Microsoft 365 Program - Organizational Change Management (OCM) Overview for Staff
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
Microsoft 365 Program
Organizational Change
Management (OCM)
Overview for Staff
Roy Enslev
Director, Implementation & Business Readiness
Office of the Corporate Chief Information Officer & Telecommunications
December 8, 2020
Classification: Public
M365 Journey Map
Azure
MFA Intune
Limited Production ECM
Rollout Additional
Azure Controls
Hybrid Security
AD Additional
Microsoft
Stream Controls
Information Teams
Protection Phase 1
Phase 2 & 3
Teams April 2021
Phase 1 OneDrive for Business
Exchange Migration/Implementation
Online SharePoint Online M365
Foundations Apps for
Enterprise Stream Phase 2
July 2020 OneDrive for Business Additional
Foundations Products
Security Foundations
ECM Foundations
We are Here
Complete Wave 1 (April 30/21) Wave 2/3 (Sept 30, 2023)
Change Management, Communications, Training, Support, and Operational Readiness/Transition
2
Classification: Public
What is OCM?
"Organizational change
management ensures
that the new processes
resulting from a project
are actually adopted by
the people who are
affected.”
3
Classification: Public
M365 OCM Approach
Measure and Monitor Success
4
Classification: Public
Communication
M365 Program Scorecard
DM to DM Memos, Various
Newsletter articles, Service Advisory
Updates,
GoA wide and targeted emails
5
Classification: Public
Training
M365 SharePoint Site - Guides, Videos and Links
6
Classification: Public
Feedback
General Feedback
7
Classification: Public
Change 8 Classification: Public
Measure and Monitor Success
DICE Framework M365 Program – currently in the “WIN” zone!
A tool to help assess how likely DICE Score
Acronym
= D + (2 x I) + (2 x C1) + C2 + E
a change management initiative
or project is to succeed
Developed by the Boston Integrity Commitment Commitment
Duration Effort
Consulting Group (a top 3 (Team Performance) (Leadership) (Local)
management consulting firm
worldwide)
9
Classification: Public
Where Can You Go
For More Information or Support?
Program Information or Questions
Microsoft 365 Program SharePoint
m365.communications@gov.ab.ca
SA.EIM.CMS@gov.ab.ca
End User Support / Implementation Issues
Microsoft 365 FAQ Page
Microsoft Teams Page
GoA Service Desk: http://webchat.gov.ab.ca, 780-427-1GoA (1462), 1-888-427-1462
GoA.ServiceDesk@gov.ab.ca
10
Classification: PublicQuestions? Classification: Public
Microsoft 365 &
Security
Overview for IM Aware
Scott MacDormand, ISO
Paul Tam, Manager, Cybersecurity Awareness
Clifton Sandford, Manager, Security Operations
Classification: PublicGoA M365 Security Vision
Secure
Secure Identity Secure Devices Secure Apps Secure Email
Documents
Enabled through 360° protection of how and what we connect with, what
type of content we interact with, and what we do with that content.
Classification: PublicPurpose and Objectives
Purpose: Increase staff awareness of the GoA Microsoft 365 program and the
upcoming security features.
Objectives:
Provide a high-level overview of the GoA M365 security products and
features including capabilities, responsibilities, and your protection
Communicate some of the key changes users can expect during the
M365 implementation over the next 3 years
Allow users to ask questions and ensure staff know where they can go
to get more information
14
Classification: PublicWhat Is Microsoft 365 Security?
Description
Identity & access
Threat protection Information protection Security management
management
Azure Active Directory Advanced Threat Analytics Azure Information Protection Azure Security Center
Conditional Access Microsoft Defender for Endpoint Office 365 Data Loss Prevention Office 365 Security Center
Multi-factor Authentication Microsoft Defender for Office 365 Microsoft Cloud App Security Windows Defender
Office 365 Threat Intelligence Microsoft Intune Security Center
Classification: PublicIdentity & Access Management
• Conditional Access:
– M365 looks at how we are connecting
– Creates decisions to determine what we can and cannot do
• Multi-factor Authentication (MFA)
– Multi-factor authentication provides a secondary authentication requirement (e.g.
password + access to an app on a cell phone)
– 99.9% of hacked accounts are not using MFA
– It is paramount when you do not have access to a GoA computer, but need to access
GoA resource, such as email and/or 1GX, etc…
16
Classification: PublicThreat Protection
• Microsoft Defender for Endpoint
– Protects the local computer, including files downloaded from the internet
– Includes software vulnerability scanning
• Microsoft Defender for Identity
– Protects against account breaches by tracking risky activity (e.g. attempting to sign in
on 30 GoA computers consecutively)
• Microsoft Defender for Office 365
– Protects M365 Cloud content (email, SharePoint Online, MS Teams, OneDrive)
– Verifies safety at the ‘time of click’ for real time protection.
17
Classification: PublicThreat Protection – Defender for O365
• Safe Attachments
– Scan and validate attachments for malware before they are delivered to a user’s
mailbox
– Malware scanning of attachments occurs very quickly, typically within 1 or 2 minutes
of an email arriving within Exchange Online
– Emails with attachments may be blocked from delivery to a user’s mailbox until
malware scanning is complete, helping to ensure that emails with safe attachments
are delivered to users
– TBD: Email with attachments, where the attachment has been scanned and flagged
as malware, may be blocked from delivery to a user’s mailbox and can appear in the
user’s Quarantine page to which they have access.
18
Classification: PublicThreat Protection – Defender for O365
• Safe Links
– Safe links help protect the GoA by providing a time-
of-click verification of web addresses (URLs) in
email messages and Office documents
– Links are re-written so that they may be scanned at
the time of click, and within seconds, redirect the
user to the original intended web location
– It prevents staff from following links in emails and
documents that go to web sites recognized as
malicious
– The Report Message button gives users an easy
way to report emails suspected as phishing scams,
malicious links or containing malware.
19
Classification: PublicThreat Protection – Defender for O365
• TBD: Email Quarantine
– Microsoft 365 enables each user to access a cloud-
based portal page with emails and attachments that
were quarantined by Exchange Online Protection
(EOP) or Office 365 Advanced Threat Protection
(ATP)
– Summary emails will be sent with details and actions
available in email
– GoA staff can access their quarantine mailbox to
review, release (junk email), and delete (junk or
malicious email)
– Each user can access the quarantine page for their
mailbox at: https://protection.office.com/quarantine.
20
Classification: PublicInformation Protection
• Azure Information Protection
– Enables the use of Sensitivity labels (e.g. protected C) and actions (e.g. encrypts to
prevent public sharing of Protected C).
• Office 365 Data Loss Prevention (DLP)
– Heuristics which help prevent accidental/inappropriate sharing of sensitive
information (e.g. provides a prompt for the end-users when credit card numbers are
detected to inform and provide the opportunity to reconsider)
– It’s algorithm based with the intent being to stop us from accidentally sharing
information through non-secure methods.
21
Classification: PublicInformation Protection - DLP
• DLP helps to identify “sensitive data” in Microsoft 365 services and enforce
policies on that data
• “Sensitive Data” or “Sensitive Information Types” refers to data that can be
identified by a known pattern of letters, numbers, characters, or keywords, for
example:
– Canada Bank Account Number
– Canada Driver’s License Number
– Canada Health Service Number
– Canada Passport Number
– Canada Personal Health Identification Number (PHIN)
– Canada Social Insurance Number
– Credit Card Number, etc…
– 100+ sensitive data types supported out of the box
– Organizations can create custom sensitive data types
• Locations supported include:
– Exchange Online Emails (as they are sent)
– Documents (at rest) in Teams, SharePoint Online & OneDrive for Business
– Chat & Conversations in Teams (while they occur).
22
Classification: PublicInformation Protection - DLP
• DLP Policies that may be enforced include:
– Prevent sharing files externally
– Prevent sharing files internally
– Display a policy tip in Outlook, SharePoint or OneDrive for
Business
– Send email notifications to the user responsible + others
– Send an incident report to security or compliance team
– Allow user to override an alert and (optionally) require a business
justification.
23
Classification: PublicInformation Protection
• Microsoft Cloud App Security
– Provides visibility to the administration team of all known cloud applications in use
– Ensures the GoA is able to comply with mandatory policies (e.g. FOIP) and is
following appropriate security practices (using cloud services with GoA oversight)
– Provides the ability to use Single Sign On for a lot of different cloud services to help
avoid having to manage multiple accounts for the admin teams, but also avoid having
to remember multiple passwords for staff.
• Microsoft Intune
– Intune allows the GoA to provide a secure workspace on mobile devices, publish and
configure applications, and ensure good practices (e.g. encryption and pin required)
– Enforces good privacy controls, the GoA only has visibility into GoA data, not
personal browsing, etc.
24
Classification: PublicSecurity Management
• Security Center
– Multiple security dashboards provide our security operations teams great insight into
threats and opportunities for securing any concerns
– One ecosystem for multiple security features provide a single source of truth without
multiple information silos
– Formal and Secure Management Processes to secure GoA Operations and
employee privacy
• A feature called Privileged identity management (PIM) enforce a request-based system for access ensuring staff
administrative staff only have access when they need access
• Permissions are role based and very granular, and provided on an as needed basis with the minimum amount appropriate
for the role
• Cloud based artificial intelligence analyzes and reports security events reducing the need for manual activity by security
operations teams
• enables automated remediation of issues for the team to focus on more complex items.
25
Classification: PublicWhere Can You Go
For More Information or Support?
Program Information or Questions
Microsoft 365 Program SharePoint
m365.communications@gov.ab.ca
CISO@gov.ab.ca
End User Support / Implementation Issues
Microsoft 365 FAQ Page
Microsoft Teams Page
GoA Service Desk: http://webchat.gov.ab.ca, 780-427-1GoA (1462), 1-888-427-1462
GoA.ServiceDesk@gov.ab.ca
26
Classification: PublicQuestions? Classification: Public
You can also read
