recommendations to prevent simple password only logins.
Enable audit data recording, so you have an audit trail in the event of a security incident.
Reviewing malware detections reports on a weekly basis to ensure that you’re protected from the latest advanced persistent threats.

Other incredible features that are policy-based include setting up Data Loss Prevention Rules, using pre-defined templates that align to geography and industry:

Setting up Data Governance Rules to ensure that you retain contain in-line with legislation and ensure it is securely deleted after that time:

Obtaining all the various compliance reports associated with Office 365 and Azure for a particularly geography and industry:

Lastly here is a great tweet on how to setup permissions in the Office 365 Security & Compliance Center:

https://twitter.com/MusicComposer1/status/971592726297718785

The trick with permissions, is to understand the various roles that you can assign to groups and users and how permissive or restrictive those roles are. If you need to tailor the roles, keep the original defaults, and simply create a new role, with a detailed description of how it differs from the default role.

If you’re interested in learning more about the Office 365 Security & Compliance Center, there are plenty of great links on TechNet, starting here:

https://technet.microsoft.com/en-us/library/dn532171.aspx

And if you feel you need something a little more, check out our face-to-face classroom training course. The 'pièce de résistance' is where I interactively demo the tool and coach you through the latest security best practices:

https://www.alctraining.com.au/course/office-365-security-compliance/

And finally, here is a great iconic picture to share, showing the wonderful city of Auckland and the great country that is New Zealand: