Microsoft

365
fundament
als

Yousef
Mureb
 Agenda

Microsoft 365
Microsoft 365 Microsoft 365
security and
applications and licensing and
compliance
services support.
capabilities
3-28 54-60
29-53
 What is Microsoft
365

•Microsoft 365 is a cloud-based service combining

Offi ce apps (Word, Excel, PowerPoint) with
services like Teams, Exchange, and OneDrive.

•Off ers fl exibility to work remotely and securely,

adapting to modern work-life demands.

•Includes enterprise-grade security with features

such as Entra ID and Defender tools.
 Core Productivity Tools

•Apps like Word, Excel, PowerPoint, and Outlook enable seamless

document creation, data analysis, presentations, and communication.
 Special
applications

•Yammer: Internal and external

social networking within an
organization.
•Bookings: Simplifies
scheduling with external parties.
•To Do and Planner: For task
management and team
collaboration.
•Project: project management
tool for complex work.
 • Project is a robust, project management tool designed for
complex work efforts with many tasks, resources, and
dependencies.(Utilize the easy-to-use views such as grid
Microsoft views, Kanban-style task boards, and timeline Gantt charts.)

Project • Project provides advanced project management capabilities

to meet most needs of business professionals, such as
project managers.
Microsoft • Mainly used to for collaborating

Planner with people for completing task-

based initiatives.

• Task cards populate with various

information, such as due dates,
status, priority, checklists, labels,
and file attachments.
 Microsoft Bookings

Define appointment types and details and customize

how appointments are scheduled through a web-
based business-facing page.

Create a booking page where your customers and

clients can schedule and reschedule appointments on
their own.

It includes a web-based booking calendar and

integrates with Outlook to optimize your staff’s
calendar and give your customers the flexibility to
book a time that works best for them.
 Channels are dedicated sections within a team
to keep conversations and content organized by

Microsoft Teamsspecific topics, projects, disciplines, or whatever

works for your team

•Standard channels are open to all team

members.

•Private channels are for selected team

members.

•Shared channels are for people both inside

and outside the team. You can invite anyone to a
shared channel, even if they are not part of the
team the channel belongs to.
 Microsoft Teams Meeting Options

Meetings in Teams include audio, video, and screen sharing for up to 1,000 people. View-only
capabilities are for participants over 1,000 up to 20,000.

Webinars are structured meetings where presenters and participants have clear roles, often used
for training purposes or sales and marketing lead generation scenarios.

Live events are structured meetings that enable your organization to schedule and produce
events that stream to large online audiences, up to 20,000 participants. Live events provide a
managed Q&A experience.
 M ic ro s o ftV iv a a p p s

• Connection. To keep
everyone informed,
included, and inspired.

• Insight. To improve
productivity and wellbeing
with actionable insights.

• Purpose. To align
people's work to team and
organizational goals.

• Growth. To help
employees learn, grow,
 Viva Connections

Viva Connections is your gateway to a modern employee

experience. Viva Connections offers organizations a branded
company app for employees to find everything they need to get their
jobs done and stay connected.
Viva engage powers the social layer of Microsoft Viva and Microsoft
365. Through communities, company-wide events, and open
conversations.
 Viva insights

Viva Viva Glint is a

Insights provides people-driven
data-driven, privacy- platform that
protected insights provides visibility
and actionable into the health of
recommendations your organization
 Viva growth

Viva Learning is a seamlessly Brings enterprise allows for easy

centralized learning integrates learning learning into the flow sharing, assigning,
hub in Microsoft and building skills of work and tracking
Teams into your day. capabilities.
 Microsoft Yammer

Yammer is a secure enterprise

social network designed for
connecting and engaging
people across your •Internal network: Only employees with a valid
organization.
corporate email address can join the internal
network and access its content and users.
Yammer helps facilitate
community collaboration and
idea-sharing among leaders,
•External network: It's a space for you to engage
coworkers and partners from with outside partners, like customers, suppliers, or
anywhere investors.
 Microsoft Intune

Microsoft Intune is a family

of products and services that
offer a cloud-based unified
endpoint management
solution.
 Configuration Manager is an
on-premises management
solution to manage desktops,
Windows servers, and laptops
that are on your network or
Configurati internet-based
on manager You can cloud-attach your
Configuration Manager
environment allowing you to
modernize and streamline your
management solution.
 Windows Autopilot

Windows Autopilot is a
You can also use Windows
cloud-native service that
Autopilot to reset,
sets up and pre-configures
repurpose, and recover
new devices, getting them
devices
ready for use.

t's designed to simplify the

lifecycle of Windows You can use Autopilot to
devices, for both IT and preconfigure devices,
end-users, from initial automatically join devices
deployment through end of to Microsoft Entra ID
life.
 Windows 365 and Azure Virtual
Desktop

Feature/
Windows 365 Azure Virtual Desktop (AVD)
Aspect

A cloud-based desktop and app virtualization

A cloud-based service creating virtual machines
Definition solution enabling users to connect to Windows
(Cloud PCs) automatically for end users.
desktops.

Personal, consistent virtual desktops for Scalable virtualization for single or multiple
Key Purpose
individual users. users with shared or dedicated environments.

Offers multi-session Windows Client

Provides personalized Cloud PCs with settings
Deployment deployment for scalability and resource
and apps synced across devices.
sharing.
 Servicing channels
1. Windows Insider Program

Early access for organizations to test and provide feedback on upcoming features

Features are delivered through a process called flighting.

2. General Availability Channel

Receives annual feature updates for broad deployment.

Ideal for pilot testing and rolling out updates across organizations.

3. Long-Term Servicing Channel (LTSC)

Designed for specialized systems like medical equipment or ATMs.

Focuses on stability with minimal updates, as these devices perform single tasks.
 Update Channels

Update Channel Updates Best For

Feature updates as soon as
Users needing the latest
ready; security and non-
Current Channel Office features
security updates 2–3
immediately.
times/month
Updates once a month on Organizations needing
Monthly Enterprise
the 2nd Tuesday (feature, predictable monthly
Channel
security, and non-security). updates.
Updates twice a year
Semi-Annual Enterprise Devices requiring extensive
(January and July) with
Channel testing before updates.
comprehensive testing.
 Get insights on how employees
are using Microsoft 365 apps
and services through the
available reports

Microsof Adoption score. Adoption

t 365 score provides insights into your
organization's digital

admin transformation journey

center Usage. Usage reports help you

see how users are using
Microsoft 365 apps and services
across your organization.
 Microsoft EntraID

• Internal resources, such as apps on your

corporate network and intranet, and cloud
apps developed by your own organization.

• External services, such as Microsoft Offi ce

365, the Azure portal, and any SaaS
applications used by your organization.
Includes secure score.
 Identity types

Identities can be
assigned to people,
Examples are users,
devices or software
workload, hybrid and
objects like apps,
external identities
virtual machines
services etc
 User identity

External guest: External

There can be both internal Internal member: These users or guests, including
and external user users are typically consultants, vendors, and
identities. considered employees of partners, typically fall into
your organization. this category.
 Workload identity

 A workload identity is what

you assign to software
workload.
 In Microsoft Entra, workload
identities are applications,
service principals, and
managed identities.
  A hybrid identity in Microsoft Entra ID bridges
on-premises and cloud-based identity systems,
Hybrid identity allowing users and devices to access resources
securely across environments.
 External identities

Microsoft Entra
External ID
combines Secure your
powerful apps for
Collaborate with
solutions for consumers and
business guests
working with business
people outside customers
of your
organization
 Collaborate with business partners

External ID B2B collaboration allows Use B2B collaboration when you need to
your workforce to collaborate with let business guests access your Office 365
external business partners. apps, software-as-a-service (SaaS) apps,
and line-of-business applications.
 Secure your apps
for consumers and
business customers

 Microsoft Entra External ID includes

Microsoft's customer identity and access
management (CIAM) solution that includes
features like self-service registration,
personalized sign-in experiences including
single sign-on (SSO)

 This also provides a measure of security,

compliance and scalability due to the CIAM
Conditional Access

 Conditional Access is a feature of

Microsoft Entra ID that provides
an extra layer of security before
allowing authenticated users to
access data or other assets.

 It contains two parts,

assignments and access controls
Assignments Users assign
who the policy
will include or
exclude.

Conditions d
efine where
and when the Target
policy will resources inc
apply. Some lude
include insider applications
risk, client or services
apps and sign-
in risk

Network allo
wyou to
control user
access based
on the user's
network or
physical
location
Access controls

Block access

Grant access. Administrators can grant access without any additional

control, or they can choose to enforce one or more controls when
granting access

Session. Within a Conditional Access policy, an administrator can

make use of session controls to enable limited experiences within
specific cloud applications. For instance, allow preview only of
sensitive documents
Role Based Access Control

Global administrator: users

with this role have access to
Some built in roles include:
all administrative features
in Microsoft Entra.

Billing administrator: users

User administrator: users with this role make
with this role can create and purchases, manage
manage all aspects of users subscriptions and support
and groups. tickets, and monitor service
health.
Microsoft Defender

 allows admins to assess

threat signals from
endpoints

 It also displays how a

threat has occurred and
what has been affected
exactly.
 Policies for anti-malware, anti-spam,
and anti-phishing

Defender Outbound spam filtering

for office Audit log search by users with

365 appropriate permissions such as
admins

Zero-hour auto purge (ZAP) that

retroactively detects and neutralizes
malicious phishing, spam, or malware
messages.
 Defender for Endpoint

Provides advanced attack

detections that are near real
time and actionable.

use a risk-based
provides the first layer of
approach for
defense in the stack. By Next-generation protection was
identifying, prioritizing
ensuring configuration designed to catch all types of
and protecting end
settings are properly set and emerging threats
points.
exploit mitigation techniques
are applied.
 Defender for cloud apps

Assess: Evaluate
Identify: Defender for
Defender for Cloud Apps discovered apps for
Cloud apps uses data Manage: Set policies
shows the full picture of more than 90 risk
based on an to identify that monitor apps
risks to your indicators, allowing you
apps accessed by users around the clock.
environment to sort through the
across your organization.
discovered apps
 Ediscovery

Electronic discovery, or eDiscovery, is the

process of identifying and delivering electronic
information that can be used as evidence in
legal cases.

eDiscovery is one of the solutions available

through the Microsoft Purview portal, under the
Risk & Compliance set of solutions.
 Compliance manager

Compliance managers can help by:

Enforcing regional and industry regulations and standards.

Admins can also use custom assessment to help with
compliance needs unique to the organization.

Enabling Workflow capabilities that allows admins to efficiently

complete risk assessments for the organization.
  Microsoft Purview Communication Compliance
is an insider risk solution that helps you
Communication detect, capture, and act on inappropriate
Compliance messages that can lead to potential data
security or compliance incidents within your
organization
 Microsoft Priva

 Microsoft Priva is a privacy

management solution within
the Microsoft ecosystem
designed to help organizations
identify, manage, and
mitigate privacy risks
associated with their data
 Pricing Models
Cloud Solution Provider

The Cloud Solution Provider (CSP) model is a

Microsoft partner program that provides the expertise
and services you need through an expert CSP partner.

Your Microsoft 365 subscription is provided through a CSP

partner who can manage your entire subscription,
provide billing and technical support
Enterprise Agreement

The Microsoft Enterprise Agreement (EA) is designed

for organizations that want to license software and cloud
services for a minimum three-year period. The Enterprise
Agreement offers the best value to organizations with
500 or more users or devices
Billing account options

Microsoft Online Services Program: This billing account is created when

you sign up for a Microsoft 365 subscription directly.

Microsoft Products & Services Agreement (MPSA) Program: This

billing account is created when your organization signs an MPSA Volume
Licensing agreement to purchase software and online services.
 Available licenses

01 02 03 04
Full USLs are for Add-on USLs are From SA USLs are Step Up USLs are
new customers for on-premises for on-premises for customers who
who haven't software customers Software Assurance want to upgrade
previously who want to add customers that the level of their
purchased Microsoft 365 cloud want to transition service.
Microsoft products products and to the cloud.
and services. services.
Service level agreements