Microsoft Security Saturday 09-14-19

This week’s Microsoft Security Saturday wrap-up includes an important PSA for Azure AD Conditional Access policies,  security & compliance for Flow, video reviews of Azure Sentinel and Azure InformationProtection, GA announcements for MDATP automated response, plus several others.

Action Required: Evaluate and update Conditional Access policies in preparation for iPadOS launch

Apple recently announced that it will release iPadOS (new OS for iPad) on September 30, 2019. We have discovered that this release introduces a change that could affect Microsoft Azure AD and Intune customers who use Conditional Access policies in their organization. This notice is intended to help you understand the breaking change from Apple and evaluate the impacts on your organization. This notice also provides recommendations from Microsoft.

Foundations of Microsoft Flow—secure and compliant automation, part 1 

Automation is no longer a theme of the future, but a necessity of the present, playing a key role in a growing number of IT and user scenarios. As security professionals, you’ll need to recommend an automation service that enables your organization to reap its benefits without sacrificing on strict security and compliance standards.

Foundations of Flow—secure and compliant automation, part 2

Flow is seamlessly integrated with Azure Active Directory (Azure AD), one of the world’s most sophisticated, comprehensive, and secure identity and access management services. Azure AD helps secure the citizen developer by protecting against identity compromise, gives the IT admin/pro visibility and control, and offers additional security capabilities for the pro developer.

Enhanced security and resiliency with your Azure Data Explorer cluster

Azure Data Explorer now supports encryption at REST.  Encryption at REST provides protection to the data and OS stored on the Disk and SSD.  Enabling disk encryption can be performed on an existing cluster that either contains or does not contain data.  All data hosted will be encrypted and after that encryption will take place when new data is persisted.

Microsoft Taste of Premier Video Series Reviews Azure Sentinel

Automated incident response in Office 365 ATP now generally available

Security teams responsible for investigating and responding to incidents often deal with a massive number of signals from widely disparate sources. As a result, rapid and efficient incident response continues to be the biggest challenge facing security teams today.

MCAS AIP: How to control access to your sensitive information from outside your organization?

Azure Security Center Webinar: Secure Score

Azure Secure Score is a simple but elegant tool that will help you improve your infrastructure security by identifying and ranking the highest impact configuration changes you can make. We have recently introduced tools such as “virtual analyst” which enable you to increase your Secure Score in an automated fashion.

Manage emergency access accounts in Azure AD

It is important that you prevent being accidentally locked out of your Azure Active Directory (Azure AD) organization because you can’t sign in or activate another user’s account as an administrator. You can mitigate the impact of accidental lack of administrative access by creating two or more emergency access accounts in your organization.

Security Policy Advisor for Office 365 ProPlus is now Generally Available!

Today we are pleased to announce the general availability of Security Policy Advisor, a new service that can help enterprises improve the security of Office 365 ProPlus clients in their organization.

MSRC – September 2019 Security Updates

Sensitivity labeling now built into Office apps for Windows to help protect sensitive information

We’re expanding to additional Office apps, and now sensitivity labeling is available in Office apps for Windows. With this release, end-user driven sensitivity labeling is now available in:

New! Office for Windows: Word, PowerPoint, Excel & Outlook
Office for Mac: Word, PowerPoint, Excel & Outlook
Office mobile apps for iOS: Word, PowerPoint & Excel (Outlook coming soon)
Office mobile apps for Android: Word, PowerPoint & Excel (Outlook coming soon)

Azure Active Directory Global Reader role

We are introducing a new Azure AD built-in role called Global Reader. A Global Reader can read everything that a Global Administrator can, but not edit anything. Global Reader role encompasses all Microsoft 365 workloads.

Solve the IoT security paradox to unleash innovation

Business and technology leaders often cite security as their top concern with the Internet of Things (IoT) initiatives, yet they continue to move forward with project development and deployment without fully addressing this critical issue. As a result, they ignore an IoT security paradox: the significant efficiency gains they seek would be undone if IoT-enabled processes failed due to security issues.

New Pre-Integrated Apps Available in Azure AD | Sep 2019

As the number of applications you integrate with Azure AD grows, your need for tools to manage those apps grows with it. We’re super excited about the new usage and insights reports that we’ve recently made available for public preview to help you manage applications more effectively with Azure AD.

Rolling out S/MIME support in Outlook for iOS begins

Protecting company or organizational data is extremely important. One solution for protecting message content is Secure/Multipurpose Internet Mail Extension (S/MIME). Mobile messaging applications like Outlook for iOS and Android work in conjunction with S/MIME to sign and encrypt Office 365 message data.

Microsoft Defender ATP supports custom IOCs for URLs, IP addresses, and domains

This new feature, now in public preview, leverages network protection in block mode and the latest version of the antimalware platform. We recommend that organizations enable network protection in audit mode first, and then move to block mode. Your organization may be using different methods to update the antimalware platform, which may cause some of your client machines to be on different versions of the platform. We recommend that you update all your machines to use this functionality.