Enhancing Microsoft 365 Security: Protecting Cloud Environments and Entra ID from Cyber Threats

The importance of securing Microsoft 365 environments and the Entra ID service is increasingly recognized as businesses face persistent cyber threats. A new classroom program offered by heise academy aims to equip IT professionals with essential skills to safeguard their Microsoft cloud environments effectively.

This program comprises five detailed sessions focusing on various aspects of security within the Microsoft 365 ecosystem. Participants will learn how to configure their systems securely, utilize integrated security features, and implement Zero Trust principles to mitigate potential vulnerabilities.

One of the primary objectives of the training is to help attendees understand how attackers exploit insecure default settings and misconfigurations. By identifying and addressing these weaknesses, IT administrators can significantly enhance their organizations' defenses.

The first session will guide participants in securing their cloud environments and Entra ID through Microsoft's security assessment tools, Security Exposure Management, and audit utilities such as ScubaGear. Expert Frank Ully will demonstrate how mobile devices can be managed using Intune, covering Mobile Device Management (MDM) and Mobile Application Management (MAM) with a focus on iOS.

Subsequent sessions will delve into Microsoft's Defender product suite. Attendees will learn how to deploy Defender for Endpoint (MDE) on client devices and utilize Defender for Office (MDO) and Defender for Cloud Apps in cloud environments. The training will also encompass Privileged Identity Management (PIM) and advanced security features like identity protection.

Participants will also be trained in analyzing security incidents using cloud logs and free tools, providing a foundational understanding of IT forensics. The course will introduce solutions such as Sentinel (SIEM) and Purview (Compliance) to facilitate effective incident analysis. The final session will focus on implementing Conditional Access Policies and the practical application of Zero Trust strategies in the Microsoft cloud, led by expert Tim Mittermeier.

Scheduled sessions include:

• June 11, 2025: Securing Microsoft 365 and Entra ID - Safe Configuration
• June 18, 2025: Setting up Cloud-Managed Devices - MDM and MAM
• June 25, 2025: Microsoft Cloud Defender - MDO and Cloud Apps Security
• July 2, 2025: Advanced Security Practices in the Microsoft Cloud and Incident Forensics
• July 9, 2025: Practical Zero Trust Strategies - Deep Dive into Conditional Access

Each session lasts four hours, taking place from 9 AM to 1 PM. Participants can expect a highly interactive learning experience, with opportunities to revisit recorded sessions and materials afterward. Live chat features will allow for direct interaction with instructors and peer discussion.

Frank Ully, an expert in cybersecurity and penetration testing, will lead the sessions, complemented by Tim Mittermeier, who has extensive experience in securing Microsoft 365 environments. While prior attendance at related programs is not mandatory, professionals with administrative experience in Microsoft 365 will benefit the most.

For more detailed information and to secure tickets, interested individuals can visit the heise academy website.