Contents
Course Introduction
Planning for Device Compliance
Planning for Attack Surface Reduction
Configuring Security Baselines
Course Review
This course explores the suite of tools available in Microsoft Endpoint Manager for establishing and maintaining security posture in an organization. These include tools like Microsoft Intune, used for enrolling devices as well as creating and enforcing device compliance, and Microsoft Defender, used for implementing device antivirus and malware defense tools. This course will also review the activities involved in reducing attack surfaces in an organization that bad actors could use to penetrate and expose sensitive data. This sensitive data is protected through the implementation of attack surface reduction rules which are deployed through careful auditing and testing to prevent any loss of productivity. This course will also touch on the security baselines made available to organizations wishing to enact a more granular security posture and have access to tools like secure score for evaluating the effectiveness of these efforts against known best practices.
Learning Objectives
- Create a compliance policy
- Monitor enrolled devices
- Setup surface attack reduction rules
- Deploy surface attack reduction rules
- Review security baselines
- Examine Microsoft secure score
Intended Audience
This course is designed for individuals who are responsible for setting up and monitoring device compliance and security in Microsoft 365 as well as those pursuing Microsoft certifications.
Prerequisites
To get the most from this course, you should have some familiarity and experience with the Microsoft 365 security suite of tools including Microsoft Endpoint Manager.
Examine Microsoft Secure Score. Microsoft Secure Score is a security analytics tool designed to help our organization understand what we've done to reduce the risks to our data, and show us what we can do further to reduce that risk. Secure Score determines what Microsoft 365 services we are using, then looks at its configuration and behaviors and compares it to a baseline that's configured by Microsoft. Using the secure score allows us to plan incremental improvements over time, rather than responding or reacting to every security alert.
Microsoft secure score is a measurement of an organization's security posture. The higher the score, the more improvement actions have been taken. These scores help us report on the current state of our security posture, improve our security posture by providing discoverability, visibility, guidance and control, and compare with benchmarks and establish key performance indicators. Through the use of these scores, we gain access to robust visualizations of metrics and trends, integration with other Microsoft products, and score comparisons with similar organizations.
We obtain the security score from the Microsoft 365 defender console. We receive points for configuring recommended features, completing security related tasks, and addressing the improvement action with a third party application or software. Scores are updated in real time and also synced daily to receive system data.
The secure score dashboard provides a tool for us to dig into our security posture and understand where additional action may be necessary. The overview tab provides an action roadmap based on categories. Here we can see historical trends and benchmark comparisons. The improvement actions tab lists all the recommendations that address possible attack surfaces. It also includes a ranking based on how many points are available for completing the activity, and how difficult the action is and how many users it may impact. We can search and filter through these results. The History tab provides visibility of all our security score over time.
Steve is an experienced Solutions Architect with over 10 years of experience serving customers in the data and data engineering space. He has a proven track record of delivering solutions across a broad range of business areas that increase overall satisfaction and retention. He has worked across many industries, both public and private, and found many ways to drive the use of data and business intelligence tools to achieve business objectives. He is a persuasive communicator, presenter, and quite effective at building productive working relationships across all levels in the organization based on collegiality, transparency, and trust.