054 - I like to move it - but you are not allowed to - podcast episode cover

054 - I like to move it - but you are not allowed to

Hairless in the Cloud - Microsoft 365 - Security und Collaboration

Aug 10, 2020•53 min

--:--

--:--

Listen in podcast apps:

Episode description

NEWS

Mimikatz: https://dirkjanm.io/digging-further-into-the-primary-refresh-token/
Ignite 2020: https://www.microsoft.com/en-us/ignite
Become a KQL Ninja: https://security-tzu.com/2020/08/07/become-a-kql-ninja/
Teams: https://techcommunity.microsoft.com/t5/microsoft-teams-blog/what-s-new-in-microsoft-teams-july-2020/ba-p/1551561
SCC Report: https://github.com/jangeisbauer/SCCReport
Booking "14 people are currently watching this product" --> random()*12 + 3: https://twitter.com/RoninDey/status/1292002070363541505?s=20
MCAS spoofing: https://stephanwaelde.com/2020/08/04/mitigate-mcas-issue-with-user-agent-spoofing/
Überall tauchen DUOs auf: https://twitter.com/matvelloso/status/1291576776238305281?s=20

I LIKE TO MOVE IT

Mover.io (2019 gekauft)
"Alternativen" SharePoint Migration Tool, ShareGate, AvePoint, …
Viele Anbindungen (14): S3, AZ Blob, Box, Dropbox, G Suite, Gdrive, O365, OneDrive

User vs Admin

Self Service Migration

OneDrive 2 OneDrive
DropBox 2 OneDrive
OneDrive 2 DropBox

Admin driven migration

Immer noch die Rede von User!
User Mapping = Site Mapping = Url 2 Url
Permission Mapping (upn = upn) - damit auch B2B machbar?

UX

Anmelden an Service 1
Anmelden an Service 2
Auf jeder Seite den Ordner wählen
Im Ziel auch anlegbar

Tech

2 AAD Apps (alles OIDC/Oauth)
Anmeldung an zwei Tenants in derselben Browser Session
Mover OneDrive (user consent)
Office 365 Mover (admin consent)
Keine "Lizenz"
Performance: Mein OneDrive 45k 106 GB = 12 stunden

Use Case

Blob to SharePoint über ein Schedule
https://www.youtube.com/watch?v=vuo8kD5zF5I

BUT YOU ARE NOT ALLOWED TO: Microsoft Endpoint Data Loss Prevention

Public Preview
Native built into Windows (in MDATP component and edge)

Compliance.microsoft.com

Sensitive Info Type: ex german passport number
AND Share Condition: Is shared with somebody inside or outside my org

Audit or restrict activities on windows devices

Upload to cloudservices or access by unallowed browsers
Copy to clipboard
Copy to USB
Copy to network share
Access by unallowed apps
Print

https://techcommunity.microsoft.com/t5/microsoft-security-and/announcing-public-preview-of-microsoft-endpoint-data-loss/ba-p/1534085

054 - I like to move it - but you are not allowed to | Hairless in the Cloud - Microsoft 365 - Security und Collaboration podcast - Listen or read transcript on Metacast