What the TEC 2020 Experts Said About AD Security, Teams and Migrations

To start things off, how about some numbers?

30 speakers, 24 sessions, 2 keynotes and 6,967 eyes on sessions (aggregated across both days) with 1,719 attendees across 26 live Q&A Team Meetings. That’s what The Experts Conference (TEC) 2020 virtual experience was like. Not bad, huh?

TEC 2020 was a huge success, and the draw of “in-depth and practical Office 365, hybrid AD security training provided by industry leaders” truly lived up to the hype.

In a moment, we’re going to briefly dive into some of TEC 2020’s marquee sessions (broken down by their respective learning track) and relate them back to the news of today. This will highlight why each session’s takeaways are critical for planning and executing our Office 365, hybrid AD security and migration & modernization goals moving forward.

You’ll also be able to watch each of these marquee sessions on-demand, so you’ll get the expert-level knowledge first-hand.

Let’s get started!

Hybrid AD security

NEWS: Zerologon bug being exploited

A few months ago, Microsoft and the U.S. government made an announcement urging organizations to update their Active Directory (AD) domain controllers.

The reason?

Hackers kept trying to exploit Microsoft’s Zerologon bug. This vulnerability – which was labeled as critical – allows attackers to spoof a domain controller account and then use it to steal domain credentials, take over the domain and completely compromise all Active Directory identity services.

Due to its value, your Active Directory will always be a target for attackers. So, what TEC lessons can we apply here?

  • David Kennedy, founder & CEO of TrustedSec (also was an advisor on the Robot TV series), started off TEC as our keynote speaker on Day 1, helping us understand the magnitude of the enterprise attack surface. David explained that attackers have several ways to compromise your organization, ranging from web application attacks, down to our users.

Active Directory plays a large role in many organizations and is often the method attackers use to piggy-back single-sign-on and centralization in order to access a plethora of systems, which makes it a priority to protect. As David explained, “We have to understand what these attackers are doing and what the most effective way to build a defensive strategy and lower the attack surface within our own infrastructure is.” David went on to dissect the various techniques attackers use in order to compromise Active Directory and how to best prioritize and combat those threats.

  • Following David’s keynote, Sean Metcalf, Microsoft Certified Master, Microsoft MVP, and the founder and CTO at Trimarc. proceeded to dive deeper into hybrid AD security, discussing hybrid cloud security, compromising domain controllers, cloud-hosted AD, attacking hybrid cloud components and more, furthering giving us insight into how we can protect our AD from persistent threats.
  • Complimenting Sean’s session was Randy Franklin Smith’s Day 2 session regarding AD in the cloud. Randy is an internationally recognized expert on the security and control of Windows and AD security, and he pulled his session topic from a conversation with attendees in the hallway of last year’s TEC in Charleston, South Carolina. He took a dive into the heavy topic of protecting your AD from your vulnerable virtual machines in the cloud, the many ways you can deploy AD into the cloud, the risks involved and much more.
  • Nick Cavalancia, who is a Microsoft Cloud and Datacenter MVP with over 25 years of enterprise IT experience, shows us how to align our AD security strategy to the MITRE ATT&CK framework. This framework shows specific techniques attackers use to exploit your Windows network, so understanding how it works will enhance your AD defensive strategy exponentially. Nick discussed how using the MITRE ATT&CK Framework as a guide can help to identify where you are most vulnerable and dictate real-world AD security best practices that can be implemented to keep AD from being a cyberattack asset.
  • Microsoft recently announced in their Q1FY22 financial call that they have nearly 400 million monthly active users. They also announced that they’ve seen the usage of third-party apps double since last year. This creates opportunities for Active Directory mistakes, compromises, and disasters. Microsoft’s Mark Morowczynski and Corissa Koopman – both program managers – joined TEC to talk about how to protect your Azure AD and Office 365 environment from application consent attacks.

These are just some of the high-level, engaging Active Directory sessions that we had at TEC. You can view all of them (along with all other sessions from TEC’s other learning tracks) here.

Office 365 innovations and security

NEWS: According to Microsoft’s Q1FY22 earnings call: Teams now has more than 115 million daily active users. We are seeing increased usage intensity as people communicate, collaborate and co-author content across work, life, and learning. All up, Microsoft 365 users generated more than 30 billion collaboration minutes in a single day this quarter.

With the use of Teams (and utilization of Microsoft tools and cloud) exponentially growing, learning to manage and secure your users is critical for success. Here are some TEC session highlights that helped put us on the path to success.

  • After Microsoft Ignite’s big focus on Knowledge and Insights, we had the Director of Product Marketing for Microsoft 365, Chris McNulty, join us to talk about how these innovations will improve your organizations resiliency. Chris shared how the Office 365 apps your users engage with every day to communicate, collaborate and create will enhance organizational-wide knowledge discovery, expertise and answers, content understanding and workplace insights.

Following Chris, we learned from Directory of Product Marketing for Exchange and Exchange Online, Greg Taylor from Microsoft, how they are delivering on these new innovations that Chris talked about. He went on to discuss the reach and impact that Exchange Online has on Microsoft’s productivity cloud. Greg broke down what it takes to run the world’s largest Exchange deployment, the way all the servers get managed, how Microsoft builds and deploys code to such a large environment, the logical architecture of Microsoft Apps and how they all work off of each other, and more.

  • To further focus in on the rapid rise of Teams, Curtis Johnstone, Microsoft Office Apps and Services MVP, Senior UC Product Architect at Quest, dove into the implications that have and will continue to arise with the surge in remote workers and the impact the surge has on Teams. As Curtis explained, it is easy to make common mistakes that leave exposures and security holes.Curtis went on to discuss basic Teams deployment considerations that affect the security and safekeeping of valuable organizational data in Teams, configuration options for governing external access to corporate data, considerations for governing the usage of Teams Apps and the best practices for securing privileged Teams Administrative access. Curtis shares much more on Microsoft Teams security here.
  • Quest’s very own Principal Technology Strategist, Colin Truran, talked about how to tackle the No. 1 corporate vulnerability used as an exploit: email. Colin first brought up and explored the root of the problem: there are 3.9 billion users, 5.6 billion mailboxes and 293 billion emails – 67% being spam. These numbers mean a potential of 94% enabled breaches. He discussed how to patch those security gaps and how you can protect your data efficiently.
  • Tony Redmond, who is a Microsoft Office Apps & Services MVP, and consultant for Redmond & Associates, discussed how Office 365 Sensitivity Labels are a great way of protecting the most important information within an Office 365 tenant and when sharing content with partners. Tony explored the good and bad points of the security labels, their relationship with Azure Information Protection and Office 365 apps (including SharePoint Online), and what needs to be done to build a deployment plan.

Why not get Office 365 management and security tips from industry gurus? You can view all of these sessions, (along with all other sessions from TEC’s other learning tracks) here.

Migrations & Modernization


Assessing energy merger and acquisition opportunities in a time of pandemic

Dealmakers see divided US government favoring mergers and acquisitions

Expect uptick in mergers and acquisitions in commercial real estate industry

Reduce your AD attack surface

Reduce your AD attack surface.

See where you’re exposed and how to remediate it.

Mergers & Acquisitions (M&As) are happening! Despite the slowing-down caused by COVID-19, business and tech experts expect M&As to continue – and will even start happening more frequently in 2021. Plenty of organizations and their decision makers are looking to grow, overcome difficulties and sustain business, so expect plenty of news regarding strategic M&As.

Also, news flash – M&As are still difficult! As Tony Redmond (sound familiar? He’s one of our TEC speakers!) explains in this Petri article, M&A endeavors, such as Microsoft’s tenant to tenant migrations, are complex and lack coverage and depth.

So, with all that being said, how can we manage, secure and maintain productivity throughout our M&As projects? Let’s breakdown what was covered at TEC 2020:

  • Paul Caron, Manager at Windows Server Engineering, Virtual Infrastructure, has 6 years of migrations on his resume. That’s a lot of experience to talk about! We learned from his lessons and years of performing and overseeing multiple successful M&A AD migrations.
  • David Ramthun, Senior Project Manager in the PSO organization at Quest, knows that M&As are complex. He helped uncover the preparation activities, general tasks involved, and the sequencing of those tasks to ensure a successful migration. He also discussed the additional activities to ensure items like “remote only” users, servers, applications, and Office 365 integration are properly addressed and identified as part of your planning.
  • William Honeycutt, Microsoft Office Apps & Services MVP with Cprime Learning, and Ragnar Heil, Microsoft Office Apps and Services MVP with Quest, know that modernizing infrastructure is difficult, time-consuming and stressful. They shared with us ways to effectively modernize SharePoint, the preparation needed, pitfalls and how to overcome them – and more.
  • To complement their content, Microsoft MVP and Practice Manager at Withum, Adam Levithan, walks us through the cost of migrating from on-prem SharePoint to Office 365. Adam knows that a big aspect of SharePoint migrations is figuring out how long and how much it is going to cost. Adam went on to share the variables you need in developing a cost and time estimate for migrating to SharePoint On-Premises and Office 365 and gave a breakdown of what you can expect.
  • Chris Reynolds, head of Systems Development & Applications Services from the UK’s NHS Ardem & GEM, shared with us the timely migration NHS A&G made to Office 365 and how they adapted for COVID-19. Chris explored the journey pre-COVID and where the CSU had got to. This look into the immediate response to COVID, how services were ramped up, the issues this caused and how they were overcome gave us a first-hand experience of what that process looked like – and what we can expect in the future.

Find all the sessions in our Migration and Modernization track here.

About the Author

Jennifer LuPiba

Jennifer LuPiba is the Chair of the Quest Software Customer Advisory Board, engaging with and capturing the voice of the customer in such areas as cybersecurity, disaster recovery, management and the impact of mergers and acquisitions on Microsoft 365, Azure Active Directory and on-premises Active Directory. She also writes thought leadership articles and blogs aimed at the c-suite to evangelize the importance of these areas to their overall business. She chairs The Experts Conference, a yearly event focused on pure Active Directory and Office 365 training at the 300 and 400 level for the boots-on-the-ground Microsoft admins and managers.

Related Articles