Microsoft Security and Management Part (1)

As soon as you have in touch with a computer, you will be familiar to the products of Microsoft. We usually use Microsoft Office applications such as Word, Excel and PowerPoint in daily work using a computer with Windows OS. And then, we use the email system. Some users also use the exchange emails, Outlook or Office 365 emails for the email system. Moreover, cloud applications and Cloud Infra are also used on Azure Cloud nowadays. So, the main point that I want to talk is about Microsoft product usability from past to the present time. Among those kind of step by step changes of technology and environments, security plays one of the important roles. In this topic, I will explain how to maintain to get the best security practice while using Microsoft features. Therefore, this article will continue under the topic of “Microsoft Security and Management”.

‍‍‍‍‍‍Firstly, I would like to explain about the scenarios of Microsoft features in daily work using as a end-user before learning for Microsoft Security.

  1. We use Windows OS computers mostly.
  2. Office applications such as Word, Excel, PowerPoint are used for creating documents and data.
  3. There are email systems for both the internal and external organization.
  4. Office 365, the widely used email system together with chat-based Workspace, is called Microsoft Teams.

And then,

  • using Skype for Business for voice, video and meeting,
  • using SharePoint for file sharing and
  • using Yammer for social application.
  1. Using cloud-based applications from a computer via the internet. (These above five facts are shown as examples only.)

‍‍‍‍‍‍If there are some weaknesses of security or breaching security in using many types of applications, there will be loss in the business. Microsoft Security has already prepared many solutions for those problems.

‍‍‍‍‍‍I’ll present each solution and its functions. Among these solutions, security management solutions for computer devices, files and Office 365 E-mails will be presented in this content. (About Azure Cloud Security Solution, Cloud Applications Solution and Server Security Solutions will be presented in the next content).

‍‍‍‍‍‍Security solutions

=============

– Message Encryption

– eDiscovery

– Windows Information Protection

– Azure Information Protection

– Advanced Threat Protection

– Azure Active Directory

– Mobile Device Management

– Mobile Application Management

– Office365 Data Loss Prevention

and so on. (Among these, I am going to describe the solutions that were cover the daily use scenarios for End User.)

‍‍‍‍‍‍Windows Information Protection

=======================

Information Protection means protecting information and data. The data and information from our computers will be protected by using Windows Information Protection policies for blocking Copy and Paste option. The important data (example – Credit Card Number, Sensitive Data and financial data) will be defined as restricted data for copy and paste actions. So, the important data can’t reach to other external organizations and unauthorized persons.

‍‍‍‍‍‍Azure Information Protection – AIP

=======================

✅ In AIP, there are 5 steps as working steps.

✅ They are Classification, Labeling, Protection, Monitoring and Responding.

✅ The classification of data is started as the first step. (After reading and scanning on file, data classification is started to define the sensitive data, the important data and restricted data in files.)

✅ As the next step, the classified file will be labelled as a sensitive file, important file or confidential file and so on.

✅ In step – 3, rules and policies are set up to protect these labelled files by blocking the forward, the copy/paste operations and defining as the read only permission if it is a confidential file.

✅ As the step 4, Monitoring stage by security management of the organization is included.

✅ The last stage is taking revoking access if there is required to take revoke action based on the monitoring solution.

Advanced Threat Protection – ATP

=======================

✅ The main task of Advanced Threat Protection (ATP) is to protect the zero-day attack.

✅ Hacker can attack our email system by sending malicious URLs or malicious attached files. At this time, users will click on this malicious URL or open the malicious file. The hacker will phish the user to enter the user’s password. When the user enters the password, the password is leaked to the hacker and confidential data and information will be hacked and lost.

✅ Now, most of the organizations are confronting the phishing mails attack.

✅ So, we can define security policies not to receive the phishing mail, malicious links and malicious files in our organization

✅ Can set rules and policies not to take any actions by end users if the malicious attack were received. Thank you for reading and other policies will be present at Part-2 content.

Don’t forget to share this post!