Microsoft’s vision for advanced concepts such as GenAI across M365 and Azure native workloads and security concepts taking shape at a breakneck pace.
June 6, 2024
Michael Belmarsh
As I take the time to gather my notes from all the sessions on days two and three, I wanted to dive deep into a specific topic from a workshop led by a Gartner lead analyst that I simply could not wait to share with you.
During the session, we identified the top 25 security tasks to undertake with Microsoft 365 before letting CoPilot run. As a Microsoft MSP, we are fully committed to Microsoft 365, hosting and managing various data and workloads on Azure. In this talk, I saw Microsoft’s vision for advanced concepts such as GenAI across M365 and Azure native workloads and security concepts taking shape at a breakneck pace.
Here are my takeaways from the session:
365 is large and complex
If you are a 365 customer, this is a big product with many areas you need to understand to secure this system properly. Evaluate your current state configuration in 365 & Azure to build your prioritized task list of securing your 365 tenant(s).
Make sure you review your Security Risk score.
What is your secure score in 365? It can’t be 100, this will create too much noise that is not practical to maintain for your business. What is your score and what’s the number that works for your organization? Find your perfect score and risk tolerance here, maintain it.
Turn on the following features
Defender for Identity
MFA with Microsoft Authenticator for All Users
Azure and Privileged Identity Management (IDM)
Entra Identity Protection
Monitor your User Risk Score.
Default DLP Policies
Apply to Exchange, SharePoint, OneDrive, and Teams.
Note: PowerBI has separate policies.
Insider Risk Management Analytics
Assess the scope of insider risks.
Run Config Analyzer & Set to the Strict Settings for email security
Then it’s important to evaluate the following additional configurations:
PowerShell without MFA Fully Turned ON: Disable PowerShell capabilities for non-administrators.
UEM for Unified Devices: Use Intune for Microsoft apps, integrating with third-party mobile device management tools. This detects malicious activities and prevents users from spreading threats through 365 apps, crucial as more people work from mobile devices.
Run the MPIP Scanner on On-Prem SharePoint and FileShares: This is essential for customers with on-premises data stores, ensuring integration with 365 and Azure data stores.
Train your Users & Admins on CoPilot
Establish a learning program to train users and administrators on CoPilot.
Define your first CoPilot GenAI project, learn from it, and then roll it out to a larger audience.
Stay tuned for more detailed updates from the summit!