Educause Security Discussion mailing list archives
M365 Users' Group -September 17th Microsoft Azure AD Portal Security and Conditional Access Policies
From: John Ramsey <jramsey () STUDENTCLEARINGHOUSE ORG>
Date: Tue, 14 Sep 2021 17:28:40 +0000
Good afternoon, One last friendly reminder that there is a M365 Users’ Group session scheduled for Friday, September 17th from 1:00-3:00pm EST. This third session will cover Microsoft Azure AD Portal Security and Conditional Access Policies (located at https://portal.azure.com/#home<https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fportal.azure.com%2F%23home&data=04%7C01%7Cjramsey%40STUDENTCLEARINGHOUSE.ORG%7C290ca191c6ab4f8e344008d971f45c50%7C8cc02fea054043a688b6069d3eac0119%7C0%7C1%7C637666116629775084%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C5000&sdata=k1%2B%2ByOcmAbByA1H5SIu%2BPL8KFqlnOroyh3nuxi3zdX4%3D&reserved=0> We will look at policies for risky users, risky sign ins, and how to automate access control to counter High risks.) I will also begin the demonstration with a 10 minute discussion on the DHS NCATS scan and walk through the report. I will record this session, similar to what we did last month for anybody that can’t make it. Location is https://studentclearinghouse.webex.com/meet/joramsey<https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fstudentclearinghouse.webex.com%2Fmeet%2Fjoramsey&data=04%7C01%7Cjramsey%40STUDENTCLEARINGHOUSE.ORG%7C290ca191c6ab4f8e344008d971f45c50%7C8cc02fea054043a688b6069d3eac0119%7C0%7C1%7C637666116629785037%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C5000&sdata=3do7Aj8euAsEK19BUCoqkbsEtLSt8UNMPI5UJ2edbgY%3D&reserved=0>. We’ve had about 900 attendees so far since the first session in January. Please feel free to invite key staff that might benefit from the demonstrations. High level agenda is below. * Discuss external scan reporting * MS Azure AD, Conditional Access Policies: high level overview https://portal.azure.com/#home<https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fportal.azure.com%2F%23home&data=04%7C01%7Cjramsey%40STUDENTCLEARINGHOUSE.ORG%7C290ca191c6ab4f8e344008d971f45c50%7C8cc02fea054043a688b6069d3eac0119%7C0%7C1%7C637666116629785037%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C5000&sdata=dZd1GLR0tkXitaHnFvKLA86mue7X7fWszoF57FW5WuA%3D&reserved=0> * Sign-in logs * Security * Risky users * Risky sign-ins * Risk detections * Identity Secure Score * Named Locations/Authentication Methods/MFA * Identity Protection (and reviewing the User risk/sign-in/MFA policies) * Conditional Access Policies * Setting up MFA via Conditional Access Policies and its importance. * Q&A Please don’t hesitate to reach out with any questions at any time. If you wish to join the M365 Users’ group, send a subscription request from a .edu email address to m365-sec-join () lists ren-isac net<mailto:m365-sec-join () lists ren-isac net>. You should receive notification of your approval within a few days of the request. While REN-ISAC is hosting this email list, you do not have to be a member to participate. All interested parties with a valid .edu email address are invited. Please note, list participants are not considered members of REN-ISAC and are not vetted in the traditional manner, and acceptance into the mailing list does not confer REN-ISAC membership status. John John Ramsey, Chief Information Security Officer National Student Clearinghouse Certified: CISSP, CISM, PMP, CSSLP, CRISC, CGEIT 2300 Dulles Station Blvd., Suite 220 Herndon, VA 20171 703.742.4428 | studentclearinghouse.org<https://nam10.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.studentclearinghouse.org%2F&data=04%7C01%7Cjramsey%40STUDENTCLEARINGHOUSE.ORG%7C290ca191c6ab4f8e344008d971f45c50%7C8cc02fea054043a688b6069d3eac0119%7C0%7C1%7C637666116629794995%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C5000&sdata=%2FNN1KszQmFZElcvAxqiaXdIiEZJjUwRwN7oHfXSVin4%3D&reserved=0> LinkedIn<https://nam10.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fnational-student-clearinghouse&data=04%7C01%7Cjramsey%40STUDENTCLEARINGHOUSE.ORG%7C290ca191c6ab4f8e344008d971f45c50%7C8cc02fea054043a688b6069d3eac0119%7C0%7C1%7C637666116629794995%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C5000&sdata=LCWra%2Fs4W8LauwXyx8mrIlmLGCZfM%2F7seQIN0LfCFGc%3D&reserved=0> | Twitter<https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftwitter.com%2Fnsclearinghouse&data=04%7C01%7Cjramsey%40STUDENTCLEARINGHOUSE.ORG%7C290ca191c6ab4f8e344008d971f45c50%7C8cc02fea054043a688b6069d3eac0119%7C0%7C1%7C637666116629804949%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C5000&sdata=UXT%2FM4TvwalJakVugP8KMESQkjTunsxMvbUf5JPPfkg%3D&reserved=0> | Facebook<https://nam10.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.facebook.com%2FNSClearinghouse&data=04%7C01%7Cjramsey%40STUDENTCLEARINGHOUSE.ORG%7C290ca191c6ab4f8e344008d971f45c50%7C8cc02fea054043a688b6069d3eac0119%7C0%7C1%7C637666116629804949%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C5000&sdata=Os%2BP7hY1V0%2BmnB2P137YsxUzsC2IQoSm3Eur3Y6nRZ4%3D&reserved=0> | Blog<https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.studentclearinghouse.org%2Fnscblog%2F&data=04%7C01%7Cjramsey%40STUDENTCLEARINGHOUSE.ORG%7C290ca191c6ab4f8e344008d971f45c50%7C8cc02fea054043a688b6069d3eac0119%7C0%7C1%7C637666116629814906%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C5000&sdata=4ONxmM3tGRI2aW5WFO44EznljsuuquX51cdQlgZAVts%3D&reserved=0> | Instagram<https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.instagram.com%2FNSClearinghouse%2F&data=04%7C01%7Cjramsey%40STUDENTCLEARINGHOUSE.ORG%7C290ca191c6ab4f8e344008d971f45c50%7C8cc02fea054043a688b6069d3eac0119%7C0%7C1%7C637666116629814906%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C5000&sdata=6H99t0m4tb3LwLAegWHjSB0lmbb2IlZp7JattmLELSE%3D&reserved=0> Serving Education Since 1993 This message is proprietary to the National Student Clearinghouse, is intended only for the addressee and may contain confidential or privileged information. If you receive this message in error, please contact the sender and delete all copies. Future sessions: 2021 * June 11th. Microsoft 365 Security Center. This is an overview of Windows Defender, settings, and most widely used components with the “biggest bang for the buck.” https://security.microsoft.com/homepage<https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsecurity.microsoft.com%2Fhomepage&data=04%7C01%7Cjramsey%40STUDENTCLEARINGHOUSE.ORG%7C290ca191c6ab4f8e344008d971f45c50%7C8cc02fea054043a688b6069d3eac0119%7C0%7C1%7C637666116629824863%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C5000&sdata=HhRnM61E2JlIbfleIvZgKf%2FjCTyb1VMHNRFFncN7xPs%3D&reserved=0> * July 16th . Microsoft Defender for Identity (aka Azure ATP). https://www-nslc-org.atp.azure.com/<https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww-nslc-org.atp.azure.com%2F&data=04%7C01%7Cjramsey%40STUDENTCLEARINGHOUSE.ORG%7C290ca191c6ab4f8e344008d971f45c50%7C8cc02fea054043a688b6069d3eac0119%7C0%7C1%7C637666116629824863%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C5000&sdata=EeSUUGAoJAqU3OfpTg4KA24b%2BLh%2FsrCZJgg%2FtvsNZrk%3D&reserved=0> (Replace NSC’s domain with your domain.) This touches on the automated security and reporting of the domain controllers, AKA the “keys to the kingdom”. * August 13th. Microsoft Cloud App Security. https://studentclearinghouse.portal.cloudappsecurity.com/#/dashboard<https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fstudentclearinghouse.portal.cloudappsecurity.com%2F%23%2Fdashboard&data=04%7C01%7Cjramsey%40STUDENTCLEARINGHOUSE.ORG%7C290ca191c6ab4f8e344008d971f45c50%7C8cc02fea054043a688b6069d3eac0119%7C0%7C1%7C637666116629834825%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C5000&sdata=pdmReXPgYS5ebV9I76eD7l0%2F5v759UaounBA7ivGe3M%3D&reserved=0> (Replace NSC’s domain with your domain.) This provides feedback on where users connect and how you can quickly via automation not allow access to high risk areas. * September 17th. Azure Security (which comes with Microsoft 365.) https://portal.azure.com/#home<https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fportal.azure.com%2F%23home&data=04%7C01%7Cjramsey%40STUDENTCLEARINGHOUSE.ORG%7C290ca191c6ab4f8e344008d971f45c50%7C8cc02fea054043a688b6069d3eac0119%7C0%7C1%7C637666116629834825%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C5000&sdata=AAiHK4%2FbnqL7bvm6peJazyRxn6eZSwTElfGOSWTFcHg%3D&reserved=0> We will look at policies for risky users, risky sign ins, and how to automate access control to counter High risks. * October 15th. Microsoft Compliance Manager and DLP. * November 12th. Deep Dive into Microsoft Defender for Endpoint, presented by John Taylor, Deputy CISO, JHU and JHM. * December 10th. TBD 2022 * January 21st (this is deviation from second Friday.) * February 11th. * March 11th. * April 8th. * May 13th. Difference between E3/A3 and E5/A5 licensing: * Microsoft 365 Enterprise | Microsoft Licensing Resources<https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.microsoft.com%2Fen-us%2Flicensing%2Fproduct-licensing%2Fmicrosoft-365-enterprise%3Factivetab%3Dm365-enterprise%3Aprimaryr5&data=04%7C01%7Cjramsey%40STUDENTCLEARINGHOUSE.ORG%7C290ca191c6ab4f8e344008d971f45c50%7C8cc02fea054043a688b6069d3eac0119%7C0%7C1%7C637666116629844778%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C5000&sdata=AT%2BUMHkBFUkzsaffXlCAE4nRKoPRuONhyNoydH3YTvQ%3D&reserved=0> * Enterprise Mobility and Security Pricing Options (microsoft.com)<https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.microsoft.com%2Fen-us%2Fmicrosoft-365%2Fenterprise-mobility-security%2Fcompare-plans-and-pricing&data=04%7C01%7Cjramsey%40STUDENTCLEARINGHOUSE.ORG%7C290ca191c6ab4f8e344008d971f45c50%7C8cc02fea054043a688b6069d3eac0119%7C0%7C1%7C637666116629854737%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C5000&sdata=pfdPKJYDQ2BIaxc%2FHcXuMFUeXO9%2F1hKGTi%2FIUD4hmFw%3D&reserved=0> * Compare Office 365 Enterprise | Microsoft<https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.microsoft.com%2Fen-us%2Fmicrosoft-365%2Fenterprise%2Fcompare-office-365-plans%3Fef_id%3Dad1fb9ae3053173c2bbbd908aa2e3e45%3AG%3As%26OCID%3DAID2100137_SEM_ad1fb9ae3053173c2bbbd908aa2e3e45%3AG%3As%26lnkd%3DBing_O365SMB_Brand%26msclkid%3Dad1fb9ae3053173c2bbbd908aa2e3e45&data=04%7C01%7Cjramsey%40STUDENTCLEARINGHOUSE.ORG%7C290ca191c6ab4f8e344008d971f45c50%7C8cc02fea054043a688b6069d3eac0119%7C0%7C1%7C637666116629854737%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C5000&sdata=QI24Hvbt8t9CoTCxR5xVOdxqPQ%2FROqAiQNU%2FNn8a26Q%3D&reserved=0> * Enterprise Mobility and Security | Microsoft Security<https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.microsoft.com%2Fen-us%2Fsecurity%2Fbusiness%2Fenterprise-mobility-security&data=04%7C01%7Cjramsey%40STUDENTCLEARINGHOUSE.ORG%7C290ca191c6ab4f8e344008d971f45c50%7C8cc02fea054043a688b6069d3eac0119%7C0%7C1%7C637666116629864690%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C5000&sdata=%2F9e6vvqqupkS6M7jJ23hbUyEv0a9vT4BtHkeZHWHgZY%3D&reserved=0> -~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~- - Do not delete or change any of the following text. - Join my Webex Personal Room meeting. Join meeting<https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fstudentclearinghouse.webex.com%2Fmeet%2Fjoramsey&data=04%7C01%7Cjramsey%40STUDENTCLEARINGHOUSE.ORG%7C290ca191c6ab4f8e344008d971f45c50%7C8cc02fea054043a688b6069d3eac0119%7C0%7C1%7C637666116629864690%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C5000&sdata=I4HBwBp7wsxECrF3IzM2G0FkeWi0lNr8qy06dm3asyg%3D&reserved=0> Meeting link: https://studentclearinghouse.webex.com/meet/joramsey<https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fstudentclearinghouse.webex.com%2Fmeet%2Fjoramsey&data=04%7C01%7Cjramsey%40STUDENTCLEARINGHOUSE.ORG%7C290ca191c6ab4f8e344008d971f45c50%7C8cc02fea054043a688b6069d3eac0119%7C0%7C1%7C637666116629874643%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C5000&sdata=F7u7iAAgHEB0FrkugzHGdJFNpXeLj9kGXbFQCBjjmWk%3D&reserved=0> Meeting number (access code): 790 211 691 Join by phone Tap to call in from a mobile device (attendees only) 1-866-469-3239<tel:1-866-469-3239,,*01*790211691##*01*> USA Toll Free +1-650-429-3300<tel:+1-650-429-3300,,*01*790211691##*01*> USA Toll Global call-in numbers <https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fstudentclearinghouse.webex.com%2Fstudentclearinghouse%2Fglobalcallin.php%3FserviceType%3DMC%26eventID%3D895104342%26tollFree%3D1&data=04%7C01%7Cjramsey%40STUDENTCLEARINGHOUSE.ORG%7C290ca191c6ab4f8e344008d971f45c50%7C8cc02fea054043a688b6069d3eac0119%7C0%7C1%7C637666116629874643%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C5000&sdata=XIbw9mzHbisfgDtld6DqsmWtk2jb%2FM9EwCuezCAUmus%3D&reserved=0> | Toll-free calling restrictions<https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.webex.com%2Fpdf%2Ftollfree_restrictions.pdf&data=04%7C01%7Cjramsey%40STUDENTCLEARINGHOUSE.ORG%7C290ca191c6ab4f8e344008d971f45c50%7C8cc02fea054043a688b6069d3eac0119%7C0%7C1%7C637666116629884607%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C5000&sdata=6DzWXFMaVJYlRStbDortj%2F8BHhKMCg84sJSKY1v28Mg%3D&reserved=0> Join from a video conferencing system or application Dial joramsey () studentclearinghouse webex com<sip:joramsey () studentclearinghouse webex com> Skype joramsey.studentclearinghouse () lync webex com<sip:joramsey.studentclearinghouse () lync webex com> You can also dial 173.243.2.68 and enter your meeting number. © 2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. 2.4.0.0 ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community<https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.educause.edu%2Fcommunity&data=04%7C01%7Cjramsey%40STUDENTCLEARINGHOUSE.ORG%7C290ca191c6ab4f8e344008d971f45c50%7C8cc02fea054043a688b6069d3eac0119%7C0%7C1%7C637666116629884607%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C5000&sdata=uDurAcJI3%2B%2BmTngPwxcvA9lMktTY58UkXutkj8RIFFo%3D&reserved=0> ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community<https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.educause.edu%2Fcommunity&data=04%7C01%7Cjramsey%40STUDENTCLEARINGHOUSE.ORG%7C290ca191c6ab4f8e344008d971f45c50%7C8cc02fea054043a688b6069d3eac0119%7C0%7C1%7C637666116629894564%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C5000&sdata=GkAFTwd7YF5et5dUTRA6yj5qd2twVkVlTnNPNY4DEvY%3D&reserved=0> ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
--- Begin Message --- From: John Ramsey <jramsey () studentclearinghouse org>
Date: Tue, 7 Sep 2021 11:35:11 +0000
BEGIN:VCALENDAR METHOD:PUBLISH PRODID:Microsoft Exchange Server 2010 VERSION:2.0 BEGIN:VTIMEZONE TZID:Eastern Standard Time BEGIN:STANDARD DTSTART:16010101T020000 TZOFFSETFROM:-0400 TZOFFSETTO:-0500 RRULE:FREQ=YEARLY;INTERVAL=1;BYDAY=1SU;BYMONTH=11 END:STANDARD BEGIN:DAYLIGHT DTSTART:16010101T020000 TZOFFSETFROM:-0500 TZOFFSETTO:-0400 RRULE:FREQ=YEARLY;INTERVAL=1;BYDAY=2SU;BYMONTH=3 END:DAYLIGHT END:VTIMEZONE BEGIN:VEVENT ORGANIZER;CN=John Ramsey:mailto:jramsey () studentclearinghouse org ATTENDEE;ROLE=REQ-PARTICIPANT;PARTSTAT=NEEDS-ACTION;RSVP=TRUE;CN=m365-sec@l ists.ren-isac.net:mailto:m365-sec () lists ren-isac net ATTENDEE;ROLE=OPT-PARTICIPANT;PARTSTAT=NEEDS-ACTION;RSVP=TRUE;CN="Madl, Mich ael":mailto:michael.madl () indwes edu ATTENDEE;ROLE=OPT-PARTICIPANT;PARTSTAT=NEEDS-ACTION;RSVP=TRUE;CN=James R At kinson:mailto:jamesratkinson () abtech edu ATTENDEE;ROLE=OPT-PARTICIPANT;PARTSTAT=NEEDS-ACTION;RSVP=TRUE;CN="Miller, Je remy A (KCTCS)":mailto:jeremy.miller () kctcs edu DESCRIPTION;LANGUAGE=en-US:Good morning\,\nFriendly reminder that there is a M365 Users’ Group session scheduled for Friday\, September 17th from 1 :00-3:00pm EST. This is a deviation from the original scheduled date of S eptember 10th. This third session will cover Microsoft Azure AD Portal Se curity and Conditional Access Policies (located at https://portal.azure.c om/#home<https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2 Fportal.azure.com%2F%23home&data=04%7C01%7Cjramsey%40studentclearinghouse. org%7Cdde61c326ed8418bd19a08d95cbedb6d%7C8cc02fea054043a688b6069d3eac0119% 7C0%7C1%7C637643632063179826%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiL CJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C5000&sdata=lyUHLE5vLsf5SY8 1ZjhZIxzmv1dsZ7nsvqqi8tQ%2Fusg%3D&reserved=0> We will look at policies fo r risky users\, risky sign ins\, and how to automate access control to cou nter High risks.) I will also begin the demonstration with a 10 minute di scussion on the DHS NCATS scan and walk through the report.\n\nI will reco rd this session\, similar to what we did last month for anybody that can ’t make it. Location is https://studentclearinghouse.webex.com/meet/jor amsey<https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fst udentclearinghouse.webex.com%2Fmeet%2Fjoramsey&data=04%7C01%7Cjramsey%40st udentclearinghouse.org%7Cdde61c326ed8418bd19a08d95cbedb6d%7C8cc02fea054043 a688b6069d3eac0119%7C0%7C1%7C637643632063130043%7CUnknown%7CTWFpbGZsb3d8ey JWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C5000&sd ata=hZNlFtiSC3bKe029TIcGQerSByPi3LEcjE9KaCo%2Fsng%3D&reserved=0>. We’ve had about 900 attendees so far since the first session in January. Pleas e feel free to invite key staff that might benefit from the demonstrations .\nHigh level agenda is below.\n\n * Discuss external scan reporting\n * MS Azure AD\, Conditional Access Policies: high level overview https: //portal.azure.com/#home<https://nam10.safelinks.protection.outlook.com/?u rl=https%3A%2F%2Fportal.azure.com%2F%23home&data=04%7C01%7Cjramsey%40stude ntclearinghouse.org%7Cdde61c326ed8418bd19a08d95cbedb6d%7C8cc02fea054043a68 8b6069d3eac0119%7C0%7C1%7C637643632063179826%7CUnknown%7CTWFpbGZsb3d8eyJWI joiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C5000&sdata =lyUHLE5vLsf5SY81ZjhZIxzmv1dsZ7nsvqqi8tQ%2Fusg%3D&reserved=0>\n * Sign- in logs\n * Security\n * Risky users\n * Risky sign-ins\n * Risk detections\n * Identity Secure Score\n * Named Loc ations/Authentication Methods/MFA\n\n\n * Identity Protection (and revi ewing the User risk/sign-in/MFA policies)\n * Conditional Access Polici es\n * Setting up MFA via Conditional Access Policies and its importanc e\n * Q&A\n\n\nPlease don’t hesitate to reach out with any questions at any time. If you wish to join the M365 Users’ group\, send a sub scription request from a .edu email address to m365-sec-join@lists.r en-isac.net<mailto:m365-sec-join () lists ren-isac net>. You should receiv e notification of your approval within a few days of the request. While REN-ISAC is hosting this email list\, you do not have to be a memb er to participate. All interested parties with a valid .edu emai l address are invited. Please note\, list participants are not consi dered members of REN-ISAC and are not vetted in the traditional manner\, a nd acceptance into the mailing list does not confer REN-ISAC membership status. \n\nJohn\n\n\nJohn Ramsey\, Chief Information Security Officer\n National Student Clearinghouse\nCertified: CISSP\, CISM\, PMP\, CSSLP\, CR ISC\, CGEIT\n2300 Dulles Station Blvd.\, Suite 220\nHerndon\, VA 20171\n70 3.742.4428 | studentclearinghouse.org<https://nam10.safelinks.protection.o utlook.com/?url=http%3A%2F%2Fwww.studentclearinghouse.org%2F&data=04%7C01% 7Cjramsey%40studentclearinghouse.org%7Cdde61c326ed8418bd19a08d95cbedb6d%7C 8cc02fea054043a688b6069d3eac0119%7C0%7C1%7C637643632063140001%7CUnknown%7C TWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn 0%3D%7C5000&sdata=kaiFuI1K7DQm2Yehj1P6Otj2kjm9RbP%2B3ONVAHkxAKE%3D&reserve d=0>\nLinkedIn<https://nam10.safelinks.protection.outlook.com/?url=http%3A %2F%2Fwww.linkedin.com%2Fcompany%2Fnational-student-clearinghouse&data=04% 7C01%7Cjramsey%40studentclearinghouse.org%7Cdde61c326ed8418bd19a08d95cbedb 6d%7C8cc02fea054043a688b6069d3eac0119%7C0%7C1%7C637643632063149944%7CUnkno wn%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXV CI6Mn0%3D%7C5000&sdata=VdjJTtZkomRLjdicGdp8a%2BrA7dgN31NaQrWqevgoeMU%3D&re served=0> | Twitter<https://nam10.safelinks.protection.outlook.com/?url=ht tps%3A%2F%2Ftwitter.com%2Fnsclearinghouse&data=04%7C01%7Cjramsey%40student clearinghouse.org%7Cdde61c326ed8418bd19a08d95cbedb6d%7C8cc02fea054043a688b 6069d3eac0119%7C0%7C1%7C637643632063149944%7CUnknown%7CTWFpbGZsb3d8eyJWIjo iMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C5000&sdata=c 1ntQBH0MixxJaEA5Enax0CGukdR8XFWXZb88BGkuBc%3D&reserved=0> | Facebook<https ://nam10.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.facebook.c om%2FNSClearinghouse&data=04%7C01%7Cjramsey%40studentclearinghouse.org%7Cd de61c326ed8418bd19a08d95cbedb6d%7C8cc02fea054043a688b6069d3eac0119%7C0%7C1 %7C637643632063159913%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoi V2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C5000&sdata=h3%2F3dOyImswnRzjP1uVc b9hvG7ciAFIdyPInt4VFnB8%3D&reserved=0> | Blog<https://nam10.safelinks.prot ection.outlook.com/?url=https%3A%2F%2Fwww.studentclearinghouse.org%2Fnscbl og%2F&data=04%7C01%7Cjramsey%40studentclearinghouse.org%7Cdde61c326ed8418b d19a08d95cbedb6d%7C8cc02fea054043a688b6069d3eac0119%7C0%7C1%7C637643632063 159913%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI 6Ik1haWwiLCJXVCI6Mn0%3D%7C5000&sdata=JmUBRY%2BWaqSzIURh75P7RFbl0fIMrFFasBd j0WhPmkg%3D&reserved=0> | Instagram<https://nam10.safelinks.protection.out look.com/?url=https%3A%2F%2Fwww.instagram.com%2FNSClearinghouse%2F&data=04 %7C01%7Cjramsey%40studentclearinghouse.org%7Cdde61c326ed8418bd19a08d95cbed b6d%7C8cc02fea054043a688b6069d3eac0119%7C0%7C1%7C637643632063159913%7CUnkn own%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJX VCI6Mn0%3D%7C5000&sdata=7jWaiqwr7lmwRCCqrAba5WDLAS%2Fk0sFSSCliJctGFQ0%3D&r eserved=0>\n\nServing Education Since 1993\n\nThis message is proprietary to the National Student Clearinghouse\, is intended only for the addressee and may contain confidential or privileged information. If you receive th is message in error\, please contact the sender and delete all copies.\n\n \n\n Future sessions:\n2021\n\n * June 11th. Microsoft 365 Security Ce nter. This is an overview of Windows Defender\, settings\, and most widel y used components with the “biggest bang for the buck.” https://secur ity.microsoft.com/homepage<https://nam10.safelinks.protection.outlook.com/ ?url=https%3A%2F%2Fsecurity.microsoft.com%2Fhomepage&data=04%7C01%7Cjramse y%40studentclearinghouse.org%7Cdde61c326ed8418bd19a08d95cbedb6d%7C8cc02fea 054043a688b6069d3eac0119%7C0%7C1%7C637643632063169871%7CUnknown%7CTWFpbGZs b3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C5 000&sdata=niHhnMR0u87CU3%2FW%2FLtp4FL%2BRopRsakzSxWY2Cm6T44%3D&reserved=0> \n * July 16th . Microsoft Defender for Identity (aka Azure ATP). htt ps://www-nslc-org.atp.azure.com/<https://nam10.safelinks.protection.outloo k.com/?url=https%3A%2F%2Fwww-nslc-org.atp.azure.com%2F&data=04%7C01%7Cjram sey%40studentclearinghouse.org%7Cdde61c326ed8418bd19a08d95cbedb6d%7C8cc02f ea054043a688b6069d3eac0119%7C0%7C1%7C637643632063169871%7CUnknown%7CTWFpbG Zsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7 C5000&sdata=pRixUkR6gelxjeDTKEiEr4hTQE%2FeLSAOiDozgDyOoDw%3D&reserved=0> (Replace NSC’s domain with your domain.) This touches on the automated security and reporting of the domain controllers\, AKA the “keys to the kingdom”.\n * August 13th. Microsoft Cloud App Security. https://st udentclearinghouse.portal.cloudappsecurity.com/#/dashboard<https://nam10.s afelinks.protection.outlook.com/?url=https%3A%2F%2Fstudentclearinghouse.po rtal.cloudappsecurity.com%2F%23%2Fdashboard&data=04%7C01%7Cjramsey%40stude ntclearinghouse.org%7Cdde61c326ed8418bd19a08d95cbedb6d%7C8cc02fea054043a68 8b6069d3eac0119%7C0%7C1%7C637643632063179826%7CUnknown%7CTWFpbGZsb3d8eyJWI joiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C5000&sdata =34wwet5peXktaP27p8V7xxCDLnocQd63my01LKVPflY%3D&reserved=0> (Replace NSC ’s domain with your domain.) This provides feedback on where users conn ect and how you can quickly via automation not allow access to high risk a reas.\n * September 17th. Azure Security (which comes with Microsoft 365.) https://portal.azure.com/#home<https://nam10.safelinks.protection.o utlook.com/?url=https%3A%2F%2Fportal.azure.com%2F%23home&data=04%7C01%7Cjr amsey%40studentclearinghouse.org%7Cdde61c326ed8418bd19a08d95cbedb6d%7C8cc0 2fea054043a688b6069d3eac0119%7C0%7C1%7C637643632063179826%7CUnknown%7CTWFp bGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D %7C5000&sdata=lyUHLE5vLsf5SY81ZjhZIxzmv1dsZ7nsvqqi8tQ%2Fusg%3D&reserved=0> We will look at policies for risky users\, risky sign ins\, and how to a utomate access control to counter High risks.\n * October 8th. Microso ft Compliance Manager and DLP\n * November 12th. Deep Dive into Micro soft Defender for Endpoint\, presented by John Taylor\, Deputy CISO\, JHU and JHM.\n * December 10th.\n\n2022\n\n * January 21st (this is devi ation from second Friday.)\n * February 11th.\n * March 11th.\n * April 8th.\n * May 13th.\n\n Difference between E3/A3 and E5/A5 licens ing:\n\n * Microsoft 365 Enterprise | Microsoft Licensing Resources<htt ps://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.microso ft.com%2Fen-us%2Flicensing%2Fproduct-licensing%2Fmicrosoft-365-enterprise% 3Factivetab%3Dm365-enterprise%3Aprimaryr5&data=04%7C01%7Cjramsey%40student clearinghouse.org%7Cdde61c326ed8418bd19a08d95cbedb6d%7C8cc02fea054043a688b 6069d3eac0119%7C0%7C1%7C637643632063189778%7CUnknown%7CTWFpbGZsb3d8eyJWIjo iMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C5000&sdata=J WRB8ONlla6AP46Z6HQwzY1rjjLDCsgAOXO5fJtpTKI%3D&reserved=0>\n * Enterpris e Mobility and Security Pricing Options (microsoft.com)<https://nam10.safe links.protection.outlook.com/?url=https%3A%2F%2Fwww.microsoft.com%2Fen-us% 2Fmicrosoft-365%2Fenterprise-mobility-security%2Fcompare-plans-and-pricing &data=04%7C01%7Cjramsey%40studentclearinghouse.org%7Cdde61c326ed8418bd19a0 8d95cbedb6d%7C8cc02fea054043a688b6069d3eac0119%7C0%7C1%7C63764363206318977 8%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1h aWwiLCJXVCI6Mn0%3D%7C5000&sdata=%2BSzAgYYHsLNDGusEXDJlRcc6dTmFB5%2BTBs1HDQ WKTAQ%3D&reserved=0>\n * Compare Office 365 Enterprise | Microsoft<http s://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.microsof t.com%2Fen-us%2Fmicrosoft-365%2Fenterprise%2Fcompare-office-365-plans%3Fef _id%3Dad1fb9ae3053173c2bbbd908aa2e3e45%3AG%3As%26OCID%3DAID2100137_SEM_ad1 fb9ae3053173c2bbbd908aa2e3e45%3AG%3As%26lnkd%3DBing_O365SMB_Brand%26msclki d%3Dad1fb9ae3053173c2bbbd908aa2e3e45&data=04%7C01%7Cjramsey%40studentclear inghouse.org%7Cdde61c326ed8418bd19a08d95cbedb6d%7C8cc02fea054043a688b6069d 3eac0119%7C0%7C1%7C637643632063199732%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4w LjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C5000&sdata=aXHw8h 7GIptrXxqjFZxiNIzAFwMQYQp93DoC1uS%2BLec%3D&reserved=0>\n * Enterprise M obility and Security | Microsoft Security<https://nam10.safelinks.protecti on.outlook.com/?url=https%3A%2F%2Fwww.microsoft.com%2Fen-us%2Fsecurity%2Fb usiness%2Fenterprise-mobility-security&data=04%7C01%7Cjramsey%40studentcle aringhouse.org%7Cdde61c326ed8418bd19a08d95cbedb6d%7C8cc02fea054043a688b606 9d3eac0119%7C0%7C1%7C637643632063199732%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC 4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C5000&sdata=5ZnC xVMEt7x%2FyV9zfsH9ZmsGBkCUjJfJ75OVz%2BgwG%2Fs%3D&reserved=0>\n\n\n-~-~-~-~ -~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-\n- Do not delete or change any of th e following text. -\n\nJoin my Webex Personal Room meeting.\nJoin meeting< https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fstudentc learinghouse.webex.com%2Fmeet%2Fjoramsey&data=04%7C01%7Cjramsey%40studentc learinghouse.org%7Cdde61c326ed8418bd19a08d95cbedb6d%7C8cc02fea054043a688b6 069d3eac0119%7C0%7C1%7C637643632063209688%7CUnknown%7CTWFpbGZsb3d8eyJWIjoi MC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C5000&sdata=vj OceMsVqnjfL3d0rWlGQlrCrnallMxngwwGkNBDG6A%3D&reserved=0>\n\nMeeting link: https://studentclearinghouse.webex.com/meet/joramsey<https://nam10.safelin ks.protection.outlook.com/?url=https%3A%2F%2Fstudentclearinghouse.webex.co m%2Fmeet%2Fjoramsey&data=04%7C01%7Cjramsey%40studentclearinghouse.org%7Cdd e61c326ed8418bd19a08d95cbedb6d%7C8cc02fea054043a688b6069d3eac0119%7C0%7C1% 7C637643632063209688%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV 2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C5000&sdata=vjOceMsVqnjfL3d0rWlGQlr CrnallMxngwwGkNBDG6A%3D&reserved=0>\n\nMeeting number (access code): 790 2 11 691\n\nJoin by phone\n\nTap to call in from a mobile device (attendees only)\n\n1-866-469-3239<tel:1-866-469-3239\,\,*01*790211691##*01*> USA Tol l Free\n\n+1-650-429-3300<tel:+1-650-429-3300\,\,*01*790211691##*01*> USA Toll\nGlobal call-in numbers <https://nam10.safelinks.protection.outlook.c om/?url=https%3A%2F%2Fstudentclearinghouse.webex.com%2Fstudentclearinghous e%2Fglobalcallin.php%3FserviceType%3DMC%26eventID%3D895104342%26tollFree%3 D1&data=04%7C01%7Cjramsey%40studentclearinghouse.org%7Cdde61c326ed8418bd19 a08d95cbedb6d%7C8cc02fea054043a688b6069d3eac0119%7C0%7C1%7C637643632063209 688%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik 1haWwiLCJXVCI6Mn0%3D%7C5000&sdata=hLMIQhDqXgwv2Cq%2BVaG5bpHklRuagsMEVWYe9l 3oVBA%3D&reserved=0> | Toll-free calling restrictions<https://nam10.safeli nks.protection.outlook.com/?url=https%3A%2F%2Fwww.webex.com%2Fpdf%2Ftollfr ee_restrictions.pdf&data=04%7C01%7Cjramsey%40studentclearinghouse.org%7Cdd e61c326ed8418bd19a08d95cbedb6d%7C8cc02fea054043a688b6069d3eac0119%7C0%7C1% 7C637643632063219639%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV 2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C5000&sdata=qxK7P%2BCyL3msr719FUs5S DrDeb3gaxKogY4wc8IWOQo%3D&reserved=0>\n\nJoin from a video conferencing sy stem or application\n\nDial joramsey () studentclearinghouse webex com<sip:jo ramsey () studentclearinghouse webex com>\n\nSkype joramsey.studentclearingho use () lync webex com<sip:joramsey.studentclearinghouse () lync webex com>\n\nYo u can also dial 173.243.2.68 and enter your meeting number.\n\n© 2021 Cis co Systems\, Inc. and/or its affiliates. All rights reserved. 2.4.0.0\n\n UID:040000008200E00074C5B7101A82E0080000000090E928E4BAA3D701000000000000000 010000000CCA5708FC826D54783BEC8EE590CB9B1 SUMMARY;LANGUAGE=en-US:M365 Users' Group -September 17th Microsoft Azure A D Portal Security and Conditional Access Policies DTSTART;TZID=Eastern Standard Time:20210917T130000 DTEND;TZID=Eastern Standard Time:20210917T150000 CLASS:PUBLIC PRIORITY:5 DTSTAMP:20210907T113511Z TRANSP:OPAQUE STATUS:CONFIRMED SEQUENCE:0 LOCATION;LANGUAGE=en-US:https://studentclearinghouse.webex.com/meet/joramse y X-MICROSOFT-CDO-APPT-SEQUENCE:0 X-MICROSOFT-CDO-OWNERAPPTID:350722021 X-MICROSOFT-CDO-BUSYSTATUS:BUSY X-MICROSOFT-CDO-INTENDEDSTATUS:BUSY X-MICROSOFT-CDO-ALLDAYEVENT:FALSE X-MICROSOFT-CDO-IMPORTANCE:1 X-MICROSOFT-CDO-INSTTYPE:0 X-MICROSOFT-DONOTFORWARDMEETING:FALSE X-MICROSOFT-DISALLOW-COUNTER:FALSE X-MICROSOFT-LOCATIONS:[ { "DisplayName" : "https://studentclearinghouse.web ex.com/meet/joramsey"\, "LocationAnnotation" : ""\, "LocationSource" : 0\, "Unresolved" : true\, "LocationUri" : "" } ] BEGIN:VALARM DESCRIPTION:REMINDER TRIGGER;RELATED=START:-PT15M ACTION:DISPLAY END:VALARM END:VEVENT END:VCALENDAR
--- End Message ---
Current thread:
- M365 Users' Group -September 17th Microsoft Azure AD Portal Security and Conditional Access Policies John Ramsey (Sep 07)
- <Possible follow-ups>
- M365 Users' Group -September 17th Microsoft Azure AD Portal Security and Conditional Access Policies John Ramsey (Sep 14)