054 - I like to move it - but you are not allowed to Hairless in the Cloud - Microsoft 365 - Security und Collaboration
-
- Technology
NEWS
Mimikatz: https://dirkjanm.io/digging-further-into-the-primary-refresh-token/
Ignite 2020: https://www.microsoft.com/en-us/ignite
Become a KQL Ninja: https://security-tzu.com/2020/08/07/become-a-kql-ninja/
Teams: https://techcommunity.microsoft.com/t5/microsoft-teams-blog/what-s-new-in-microsoft-teams-july-2020/ba-p/1551561
SCC Report: https://github.com/jangeisbauer/SCCReport
Booking "14 people are currently watching this product" --> random()*12 + 3: https://twitter.com/RoninDey/status/1292002070363541505?s=20
MCAS spoofing: https://stephanwaelde.com/2020/08/04/mitigate-mcas-issue-with-user-agent-spoofing/
Überall tauchen DUOs auf: https://twitter.com/matvelloso/status/1291576776238305281?s=20
I LIKE TO MOVE IT
Mover.io (2019 gekauft)
"Alternativen" SharePoint Migration Tool, ShareGate, AvePoint, …
Viele Anbindungen (14): S3, AZ Blob, Box, Dropbox, G Suite, Gdrive, O365, OneDrive
User vs Admin
Self Service Migration
OneDrive 2 OneDrive
DropBox 2 OneDrive
OneDrive 2 DropBox
Admin driven migration
Immer noch die Rede von User!
User Mapping = Site Mapping = Url 2 Url
Permission Mapping (upn = upn) - damit auch B2B machbar?
UX
Anmelden an Service 1
Anmelden an Service 2
Auf jeder Seite den Ordner wählen
Im Ziel auch anlegbar
Tech
2 AAD Apps (alles OIDC/Oauth)
Anmeldung an zwei Tenants in derselben Browser Session
Mover OneDrive (user consent)
Office 365 Mover (admin consent)
Keine "Lizenz"
Performance: Mein OneDrive 45k 106 GB = 12 stunden
Use Case
Blob to SharePoint über ein Schedule
https://www.youtube.com/watch?v=vuo8kD5zF5I
BUT YOU ARE NOT ALLOWED TO: Microsoft Endpoint Data Loss Prevention
Public Preview
Native built into Windows (in MDATP component and edge)
Compliance.microsoft.com
Sensitive Info Type: ex german passport number
AND Share Condition: Is shared with somebody inside or outside my org
Audit or restrict activities on windows devices
Upload to cloudservices or access by unallowed browsers
Copy to clipboard
Copy to USB
Copy to network share
Access by unallowed apps
Print
https://techcommunity.microsoft.com/t5/microsoft-security-and/announcing-public-preview-of-microsoft-endpoint-data-loss/ba-p/1534085
NEWS
Mimikatz: https://dirkjanm.io/digging-further-into-the-primary-refresh-token/
Ignite 2020: https://www.microsoft.com/en-us/ignite
Become a KQL Ninja: https://security-tzu.com/2020/08/07/become-a-kql-ninja/
Teams: https://techcommunity.microsoft.com/t5/microsoft-teams-blog/what-s-new-in-microsoft-teams-july-2020/ba-p/1551561
SCC Report: https://github.com/jangeisbauer/SCCReport
Booking "14 people are currently watching this product" --> random()*12 + 3: https://twitter.com/RoninDey/status/1292002070363541505?s=20
MCAS spoofing: https://stephanwaelde.com/2020/08/04/mitigate-mcas-issue-with-user-agent-spoofing/
Überall tauchen DUOs auf: https://twitter.com/matvelloso/status/1291576776238305281?s=20
I LIKE TO MOVE IT
Mover.io (2019 gekauft)
"Alternativen" SharePoint Migration Tool, ShareGate, AvePoint, …
Viele Anbindungen (14): S3, AZ Blob, Box, Dropbox, G Suite, Gdrive, O365, OneDrive
User vs Admin
Self Service Migration
OneDrive 2 OneDrive
DropBox 2 OneDrive
OneDrive 2 DropBox
Admin driven migration
Immer noch die Rede von User!
User Mapping = Site Mapping = Url 2 Url
Permission Mapping (upn = upn) - damit auch B2B machbar?
UX
Anmelden an Service 1
Anmelden an Service 2
Auf jeder Seite den Ordner wählen
Im Ziel auch anlegbar
Tech
2 AAD Apps (alles OIDC/Oauth)
Anmeldung an zwei Tenants in derselben Browser Session
Mover OneDrive (user consent)
Office 365 Mover (admin consent)
Keine "Lizenz"
Performance: Mein OneDrive 45k 106 GB = 12 stunden
Use Case
Blob to SharePoint über ein Schedule
https://www.youtube.com/watch?v=vuo8kD5zF5I
BUT YOU ARE NOT ALLOWED TO: Microsoft Endpoint Data Loss Prevention
Public Preview
Native built into Windows (in MDATP component and edge)
Compliance.microsoft.com
Sensitive Info Type: ex german passport number
AND Share Condition: Is shared with somebody inside or outside my org
Audit or restrict activities on windows devices
Upload to cloudservices or access by unallowed browsers
Copy to clipboard
Copy to USB
Copy to network share
Access by unallowed apps
Print
https://techcommunity.microsoft.com/t5/microsoft-security-and/announcing-public-preview-of-microsoft-endpoint-data-loss/ba-p/1534085
52 min