Orange County NC Website
Statement of Work <br />Orange County NC <br />v20221005 March 8, 2023 p. 9 of 26 <br />o Microsoft Defender for Identity. <br />o Azure AD Identity Protection. <br />o Microsoft Information Protection. <br />• Setting up cloud discovery using: <br />o Microsoft Defender for Endpoints. <br />o Zscaler. <br />o iboss. <br />• Creating app tags and categories. <br />• Customizing app risk scores based on your organization’s priorities. <br />• Sanctioning and unsanctioning apps. <br />• Reviewing the Defender for Cloud Apps and Cloud Discovery dashboards. <br />• Enabling the app governance add-on. <br />o Guide the customer through the overview page and create up to five (5) app <br />governance policies. <br />• Connecting featured apps using app connectors. <br />• Protecting apps with Conditional Access App Control in the Conditional Access within <br />Azure AD and Defender for Cloud Apps portals. <br />• Deploying Conditional Access App Control for featured apps. <br />• Using the activity and file logs. <br />• Managing OAuth apps. <br />• Reviewing and configuring policy templates. <br />• Providing configuration assistance with the top 20 use cases for CASBs (including the <br />creation or updating of up to six (6) policies) except: <br />o Auditing the configuration of your internet as a service (IaaS) environments <br />(#18). <br />o Monitoring user activities to protect against threats in your IaaS environments <br />(#19). <br />• Understanding incident correlation in the Microsoft 365 Defender portal. <br /> <br />The following is out of scope: <br />• Project management of the customer's remediation activities. <br />• Ongoing management, threat response, and remediation. <br />• Discussions comparing Defender for Cloud Apps to other CASB offerings. <br />• Configuring Defender for Cloud Apps to meet specific compliance or regulatory <br />requirements. <br />• Deploying the service to a non-production test environment. <br />• Deploying Cloud App Discovery as a proof of concept. <br />• Supporting GCC-High or GCC-DoD (Office 365 US Government). <br />• Setting up the infrastructure, installation, or deployment of automatic log uploads for <br />continuous reports using Docker or a log collector. <br />• Creating a Cloud Discovery snapshot report. <br />• Blocking app usage using block scripts. <br />• Adding custom apps to Cloud Discovery. <br />• Connecting custom apps with Conditional Access App Control. <br />• Onboarding and deploying Conditional Access App Control for any app. <br />• Integrating with third-party identity providers (IdPs) and data loss prevention (DLP) <br />providers. <br />• Training or guidance covering advanced hunting. <br />DocuSign Envelope ID: 4F8CE7A2-004B-4516-AE7C-0C68141E2FF6