054 - I like to move it - but you are not allowed to

Hairless in the Cloud - Microsoft 365 - Security und Collaboration

Nội dung được cung cấp bởi Hairless in the Cloud. Tất cả nội dung podcast bao gồm các tập, đồ họa và mô tả podcast đều được Hairless in the Cloud hoặc đối tác nền tảng podcast của họ tải lên và cung cấp trực tiếp. Nếu bạn cho rằng ai đó đang sử dụng tác phẩm có bản quyền của bạn mà không có sự cho phép của bạn, bạn có thể làm theo quy trình được nêu ở đây https://vi.player.fm/legal.

3+ y ago 52:58

MP3•Trang chủ episode

NEWS

Mimikatz: https://dirkjanm.io/digging-further-into-the-primary-refresh-token/
Ignite 2020: https://www.microsoft.com/en-us/ignite
Become a KQL Ninja: https://security-tzu.com/2020/08/07/become-a-kql-ninja/
Teams: https://techcommunity.microsoft.com/t5/microsoft-teams-blog/what-s-new-in-microsoft-teams-july-2020/ba-p/1551561
SCC Report: https://github.com/jangeisbauer/SCCReport
Booking "14 people are currently watching this product" --> random()*12 + 3: https://twitter.com/RoninDey/status/1292002070363541505?s=20
MCAS spoofing: https://stephanwaelde.com/2020/08/04/mitigate-mcas-issue-with-user-agent-spoofing/
Überall tauchen DUOs auf: https://twitter.com/matvelloso/status/1291576776238305281?s=20

I LIKE TO MOVE IT

Mover.io (2019 gekauft)
"Alternativen" SharePoint Migration Tool, ShareGate, AvePoint, …
Viele Anbindungen (14): S3, AZ Blob, Box, Dropbox, G Suite, Gdrive, O365, OneDrive

User vs Admin

Self Service Migration

OneDrive 2 OneDrive
DropBox 2 OneDrive
OneDrive 2 DropBox

Admin driven migration

Immer noch die Rede von User!
User Mapping = Site Mapping = Url 2 Url
Permission Mapping (upn = upn) - damit auch B2B machbar?

Anmelden an Service 1
Anmelden an Service 2
Auf jeder Seite den Ordner wählen
Im Ziel auch anlegbar

Tech

2 AAD Apps (alles OIDC/Oauth)
Anmeldung an zwei Tenants in derselben Browser Session
Mover OneDrive (user consent)
Office 365 Mover (admin consent)
Keine "Lizenz"
Performance: Mein OneDrive 45k 106 GB = 12 stunden

Use Case

Blob to SharePoint über ein Schedule
https://www.youtube.com/watch?v=vuo8kD5zF5I

BUT YOU ARE NOT ALLOWED TO: Microsoft Endpoint Data Loss Prevention

Public Preview
Native built into Windows (in MDATP component and edge)

Compliance.microsoft.com

Sensitive Info Type: ex german passport number
AND Share Condition: Is shared with somebody inside or outside my org

Audit or restrict activities on windows devices

Upload to cloudservices or access by unallowed browsers
Copy to clipboard
Copy to USB
Copy to network share
Access by unallowed apps
Print

https://techcommunity.microsoft.com/t5/microsoft-security-and/announcing-public-preview-of-microsoft-endpoint-data-loss/ba-p/1534085

99 tập

#Technologie #Hairless In The Cloud