1
00:00:01,840 --> 00:00:02,130
Alright.

2
00:00:02,130 --> 00:00:03,940
What have we learned in this module?

3
00:00:03,940 --> 00:00:05,290
Well as a running theme,

4
00:00:05,290 --> 00:00:09,490
I want you to keep least privilege authorization at the top of your mind.

5
00:00:09,490 --> 00:00:13,440
Recall that in information security we talk about the three A's,

6
00:00:13,440 --> 00:00:16,510
authentication, that's credential validation.

7
00:00:16,510 --> 00:00:20,540
Is this calling user or process who they claim to be?

8
00:00:20,540 --> 00:00:23,730
And then once that security principle has been authenticated,

9
00:00:23,730 --> 00:00:25,590
that's where authorization comes in.

10
00:00:25,590 --> 00:00:26,370
In other words,

11
00:00:26,370 --> 00:00:31,640
what is the scope of permission for that successfully authenticated identity?

12
00:00:31,640 --> 00:00:35,170
And least privilege means that we're giving permissions to those

13
00:00:35,170 --> 00:00:39,180
identities only to the extent that they need those permissions.

14
00:00:39,180 --> 00:00:40,690
That's always our goal.

15
00:00:40,690 --> 00:00:44,620
Another running theme is that we can see Microsoft Defender for

16
00:00:44,620 --> 00:00:48,330
Identity being another example of bringing the power of the

17
00:00:48,330 --> 00:00:52,480
cloud and also artificial intelligence into your on‑premises

18
00:00:52,480 --> 00:00:54,940
Active Directory environment.

19
00:00:54,940 --> 00:00:58,000
I would submit to you that if you've got team members who

20
00:00:58,000 --> 00:01:01,040
are resistant to move into the cloud,

21
00:01:01,040 --> 00:01:06,530
this is a nice way to create a soft landing zone where you can selectively

22
00:01:06,530 --> 00:01:11,710
wire in these cloud‑based services without necessarily doing any lifting and

23
00:01:11,710 --> 00:01:17,370
shifting in on‑premises and just demonstrate the power that these cloud

24
00:01:17,370 --> 00:01:21,840
services can give your on‑premises services.

25
00:01:21,840 --> 00:01:23,930
Our next module, as a matter of fact,

26
00:01:23,930 --> 00:01:27,540
lights up or illustrates that very last point I made.

27
00:01:27,540 --> 00:01:31,100
We're going to be going deeper into remediating Windows Server

28
00:01:31,100 --> 00:01:34,740
security issues by using Azure Services.

29
00:01:34,740 --> 00:01:40,000
Thanks as always for your participation and attention. I'll see you then.