Office 365 security & cloud controls: 100 days to secure your environment - Episode 7 скачать в хорошем качестве

Office 365 security & cloud controls: 100 days to secure your environment - Episode 7

Welcome to Week 7 of the ThreatLocker® Webinar “100 days to secure your environment.” In this episode, we explore Office 365 security, focusing on Conditional Access and the powerful capabilities offered by ThreatLocker. Jack Thompson, Director of Information Security, Risk, and Compliance for the Indianapolis Colts, shares how his organization transitioned from a reactive to a proactive security posture after implementing ThreatLocker®. He highlights the value of establishing a trusted software inventory and a known-good baseline of applications. Join our experts as they demonstrate how to go beyond default settings, implement tighter controls, and leverage ThreatLocker® Cloud Control and Cloud Detect to strengthen your organization's security. Learn how to: Build a trusted software inventory and establish a known-good baseline of applications, streamlining new software approvals while maintaining full visibility into endpoint activity. Shift from a reactive to a proactive mindset by focusing on baselining, rather than relying solely on threat intelligence and indicators of compromise. Configure robust Office 365 Conditional Access policies, requiring Multi-Factor Authentication (MFA) and blocking legacy authentication to harden defenses. Mitigate cookie theft by enabling non-persistent browser sessions and setting sign-in frequency controls to prevent token persistence. Apply country-based access restrictions using IP address-based location detection, which offers more precision than GPS-based methods. Securely manage break-glass accounts by excluding them from general policies and applying specific controls such as MFA, session limits, and routine testing to prevent misuse or lockout. Use ThreatLocker Unified Audit to centralize ingestion and search of Office 365 logs, simplifying navigation compared to Microsoft’s native portal. Leverage ThreatLocker Cloud Control and its mobile app to automatically update named locations with device IP addresses, supporting secure access for traveling users and requiring protected devices for privileged accounts. Detect compromise using ThreatLocker Cloud Detect to ingest Microsoft logs, identify indicators of compromise, and set custom alerts. New features include an Impossible Travel algorithm designed to reduce false positives and combat token theft using phone location and contextual login data. Take advantage of ThreatLocker MDR and Cyber Hero approvals for advanced threat detection, rapid incident response, and alerts other security tools may miss. Understand Microsoft’s Token Protection (Preview) feature and how it integrates with Cloud Control to enhance login session security.