Joe Stocker - Securing Microsoft 365
Here you can read online Joe Stocker - Securing Microsoft 365 full text of the book (entire story) in english for free. Download pdf and epub, get meaning, cover and reviews about this ebook. year: 2021, publisher: Publishing Xpert, genre: Computer. Description of the work, (preface) as well as reviews are available. Best literature library LitArk.com created for fans of good reading and offers a wide selection of genres:
Romance novel
Science fiction
Adventure
Detective
Science
History
Home and family
Prose
Art
Politics
Computer
Non-fiction
Religion
Business
Children
Humor
Choose a favorite category and find really read worthwhile books. Enjoy immersion in the world of imagination, feel the emotions of the characters or learn something new for yourself, make an fascinating discovery.
- Book:Securing Microsoft 365
- Author:
- Publisher:Publishing Xpert
- Genre:
- Year:2021
- Rating:5 / 5
- Favourites:Add to favourites
- Your mark:
Securing Microsoft 365: summary, description and annotation
We offer to read an annotation, description, summary or preface (depends on what the author of the book "Securing Microsoft 365" wrote himself). If you haven't found the necessary information about the book — write in the comments, we will try to find it.
Joe Stocker: author's other books
Who wrote Securing Microsoft 365? Find out the surname, the name of the author of the book and a list of all author's works by series.
Securing Microsoft 365 — read online for free the complete book (whole text) full work
Below is the text of the book, divided by pages. System saving the place of the last page read, allows you to conveniently read the book "Securing Microsoft 365" online for free, without having to search again every time where you left off. Put a bookmark, and you can go to the page where you finished reading at any time.
Font size:
Interval:
Bookmark:
Joe Stocker is the founder and CEO of Patriot Consulting, one of the top Microsoft Security partners in the United States. Patriot Consulting has completed more than 800 cybersecurity projects since 2015.
Joes expertise and leadership have resulted in Patriot being invited into the Microsoft Elite Security Partner program and the Microsoft Security Partner Advisory Council (SECPAC). These two invite-only programs are limited to a small handful of Microsoft partners worldwide.
In 2020, Joe was awarded the Microsoft MVP award for his work in security (1 of 23 in the United States). Joe was invited by Microsoft to provide cybersecurity consulting services for Microsoft Defending Democracy, which helped to secure the US 2020 Elections. In 2021, this program was extended to provide services to 31 democracies around the world.
Joe started his career in 1999 as a system administrator and began public speaking in 2008. Joe writes a technology blog at www.TheCloudTechnologist.com and hosts a podcast on Spotify and iTunes called Cybersecurity 101 with Joe and Larry.
Joe lives in California with his family and enjoys studying the Bible.
Copyright 2021 Joe Stocker
All rights reserved. This book or any portion thereof may not be reproduced or used in any manner whatsoever without the express written permission of the publisher except for the use of brief quotations in a book review.
Contents
Over the past decade, Ive had the honor of speaking to more than 3,000 companies around the world about cybersecurity trends and listening to their top concerns. And as a consultant specializing in Microsoft Cybersecurity, Ive helped hundreds of organizations deploy Microsoft solutions. There are three topics that have remained consistent, and I expect will continue to remain a focus:
1) Identity
2) Email
3) Devices
Did you know that more than 90% of the Fortune 500 and 500,000 businesses in the United States use Microsoft 365? This book is for those IT Professionals or Security Analysts that are responsible for protecting these 250 million users of Microsoft 365. I will share with you the best practices I have used successfully to protect some of the worlds largest organizations, including government institutions, banks, healthcare, retail, manufacturing, entertainment, and several other industries.
This book describes how to defend against attacks that I have observed first-hand while responding to security incidents. I have investigated the Tactics, Techniques, and Procedures that adversaries have used to hack and which countermeasures have been effective.
My job as a security consultant is to listen to the threats that organizations are facing and then present effective solutions. Often, the problems are urgent. For example, as I write this introduction, I am thinking about how to best help three different organizations that I spoke with today.
The first was a local government agency that had their email compromised and needed to determine whether it was an insider attack or an external threat. (70% of all breaches in 2020 were caused by outsiders ). In Chapter Ten, Incident Response, I will share the techniques I use when responding to account takeovers in Microsoft 365.
The second was a global logistics company under a massive bot-net attack that threatened to disrupt their shipments. In Chapter Four, Preventing Data Breaches, I will explore Microsoft solutions that can detect and prevent data breaches.
The third was a humanitarian organization responsible for solving food insecurity in 100 countries. They found out that their Microsoft 365 configuration was spilling personally identifiable information for children in Africa who had been recently diagnosed with HIV. In Chapter Eight, Preventing Sensitive Data Leaks, I will describe each Microsoft solution that can help with these types of issues.
These three conversations all happened in one day, and that is why I decided to write this book. I feel a sense of urgency to share my knowledge with as many people as possible because these problems are often preventable.
Network Firewalls have been the de facto security perimeter since they were invented in the late 1980s Many go unreported to avoid damaging public reputation, although this is changing due to new global, federal, and state regulations that impose fines for not reporting breaches to personally identifiable information.
So, what changed?
As organizations began adopting Cloud Computing in general, or Software as a Service (SaaS) Ten years ago, an email address was typically different from the username, and so when organizations started moving to the cloud, they changed the username to equal the email address. This one change reduced the number of factors for an attacker to guess by 50%.
For Microsoft 365, the username is the email address of security tools, where junior-level hackers can leverage code written by skilled programmers (in the 2000s they were called script kiddies). Various studies have found that users will click on around 20% to 50% of phishing emails designed to trick the user into giving away their username and password.
Another thing that changed was the aggregation of password dumps for sale in dark corners of the internet, making it simple for newbie hackers to perform more effective targeted attacks using credential stuffing tools from all the hacked websites over the years and target a list of popular websites like Microsoft 365 or Google. These tools leverage a human weakness known as password recycling, where we often reuse the same password on sites like Netflix with other websites such as Spotify. If one of these sites is hacked and the credentials are obtained, hackers load these passwords into tools to see what other websites the email address and password combination will work on.
Are Network Firewalls still important? Absolutely! Researchers at the University of Maryland purposefully placed vulnerable computers on the Internet to see how often they would be attacked and observed one attack every 39 seconds.
For organizations that have adopted cloud technologies, their security perimeter is now the Identity of the user signing into the cloud service. Technically, this has been true for the past ten years and many organizations are just now realizing the need for additional layers of in-depth defense around identity.
So how do we prevent unauthorized access to Microsoft 365?
It starts with securing an identity to use other factors besides the password. While some security vendors are limited to just two factors of authentication (sometimes referred to as two-factor authentication or 2FA), Microsoft provides multiple factors of authentication (MFA). However, not all MFA options are created equally. We will describe the available options and point out the pros and cons of each.
The most common 2 nd factor of authentication . SMS has its limitations, as we will describe next, but it is certainly better than nothing at all because it blocks automated password spray attacks.
Font size:
Interval:
Bookmark:
Similar books «Securing Microsoft 365»
Look at similar books to Securing Microsoft 365. We have selected literature similar in name and meaning in the hope of providing readers with more options to find new, interesting, not yet read works.
Discussion, reviews of the book Securing Microsoft 365 and just readers' own opinions. Leave your comments, write what you think about the work, its meaning or the main characters. Specify what exactly you liked and what you didn't like, and why you think so.