This week’s Microsoft Security Saturday wrap-up includes an important PSA for Azure AD Conditional Access policies, security & compliance for Flow, video reviews of Azure Sentinel and Azure InformationProtection, GA announcements for MDATP automated response, plus several others.
Apple recently announced that it will release iPadOS (new OS for iPad) on September 30, 2019. We have discovered that this release introduces a change that could affect Microsoft Azure AD and Intune customers who use Conditional Access policies in their organization. This notice is intended to help you understand the breaking change from Apple and evaluate the impacts on your organization. This notice also provides recommendations from Microsoft.
Automation is no longer a theme of the future, but a necessity of the present, playing a key role in a growing number of IT and user scenarios. As security professionals, you’ll need to recommend an automation service that enables your organization to reap its benefits without sacrificing on strict security and compliance standards.
Flow is seamlessly integrated with Azure Active Directory (Azure AD), one of the world’s most sophisticated, comprehensive, and secure identity and access management services. Azure AD helps secure the citizen developer by protecting against identity compromise, gives the IT admin/pro visibility and control, and offers additional security capabilities for the pro developer.
Azure Data Explorer now supports encryption at REST. Encryption at REST provides protection to the data and OS stored on the Disk and SSD. Enabling disk encryption can be performed on an existing cluster that either contains or does not contain data. All data hosted will be encrypted and after that encryption will take place when new data is persisted.
Microsoft Taste of Premier Video Series Reviews Azure Sentinel
Security teams responsible for investigating and responding to incidents often deal with a massive number of signals from widely disparate sources. As a result, rapid and efficient incident response continues to be the biggest challenge facing security teams today.
MCAS AIP: How to control access to your sensitive information from outside your organization?
Azure Secure Score is a simple but elegant tool that will help you improve your infrastructure security by identifying and ranking the highest impact configuration changes you can make. We have recently introduced tools such as “virtual analyst” which enable you to increase your Secure Score in an automated fashion.
It is important that you prevent being accidentally locked out of your Azure Active Directory (Azure AD) organization because you can’t sign in or activate another user’s account as an administrator. You can mitigate the impact of accidental lack of administrative access by creating two or more emergency access accounts in your organization.
Today we are pleased to announce the general availability of Security Policy Advisor, a new service that can help enterprises improve the security of Office 365 ProPlus clients in their organization.
We’re expanding to additional Office apps, and now sensitivity labeling is available in Office apps for Windows. With this release, end-user driven sensitivity labeling is now available in:
New! Office for Windows: Word, PowerPoint, Excel & Outlook
Office for Mac: Word, PowerPoint, Excel & Outlook
Office mobile apps for iOS: Word, PowerPoint & Excel (Outlook coming soon)
Office mobile apps for Android: Word, PowerPoint & Excel (Outlook coming soon)
We are introducing a new Azure AD built-in role called Global Reader. A Global Reader can read everything that a Global Administrator can, but not edit anything. Global Reader role encompasses all Microsoft 365 workloads.
Business and technology leaders often cite security as their top concern with the Internet of Things (IoT) initiatives, yet they continue to move forward with project development and deployment without fully addressing this critical issue. As a result, they ignore an IoT security paradox: the significant efficiency gains they seek would be undone if IoT-enabled processes failed due to security issues.
As the number of applications you integrate with Azure AD grows, your need for tools to manage those apps grows with it. We’re super excited about the new usage and insights reports that we’ve recently made available for public preview to help you manage applications more effectively with Azure AD.
Protecting company or organizational data is extremely important. One solution for protecting message content is Secure/Multipurpose Internet Mail Extension (S/MIME). Mobile messaging applications like Outlook for iOS and Android work in conjunction with S/MIME to sign and encrypt Office 365 message data.
This new feature, now in public preview, leverages network protection in block mode and the latest version of the antimalware platform. We recommend that organizations enable network protection in audit mode first, and then move to block mode. Your organization may be using different methods to update the antimalware platform, which may cause some of your client machines to be on different versions of the platform. We recommend that you update all your machines to use this functionality.