Chuyển sang chế độ ngoại tuyến với ứng dụng Player FM !
054 - I like to move it - but you are not allowed to
Manage episode 269285195 series 2576855
NEWS
- Mimikatz: https://dirkjanm.io/digging-further-into-the-primary-refresh-token/
- Ignite 2020: https://www.microsoft.com/en-us/ignite
- Become a KQL Ninja: https://security-tzu.com/2020/08/07/become-a-kql-ninja/
- Teams: https://techcommunity.microsoft.com/t5/microsoft-teams-blog/what-s-new-in-microsoft-teams-july-2020/ba-p/1551561
- SCC Report: https://github.com/jangeisbauer/SCCReport
- Booking "14 people are currently watching this product" --> random()*12 + 3: https://twitter.com/RoninDey/status/1292002070363541505?s=20
- MCAS spoofing: https://stephanwaelde.com/2020/08/04/mitigate-mcas-issue-with-user-agent-spoofing/
- Überall tauchen DUOs auf: https://twitter.com/matvelloso/status/1291576776238305281?s=20
I LIKE TO MOVE IT
- Mover.io (2019 gekauft)
- "Alternativen" SharePoint Migration Tool, ShareGate, AvePoint, …
- Viele Anbindungen (14): S3, AZ Blob, Box, Dropbox, G Suite, Gdrive, O365, OneDrive
User vs Admin
Self Service Migration
- OneDrive 2 OneDrive
- DropBox 2 OneDrive
- OneDrive 2 DropBox
Admin driven migration
- Immer noch die Rede von User!
- User Mapping = Site Mapping = Url 2 Url
- Permission Mapping (upn = upn) - damit auch B2B machbar?
UX
- Anmelden an Service 1
- Anmelden an Service 2
- Auf jeder Seite den Ordner wählen
- Im Ziel auch anlegbar
Tech
- 2 AAD Apps (alles OIDC/Oauth)
- Anmeldung an zwei Tenants in derselben Browser Session
- Mover OneDrive (user consent)
- Office 365 Mover (admin consent)
- Keine "Lizenz"
- Performance: Mein OneDrive 45k 106 GB = 12 stunden
Use Case
- Blob to SharePoint über ein Schedule
- https://www.youtube.com/watch?v=vuo8kD5zF5I
BUT YOU ARE NOT ALLOWED TO: Microsoft Endpoint Data Loss Prevention
- Public Preview
- Native built into Windows (in MDATP component and edge)
Compliance.microsoft.com
- Sensitive Info Type: ex german passport number
- AND Share Condition: Is shared with somebody inside or outside my org
Audit or restrict activities on windows devices
- Upload to cloudservices or access by unallowed browsers
- Copy to clipboard
- Copy to USB
- Copy to network share
- Access by unallowed apps
99 tập
054 - I like to move it - but you are not allowed to
Hairless in the Cloud - Microsoft 365 - Security und Collaboration
Manage episode 269285195 series 2576855
NEWS
- Mimikatz: https://dirkjanm.io/digging-further-into-the-primary-refresh-token/
- Ignite 2020: https://www.microsoft.com/en-us/ignite
- Become a KQL Ninja: https://security-tzu.com/2020/08/07/become-a-kql-ninja/
- Teams: https://techcommunity.microsoft.com/t5/microsoft-teams-blog/what-s-new-in-microsoft-teams-july-2020/ba-p/1551561
- SCC Report: https://github.com/jangeisbauer/SCCReport
- Booking "14 people are currently watching this product" --> random()*12 + 3: https://twitter.com/RoninDey/status/1292002070363541505?s=20
- MCAS spoofing: https://stephanwaelde.com/2020/08/04/mitigate-mcas-issue-with-user-agent-spoofing/
- Überall tauchen DUOs auf: https://twitter.com/matvelloso/status/1291576776238305281?s=20
I LIKE TO MOVE IT
- Mover.io (2019 gekauft)
- "Alternativen" SharePoint Migration Tool, ShareGate, AvePoint, …
- Viele Anbindungen (14): S3, AZ Blob, Box, Dropbox, G Suite, Gdrive, O365, OneDrive
User vs Admin
Self Service Migration
- OneDrive 2 OneDrive
- DropBox 2 OneDrive
- OneDrive 2 DropBox
Admin driven migration
- Immer noch die Rede von User!
- User Mapping = Site Mapping = Url 2 Url
- Permission Mapping (upn = upn) - damit auch B2B machbar?
UX
- Anmelden an Service 1
- Anmelden an Service 2
- Auf jeder Seite den Ordner wählen
- Im Ziel auch anlegbar
Tech
- 2 AAD Apps (alles OIDC/Oauth)
- Anmeldung an zwei Tenants in derselben Browser Session
- Mover OneDrive (user consent)
- Office 365 Mover (admin consent)
- Keine "Lizenz"
- Performance: Mein OneDrive 45k 106 GB = 12 stunden
Use Case
- Blob to SharePoint über ein Schedule
- https://www.youtube.com/watch?v=vuo8kD5zF5I
BUT YOU ARE NOT ALLOWED TO: Microsoft Endpoint Data Loss Prevention
- Public Preview
- Native built into Windows (in MDATP component and edge)
Compliance.microsoft.com
- Sensitive Info Type: ex german passport number
- AND Share Condition: Is shared with somebody inside or outside my org
Audit or restrict activities on windows devices
- Upload to cloudservices or access by unallowed browsers
- Copy to clipboard
- Copy to USB
- Copy to network share
- Access by unallowed apps
99 tập
Alle Folgen
×Chào mừng bạn đến với Player FM!
Player FM đang quét trang web để tìm các podcast chất lượng cao cho bạn thưởng thức ngay bây giờ. Đây là ứng dụng podcast tốt nhất và hoạt động trên Android, iPhone và web. Đăng ký để đồng bộ các theo dõi trên tất cả thiết bị.