Matthew Katzer - Securing Office 365: Masterminding MDM and Compliance in the Cloud

Matthew Katzer

Securing Office 365 Masterminding MDM and Compliance in the Cloud

To Barbaramy friend, business partner, soul mate, and wife to whom I owe so much; I could never have written this book without your love and support.

About the Technical Review

Unlike most technical reviews, this one took a team approach, leveraging the talents of the internal team at KAMIND IT. This book lays out a collective and strategic security road map for businesses using Office 365. It brings together hard-earned notes from the field that the team at KAMIND IT has generated to help educate our clients as we support their goals for migrating to a secure environment based on Microsoft Office 365. Also, many customers attended KAMIND ITs Microsoft Cloud Immersion Experience training and gave feedback and suggestions to further clarify how Office 365 security can be easily implemented.

I started writing this book in 2016. At that time, the European Union had just released the new requirements for data privacy. Businesses were being breached, and millions of data records were being stolen and sold. Large organizations such as Sony, Target, and Equifax had millions of records of information stolen and sold on the dark web. Privacy was in turmoil. Some online search companies were selling millions of records of information for revenue. I was concerned and wanted to help businesses that use Office 365 do so in a secure manner.

Fresh off of coauthoring two security books, I personally felt that there were no reasons for having data breaches on Office 365. I researched the problem and discovered that the issue was directly related to the Office 365 subscriptions that the users purchased and their configurations. I also discovered that there was a secondary problem: users and most IT professionals did not know how to configure Office 365 in a secure manner. So, my goal with this book was to produce a practical security guide that could be used by businesses and IT companies in the Office 365 community.

Office 365 is a cloud-based service based on familiar software that you knowthe Microsoft Office suite. It simply works, and you dont have to give up your intellectual property to use the service. Microsoft is adamant that the customer owns the data; Microsoft is only a custodian of the customer data, with a shared responsibility with the client. This is important. Not all cloud solutions are this forthright. My customers who use Office 365 have significantly reduced their IT service costs and their concerns in the areas of data security, compliance, and discovery. They reduce their IT costs because my company helps them choose the correct Office 365 licenses and helps them manage the security and logs.

This is a critical book of knowledge based on tried-and-true methods to deploy the services for Office 365. Office 365 is a secure service. The challenge was to write a book on a complex subject about security configurations in Office 365 and Azure cloud services and structure the book in such a way that any user could deploy Office 365/Azure securely. In some ways, I consider this a living book about security for Office 365. Not only does it cover the security of today, but given the changing nature of the tech world, the content will expand and evolve with newer tips and techniques through the blog at www.kamind.com/blog .

The problem has been how to present the information in a roadmap form that will help you build a secure solution for your company on Office 365. To do this I decided to use the Microsoft 365 E5 subscription along with an Azure Cloud Solution Provider (CSP) subscription and walk through the configuration process.

Security and compliance need to be a way of life as business becomes more digital. We need to look at the tools and how we run our businesses to determine how best to manage and secure them. The goal of the chief information security officer (CISO) and business owners is to protect and secure assets to increase business value. Security, Office 365, and Azure are all complex topics. I found the best way to describe this is to use one of the Microsoft simplified roadmaps that shows the security products and how they interoperate with each other. This chapter is an overview of the different security technologies and gives you the background. At the end of this chapter, you will have an understanding of the path we will follow on Office 365 and Azure security configuration.

Office 365 and Azure are complex. As an Office 365 administrator, you need to configure the Office 365 portion of security but also the Azure security services. In this chapter, we build out the Azure data collection portals and the dashboards that are used to monitor and collect data. The information services we configure are Log Analytics Services, Azure Security Center and Office 365 Admin and Compliance Center. As part of this chapter, we link Cloud App Security to start the data collection from Office 365 and the device endpoints. Security is about information collection and analysis. In this chapter, you will see how to set up the Office 365 Security & Compliance Center and Azure Security Center. At the end of this chapter, you will have configured the key cloud data collection services.