EMS Related sessions for Ignite 2018 that are of interest

1. Ignite 2018: Interesting EMS
Sessions

2. Azure AD Sessions
Session Day Time Description
THR2214 - From the trenches: Hardening your
Azure Active Directory tenant
Monday,
September 24
6:25 PM -
6:45 PM
As organizations embrace Azure Active Directory (AD), proper configurations of their tenants becomes more
important. Just like tuning on-premises Active Directory Domain Services environments to avoid the tyranny
of the default settings, in some situations, Azure AD tenants can benefit from a little tuning, too. Make sure
to get the best tips and tricks in this theater session from an MVP whose team and peers have seen and
done it all in Azure AD.
THR3042 - How ML helps Microsoft provide better
and more secure Identity experiences with self-
adapting systems
Tuesday,
September 25
9:35 AM -
9:55 AM
This talk will cover how Microsoft applies machine learning at every defense level (prevention, detection and
remediation) to keep the bad guys out and customers safe.
THR3074 - How to get started with Azure MFA the
right way Tuesday,
September 25
1:40 PM -
2:00 PM
Most organizations have understood the need for securing cloud identities with a second factor of
authentication like Azure Multi-Factor Authentication (MFA). Still, a lot are doing it wrong. It is not
complicated to do Azure MFA the right way with using Microsoft Intune and conditional access. Spend 20
minutes on this session and see how to protect all cloud apps and identities with a few simple steps.
BRK2157 - Ensure comprehensive identity
protection with Microsoft 365
Wednesday,
September 26
9:00 AM -
10:15 AM
Identity is the control plane to protect against current and emerging identity attacks! Come to this session to
learn how Microsoft's solutions can help fortify your organization with comprehensive identity protection.
THR2312 - Azure Active Directory updates
Wednesday,
September 26
11:20 AM -
11:40 AM
Join Joy Chik for a 15-minute demo-rich tour of updates to Azure Active Directory and new options you can
leverage for unified identity and access management across Microsoft and broader cloud services. We'll
present emerging trends in cloud identity, how Azure AD minimizes the risk of evolving identity-based
attacks and what you can do to take advantage of modern capabilities with your apps and services. Be part of
our studio audience during filming and also earn a chance to be part of our exclusive prize draw.
www.microsoft.com/mechanics
BRK3241 - Enable Azure Active Directory
Conditional Access to secure user access while
unlocking productivity across Microsoft 365
Wednesday,
September 26
12:30 PM -
1:45 PM
Conditional access is your identity security policy hub. Unlock the promise of secure productivity for your
users by allowing access conditionally based on user, location, device, data, or app. Come to this session to
learn all about conditional access and how we are bringing together solutions, seamlessly integrated across
Microsoft 365, to protect your front door!
THR2081 - Single sign-on best practices for Azure
Active Directory and Microsoft accounts
Wednesday,
September 26
12:30 PM -
12:50 PM
Are your users seeing too many login prompts? Ensure your applications have the best single sign-on (SSO)
experiences for end users when integrating with Azure Active Directory or Microsoft accounts.

3. BRK3401 - Azure Active Directory security insights with Conditional Access,
Identity Protection, and reporting
Wednesday,
September
26
12:45 PM - 1:30
PM
Identity security is one of the most critical measures you can take for your
organization today. To continually strengthen your identity security, you need
crystal clear visibility into when and what type of attacks your users are
exposed to. You also need the ability to measure the impact of various Azure
AD Conditional Access policies and MFA configuration you have made for your
organization. Join us as we show how you can spot an upcoming attack and
lock the doors using Conditional Access, What-If tool, Security Dashboard,
Identity Protection, and security reports.
BRK2266 - Streamlining your business processes using Microsoft Graph
Wednesday,
September
26
4:30 PM - 5:15
PM
Microsoft Graph can help your business to orchestrate a lot of processes that
today are manual and error-prone. This session showcases a number of
enterprise, mobility, and security scenarios around users, groups, devices,
applications, roles, policies, and security threat protection. Learn how to
programmatically integrate Azure Active Directory, Microsoft Intune, and
Microsoft Intelligent Security Graph.
THR1096 - Beware ransomware! How to mitigate risk with Windows 10 and
Microsoft 365 security features
Thursday,
September
27
9:00 AM - 9:20
AM
Join MVPs Maurice Daly and Harjit Dhaliwal for an overview of how you can
help secure your business using the security features built into Windows 10
and leverage the power of the Microsoft cloud with Enterprise Mobility +
Security features such as conditional based access.
THR2326 - Conditional Access updates everywhere to control risky logins and
much more
Thursday,
September
27
12:30 PM -
12:50 PM
Conditional Access is the new control set to avoid risky logins and unwanted
users, processes and apps from accessing services and your data. Learn how
conditional access is expanding beyond integration with front-door services
for identity, authentication and authorization runtime experiences - so
protection is pervasive. Be part of our Microsoft Mechanics Live! studio
audience during filming of this 15-minute show and earn a chance to be part
of our exclusive prize draw. www.microsoft.com/mechanics
THR3036 - Azure Active Directory hybrid identity and banned password
detection
Thursday,
September
27
1:40 PM - 2:00
PM
Azure Active Directory implements a global banned password list, and this can
be augmented with a custom list where we can define banned passwords
specific to our organization. In June 2018 Microsoft added the ability to define
the custom list via the Azure Active Directory portal and also enabled the
detection and blocking of banned passwords for on-premises AD password
changes. Come to this 20-minute session and let John Craddock provide you
with a succinct overview and discover how to deploy banned password
detection for your on-premises AD.

4. Governance-Related
THR2369 - How Microsoft internally
governs and protects Microsoft Teams,
SharePoint, and Office 365 Groups
Monday,
September
24
6:25 PM
- 6:45
PM
Learn how Microsoft Core Services Engineering & Operations (CSEO)—the experts who run the critical
products and services that power Microsoft—empowers its employees while protecting the enterprise when
managing Microsoft Teams, SharePoint, and Office 365. Learn how Microsoft manages our internal tenancy
and what you can apply to your own practices today.
THR2284 - EComms compliance: Not just
about email and instant messaging
anymore Tuesday,
September
25
1:40 PM
- 2:00
PM
Organizations today have experienced a fundamental shift in the way their employees communicate and
collaborate, with technologies such as Microsoft Teams, Skype for Business and other rich, dynamic, and
multi-modal tools being broadly adopted. Challenges arise as content with high value or high risk are
delivered through these networks, with firms now needing to extend the perimeter of their compliance and
security controls, using more advanced methods to spot information risks. This session explores some of
these methods, such as "superveillance", that can help firms to more effectively address today’s information
volume and variety.
BRK2468 - Security for your digital
transformation
Tuesday,
September
25
3:15 PM
- 4:00
PM
This session looks at common security concerns that will impact your organizations digital transformation.
We investigate solutions to mitigate the threats, secure your data, and report on compliance in a cloud-
first, mobile-first world.
THR2368 - Governing and securing
Microsoft Teams in the Microsoft
enterprise
Tuesday,
September
25
5:05 PM
- 5:25
PM
Learn how Microsoft Core Services Engineering & Operations (CSEO)—the experts who run the critical
products and services that power Microsoft—utilizes Microsoft Teams from a global perspective and
manages external access, implements organizational structure and ensures their environment is secured.
THR2317 - Security and compliance
updates across Microsoft 365 - a demo
tour
Wednesda
y,
September
26
5:05 PM
- 5:25
PM
A demo-rich 15 minute tour of the latest defense in depth security capabilities across identity, devices and
applications. Including the latest in password less authentication, advanced threat protection and
information protection in the context of both security and compliance. Learn about advances to data
governance including data classification and eDiscovery updates. Also, keep watching as we show you
updates for how you can assess and manage your security and compliance posture with Microsoft 365
Secure Score and the Compliance Center. Be part of our Microsoft Mechanics studio audience during
filming of this 15-minute show and also earn a chance to be part of our exclusive prize draw.
www.microsoft.com/mechanics
BRK3281 - Securing Microsoft OneDrive
and its content
Friday,
September
28
12:45
PM -
1:30 PM
OneDrive for Business is becoming a key piece of many organizations, and with that the need for better
control and management arises. There are several features built into Office 365 and Enterprise Mobility +
Security that will help you secure your organization's OneDrive data. In this session, see how it's done, with
demos and examples to help you understand and utilize the possibilities.

5. Identity Related -Misc
Session Day Time Description
BRK2429 - Customer story: How to
protect and restore Active Directory from
malicious or accidental destruction
Tuesday,
September
25
2:15 PM
- 3:30
PM
In this case study session, Neil Flood, Manager of Identity and Access Management for Cargill, joins Brian
Hymer from Quest to discuss best practices for Active Directory privileged account auditing and disaster
recovery. Discover: • Top indicators of privileged account misuse • Symptoms of a failing (or failed) AD
forest • How to determine optimal RTO and RPO • Hybrid AD and Azure AD recovery gotchas • How to
justify an auditing and recovery tools purchase to your CISO See a live demo of an AD forest recovery, and
get a step-by-step walk through of how to build a virtual test lab using production data.

6. Passwordless Sign-in
BRK3272 - Authentication and passwords: The
good, the bad, and the really ugly!
Tuesday, September 25
9:00 AM - 9:45
AM
Choosing the correct authentication methods and strategy for your exposed systems and
services is the most critical step when creating your identity-based security boundary. Hasain
Alshakarti, a key member of the TRUESEC cyber security team, will use live demos to give you
insight into the impact of choosing different authentication methods and strategies. He will
guide you to identify weaknesses and understand how these can be exploited using common
tools and attack techniques. He will share best practices implementing strong multifactor
authentication using Windows Hello, FIDO 2.0, key-based authentication, identity federations,
and password-less authentication with techniques built into modern versions of the Windows
platform.
THR2148 - Experiences with going password-less
Thursday, September
27
2:50 PM - 3:10
PM
Windows Hello, Windows Hello for Business, their companion device framework and strategic
alignment with FIDO offer organizations the ability to go password-less for both interactive
logons and application access. Bring your own FIDO and get the best tips and tricks in this
theater session from an MVP whose team and peers have implemented Windows Hello and
FIDO 2.0 CTAP for organizations already.

7. M365 Security Misc.
Session Day Time Description
KEY04 - Transform Your workplace with Microsoft 365
Monday,
September 24
10:45 AM -
12:15 PM
The workplace is transforming and you need a solution that empowers your organization,
handle employees' new expectations for technology at work, while keeping ahead of
compliance and security needs. Join Ron Markezich, Corporate Vice President of Microsoft 365,
as he highlights innovation across Microsoft 365, details the tech behind our latest
announcements, and brings to stage a few of the engineers behind our products and services.
You’ll learn about Microsoft 365 capabilities that will help you deploy, manage, and provide
end-user and business value to your organization. Come see how you can transform your
workplace with Microsoft 365.
GS008 - Microsoft security: How the cloud helps us all be
more secure
Monday,
September 24
4:00 PM -
5:15 PM
The IT environment you are responsible for is changing: cloud apps, hybrid infrastructure,
mobile work, and digital connections with customers and partners to name just a few.
Meanwhile, cyber-attacks are more frequent and damaging. The cloud is your secret weapon in
this new security battlefield. See how unique intelligence and new innovations from Microsoft
can help you be more secure across your entire digital estate.
THR2246 - Survive and succeed through mergers and
acquisitions like a rock star
Tuesday,
September 25
10:45 AM -
11:05 AM
With a 2018 record high forecast of 23% growth, global mergers, acquisitions, and divestitures
(M&As) continue to be an important strategic lever for enterprise growth. IT teams take center
stage during any M&A project and must adopt potential countermeasures to survive the risks
and challenges ahead. In this session, Binary Tree highlights how to ensure success on day one
and beyond for any best-in-class M&A IT integration strategy. Learn how to finally solve the
most common challenge – tenant-to-tenant migrations – while avoiding downtime, reducing
late night hours and weekend projects, and improving end user collaboration as a unified entity.
Power up and be ready to headline your next M&A project.

8. THR3075 - Mission possible: Confidential computing
explained
Tuesday,
September 25
4:00 PM -
4:20 PM
Join Andy Malone as he takes you on a security focused journey inside confidential computing
solutions. A security technology that will not only improve your security tenfold but also bring
greater confidence to business transactions in the cloud. In this session, learn its architecture,
deployment methodologies, and capabilities. If you are a security focused professional, join us
and prepare to learn about this breakthrough technology and what it could mean to your
business.
THR2346 - How to mitigate the new cybersecurity threat
Wednesday,
September 26
9:00 AM -
9:20 AM
This session covers the current trends in cyber-attacks and mitigation strategies, and shares
lessons from the field.
THR2337 - A 360-degree cloud-native approach to secure
your cloud stack
Wednesday,
September 26
11:20 AM -
11:40 AM
Users are increasingly adopting multi-cloud for their hybrid IT strategies to drive digital
transformation. Securing clouds requires shared security responsibility. This session introduces
the inherent threats and solutions needed to secure your entire cloud stack, from infrastructure
to applications. Learn the importance of total visibility across your public clouds, and how to set
up security for workloads from both internal and in the perimeter. Avoid issues such as data
leaks and crypto mining attacks through your cloud infrastructure with continuous security
monitoring. Learn best practices from real-world examples of customers transparently
orchestrating security into their practices and DevOps pipelines.
THR2064 - Level up on identity-driven endpoint security
with conditional access based on device trust
Wednesday,
September 26
5:40 PM -
6:00 PM
Powered by Windows Defender Advanced Threat Protection and Microsoft Intune, Azure Active
Directory conditional access can now grant access based on device trust. Come to this session
to learn about this capability and how you can turn it on!
BRK4023 - Rising risk of social engineering
Thursday,
September 27
12:30 PM -
1:45 PM
Social engineering is one of the top rising risks for any organization. It has become very easy for
hackers to politely ask for corporate data and then easily gain access rather than try to find a
vulnerability in your network or infrastructure. We live in a connected world and most of us
love to share information sometimes on purpose but sometimes without even noticing. Only by
understanding how the hacker operates will you be able to protect, detect, and respond to their
threats. In this session, learn how hackers prepare their social engineering attacks and how
Microsoft 365 can help protect, detect, and respond to these threats.

9. Microsoft Cloud App Security
Session Day Time Description
THR3085 - The wizarding world of Microsoft
CloudApp Security Monday,
September
24 6:25 PM - 6:45 PM
With the number of cyber-attacks seemingly out of control, it’s time to get a grip on cybercrime. Despite what
you’ve heard, good security doesn’t have to cost the earth. In his latest security session, join our man from the
North, Andy Malone as he discusses the latest cyber-attack techniques and tools. More importantly, he
provides practical advice on what you can do today to thwart the bad guy and re-take control of your
environment. This is a session packed with tips, advice, and demos on improving your organizational security.
Don’t miss out!
BRK2158 - Elevate the security for all your
cloud apps and services with the Microsoft
CASB - Cloud App Security
Tuesday,
September
25
10:45 AM - 12:00
PM
Organizations today focus heavily on cloud-run solutions, whether to increase employee productivity or to drive
other efficiencies across the business. Microsoft Cloud App Security is a Cloud Access Security Broker (CASB)
solution that gives you visibility into your cloud apps and services, provides sophisticated analytics to identify
and combat cyberthreats, and enables you to control how your ubiquitous data travels. Attend this session for
an overview of our latest innovations and upcoming capabilities in Microsoft Cloud App Security.
THR3030 - Shadow IT Discovery beyond the
corporate network with Windows Defender
ATP and Cloud App Security
Tuesday,
September
25 3:25 PM - 3:45 PM
In this session we show you how Microsoft Cloud App Security (MCAS) and Windows Defender Advanced
Threat Protection (WDATP) work together to help you discover Shadow IT and enable you to start managing it.
We dive deep into the discovery setup with and without WDATP, how to use the risk assessment and start
managing all those cloud apps you never knew about.In this session we'll show you how Microsoft Cloud App
Security and Windows Defender ATP work together to help you discover Shadow IT and enable you to start
managing it.
THR2130 - Deploy and manage Cloud App
Security in Office 365
Wednesday,
September
26
12:30 PM - 12:50
PM
Microsoft Cloud App Security provides deeper visibility, stronger controls and enhanced protection for your
cloud apps. Learn how you can deploy and manage Microsoft Cloud App Security not only for discovering
shadow IT but also for providing data control and protection features for approved apps in your organization.

10. BRK3221 - Combat advanced cyber attacks
with Microsoft Cloud App Security
Wednesday, September 26
2:00 PM -
2:45 PM
Cloud App Security is uniquely positioned as a Cloud Access Security Broker (CASB) to help you detect
threats - compromised accounts accessing your environment, rogue applications, malware, and
ransomware. We deep dive into the detection capabilities that exist today, how we're leveraging the
Microsoft Intelligent Security graph, and share some of the new things we’re currently working on.
BRK3236 - Step up your identity
infrastructure with a native CASB integration
Wednesday, September 26
3:15 PM -
4:00 PM
Modern IAM infrastructures are evolving to include Cloud Access Security Brokers (CASBs). CASBs can
protect or discover unsanctioned application usage and mitigate these threats. IAM and CASB integrate
and leverage each other’s strengths to improve modern identity and cloud security. In this session, we
discuss how Azure Active Directory and Microsoft’s CASB solution Microsoft Cloud App Security are
uniquely and natively integrated to help you discover Shadow IT and enable you to monitor and
control user sessions in real-time and mitigate any potential threats.
THR2075 - Discover shadow IT and detect
anomalies with Office 365 Cloud App
Security
Wednesday, September 26
5:05 PM -
5:25 PM
How well do you know your environment of cloud apps and services? Learn how Office 365 Cloud App
Security gives you visibility into shadow IT in your company, helps you assess the risk to your
organization, detects risky Oauth apps with elevated privileges, and enables you to detect anomalies
across Office 365!
BRK3105 - Monitor and control user sessions
in real-time across your cloud apps with
conditional access app control
Thursday, September 27
11:30 AM -
12:15 PM
Microsoft Cloud App Security and Azure Active Directory conditional access have teamed up to provide
powerful real-time monitoring and controls for the data stored in your Microsoft and non-Microsoft
cloud apps. Attend this session to learn how Microsoft CASB can help you protect your data when it is
stored outside of conventional IT boundaries, while maintaining user productivity and how to deploy
conditional access app control.

11. Microsoft Information Protection
Session Day Time Description
BRK2006 - Use Microsoft Information
Protection (MIP) to help protect your
sensitive data everywhere, throughout its
lifecycle
Tuesday,
September
25
12:30
PM -
1:45 PM
Microsoft Information Protection (MIP) solutions are evolving. Get an overview of how you can protect
your sensitive data through its lifecycle with MIP. Data is created and travels to more locations than ever
before, which makes protecting your most important and sensitive data more challenging. We've made it
easier to create and manage new information protection policies, easier for end-users to work with
sensitivity labels in Office applications, and easier for the ecosystem to build their own information
protection experiences into their own applications and services.
THR3076 - Azure Information Protection
and Exchange Online - better together
Tuesday,
September
25
5:05 PM
- 5:25
PM
In a world where people can work from virtually anywhere, it is almost impossible to keep data in a single
(secure) location. This is where rights management can help. Come and find out how to use AIP policies in
Exchange Online, how you can leverage document metadata to intelligently track and further secure
attachments, and how this approach relates to and can leverage Office Message Encryption at the same
time!

12. Microsoft Intune
THR2008 - Understanding the platforms
managed by Microsoft Intune to build
mobility solutions
Monday,
September
24
7:00 PM
- 7:20
PM
As an IT pro managing an enterprise mobility solution like Intune, understanding how management works
on that platform is key. In this session, we breakdown how mobile device management was built in
Windows, iOS, and Android. Gain an understanding that will enable you to map business use cases across
platforms and how Microsoft Intune and Enterprise Mobility + Security can deliver solutions on each
platform at both the MDM and App Protection levels.
BRK3036 - Managing devices with
Microsoft Intune: What's new and what's
next
Tuesday,
September
25
9:00 AM
- 10:15
AM
Microsoft Intune and EMS continue to be deployed by thousands of customers worldwide to securely
manage all Microsoft 365 endpoints. Learn how Intune raises the bar once again for Android, Apple, and
Windows device management, and hear more about the exciting new features and new use-cases
announced this week.
BRK3012 - Improve user experience and
secure access to company resources with
Microsoft Intune
Tuesday,
September
25
10:45
AM -
12:00
PM
Microsoft Intune plays a key role in seamlessly delivering Wi-Fi, VPN, certificate, and email profiles to
devices. IT Pros also need to ensure that only enrolled and compliant devices can access resources such as
Office 365 and line of business apps. In this session, you'll learn about recent conditional access
enhancements including support for MAM, new NAC integration points, and conditional access for VPN
control on Windows, and support for security baselines in Intune. We'll discuss our new certificate
integration plugin framework to allow 3rd party ecosystem for device-based authentication.
BRK3285 - Deep dive into evolution of
Windows app management with Intune
Tuesday,
September
25
12:45
PM -
1:30 PM
Go behind the scenes with advanced Windows app delivery from the cloud. Microsoft is simplifying the
software distribution experience and enabling management of the complete Windows application
lifecycle. Don’t miss this chance to get a look at the roadmap and gain insight to help you plan the best
application delivery strategy for your organization.
THR3012 - Security made real with
Outlook mobile in-app experiences
Tuesday,
September
25
2:15 PM
- 2:35
PM
Understanding the user experience helps set the right app management and conditional access policies
for your mobile workers. We show how corporate data stays safe by demonstrating Outlook for iOS and
Android in-app experiences of secure data flows. Plus, you might even get a sneak peek into future
S/MIME and CLP advanced information protection features.
BRK3172 - Fast, easy, and secure
provisioning for corporate devices using
Microsoft Intune
Tuesday,
September
25
4:00 PM
- 5:15
PM
Tired of imaging devices? Want your end-users to receive brand new company-owned devices directly
from your supplier, and start being productive in minutes? Now you can with Intune, and also ensure the
devices are healthy and secure when they connect. In this session, you’ll learn how to harness Windows
AutoPilot, Apple’s Device Enrollment Program, and Android zero-touch enrollment from a single platform
to speed up bulk enrollment for any device, simplify the experience for end users, and protect corporate
information by ensuring security compliance.

13. THR3003 - Specialized device
deployments for Windows 10 with
Microsoft Intune
Tuesday,
September
25
4:00 PM
- 4:20
PM
Have you ever wanted to know all the Microsoft Intune settings needed to deploy a kiosk or shared
device? Interested in simplifying the way you manage Windows 10 kiosks? Join this theater session to see
how to deploy a Windows 10 kiosk, create the assigned access profile, assign kiosks to groups of devices,
and later manage those devices centrally.
BRK3017 - What’s new in Windows 10
mobile device management (MDM)
Wednesda
y,
September
26
10:45
AM -
12:00
PM
Windows 10 lights up new cloud management opportunities. Learn the different ways you can modernize
IT management to get the most out of Windows 10 devices and explore the latest improvements to the
Windows 10 mobile device management (MDM) enrollment and management experience for Windows 10
devices.
THR3004 - Leveraging the Microsoft Store
for Business private store with Intune
Wednesda
y,
September
26
10:45
AM -
11:05
AM
See how Microsoft Intune integrates with the Microsoft Store for Business, and how to have your Intune-
managed Microsoft Store apps show up in the private store. Learn things to consider when leveraging the
private store as the end user catalog for managed apps in your enterprise.
BRK3026 - Running the Intune Service:
automation, auditing, reporting, and roles
Wednesda
y,
September
26
4:30 PM
- 5:15
PM
Come join this demo-focused session where we share real-world examples of how you can automate
Intune and integrate IT processes using PowerShell. Leverage the power of Microsoft Graph to report key
data from Intune, transfer audit events to your SIEM systems, and build applications that simplify
managing Intune. We'll show how to optimize your Intune Roles for least permissions, and use new
features that help manage large distributed IT departments.
THR4000 - Deep insights and custom
reports with Microsoft Intune Data
Warehouse
Thursday,
September
27
10:10
AM -
10:30
AM
As you deploy and manage Intune you need to track and report progress and status. Frequently you have
requests for data and reports that are available from the Intune console and you don’t want to be
swamped with ad hoc request and updates. In this session, learn all of the fundamental building blocks for
creating custom dynamic Microsoft Power BI reports and dashboards for you and your customers.
BRK3013 - Prepare your organization for
Android enterprise management with
Microsoft Intune
Thursday,
September
27
10:45
AM -
12:00
PM
Starting with Android Q which will release in late 2019, Android Enterprise (formerly Android for Work)
will be the only way to manage Android devices. Is your organization ready for this change? Come to this
session to learn about Intune’s current support and roadmap for both BYOD and corp-owned scenarios.
Learn about the new capabilities in management, provisioning, and app deployment that come with
Android enterprise. This session covers the broader Android landscape and explores Intune solutions for
BYOD, corp-owned, and firstline/kiosk usage scenarios.
THR3090 - Get started with Intune
application protection and conditional
access in 20 minutes
Thursday,
September
27
12:30
PM -
12:50
PM
Users are always looking for the easiest way to get access to work resources. They don’t want to enroll
their device for MDM management just to get access to email, they simply want to have access to that
email or that document right here, right now. Even if MDM enrollment is required, app protection policies
will give a more secure access with managing the app in addition to the device. Come and learn how to
get started with a baseline configuration that secures all user access to emails and documents in the cloud
from any mobile device.

14. BRK3005 - Simplify user adoption and
increase data security with Microsoft
Intune
Thursday,
September
27
12:45
PM -
1:30 PM
Learn about how you can leverage app protection policies to secure your company data – from the inside
out. We cover service architecture, deployment of policies, an in-depth demo of key policies and
upcoming policy assurance work. Learn how to plan, deploy, and troubleshoot app protection policies
(previously, MAM policies) in Intune. We conclude with insights into the app protection roadmap and the
latest innovations with Microsoft Edge and other Microsoft Office apps.
BRK3006 - Defend against mobile threats
and increase user productivity with
Intune-managed Edge browser
Thursday,
September
27
2:00 PM
- 2:45
PM
Microsoft Edge mobile for iOS and Android now supports enterprise capabilities via Microsoft Intune.
With new data protection and corporate access features, using Edge mobile with Intune is the best way to
enable your users’ mobile productivity while ensuring corporate data remains secure.
THR3080 - Embracing modern
management with Microsoft 365
Thursday,
September
27
2:50 PM
- 3:10
PM
Need a modern management solution for devices? Join Microsoft MVP, Mirko Colemberg to see how
simple it can be to manage devices. In this session he demonstrates how to integrate Autopilot with Azure
Active Directory and Microsoft Intune. He also discuss the ideal job roles within your company to start
embracing the modern workplace.
BRK3103 - Manage and secure iOS and
MacOS devices and apps with Microsoft
Intune
Thursday,
September
27
2:15 PM
- 3:30
PM
Do you manage Apple devices in an enterprise, healthcare, or education environment? In this deep dive
session, we provide insights into management, provisioning, and app deployment on iOS and macOS
devices using Microsoft Intune for BYO and corporate-owned scenarios. We cover recent enhancements
and roadmap upcoming features including topics such as Apple Business Manager, improved end user
experiences, first line/kiosk usage scenarios and more.
BRK3016 - Shared devices for kiosk and
Firstline Workers with Windows 10 and
Intune Thursday,
September
27
2:15 PM
- 3:30
PM
You may have used them during your travels to Ignite, or at the conference center today. You may have
interacted with them directly or saw them being used by a staff member at the conference, at the airport,
or at your hotel. Shared devices and kiosks are everywhere. They come in many forms and price ranges
and perform a variety of functions, but what most people don’t realize is that many of these devices are
powered by Windows. This session showcases the work we've been doing in Windows to make it easy for
IT to configure and monitor shared devices. Come for the demos, best practices, and, most importantly, to
learn how you can easily build your own solution.
THR4004 - Learn how to leverage Intune
support for Microsoft Graph and
PowerShell to enable powerful
automation and IT security
Thursday,
September
27
2:15 PM
- 2:35
PM
In this session, we demonstrate key automation scenarios using PowerShell, using Microsoft Graph APIs to
simplify Microsoft Intune administration; and transitioning profiles, apps, and policies from a pre-
production to production environment.
BRK3029 - Lessons from the field:
protecting corporate data on any device
with Microsoft Intune
Friday,
September
28
9:00 AM
- 10:15
AM
Once your data is out there – whether on heavily-controlled company-owned devices or lightly-managed
personal smartphones-- it is at risk of leakage. Let us show you how Intune is the key for end-to-end data
protection in the modern workplace. From identity-based conditional access, through device and
application control to information rights management, classification and labelling, Intune orchestrates the
many layers of data security capabilities in Microsoft 365.

15. Microsoft Threat Protection
Session Day Time Description
BRK4000 - Leveraging the power of
Microsoft threat protection to secure the
modern workplace across data,
endpoints, identities, and infrastructure
Tuesday,
September
25
10:45
AM -
12:00
PM
Learn about the services that make up Microsoft threat protection and how they work together to secure
the modern workplace.
BRK4002 - Securing your Office 365
environment from advanced phishing
campaigns with Office 365 Advanced
Threat Protection
Tuesday,
September
25
12:45
PM -
1:30 PM
Learn how Office 365 Advanced Threat Protection helps ensure your organization is secure from the most
advanced and sophisticated forms of phishing campaigns across your entire Office 365 environment.
BRK4001 - Secure enterprise productivity
with Office 365 threat protection services
including EOP, ATP, and Threat Intelligence
Tuesday,
September
25
2:15 PM
- 3:30
PM
Learn how Office 365 threat protection services including Exchange Online Protection (EOP), Advanced
Threat Protection (ATP), and Threat Intelligence protect, detect, respond, and help educated end users on
threats across your entire Office 365 ecosystem. This session highlights the latest advances and
differentiators of Office 365 threat protection services and provides a detailed roadmap of what is to
come.
BRK3237 - Securing your hybrid cloud
environments with Azure ATP and AAD
Identity Protection
Tuesday,
September
25
3:15 PM
- 4:00
PM
Protect users from identity threats with Azure Advanced Threat Protection and Azure AD Identity
Protection. Learn about the top types of attacks against identities and users and how Microsoft 365 can
help secure your environment.
THR3037 - Attack discovery and
investigation with Azure Advanced Threat
Protection
Wednesda
y,
September
26
12:30
PM -
12:50
PM
Azure Advanced Threat Protection is a critical solution for the security operations analyst during and after
an incident by providing a real-time attack timeline for forensic analysis and deep investigation into attack
methodologies. Join us as we walk you through an attack kill chain and demonstrate the role Azure
Advanced Threat Protection plays as part of Microsoft 365 Security.
BRK3117 - SecOps and incident response
with Azure Advanced Threat Protection:
Protect, detect, and respond
Wednesda
y,
September
26
2:15 PM
- 3:30
PM
Azure Advanced Threat Protection (Azure ATP) is a cloud service that helps protect your enterprise hybrid
environments from multiple types of advanced targeted cyber attacks and insider threats, leveraging
machine learning analytics to determine suspicious user behavior. In this session, learn how Azure ATP can
be used by incident responders for enterprise-wide security operations.
THR3088 - How to onboard your clients to
Windows Defender Advanced Threat
Protection
Thursday,
September
27
10:45
AM -
11:05
AM
Are your Windows devices secure? Join Microsoft MVP, Mirko Colemberg, to learn how to use Microsoft
365 and Windows Defender Advanced Threat Protection to secure your organization’s client and server
devices. This session demonstrates how to onboard Windows clients and servers to provide a secure
modern workplace, including remote devices without the need of a centralized infrastructure.

16. Modern Management
Session Day Time Description
BRK3035 - What’s new in System Center
Configuration Manager
Monday,
September
24
4:00 PM
- 5:15
PM
Do you like sessions that are full of demos and fewer slides? Come and meet the Configuration Manager
PMs and see them demo their latest features. We are demoing features like client peer cache, site server
high availability, real time management scenarios with run scripts, Configuration Manager pivots, phased
deployments, management insights, Office 365 integration, new task sequence improvements, and more.
THR2341 - Does new hardware matter?
Monday,
September
24
4:35 PM
- 4:55
PM
Is old technology getting in the way of digital transformation? New hardware is a vital element in bringing
to life what is possible on Windows 10 from security to productivity. New camera technology makes facial
recognition possible to log on to your PC securely and quickly with Windows Hello. In an hyper-connected
world, new hardware running modern standby enables the most responsive, always-connected Windows
10 PC experience without sacrificing battery life. Learn more on how new Intel hardware maximizes
Windows 10 experiences.
BRK2002 - Modern Desktop deployment
and management with Microsoft 365
Tuesday,
September
25
9:00 AM
- 9:45
AM
Learn the Modern Desktop deployment and management process of Windows 10 Enterprise and
Microsoft Office 365 ProPlus using the Microsoft 365 platform. This session covers a holistic process
discussing considerations per phase and the tools you’ll need to be successful with large scale deployment
to ensure you can start your journey towards the modern desktop.
BRK3038 - Windows 10 in S mode: Why
you should care and how it works
Tuesday,
September
25
12:30
PM -
1:45 PM
Windows 10 in S mode powers affordable, cloud-ready devices that are simple, secure, and efficient. In
this session we dive deep into recommended practices and discuss real-world lessons learned from the
deployment and management of this new device experience. Discover how S mode leverages built-in,
cloud powered, intelligent security from Windows 10 and how it uses the advanced capabilities of running
verified apps from the Microsoft Store platform to deliver security and performance benefits.
BRK1086 - Transition to cloud-based
management of Windows 10 and
Microsoft Office 365 ProPlus with EMS
Tuesday,
September
25
12:45
PM -
1:30 PM
Are you looking to transition the management of Windows 10 and Office 365 ProPlus to the new agentless
approach, but don’t know where to start? Join this session to see how you can do this at your own pace
with System Center Configuration Manager, Microsoft Intune, Azure Active Directory, and other cloud
services.

17. BRK3018 - Deploying Windows 10 in the
enterprise using traditional and modern
techniques
Wednesda
y,
September
26
9:00 AM
- 10:15
AM
With Windows 10, we introduced the concept of Windows as a service to allow companies to remain
current with the rapid release of features every six months. The key to embracing this servicing model is to
move from a project-based approach to a process-based approach. Learn how to leverage both traditional
and modern deployment techniques and tools ranging from System Center Configuration Manager,
Microsoft Intune, Windows Update for Business, and Windows Autopilot as part of a hybrid approach to
effectively deliver the bits. Learn the how and why behind Windows as a service, but, more importantly,
learn which scenarios work best in which situations so that you can optimize your deployment while
minimizing user impact.
BRK2144 - Hands-on Surface modern
management Wednesda
y,
September
26
11:30
AM -
12:15
PM
See how a Microsoft 365 Powered Surface, deployed by Windows AutoPilot and managed by Microsoft
Intune creates a secure, productive Modern Workplace that has an exceptional end user and IT
experience. Find how to setup, administer, deploy, and manage your Microsoft Surface devices through
toolsets in Microsoft 365, discuss modernization using Co-Management, dealing with advanced scenarios
and complex environments. Bring your device and follow along in your own tenant as we explore settings
and configurations. Walk away with a firm understanding of the advantages of cloud-based device
management and the tools needed to transition your infrastructure to Microsoft 365 modern
manageability and the benefits of a Surface device.
THR2314 - Updates to Modern Desktop
deployment and keeping it up-to-date:
ConfigMgr, Windows Autopilot, WaaS and
more with Michael Niehaus
Wednesda
y,
September
26
2:50 PM
- 3:10
PM
If you haven’t migrated your OS in a while, Windows Deployment expert Mike Niehaus, presents a 15-
minute show on deployment options for your shift to Windows 10. From updates to Systems Center
Configuration Manager and co-management with Microsoft Intune to next-gen provisioning approaches
for new PCS with Windows AutoPilot. Keep watching, as we explore how these options also help you to
stay current and up to date with Windows as A Service. Be part of our Microsoft Mechanics studio
audience during filming and also earn a chance to be part of our exclusive prize draw.
www.microsoft.com/mechanics
BRK3021 - Attach the power of Microsoft
365 cloud management and security to
Configuration Manager (SCCM)
Wednesda
y,
September
26
3:15 PM
- 4:00
PM
Are you ready to modernize Microsoft 365 device management with a cloud-attached approach, but don’t
know where to start? Learn more about how the latest ConfigMgr and Intune announcements empower
you to simplify unified endpoint management
BRK2017 - Configuration Manager Product
Team Chalk Talk
Thursday,
September
27
2:15 PM
- 3:30
PM
Come meet members of the Configuration Manager product engineering team to ask your questions,
share your feedback, and discuss the product. You drive the agenda!
BRK3007 - Deep dive into Configuration
Manager infrastructure simplification with
the cloud
Friday,
September
28
12:45
PM -
1:30 PM
Want to know how to take advantage of the Microsoft Azure cloud for your System Center Configuration
Manager devices? Learn how you can securely manage your Configuration Manager agent devices from
the internet. Manage your devices without infrastructure in your DMZ and manage within your corporate
security policies.