www.linkedin.com/in/SecurityChris
A complete, intelligent, secure solution to empower employees
Built for
teamwork
Unlocks
creativity
Integrated
for simplicity
Intelligent
security
Platform
Identity & access management
Information protection
Security management
Threat protection
Implementing the NCSC 14 Cloud Security Principalshttps://www.ncsc.gov.uk/guidance/implementing-cloud-security-principles
Detailed technical guidance co-authored by NCSC and Microsoft on implementation of Cloud Security Principals and where responsibilities lie in a public cloud environment:https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2MCCr
Windows
Defender Anti Virus
Office
Advanced
Threat
Protection
Windows
Defender
Advanced
Threat
Protection
Azure
Advanced
Threat Protection
Exchange
Online
Protection
Office
Message
Encryption
SharePoint
Information
Rights
Management
Azure
Information
Protection
Windows
Information
Protection
Compliance
Archiving and
eDiscovery
Customer
Lockbox
Advanced
Data
Governance
Office 365
Data Loss
Prevention
BitLocker
Privileged
Identity
Management
Windows
Firewall
Intune
Windows
Defender
Application
Control
Windows
Defender
Device Guard
Windows
Defender
Credential
Guard
Windows
Defender
System Guard
Windows
Defender
Exploit Guard
Microsoft
Cloud App
Security
Azure AD
Conditional
Access
Azure AD
MFA
Smart Screen
Anti Malware
Email Security
Data Loss
Prevention
Device
Control
Disk
Encryption
File
Encryption
Privilege
Management
Host Based
Firewall
Compliance
Management
Governance
controls
Intrusion
Prevention
Threat
Management
Forensics /
EDR
Remote Lock
and/or Wipe
Identity
Security
Web Traffic
Filtering
CAS-B
solution
Threat
Intelligence
and Attack
Simulator
UEBA
Azure Identity
Protection
Microsoft IS a Security Vendor
Advanced
Compliance
Windows
Defender Anti Virus
Office
Advanced
Threat
Protection
Windows
Defender
Advanced
Threat
Protection
Exchange
Online
Protection
Windows
Defender
Exploit Guard
Anti Malware
Email Security
Data Loss
Prevention
Device
Control
Disk
Encryption
File
Encryption
Privilege
Management
Host Based
Firewall
Compliance
Management
Governance
controls
UEBA
Intrusion
Prevention
Threat
Management
Forensics /
EDR
Remote Lock
and/or Wipe
Identity
Security
Web Traffic
Filtering
CAS-B
solution
Anti Malware Services
Office
Message
Encryption
SharePoint
Information
Rights
Management
Azure
Information
Protection
Windows
Information
Protection
Advanced
Data
Governance
Office 365
Data Loss
Prevention
Intune
Microsoft
Cloud App
Security
Anti Malware
Email Security
Data Loss
Prevention
Device
Control
Disk
Encryption
File
Encryption
Privilege
Management
Host Based
Firewall
Compliance
Management
Governance
controls
Intrusion
Prevention
Threat
Management
Forensics /
EDR
Remote Lock
and/or Wipe
Identity
Security
Web Traffic
Filtering
CAS-B
solution
Data Loss Prevention Services
UEBA
BitLocker
Anti Malware
Email Security
Data Loss
Prevention
Device
Control
Disk
Encryption
File
Encryption
Privilege
Management
Host Based
Firewall
Compliance
Management
Governance
controls
Intrusion
Prevention
Threat
Management
Forensics /
EDR
Remote Lock
and/or Wipe
Identity
Security
Web Traffic
Filtering
CAS-B
solution
Disk Encryption Services
UEBA
Advanced
Compliance
Privileged
Identity
Management
Anti Malware
Email Security
Data Loss
Prevention
Device
Control
Disk
Encryption
File
Encryption
Privilege
Management
Host Based
Firewall
Compliance
Management
Governance
controls
Intrusion
Prevention
Threat
Management
Forensics /
EDR
Remote Lock
and/or Wipe
Identity
Security
Web Traffic
Filtering
CAS-B
solution
UEBA
Privilege Management
Advanced
Compliance
Compliance
Archiving and
eDiscovery
Customer
Lockbox
Advanced
Data
Governance
Office 365
Data Loss
Prevention
Intune
Microsoft
Cloud App
Security
Anti Malware
Email Security
Data Loss
Prevention
Device
Control
Disk
Encryption
File
Encryption
Privilege
Management
Host Based
Firewall
Compliance
Management
Governance
controls
Intrusion
Prevention
Threat
Management
Forensics /
EDR
Remote Lock
and/or Wipe
Identity
Security
Web Traffic
Filtering
CAS-B
solution
UEBA
Compliance Management
Azure
Advanced
Threat Protection
Microsoft
Cloud App
Security
Anti Malware
Email Security
Data Loss
Prevention
Device
Control
Disk
Encryption
File
Encryption
Privilege
Management
Host Based
Firewall
Compliance
Management
Governance
controls
Intrusion
Prevention
Threat
Management
Forensics /
EDR
Remote Lock
and/or Wipe
Identity
Security
Web Traffic
Filtering
CAS-B
solution
UEBA
User Entity and Behaviour Analytics
Windows
Defender Anti Virus
Office
Advanced
Threat
Protection
Windows
Defender
Advanced
Threat
Protection
Azure
Advanced
Threat Protection
Exchange
Online
Protection
Windows
Firewall
Windows
Defender
Credential
Guard
Windows
Defender
System Guard
Windows
Defender
Exploit Guard
Microsoft
Cloud App
Security
Anti Malware
Email Security
Data Loss
Prevention
Device
Control
Disk
Encryption
File
Encryption
Privilege
Management
Host Based
Firewall
Compliance
Management
Governance
controls
Intrusion
Prevention
Threat
Management
Forensics /
EDR
Remote Lock
and/or Wipe
Identity
Security
Web Traffic
Filtering
CAS-B
solution
Threat
Intelligence
and Attack
Simulator
UEBA
Threat Management
Intune
Anti Malware
Email Security
Data Loss
Prevention
Device
Control
Disk
Encryption
File
Encryption
Privilege
Management
Host Based
Firewall
Compliance
Management
Governance
controls
Intrusion
Prevention
Threat
Management
Forensics /
EDR
Remote Lock
and/or Wipe
Identity
Security
Web Traffic
Filtering
CAS-B
solution
UEBA
Remote Lock and/or Wipe
Office
Advanced
Threat
Protection
Smart Screen
Anti Malware
Email Security
Data Loss
Prevention
Device
Control
Disk
Encryption
File
Encryption
Privilege
Management
Host Based
Firewall
Compliance
Management
Governance
controls
Intrusion
Prevention
Threat
Management
Forensics /
EDR
Remote Lock
and/or Wipe
Identity
Security
Web Traffic
Filtering
CAS-B
solution
UEBA
Web Traffic Filtering
Office
Advanced
Threat
Protection
Exchange
Online
Protection
Office
Message
Encryption
Office 365
Data Loss
Prevention
Anti Malware
Email Security
Data Loss
Prevention
Device
Control
Disk
Encryption
File
Encryption
Privilege
Management
Host Based
Firewall
Compliance
Management
Governance
controls
Intrusion
Prevention
Threat
Management
Forensics /
EDR
Remote Lock
and/or Wipe
Identity
Security
Web Traffic
Filtering
CAS-B
solution
UEBA
Email Security
Windows
Firewall
Intune
Windows
Defender
Application
Control
Windows
Defender
Device Guard
Anti Malware
Email Security
Data Loss
Prevention
Device
Control
Disk
Encryption
File
Encryption
Privilege
Management
Host Based
Firewall
Compliance
Management
Governance
controls
Intrusion
Prevention
Threat
Management
Forensics /
EDR
Remote Lock
and/or Wipe
Identity
Security
Web Traffic
Filtering
CAS-B
solution
UEBA
Device Control
Office
Message
Encryption
SharePoint
Information
Rights
Management
Azure
Information
Protection
Windows
Information
Protection
Anti Malware
Email Security
Data Loss
Prevention
Device
Control
Disk
Encryption
File
Encryption
Privilege
Management
Host Based
Firewall
Compliance
Management
Governance
controls
Intrusion
Prevention
Threat
Management
Forensics /
EDR
Remote Lock
and/or Wipe
Identity
Security
Web Traffic
Filtering
CAS-B
solution
UEBA
File Encryption
Windows
Firewall
Anti Malware
Email Security
Data Loss
Prevention
Device
Control
Disk
Encryption
File
Encryption
Privilege
Management
Host Based
Firewall
Compliance
Management
Governance
controls
Intrusion
Prevention
Threat
Management
Forensics /
EDR
Remote Lock
and/or Wipe
Identity
Security
Web Traffic
Filtering
CAS-B
solution
UEBA
Host Based Firewall
SharePoint
Information
Rights
Management
Azure
Information
Protection
Customer
Lockbox
Advanced
Data
Governance
Office 365
Data Loss
Prevention
Privileged
Identity
Management
Azure AD
Conditional
Access
Anti Malware
Email Security
Data Loss
Prevention
Device
Control
Disk
Encryption
File
Encryption
Privilege
Management
Host Based
Firewall
Compliance
Management
Governance
controls
Intrusion
Prevention
Threat
Management
Forensics /
EDR
Remote Lock
and/or Wipe
Identity
Security
Web Traffic
Filtering
CAS-B
solution
UEBA
Governance Controls
Advanced
Compliance
Windows
Defender Anti Virus
Office
Advanced
Threat
Protection
Windows
Defender
Advanced
Threat
Protection
BitLocker
Privileged
Identity
Management
Windows
Firewall
Windows
Defender
Device Guard
Windows
Defender
Credential
Guard
Windows
Defender
System Guard
Windows
Defender
Exploit Guard
Azure AD
Conditional
Access
Azure AD
MFA
Anti Malware
Email Security
Data Loss
Prevention
Device
Control
Disk
Encryption
File
Encryption
Privilege
Management
Host Based
Firewall
Compliance
Management
Governance
controls
Intrusion
Prevention
Threat
Management
Forensics /
EDR
Remote Lock
and/or Wipe
Identity
Security
Web Traffic
Filtering
CAS-B
solution
UEBA
Intrusion Prevention
Advanced
Compliance
Office
Advanced
Threat
Protection
Windows
Defender
Advanced
Threat
Protection
Azure
Advanced
Threat Protection
Microsoft
Cloud App
Security
Anti Malware
Email Security
Data Loss
Prevention
Device
Control
Disk
Encryption
File
Encryption
Privilege
Management
Host Based
Firewall
Compliance
Management
Governance
controls
Intrusion
Prevention
Threat
Management
Forensics /
EDR
Remote Lock
and/or Wipe
Identity
Security
Web Traffic
Filtering
CAS-B
solution
UEBA
Forensics and Endpoint Detection and Response
Privileged
Identity
Management
Intune
Azure AD
Conditional
Access
Azure AD
MFA
Anti Malware
Email Security
Data Loss
Prevention
Device
Control
Disk
Encryption
File
Encryption
Privilege
Management
Host Based
Firewall
Compliance
Management
Governance
controls
Intrusion
Prevention
Threat
Management
Forensics /
EDR
Remote Lock
and/or Wipe
Identity
Security
Web Traffic
Filtering
CAS-B
solution
UEBA
Azure Identity
Protection
Identity Security
Advanced
Compliance
Microsoft
Cloud App
Security
Anti Malware
Email Security
Data Loss
Prevention
Device
Control
Disk
Encryption
File
Encryption
Privilege
Management
Host Based
Firewall
Compliance
Management
Governance
controls
Intrusion
Prevention
Threat
Management
Forensics /
EDR
Remote Lock
and/or Wipe
Identity
Security
Web Traffic
Filtering
CAS-B
solution
UEBA
Cloud App Security Broker (CAS-B) Solution
Windows
Defender Anti Virus
Office
Advanced
Threat
Protection
Windows
Defender
Advanced
Threat
Protection
Azure
Advanced
Threat Protection
Exchange
Online
Protection
Office
Message
Encryption
SharePoint
Information
Rights
Management
Azure
Information
Protection
Windows
Information
Protection
Compliance
Archiving and
eDiscovery
Customer
Lockbox
Advanced
Data
Governance
Office 365
Data Loss
Prevention
BitLocker
Privileged
Identity
Management
Windows
Firewall
Intune
Windows
Defender
Application
Control
Windows
Defender
Device Guard
Windows
Defender
Credential
Guard
Windows
Defender
System Guard
Windows
Defender
Exploit Guard
Microsoft
Cloud App
Security
Azure AD
Conditional
Access
Azure AD
MFA
Smart Screen
Threat
Intelligence
and Attack
Simulator
Azure Identity
Protection
Invisible to End User Visible only when security boundary is crossed Visible to End User
Visibility to End user
Advanced
Compliance
Azure
Advanced
Threat Protection
Compliance
Archiving and
eDiscovery
Customer
Lockbox
BitLocker
Windows
Defender
Credential
Guard
Windows
Defender
System Guard
Windows
Defender
Exploit Guard
Threat
Intelligence
and Attack
Simulator
Invisible to End User Visible only when security boundary is crossed Visible to End User
Visibility to End user
Advanced
Compliance
Windows
Defender Anti Virus
Office
Advanced
Threat
Protection
Windows
Defender
Advanced
Threat
Protection
Exchange
Online
Protection
Windows
Information
Protection
Advanced
Data
Governance
Office 365
Data Loss
Prevention
Privileged
Identity
Management
Windows
Firewall
Intune
Windows
Defender
Application
Control
Windows
Defender
Device Guard
Microsoft
Cloud App
Security
Azure AD
Conditional
Access
Smart ScreenAzure Identity
Protection
Invisible to End User Visible only when security boundary is crossed Visible to End User
Visibility to End user
Office
Message
Encryption
SharePoint
Information
Rights
Management
Azure
Information
Protection
BitLocker
Azure AD
MFA
Threat
Intelligence
and Attack
Simulator
Invisible to End User Visible only when security boundary is crossed Visible to End User
Visibility to End user
Windows
Defender Anti Virus
Office
Advanced
Threat
Protection
Windows
Defender
Advanced
Threat
Protection
Azure
Advanced
Threat Protection
Exchange
Online
Protection
Office
Message
Encryption
SharePoint
Information
Rights
Management
Azure
Information
Protection
Windows
Information
Protection
Compliance
Archiving and
eDiscovery
Customer
Lockbox
Advanced
Data
Governance
Office 365
Data Loss
Prevention
BitLocker
Privileged
Identity
Management
Windows
Firewall
Intune
Windows
Defender
Application
Control
Windows
Defender
Device Guard
Windows
Defender
Credential
Guard
Windows
Defender
System Guard
Windows
Defender
Exploit Guard
Microsoft
Cloud App
Security
Azure AD
Conditional
Access
Azure AD
MFA
Smart Screen
Threat
Intelligence
and Attack
Simulator
Azure Identity
Protection
Integration Between Services
Configuration and
ManagementShared Encryption Shared Signals and Context Enhanced Functionality All
Advanced
Compliance
Integration: Configuration and Management
Configuration and
ManagementShared Encryption Shared Signals and Context Enhanced Functionality All
Intune
Windows
Information
Protection
BitLocker
Windows
Firewall
Windows
Defender
Device Guard
Windows
Defender
Credential Guard
Windows
Defender
System Guard
Windows
Defender
Exploit Guard
Azure AD
Conditional
Access
Azure AD
MFA
Azure Identity
Protection
Exchange
Online
Protection
Office
Message
Encryption
Windows
Defender
Advanced
Threat
Protection
Configuration and
ManagementShared Encryption Shared Signals and Context Enhanced Functionality All
Integration: Share Encryption
Office
Message
Encryption
SharePoint
Information Rights
Management
Azure
Information
Protection
Windows
Information
Protection
Azure Rights
Management Services
Configuration and
ManagementShared Encryption Shared Signals and Context Enhanced Functionality All
Integration: Shared Signals and Context
Windows
Defender Anti
Virus
Office
Advanced
Threat
Protection
Windows
Defender
Advanced
Threat Protection
Azure
Advanced
Threat
Protection
Azure
Information
Protection
Advanced
Data
Governance
Office 365
Data Loss
Prevention
Intune
Windows
Defender
Application
Control
Microsoft
Cloud App
Security
Azure AD
Conditional
Access
Threat
Intelligence and Attack
Simulator
Azure Identity
Protection
Windows
Firewall
Configuration and
ManagementShared Encryption Shared Signals and Context Enhanced Functionality All
Integration: Enhanced Functionaily
Office
Advanced
Threat
Protection
Exchange
Online
Protection
Azure
Information
Protection
Office 365
Data Loss
Prevention
Privileged
Identity
Management
Azure AD
Conditional
Access
Azure AD
MFA
Azure Identity
Protection
Compliance
Archiving and
eDiscovery
Advanced
Data
Governance
Microsoft
Cloud App
Security
Advanced
Compliance
Windows
Defender Anti Virus
Office
Advanced
Threat
Protection
Windows
Defender
Advanced
Threat
Protection
Azure
Advanced
Threat Protection
Exchange
Online
Protection
Office
Message
Encryption
SharePoint
Information
Rights
Management
Azure
Information
Protection
Windows
Information
Protection
Compliance
Archiving and
eDiscovery
Customer
Lockbox
Advanced
Data
Governance
Office 365
Data Loss
Prevention
BitLocker
Privileged
Identity
Management
Windows
Firewall
Intune
Windows
Defender
Application
Control
Windows
Defender
Device Guard
Windows
Defender
Credential
Guard
Windows
Defender
System Guard
Windows
Defender
Exploit Guard
Microsoft
Cloud App
Security
Azure AD
Conditional
Access
Azure AD
MFA
Smart Screen
Threat
Intelligence
and Attack
Simulator
Azure Identity
Protection
Integration Between Services
Configuration and
ManagementShared Encryption Shared Signals and Context Enhanced Functionality All
Windows
Defender Anti Virus
Office
Advanced
Threat
Protection
Windows
Defender
Advanced
Threat
Protection
Azure
Advanced
Threat Protection
Exchange
Online
Protection
Office
Message
Encryption
SharePoint
Information
Rights
Management
Azure
Information
Protection
Windows
Information
Protection
Compliance
Archiving and
eDiscovery
Customer
Lockbox
Advanced
Data
Governance
Office 365
Data Loss
Prevention
BitLocker
Privileged
Identity
Management
Windows
Firewall
Intune
Windows
Defender
Application
Control
Windows
Defender
Device Guard
Windows
Defender
Credential
Guard
Windows
Defender
System Guard
Windows
Defender
Exploit Guard
Microsoft
Cloud App
Security
Azure AD
Conditional
Access
Azure AD
MFA
Smart Screen
Threat
Intelligence
and Attack
Simulator
Azure Identity
Protection
Licensing
Office 365 E3Enterprise Mobility and
Security E3Windows Enterprise E3
Identity and Threat
Protection (ITP)Microsoft 365 E3
Office 365 E5Enterprise Mobility and
Security E5Windows Enterprise E5
Information Protection
and Compliance (IPC)Microsoft 365 E5
Public Sector
Security and
Compliance
Package (SCP)
Advanced
Compliance
Exchange
Online
Protection
Office
Message
Encryption
SharePoint
Information
Rights
Management
Compliance
Archiving and
eDiscovery
Office 365
Data Loss
Prevention
Office 365 E3
Office 365 E3Enterprise Mobility and
Security E3Windows Enterprise E3
Identity and Threat
Protection (ITP)Microsoft 365 E3
Office 365 E5Enterprise Mobility and
Security E5Windows Enterprise E5
Information Protection
and Compliance (IPC)Microsoft 365 E5
Public Sector
Security and
Compliance
Package (SCP)
Office
Advanced
Threat
Protection
Exchange
Online
Protection
Office
Message
Encryption
SharePoint
Information
Rights
Management
Compliance
Archiving and
eDiscovery
Customer
Lockbox
Advanced
Data
Governance
Office 365
Data Loss
Prevention
Threat
Intelligence
and Attack
Simulator
Office 365 E5
Office 365 E3Enterprise Mobility and
Security E3Windows Enterprise E3
Identity and Threat
Protection (ITP)Microsoft 365 E3
Office 365 E5Enterprise Mobility and
Security E5Windows Enterprise E5
Information Protection
and Compliance (IPC)Microsoft 365 E5
Public Sector
Security and
Compliance
Package (SCP)
Microsoft
Advanced
Threat Analytics
Azure
Information
Protection
Intune
Azure AD
Conditional
Access
Azure AD
MFA
Enterprise Mobility and Security E3
Office 365 E3Enterprise Mobility and
Security E3Windows Enterprise E3
Identity and Threat
Protection (ITP)Microsoft 365 E3
Office 365 E5Enterprise Mobility and
Security E5Windows Enterprise E5
Information Protection
and Compliance (IPC)Microsoft 365 E5
Public Sector
Security and
Compliance
Package (SCP)
Azure
Advanced
Threat Protection
Azure
Information
Protection
Privileged
Identity
Management
Intune
Microsoft
Cloud App
Security
Azure AD
Conditional
Access
Azure AD
MFA
Azure Identity
Protection
Enterprise Mobility and Security E5
Office 365 E3Enterprise Mobility and
Security E3Windows Enterprise E3
Identity and Threat
Protection (ITP)Microsoft 365 E3
Office 365 E5Enterprise Mobility and
Security E5Windows Enterprise E5
Information Protection
and Compliance (IPC)Microsoft 365 E5
Public Sector
Security and
Compliance
Package (SCP)
Windows
Defender Anti Virus
Windows
Information
Protection
BitLockerWindows
Firewall
Windows
Defender
Application
Control
Windows
Defender
Device Guard
Windows
Defender
Credential
Guard
Windows
Defender
System Guard
Windows
Defender
Exploit Guard
Smart Screen
Windows 10 Enterprise E3
Office 365 E3Enterprise Mobility and
Security E3Windows Enterprise E3
Identity and Threat
Protection (ITP)Microsoft 365 E3
Office 365 E5Enterprise Mobility and
Security E5Windows Enterprise E5
Information Protection
and Compliance (IPC)Microsoft 365 E5
Public Sector
Security and
Compliance
Package (SCP)
Windows
Defender Anti Virus
Windows
Defender
Advanced
Threat
Protection
Windows
Information
Protection
BitLockerWindows
Firewall
Windows
Defender
Application
Control
Windows
Defender
Device Guard
Windows
Defender
Credential
Guard
Windows
Defender
System Guard
Windows
Defender
Exploit Guard
Smart Screen
Windows 10 Enterprise E5
Office 365 E3Enterprise Mobility and
Security E3Windows Enterprise E3
Identity and Threat
Protection (ITP)Microsoft 365 E3
Office 365 E5Enterprise Mobility and
Security E5Windows Enterprise E5
Information Protection
and Compliance (IPC)Microsoft 365 E5
Public Sector
Security and
Compliance
Package (SCP)
Office
Advanced
Threat
Protection
Windows
Defender
Advanced
Threat
Protection
Azure
Advanced
Threat Protection
Privileged
Identity
Management
Microsoft
Cloud App
Security
Azure AD
Conditional
Access
Azure AD
MFA
Threat
Intelligence
and Attack
Simulator
Azure Identity
Protection
Identity and Threat Protection Package (ITP)
Office 365 E3Enterprise Mobility and
Security E3Windows Enterprise E3
Identity and Threat
Protection (ITP)Microsoft 365 E3
Office 365 E5Enterprise Mobility and
Security E5Windows Enterprise E5
Information Protection
and Compliance (IPC)Microsoft 365 E5
Public Sector
Security and
Compliance
Package (SCP)
Azure
Information
Protection
Advanced
Data
Governance
Information Protection and Compliance (IPC)
Office 365 E3Enterprise Mobility and
Security E3Windows Enterprise E3
Identity and Threat
Protection (ITP)Microsoft 365 E3
Office 365 E5Enterprise Mobility and
Security E5Windows Enterprise E5
Information Protection
and Compliance (IPC)Microsoft 365 E5
Public Sector
Security and
Compliance
Package (SCP)
Advanced
Compliance
Windows
Defender Anti Virus
Office
Advanced
Threat
Protection
Windows
Defender
Advanced
Threat
Protection
Azure
Advanced
Threat Protection
Exchange
Online
Protection
Office
Message
Encryption
SharePoint
Information
Rights
Management
Azure
Information
Protection
Windows
Information
Protection
Compliance
Archiving and
eDiscovery
Customer
Lockbox
Advanced
Data
Governance
Office 365
Data Loss
Prevention
BitLocker
Privileged
Identity
Management
Windows
Firewall
Intune
Windows
Defender
Application
Control
Windows
Defender
Device Guard
Windows
Defender
Credential
Guard
Windows
Defender
System Guard
Windows
Defender
Exploit Guard
Microsoft
Cloud App
Security
Azure AD
Conditional
Access
Azure AD
MFA
Smart ScreenAzure Identity
Protection
Public Sector Security and
Compliance Package
Office 365 E3Enterprise Mobility and
Security E3Windows Enterprise E3
Identity and Threat
Protection (ITP)Microsoft 365 E3
Office 365 E5Enterprise Mobility and
Security E5Windows Enterprise E5
Information Protection
and Compliance (IPC)Microsoft 365 E5
Public Sector
Security and
Compliance
Package (SCP)
Advanced
Compliance
Windows
Defender Anti Virus
Exchange
Online
Protection
Office
Message
Encryption
SharePoint
Information
Rights
Management
Azure
Information
Protection
Windows
Information
Protection
Compliance
Archiving and
eDiscovery
Office 365
Data Loss
Prevention
BitLockerWindows
Firewall
Intune
Windows
Defender
Application
Control
Windows
Defender
Device Guard
Windows
Defender
Credential
Guard
Windows
Defender
System Guard
Windows
Defender
Exploit Guard
Azure AD
Conditional
Access
Azure AD
MFA
Smart Screen
Microsoft 365 E3
Office 365 E3Enterprise Mobility and
Security E3Windows Enterprise E3
Identity and Threat
Protection (ITP)Microsoft 365 E3
Office 365 E5Enterprise Mobility and
Security E5Windows Enterprise E5
Information Protection
and Compliance (IPC)Microsoft 365 E5
Public Sector
Security and
Compliance
Package (SCP)
Microsoft
Advanced
Threat Analytics
Windows
Defender Anti Virus
Office
Advanced
Threat
Protection
Windows
Defender
Advanced
Threat
Protection
Exchange
Online
Protection
Office
Message
Encryption
SharePoint
Information
Rights
Management
Azure
Information
Protection
Windows
Information
Protection
Compliance
Archiving and
eDiscovery
Customer
Lockbox
Advanced
Data
Governance
Office 365
Data Loss
Prevention
BitLocker
Privileged
Identity
Management
Windows
Firewall
Intune
Windows
Defender
Application
Control
Windows
Defender
Device Guard
Windows
Defender
Credential
Guard
Windows
Defender
System Guard
Windows
Defender
Exploit Guard
Microsoft
Cloud App
Security
Azure AD
Conditional
Access
Azure AD
MFA
Smart Screen
Threat
Intelligence
and Attack
Simulator
Azure Identity
Protection
Microsoft 365 E5
Office 365 E3Enterprise Mobility and
Security E3Windows Enterprise E3
Identity and Threat
Protection (ITP)Microsoft 365 E3
Office 365 E5Enterprise Mobility and
Security E5Windows Enterprise E5
Information Protection
and Compliance (IPC)Microsoft 365 E5
Public Sector
Security and
Compliance
Package (SCP)
Advanced
Compliance
Azure
Advanced
Threat Protection
Victim Zero
?
High value
target (CxO)
Employees
Customers
Partners
Distributors
Suppliers
Devices
Things
Azure ActiveDirectory
Windows
MacOSiOS
Android
I want to provide my employees secure
and easy access to every application
from any location and any device
I need my customers, partners, and users to
access the apps they need from everywhere
and collaborate seamlessly
I want to quickly deploy applications to
devices, do more with less and automate
Join/Move/Leave processes
[dev use case]I want to protect access to my
resources from advanced threats
I need to comply with industry regulation
and national data protection laws
Conditional
Access
Multi-Factor
Authentication
Addition of
custom cloud
apps
Remote Access
to on-premises
apps
Privileged
Identity
Management
Dynamic GroupsIdentity
Protection
Azure AD DSOffice 365 App
Launcher
Group-Based
Licensing
Access
Panel/MyApps
Azure AD
Connect
Connect Health
Provisioning-
Deprovisioning
Azure AD Join
Self-Service
capabilities
MDM-auto
enrollment /
Enterprise State
Roaming
Security
Reporting
Access ReviewsHR App
Integration
B2B
collaboration
Azure AD
B2C
SSO to SaaS
Microsoft
Authenticator -
Password-less
Access
CorporateNetwork
Geo-location
MicrosoftCloud App SecurityMacOS
Android
iOS
Windows
WindowsDefender ATP
Client apps
Browser apps
Google ID
MSA
Azure AD
ADFS
RequireMFA
Allow/blockaccess
Block legacyauthentication
Forcepasswordreset
******
Limitedaccess
Controls
Employee & PartnerUsers and Roles
Trusted &Compliant Devices
Physical &Virtual Location
Client apps &Auth Method
Conditions
Machinelearning
Policies
Real timeEvaluationEngine
SessionRisk
3
40TB
Effectivepolicy
Microsoft Intelligent Security Graph
PROTECTION ACROSS THE KILL CHAIN
User browses
to a website
User runs a
program
Office 365 ATPEmail protection
User receives
an email
Opens an
attachment
Clicks on a URL
+
Windows Defender ATPEnd Point protection
Brute force
an account
Reconnaissance
Lateral
Movement
Domain
Dominance
Azure ATPIdentity protection
!
!
!
Exploitation Installation
Command and
Control channel
C:\
Azure ADIdentity protection &
Conditional access
Cloud App SecurityIdentity &
Conditional access for
cloud apps
Data
Exfiltration
Azure Information
ProtectionData classification &
protection
Intune
LabelDiscover Classify
Sensitivity Retention
Encryption
Restrict Access
Watermark
Header/Footer
Retention
Deletion
Records Management
Archiving
Sensitive data discovery
Data at risk
Policy violations
Policy recommendations
Proactive alerts
Comprehensive policies to protect and govern your most important data – throughout its lifecycle
Unified approach to discover, classify & label
Automatically apply policy-based actions
Proactive monitoring to identify risks
Broad coverage across locations
Apply label
Unified approach
Monitor
MICROSOFT CLOUD APP SECURITY
Visibility into 15k+ cloud apps, data access & usage,
potential abuse
AZURE SECURITY CENTER INFORMATION PROTECTION
Classify & label sensitive structured data in Azure SQL, SQL
Server and other Azure repositories
OFFICE APPS
Protect sensitive information while working in Excel, Word,
PowerPoint, Outlook
AZURE INFORMATION PROTECTION
Classify, label & protect files – beyond Office 365, including
on-premises & hybrid
OFFICE 365 DATA LOSS PREVENTION
Prevent data loss across Exchange Online, SharePoint Online,
OneDrive for Business
SHAREPOINT & GROUPS
Protect files in libraries and lists
OFFICE 365 ADVANCED DATA GOVERNANCE
Apply retention and deletion policies to sensitive and
important data in Office 365
ADOBE PDFs
Natively view and protect PDFs on Adobe Acrobat Reader
WINDOWS INFORMATION PROTECTION
Separate personal vs. work data on Windows 10 devices,
prevent work data from traveling to non-work locations
OFFICE 365 MESSAGE ENCRYPTION
Send encrypted emails in Office 365 to anyone
inside or outside of the company
CONDITIONAL ACCESS
Control access to files based on policy, such as identity, machine
configuration, geo location
Discover | Class i fy | Protect | Monitor
SDK FOR PARTNER ECOSYSTEM & ISVs
Enable ISVs to consume labels, apply protection