Lig

ht B

lue

R0 G

188 B

242

Gre

en

R16 G

124 B

16

Red

R232 G

17 B

35

Mag

en

taR

180 G

0 B

158

Pu

rple

R92 G

45 B

145

Blu

eR

0 G

120 B

215

Teal

R0 G

130 B

114

Yello

wR

255 G

185 B

0

Ora

ng

eR

216 G

59 B

1

Lig

ht Y

ello

wR

255 G

241 B

0Lig

ht O

ran

ge

R255 G

140 B

0Lig

ht M

ag

en

taR

227 G

0 B

140

Lig

ht P

urp

leR

180 G

160 B

255

Lig

ht T

eal

R0 G

178 B

148

Lig

ht G

reen

R186 G

216 B

10

Dark

Red

R168 G

0 B

0D

ark

Mag

en

ta

R92 G

0 B

92

Dark

Pu

rple

R50 G

20 B

90

Mid

Blu

eR

0 G

24 B

143

Dark

Teal

R0 G

75 B

80

Dark

Gre

en

R0 G

75 B

28

Dark

Blu

eR

0 G

32 B

80

Mid

Gra

yR

115 G

115 B

115

Dark

Gra

yR

80 G

80 B

80

Ric

h B

lack

R0 G

0 B

0

Wh

iteR

255 G

255 B

255

Gra

yR

210 G

210 B

210

Lig

ht G

ray

R230 G

230 B

230

Microsoft/Office 365

Wade WalkerManager Cloud Serviceswadew@biggreenit.com

Today’s Agenda

11:30: Introductions (Jonas Nordling)

11:40: Microsoft 365 Overview (Wade Walker)

11:45: Microsoft 365 Deep Dive (Wade Walker)

12:30: Microsoft 365 Demo (Wade Walker)

1:00: Q & A / Wrap Up / Surveys

Who is Big Green IT?

• Quote from StudioWC– “I had no idea our transition would be so smooth! Big Green IT was responsive and prompt every step of the

way. The nicest team I’ve ever worked with!”

• Headquartered in Rocklin, CA; offices in LA, San Diego and Bay Area

• 2018 Sacramento Business Journal Best Places to Work

• Microsoft Gold Partner

• Microsoft Tier 1 Azure and Office 365 Managed Partner

• Microsoft Data Center Optimization (DCO) Partner

• Some of our Microsoft Cloud Clients:– Summit Funding 1,200 users Rideout Health 3,400 users

– Red Hawk (Rancheria) 340 users Wind Creek / Sands 2,000 users

– Rego Consulting 150 users APM 1,400 users

– In-Shape Clubs 1,300 users ProSearch 180 Users

– EJ Gallo 7,000 users Many others in the 20-100 user range

Office 365 Basic Features

Office Applications

• Word• Excel• Outlook• PowerPoint• OneNote• Access, Publisher, Visio, etc.

Cloud Services

• Email & Calendaring (Exchange)• Intranet & Company Files (SharePoint)• Cloud File Storage and Sharing (OneDrive)• Online Meetings, Collaboration & Phone (Teams)

Office 365

Business or Enterprise

Office ApplicationsWord, Excel, PowerPoint, Outlook,

OneNote, Publisher, and Access

Online ServicesExchange, OneDrive, Skype for

Business, SharePoint, Teams, etc.

Business AppsBookings, Outlook Customer Manager

Enhanced Security

Cross-platform

Consistent Security configuration across

Windows 10, Android and iOS devices

Rights Management, Sensitivity labeling

and intelligent Data Loss Prevention tips

Enforced device and documents encryption

Network protection from malware exploits

Remote wipe of business data from

lost or stolen devices

Conditional access

Device Management &

Simplified Admin

Mobile Device Management for Windows

10, Android and iOS with Microsoft Intune

Always up-to-date Office, Windows

and Windows Defender anti virus

Single admin console to setup and

manage users and devices

Streamlined deployment of PCs

with Windows AutoPilot, including Auto-

installation of Office apps + Automated

PowerShell Deployments

+ +

Moving up to Microsoft 365

Microsoft 365 | One subscription for Productivity + Security + Device Management

3rd party

solutions(bought separately,

expensive & hard to

integrate)

Archiving

Data Loss Prevention

Email

Email Threat Protection

Device Anti Virus

Email Filtering

Productivity Software

Storage

Online Chat & Meetings

Device Management

Data Loss Prevention

Email + Device Threat Protection

100 GB or Unlimited Archiving

Device & App Management PCs, Macs, iOS & Android

Email Filtering

Windows Defender AV

1 TB+ File Storage

50 or 100 GB Cloud Email

Teams & Skype for Business

Office (Word, PowerPoint, Excel, Outlook, OneNote)

Information Protection

vs.Microsoft 365(all included, seamlessly

integrated)

https://azure.microsoft.com/en-us/global-infrastructure/regions/

https://aka.ms/AzureCompliancehttps://products.office.com/en-us/business/office-365-trust-center-welcome

Security Tools, Recommendations,

Monitoring, Assessments, and more

Microsoft 365 Business

1. Office 365 Advanced Threat ProtectionAttachment scanning & ML detection to catch suspicious attachments + link Scanning/Checking to prevent users from clicking suspicious links

2. Azure Information ProtectionControls & manages how sensitive content is accessed by providing classification labels on documents and email

Security features available in

Microsoft 365 Business

1. Data Loss PreventionDoes content analysis to easily identify, monitor, and protect sensitive information (e.g., SSN) from leaving org

2. Exchange Online Archiving100GB archiving & preservation policies such as eDiscovery to remain complaint

3. Office Message EncryptionEncrypt email messages, including adding do not forward and encryption properties

Security add-ons available in

Microsoft 365 Business

Microsoft 365 Enterprise

Teams

Yammer

Office Apps

SharePointOutlook

Office 365

Enterprise

Windows 10

Enterprise

Enterprise Mobility

+ Security

Microsoft Intune

Azure Information

Protection

Microsoft

Cloud App Security

Microsoft Advanced

Threat Analytics

Azure Active

Directory PremiumWindows Defender

ATP

Microsoft GraphSuite-wide intelligence

connecting people and content

Security and ComplianceCentralized policy

management

Features (new in blue)Office 365

BP

Microsoft 365

Business

Microsoft 365

E3

Microsoft 365

E5

Estimated retail price per user per month $USD (with annual commitment) $12.50 $20 $32 $57

Maximum number of users 300 300 unlimited unlimited

Office Apps Install Office on up to 5 PCs/Macs + 5 tablets + 5 smartphones per user (Word, Excel, PowerPoint, OneNote,

Access), Office OnlineBusiness Business ProPlus ProPlus

Email & Calendar Outlook, Exchange Online 50GB 50GB unlimited unlimited

Chat-based

Workspace, MeetingsMicrosoft Teams ⚫ ⚫ ⚫ ⚫

File Storage OneDrive for Business 1 TB 1 TB unlimited unlimited

Social, Video, Sites Yammer, SharePoint Online, Planner ⚫ ⚫ ⚫ ⚫

Stream ⚫ ⚫

Business Apps Scheduling Apps – Booking, StaffHub ⚫ ⚫ ⚫ ⚫

Business Apps – Outlook Customer Manager, MileIQ1 Business center2, Listings2, Connections2, Invoicing2⚫ ⚫

Threat Protection Microsoft Advanced Threat Analytics, Device Guard, Credential Guard, App Locker, Enterprise Data Protection, ⚫ ⚫

Office 365 Advanced Threat Protection ⚫ ⚫

Windows Defender Advanced Threat Protection ⚫

Office 365 Threat Intelligence ⚫

Identity & Access

Management

Azure Active Directory - SSPR Cloud Identities, MFA, SSO >10 Apps ⚫ ⚫ ⚫

Azure Active Directory - Conditional Access, SSPR Hybrid Identities, Cloud App Discovery, AAD Connect Health ⚫ ⚫

Credential Guard and Direct Access ⚫ ⚫

Azure Active Directory Plan 2 ⚫

Device & App

Management

Microsoft Intune, Windows AutoPilot ⚫ ⚫ ⚫

Microsoft Desktop Optimization Package, VDA ⚫ ⚫

Information

Protection

Unlimited Exchange Archiving3, Office 365 Data Loss Prevention*, Azure Information Protection Plan 1 ⚫ ⚫ ⚫

Azure Information Protection Plan 2, Microsoft Cloud App Security, O365 Cloud App Security ⚫

On-Prem CAL Rights ECAL Suite (Exchange, SharePoint, Skype, Windows, SCCM, Win. Rights Management) ⚫ ⚫

Compliance Litigation Hold, eDiscovery, Compliance Manager, Data Subject Requests ⚫ ⚫ ⚫

Advanced eDiscovery, Customer Lockbox, Advanced Data Governance ⚫

Analytics Power BI Pro, MyAnalytics ⚫

Voice PSTN Conferencing, Cloud PBX ⚫

[1] Available in US, UK, Canada; [2] Currently in public preview in US, UK, Canada; [3] Unlimited when auto-expanding turned on *Data Loss Prevention Features will be available summer 2018

Detailed comparison of plans

Add-ons are SKUs that can be added to an existing suite or service

1There are no technical blockers for customers to purchase Office 365 Cloud App Security, but usage can only be achieved if an Office 365 workload is deployed.2Dial-out conferencing capabilities may incur additional per minute Communications Credits charges. Customers can disable these features to avoid additional billing. $24 includes both International and Domestic calling plans. Domestic only calling plans are available for $12.

Tax is included in price in the US. Service usage limits exist to manage fraud, abuse, excessive use, and maintain service performance. Further details about these services can be found in our recently published Skype for Business Online Service Use Terms.35,000 Seat Minimum. $6pupm for E1/E3, $2pupm for E5

Business Essentialsor

Business Premium

Microsoft

365 Business

Office 365

Enterprise E3

Microsoft 365

Enterprise E3

Office 365

Enterprise E5

Microsoft 365

Enterprise E5

Price

(USD)

Secu

rity

Advanced Threat Protection Add-on Included Add-on Add-on Included Included $2

Office 365 Cloud App Security Add-on Add-on Add-on Add-on Included Included $3

Advanced Compliance Add-on Add-on Add-on Add-on Included Included $8

Threat Intelligence Add-on Add-on Add-on Add-on Included Included $8

An

aly

tics Workplace Analytics N/A N/A Add-on Add-on Included Included $6/$2

MyAnalytics Add-on Add-on Add-on Add-on Included Included $4

Power BI Pro Add-on Add-on Add-on Add-on Included Included $10

Vo

ice

Audio Conferencing Add-on Add-on Add-on Add-on Included Included $4

Phone System N/A N/A Add-on Add-on Included Included $8

Calling Plan (Select countries) N/A N/A Add-onPhone System Required

Add-onPhone System Required

Add-on Add-on $12/$24**

Premium add-ons and their eligibility by plan

Microsoft Licensing Options

• Bundles vs. A la Carte - Mix and match!

• Enterprise vs. Business Bundles

• Open Volume

• Enterprise Agreements (EAs)

• Migrate SA Benefits from EA to MPSA

• Non-Profit

• Government/Education

• Cloud Service Provider (CSP)

Big Green IT can handle ALL of your Microsoft Licensing!

Four key areas of Intelligent Security

Secure the front door

Protection from Identity

driven breaches, Email attacks

and Attacks targeting OS

Secure devices

Workplace issued or

BYOD devices

Great employee

experience

Productivity without

compromise

Secure content

Protect content: At the

time of creation, in transit,

and during consumption

Microsoft Intelligent Security Graph

400Bemails

analyzed

1.2Bdevices

scanned each month

200+global cloud

customer and commercial services

930Mthreats detected on devices every month

Shared threat data from partners,

researchers, and law enforcement worldwide

Botnet data from Microsoft Digital

Crimes Unit

18B+Bing web pages

scanned 450Bmonthly

authentications

Enterprise security

for 90% of

Fortune 500

750M+Azure user accounts

Azure

Outlook

Xbox Live

Bing

OneDrive

Windows

Microsoftaccounts

Microsoft platform

80%

of employees use non-

approved apps for work

81%

of breaches are caused

by credential theft

73%

of passwords are

duplicates

1) SECURE THE FRONT DOOR: WHY IDENTITY IS IMPORTANT

Microsoft Intune

Office 365 Threat

Intelligence

Windows Defender

Advanced Threat

Protection

Azure Active

Directory

Office 365 Advanced

Threat Protection

Microsoft Cloud

App Security

Azure Security

Center

Azure Advanced

Threat Protection

Windows 10

Identities: Validating, verifying and

protecting both user and admin

accounts

User Data: evaluating email messages

and documents for malicious content

Endpoints: protecting user devices and

signals from sensors

Infrastructure: protecting servers,

virtual machines, databases and

networks across cloud and on-

premises locations

Cloud Apps: protecting SaaS applications

and their associated data stores

1

3

2

5

4

Microsoft Threat Protection

Exchange Online

Protection

SQL ServerWindows Server

Linux

1 billion Windows devices updated

450 billion Microsoft Azure user

authentications

400 billion Office emails analyzed

Integration across our platforms and services

Cloud App Security

Office 365 Advanced Threat Protection addresses our customer’s challenges

Protect business critical data

Detect compromised users Gain visibility to respond to threats

Protect your data• Advanced Threat Protection Safe Attachments: detonating malicious attachments

Detonation

Protect your data• Advanced Threat Protection Safe Links: Time of click protection for malicious links

Web serversperform latest URL reputation check

Rewriting URLs to redirect to a web server.

User clicking URL is taken to EOP web servers for the latest check at the “time-of-click”

Protect your data• Advanced Threat Protection: URL detonation (Anti-Phishing)

DetonationEmail with link Link added to reputation server

https://docs.microsoft.com/en-us/office365/servicedescriptions/office-365-advanced-threat-protection-service-description

https://docs.microsoft.com/en-us/azure-advanced-threat-protection/atp-technical-faq

https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp

I want to know what authentication

methods are available through Azure AD

and select the right one for my org

I need to leverage Azure AD to monitor

access and to manage identity lifecycles

I want to protect access to my

resources from advanced threats

Conditional

Access

Multi-Factor

Authentication

Addition of

custom cloud

apps

Remote Access

to on-premises

apps

Privileged

Identity

Management

Dynamic GroupsIdentity

Protection

Azure AD DSOffice 365 App

Launcher

Group-Based

Licensing

Access

Panel/MyApps

Azure AD

Connect

Connect Health

Provisioning-

Deprovisioning

Azure AD Join

Self-Service

capabilities

MDM-auto

enrollment /

Enterprise State

Roaming

Security

Reporting

Access ReviewsHR App

Integration

B2B

collaboration

Azure AD

B2C

SSO to SaaS

Microsoft

Authenticator -

Password-less

Access

1

2

3

Getting to a world without passwords

Windows Hello Microsoft Authenticator FIDO2 Security Keys

In ProductionPublic Preview

NowPublic Preview Now

© 2017 Microsoft Terms of Use Privacy & Cookies

Cancel

Need Help?

Making sure it’s you

janetsmith@contoso.com

Follow the instructions on the Microsoft

Authenticator app and enter the number you see

below.

4026

MFA for enterprise and consumer accounts and

applications

Device registration (workplace join)

Single sign-on to native mobile apps

Certificate-based SSO

Recent News

Contosojanetsmith@contoso.com

Passwordless sign on to devices, apps, and

web services

https://aka.ms/deploymentplans

http://aka.ms/securitysteps

http://aka.ms/passwordguidance

http://aka.ms/aaddatawhitepaper

https://aka.ms/PasswordHashSync

2) Secure Content: Protect, Classify/Label, Monitor/RespondAzure Information Protection

DOCUMENT

TRACKING

DOCUMENT

REVOCATION

Monitor &

respond

LABELINGCLASSIFICATION

Classification

& labeling

ENCRYPTION

Protect

ACCESS

CONTROLPOLICY

ENFORCEMENT

aDISCOVER SENSITIVE INFORMATION

CLOUD & SaaS APPS

No matter where it’s created, modified or shared

MCAS

AIP scanner

FINANCE

CONFIDENTIAL

CLASSIFY: SENSITIVITY LABELS PERSIST WITH THE DOCUMENT

Document labeling – what is it? Metadata written into document files

Travels with the document as it moves

In clear text so that other systems such as a DLP engine can read it

Used for the purpose of apply a protection action or data governance action – determined by policy

Can be customized per the organization’s needs

Protect the Crown Jewels

If the critical documents are in a centralized location:

Use AIP PowerShell to bulk classify/protect the data

If documents are not centralized:

Use client-side AIP for users to identify the critical data and classify/protect it

Use restrictive rights that grant rights to a reduced set of users

Grant full rights to a minimal group of designated users (e.g. if an extraction needs to be made, if data needs to be reclassified or shared, etc.)

Use AIP reporting, content tracking, Scanner and MCAS to analyze and report on access to these documents

Enhanced visibility and control

Microsoft Cloud App Security

Identify high-risk and

abnormal usage, security

incidents, and threats.

Shape your Azure/Office 365

environments with granular

security controls and policies.

Gain enhanced visibility and

context into your

Azure/Office 365 usage and

shadow IT – no agents

required.

Threat

Detection

Enhanced

Control

Discovery

& Insights

Office 365

Salesforce Azure

Box

AWS

DropboxFacebook

TwitterYouTube

Mobile application management

PC managementMobile device management

Strategically direct the flow of your mobile ecosystem, giving your end

users the experience they expect while ensuring your corporate data is

protected at every turn.

3) Secure Devices: Device Management (Intune)

Enable your users

Protect your data

Microsoft Intune

User IT

Set mobile app protection & device configuration policies

Configure users & policies

The Setup wizard helps you enable security policies and device configuration from a centralized console in an easy, simple manner.

This is how we protect you from ransomware and keep company data secure.

Setup wizard

Get up and running fast

Save time by easily configuring security features and

settings on Windows 10 devices with Mobile Device

Management, fully automating your Windows installation

with Windows AutoPilot, and enabling or disabling

Windows Store or Cortana on company-owned devices

with Enhanced Manageability.

Reduce hardware costs and simplify management by

running multiple operating systems on one Windows

device as virtual machines (VMs) with Client Hyper-V.

Deploying and managing Microsoft 365 Business is

straightforward – advanced IT expertise is required to set

up new devices with all the Office apps your employees

need. You can add and remove users in minutes, and call if

you need support.

Click to edit Master title style4) Great Employee Experience: Control access to data based on real-time context

Conditional access allows you to define policies that provide contextual controls at the user, location, device, and app levels. As conditions change, natural user prompts ensure that only the right users on compliant devices can access sensitive data.

Lig

ht B

lue

R0 G

188 B

242

Gre

en

R16 G

124 B

16

Red

R232 G

17 B

35

Mag

en

taR

180 G

0 B

158

Pu

rple

R92 G

45 B

145

Blu

eR

0 G

120 B

215

Teal

R0 G

130 B

114

Yello

wR

255 G

185 B

0

Ora

ng

eR

216 G

59 B

1

Lig

ht Y

ello

wR

255 G

241 B

0Lig

ht O

ran

ge

R255 G

140 B

0Lig

ht M

ag

en

taR

227 G

0 B

140

Lig

ht P

urp

leR

180 G

160 B

255

Lig

ht T

eal

R0 G

178 B

148

Lig

ht G

reen

R186 G

216 B

10

Dark

Red

R168 G

0 B

0D

ark

Mag

en

ta

R92 G

0 B

92

Dark

Pu

rple

R50 G

20 B

90

Mid

Blu

eR

0 G

24 B

143

Dark

Teal

R0 G

75 B

80

Dark

Gre

en

R0 G

75 B

28

Dark

Blu

eR

0 G

32 B

80

Mid

Gra

yR

115 G

115 B

115

Dark

Gra

yR

80 G

80 B

80

Ric

h B

lack

R0 G

0 B

0

Wh

iteR

255 G

255 B

255

Gra

yR

210 G

210 B

210

Lig

ht G

ray

R230 G

230 B

230

Microsoft 365 Demo

protection.office.comservicetrust.microsoft.comsecurescore.microsoft.com

Security & Compliance Admin Center

Microsoft Secure Score

Microsoft Compliance Manager

Microsoft Cloud App Security

GET MORE ANSWERS AT THE

MICROSOFT TRUST CENTER

https://securescore.microsoft.com

https://aka.ms/ComplianceManager

https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-mfa-licensing

https://www.biggreenit.com/blog/pushing-back-against-unauthorized-users

https://www.biggreenit.com/blog/mobile-device-management

https://www.microsoft.com/en-us/cloud-platform/microsoft-intune-pricing

https://docs.microsoft.com/en-us/office365/servicedescriptions/office-365-advanced-threat-protection-service-description

https://azure.microsoft.com/en-us/features/azure-advanced-threat-protection/

https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp

https://cloudblogs.microsoft.com/microsoftsecure/2018/12/03/insights-from-the-mitre-attack-based-evaluation-of-windows-defender-atp/

https://cloudblogs.microsoft.com/microsoftsecure/2018/11/28/windows-defender-atp-device-risk-score-exposes-new-cyberattack-drives-conditional-access-to-protect-networks/

https://www.microsoft.com/en-us/microsoft-365/blog/2018/06/12/how-we-built-rebuilt-intune-into-a-leading-globally-scaled-cloud-service/

https://cloudblogs.microsoft.com/microsoftsecure/

www.microsoft.com/sir

https://info.microsoft.com/MicrosoftasaTrustedAdvisorandPartneronCyberResilience-Registration.html

https://buildazure.com/2018/02/16/microsoft-virtual-security-summit-2018/

https://www.cisecurity.org/benchmark/azure/

Documents Download

https://techcommunity.microsoft.com/t5/Security-Privacy-and-Compliance/5-tips-to-help-you-prepare-for-the-new-California-Consumer/ba-p/359610

Thank You!

• Surveys

• Drawing

• Presentation will be sent to everyone!

• Free Trial through BigGreen IT!

• http://biggreenit.com/365trial

• Useful Links

• http://roadmap.office.com

• http://trust.office365.com

• LinkedIn: https://www.linkedin.com/in/wade-

walker-a830781/

• Twitter: @coachwade