This month we’re talking about secure collaboration. Whenever I get the chance to talk to C-level executives about cybersecurity, one topic that inevitably comes up is Rights Management Services (RMS). This isn’t because they ask about the technology specifically, but because they ask me how they can protect sensitive information they need to share with other organizations. Many times they need to share information with their outside attorneys or marketing firms and the risk of a leak is worrisome. Once executives get an introduction to Azure RMS; however, they quickly realize it is exactly what they have been asking their IT department for. For a closer look at the amazing features of Azure RMS, please check out the article in our Cloud Security Controls Series I authored a few months ago and read on for additional guidance on Azure RMS, identity and access, and other aspects of security we know you are interested in.
Best regards, Tim Rains, Chief Security Advisor Enterprise Cybersecurity Group, Microsoft
Tracking Lateral Movement Part One: Special Groups and Specific Service Accounts Lateral Movement is the moving of an attacker from one compromised host throughout your domain until they find what they are looking for, and is something we see many just about all attackers doing during compromise. Learn about some of the detective controls you can put in place to get greater insight into what is currently happening in your environment so you can get the protective controls in place faster.
Azure Rights Management Azure Rights Management is a cloud service, and is integrated into other Microsoft cloud services and applications, such as Office 365 and Azure Active Directory. However, it can also be used with your on-premises applications and services. Learn how to use Azure RMS to help you protect your organization’s sensitive information from unauthorized access, and control how this information is used.
Comparing Azure Rights Management and AD RMS If you know or have previously deployed Active Directory Rights Management Services (AD RMS), you might be wondering how Azure RMS compares in terms of functionality and requirements. Use this handy table for a side-by-side comparison of the features and benefits of Azure RMS and AD RMS.
Securing Privileged Access The security of most or all business assets in an organization depends on the integrity of the privileged accounts that administer and manage IT systems. Cyber-attackers are targeting these accounts and other elements of privileged access to rapidly gain access to targeted data and systems using credential theft attacks like Pass-the-Hash and Pass-the-Ticket. Check out this roadmap of recommendations for securing privileged access, a critical first step to establishing security assurances for business assets in a modern organization, then find recommendations on how to implement privileged access workstations and additional reference materials.
Single Sign-On Roadmap Single sign-on (SSO) allows you and your users to access Microsoft cloud services with your Active Directory corporate credentials. Find a quick list of steps to help you prepare for SSO, set up your on-premises security token service, and set up directory synchronization.
Control the Health of Windows 10-Based Devices With the increased use of BYOD, there are more unmanaged and potentially unhealthy systems accessing corporate services, internal resources, and cloud apps. This guide presents an end-to-end solution that helps you protect high-value assets by enforcing, controlling, and reporting the health of Windows 10-based devices.
Windows Security & Forensics (Level 300) Learn how to investigate crimes, like fraud, insider threats, industrial espionage, employee misuse, and computer intrusion by recovering key intelligence from Windows systems.
Azure RMS Core Skills (Level 200) Explore reasons to use RMS for information protection, find out how to active Azure RMS, and dive deep into how to protect the files your users share, and how to track and revoke the usage of protected files.
Add Identity into Your Cloud-Based Apps (Level 100) Integrating with Azure AD can save you time from coding your own sign-in logic and trying to protect your users’ passwords and has many security and end user experience benefits. Learn the most common scenarios for integrating with Azure AD, get an overview of the Azure AD feature set, and find out what’s coming next.
This is a monthly newsletter for IT professionals and developers–bringing security news, guidance, updates, and community resources directly to your inbox. If you would like to receive less technical security news, guidance, and updates, please subscribe to the Microsoft Security for Home Computer Users Newsletter.