TEC 2020 on-demand: hybrid Active Directory security track

Hybrid cloud requires integration and communication between the remaining on-prem infrastructure and the new(er) cloud services. Sean Metcalf explores hybrid cloud scenarios highlighting security implications and concerns, as well as providing recommendations. Also covered are scenarios that appear to subvert typical security and protections which involve federation configuration, Identity Access Management (IAM), and interaction between SaaS and IaaS.

Come and hear from someone who lived through the notPetya cyberattack first-hand; Gavin Aston will explore what you need to do to mitigate attacks, cover a more impactful way of achieving the funding required to deploy these security measures, and describe how organizational cohesion, collaboration, and just doing the basics will help protect you in the fight against the rapid rise of cyberattacks.

As organizations embrace digital transformations through the cloud, a hybrid enterprise infrastructure is emerging as mainstream. Come and join the Microsoft Identity Engineering team to learn patterns and best practices from the largest and most complex enterprise scenarios all over the world using Azure Active Directory to simplify, optimize and secure on-premises environments with cloud-powered Identity Services.

Applications – and the way permissions for these applications get granted – are changing. In this session, you’ll understand these new application models and how they can be abused for sustained persistence, how these permissions work, what overprivileged looks like and finally, how to find them in your environment.

In this session, Randy Franklin Smith dives into the arcane and subtle details of security dependencies between DCs, domains, forests, synchronization, replication and the other issues that arise in a global hybrid AD environment.

While the state of cyberattacks are constantly morphing, the environment in which an attack takes place limits activity down to a common set of threat actions. Nick Cavalancia will discuss the recent state of cyberattacks and how using the MITRE ATT&CK Framework as a guide can help to identify where you are most vulnerable and dictate real-world AD security best practices that can be implemented to keep AD from being a cyberattack asset.

With your data in Office 365, how can you control when, where, and how your users access data? Azure AD conditional access is a critical part of Microsoft’s answer to protecting Office 365 tenants and even third-party applications. With conditional access, you can make decisions like ensuring your users are using company issued devices, restricting downloads from SharePoint when using personal devices, inspecting documents in real time with Cloud App Security, or only allowing access to email from approved apps. In this session you’ll learn how the conditional access engine in Azure AD works. We will walk through creating conditional access policies for common scenarios and review how to troubleshoot them when something goes wrong. You’ll walk away with the knowledge you need to start enforcing effective controls to protect Office 365.

Have you ever wondered how Microsoft implements FIDO2 in a hybrid environment? Join Aakashi Kapoor and Pamela Dingle as they tour through everything an architect needs to know about WebAuthn, CTAP2 and the internal workings of Microsoft's hybrid FIDO2 implementation. You'll walk away understanding the security model and the integration steps needed to get you started, with demos and discussion of how FIDO2 can fit in the context of a multi-factor authentication strategy.