Defense in depth: Enterprise Mobility + Security advanced protection capabilities 10
Azure AD Identity
Protection Reports
Insights into risky sign-in
attempts and users whose
credentials are compromised
Undetected intrusion,
highly vulnerable users
Criminals attempt almost 100M
fraudulent sign-ins every day,
and you should know if one
impacts you.
Azure AD Conditional Access Automated sign-in challenge
(with multi-factor) or block
based on governance,
compliance, or risk factors
Attempted malicious sign-in,
vulnerable users
You can intercept the clear
majority of attacks before they
can cause harm by having
policy-based risk response
to disrupt criminals.
Microsoft Cloud App Security In-session monitoring and control Rogue users, malware on machine Sometimes an authorized user
does unauthorized things—
or their machine does.
Microsoft Advanced Threat
Analytics
On-premises behavior analysis
and anomaly detection, detection
of bad actors in your
organizational network
Undetected inside attackers or
undetected attackers using stolen
credentials via VPN
Your on-premises environment
represents your greatest risk,
making rapid response to
intrusion your best hope.
Azure AD Privileged Identity
Management
Detection and mitigation of
excess administrative privilege,
just-enough and just-in-time
access for privileged tasks
Compromise of privileged
accounts
Every admin account represents
substantial risk if the account is
compromised. For privileged
access, less is more.
Microsoft Intune Enforcement of device compliance
with policies to ensure device
health and safety, including PIN
lock, encryption, and current
malware protection
Data loss due to lost or stolen
devices, infected devices
Machines get lost or stolen and
malware can exfiltrate data.
Azure Information Protection Securing of data in transit with
encryption, document tracking,
and auto-classification
Data loss due to non-compliant
opening of documents
Documents get emailed outside
of your span of control (to users
and machines that may be
insecure).
Summary
The brutal truth is that the rate and sophistication of attacks are increasing. Leaks of highly sophisticated attacks mated to old fashioned
malware create new intersections of capabilities, while old techniques find new targets in governments and industry. The enemy is at
the gates.
In a hostile environment with sophisticated attackers, we must assume breach—no one defense will suffice. Using the technologies and
techniques above will help you establish a defensible fortress to protect your organization’s integrity and operations.
And a guard in a bearskin hat can’t hurt.