Microsoft Security, Compliance, Identity, and You.

Its really not that scary.

Firstly, Yes I’m back after a bit of a hiatus from the blogosphere. The world has changed considerably since the beginning of 2020. For the last year, I’ve been spending a lot of my time looking at the overall multi-cloud world (In this case, the 3 clouds from Microsoft namely, Azure, Microsoft 365, Dynamics 365) strategy and where it has taken this new hybrid world we live in.

Working from home is real. Its an actual thing. Companies understand the shift and it has ushered in many benefits for humans in general. Work/Life balance has been shoved to the fore and companies are unpacking the intricacies of human nature and how to better the quality of lives of people. That’s the most exciting part of this for me. How technology is now adapting to humans. For the longest time, people have been talking about human-computer interaction and with everyone now spending far more time behind a screen; (Yes, you are reading this on a screen and not in a magazine or newspaper) Its become evident that the technology stalwart's out there have had to fashion the consumption and production of information in a much more intuitive manner.

And for the most part, they have. Technological change has been at what I can only term a “blistering” pace. While all of this “moving to the cloud” out of necessity has taken place, Microsoft has had to ensure that the backend bits are in place to provide organizations with a secure, and compliant platform for working with, creating and consuming information, across their workloads. These workloads being mail, chat, document and video.

If any of you have been monitoring the rate at which feature updates have been released to all the backend centers in Azure and Microsoft 365, you would have noticed that the same amount of effort has been applied to both the frontend (Teams, SharePoint, OneDrive, etc) as well as the backend (M365 admin centers, new Azure features) which is what has led me to writing this blog.

So where does it leave all of us?

Let’s start at how Microsoft splits its newly termed Security, Compliance and Identity platforms. https://aka.ms/traincertposter

1. Fundamentals — It all starts with a broad based understanding of the underpinnings of what is available in the cloud (Stay with me as a lot of it touches the Azure pieces) SC-900: Security, Compliance and Identity Fundamentals. https://docs.microsoft.com/en-us/learn/certifications/security-compliance-and-identity-fundamentals/
2. Once you have completed the Fundamentals, you get to choose what Microsoft calls “Role-based” certifications
3. Azure — AZ-500: Microsoft Certified: Azure Security Engineer Associate. This focuses mainly on Security in Microsoft Azure. If you spending most of your life in Azure, go do this one. https://docs.microsoft.com/en-us/learn/certifications/azure-security-engineer/
4. Microsoft 365 — MS-500: Microsoft 365 Certified: Security Administrator Associate. For me, this is a broad based cert that covers Security, Compliance and Identity, deeper than the SC-900 cert. And its based on the fact that with smaller organizations, there are many roles that are handled by a single person. https://docs.microsoft.com/en-us/learn/certifications/m365-security-administrator/
5. Microsoft 365 — SC-200: Microsoft Certified: Security Operations Analyst Associate. This cert focuses primarily on Azure with (according to the skills measured PDF) 30% focus on Microsoft 365 security. So its interesting to look at the positioning of the certification. Also, this is traditional security, ergo: threat management, attacks and incident remediation, access control and antivirus protection, including vulnerabilities. https://docs.microsoft.com/en-us/learn/certifications/security-operations-analyst/
6. Microsoft 365 — SC-300: Microsoft Certified: Identity and Access Administrator Associate. All Azure. And this is why its important to understand how integrated the Microsoft clouds are. Identity and Access Management is handled in Azure. When customers create an Office 365 tenant, it automatically spins up Azure components as well, so naturally you would need to understand how Identity Management happens in Azure. e.g. Conditional Access control and Multifactor authentication functionality for your Office/Microsoft 365 tenant happens in Azure. https://docs.microsoft.com/en-us/learn/certifications/identity-and-access-administrator/
7. Microsoft 365 — SC-400: Microsoft Certified: Information Protection Administrator Associate. This is my world. I’ve spent a lot of time helping customers build compliance and sensitivity solutions over the last decade. When things were still called “Information Rights Management”. This cert focuses squarely on what’s in the M365 Compliance Center; Sensitivity, Retention, Data Loss Prevention, etc. These services get consumed by Exchange, SharePoint, OneDrive and Teams. https://docs.microsoft.com/en-us/learn/certifications/information-protection-administrator/

There you have it people. My take on what the Security, Compliance and Identity world looks like today from Microsoft. Moving to the cloud for most organizations is a daunting task. My suggestions are as follows:

1. Have a look at what Security, Compliance and Identity features are available from Microsoft, before you head to the cloud. And why I say this, IS because you probably have on-prem solutions that could possibly be decommissioned in lieu of what is available from Microsoft. I’ve found that there is a huge overlap; Customers have multiple products deployed on-prem that can be addressed by Microsoft’s SCI stack, and it ends up being a “what do we use now” conversation, after moving to the cloud.
2. Understand what skills are required (Hence this post) to manage your SCI requirements in the cloud. This will give you a clear indication on what your team would need to upskill on, to administer, manage and maintain your content in the cloud.
3. Reach out to experts in the field, like Joanne Klein (Compliance), Alex Fields (Security and Identity), who drill down, in-depth, about the usage of SCI across the Microsoft Clouds. Their wealth of knowledge is gargantuan!!
4. Educate yourself. Have a look at the recently published course by @Vlad Catrinescu over at Pluralsight https://www.pluralsight.com/courses/msft-security-compliance-identity-fundamentals-compliance-solutions Its a great overview of SC-900. Also, head across to Microsoft Learn for everything Microsoft Certs.

I’d love to hear about your experiences with SCI so please comment here or reach out to me on Twitter.

If you enjoy this post, please hit the “Clap” icon/button thingy. Also, you can catch us on our Facebook page or YouTube Channel for more interesting thoughts and articles on all things Regarding Microsoft 365.

Be cool my ninjas.