 Hello and welcome to our monthly virtual office hour series. My name is Phil Nguyen, and I am the Director of Customer Success here at TechSoup. Joining me today on our panel are Shruti Ramaswamy, our VP of strategy, Vanessa Jimenez, who is our Customer Success Manager, and she'll be helping me as a moderator today. Finally, presenting today's Making Sense of Security features within your Microsoft Cloud Licenses conversation is Kevin Mohall, our Technical Customer Success Manager. We're so happy that you're here, and we thank you for spending an hour with us. We had a bit of a technical issue last time around, so this is a makeup session, and like I said, we're just thrilled that you're here with us today. A few housekeeping items before we start. Please use the chat function, which you already have to type in your questions and comments. We will collect questions and answer them during the Q&A portion of this session today. We had a little bit of an icebreaker where you entered your name, it said hello, your location, and a little bit of a weather. For the folks that are just joining us, if you'd like, you can go ahead and do that as well. I'm personally infatuated with local weather, and I'm not sure why. I always check the weather, I always ask about the weather. But once again, I am Phil, I am dialing in from the San Francisco Bay Area. For closed captioning, please click on the ellipsis and then turn on the live captioning feature. Please note that this session is being recorded. The recording and slides will be available shortly for everyone who registered for this event. Before we start this conversation, we have a question about cybersecurity. This poll is optional, so don't feel that you have to answer. You can close out the pop-up window when you're done, or if you don't feel like answering. You should see the pop-up on your window now, on your window screen now, and then refer to the checkbox to see real-time results of the poll. Okay, I'll give everyone a minute to click here. Okay, so a lot of phishing, okay? Phishing, malware. We have one ransomware attack, and then two insider threats. Okay, very interesting. If you picked phishing, you are correct. The biggest, most damaging, and most widespread threat facing small businesses are phishing attacks. Phishing accounts for 9% of all breaches that organizations face. They've grown 65% over the last year, and they account for over $12 billion in losses. Phishing attacks occur when an attacker pretends to be a trusted contact, and entices the user to click the malicious link, download a malicious file, or give them access to sensitive information, account details, or credentials. Keep this topic in mind as we go through the presentation and the demo. Without further ado, I'd like to introduce Kevin Mulhall, who will be leading this conversation about security features within 365. Thanks, Phil. A good morning or afternoon to those of you who are joining us today. Again, my name is Kevin Mulhall. I'm a technical customer success manager here at TechSoup. Today's agenda, we're gonna go over the following items. The security basics of 365 email, the basics of 365 security data, and the security basics of 365 identity. The second item in here, we will push back a little bit further if this is a topic that we can open to Q&A just for time constraints. After review of these items, I'm gonna go into my demo account to review some security defaults and configurations specifically around threat policy, and then we'll open the floor to Q&A. So again, I'll follow up with what Phil said. We apologize for the mishap that we had when this was originally scheduled. When it was, it was actually National Cyber Security Awareness Month. I'm a huge fan of the slide, just because I love technology and it has a really cool vibe to it. So a happy belated Cyber Security Awareness Month, there are no present surprises that you will receive, but not getting hacked is a good thing. So what I'm gonna go to in here, starting with 365 security, and then moving forward to data and then rounding it out, we're gonna go over the basic features just really quickly as far as it pertains to what's available in the core licensing itself. We'll highlight or just touch briefly on some of the advanced features that are within licensing through this range of topics. So starting with 365 security and email, basic feature that's built into all core license types is exchange online protection. What that is simply put is that it is a protection that's set up as part of exchange online server through a configuration that happens within SPF records to block out messages from untrusted sources. Translation for those of you who ever look in a spam or a junk folder and you see a message in there, that is exchange online protection at work. There's a variety of reasons that happens there. There's a variety of reasons why that message doesn't get across, but just know and understand that exchange online protection is how that essentially happens. The next basic feature is transport rules. Transport rules are a set of conditions, exceptions, actions, and properties that can be applied to mail flow to and from your organization. You may have heard these, it's called mail flow rules. They're also synonymous with transport rules. They are something that can be configured and for those of you that are interested in this, either setting up a time to speak with us or even attending our next month's webinar, a little preview hint here, we will actually be discussing Outlook in greater detail. Some of the advanced features that are available with the premium license types within 365 include safe links and safe attachments and then general and S-MEM email encryption for transmitting sensitive data. The next component of 365 security is data. The basic features include at rest and in transit protection, file share permissions, application assignment controls. As for at rest and in transit protections, what that simply means is that information that is stored in your account, information that is transmitted through Microsoft's data centers is provided security encryption by Microsoft as part of the service level agreement you have with them. This is obviously a great feature to have because you don't want your data to be moving around in an unprotected manner. Microsoft provides that as part of 365 by default. File share permissions at the user and tenant level. For those of you that are using 365, you're probably already familiar with this. If you've ever shared a document using OneDrive for business, for example, you'll notice that you have a certain type of set permissions regarding the documentation. The ability to read and or edit and or even download documentation and prevent that from happening is a default protection built into 365 services and core licensing. Another item I put on here, it's not necessarily a default data security protection by nature, but it kind of is what application assignment controls for those of you who attended our first session, first off I'm glad that you're back for this one, we discussed about the assigning licenses to users. The cool thing about 365 is that when you create a user and you assign a license to them, you can actually get granular enough to control what applications they have access to. So for example, if you do not want a user within your tenancy to say be using Microsoft Teams, hopefully you would, but for say some reason that they just don't need to be accessing the information that's going to be placed and communicated in there or equally for SharePoint online or OneDrive for business, which are the majority of components where data and informatics are stored within 365, you could simply deselect that during the setup process and prevent access from that all together. If there are any questions about that, we can, I can kind of go over that, but it's just an interesting little control feature that you have. So some advanced features, again going back to the core licensing SKUs would include things like sensitivity labeling, data loss prevention, data retention labels and policies. Moving over to the 365 security identity, modern authentication. So I'm sure there are those of you that are in attendance here that have either had to configure or have had the joy of trying to configure multi-factor authentication. If you're a global admin and you had experienced registration after the 21st of October, 2019, you've now had the joy of dealing with and I used the word dealing with in the most dear of terms, the forced and forced enabling of multi-factor authentication. This is something done by Microsoft, but as someone in total agreeance with this concept, this is to protect your tendency and to secure your identity. Multi-factor authentication essentially is a way of verifying that you're who you say you are. The default application that Microsoft uses is Microsoft Authenticator, but that said, depending on your license type, you have the ability to configure several other factors, including as shown on here, SMS or text messaging. And again, depending on your license, even the possibility to enable a phone call. Some advanced authentication and identity management features that you may come across when learning or interacting with your admin endpoint include conditional access, Azure seamless single sign-on and self-service password reset. Again, with identity, with email, and with the other components such as data, your license type may have an impact on your ability to use some of these advanced configurations. So moving over to something that's a little bit more digestible, some of our favorite security features by license type. For those of you that are users of Microsoft 365 Business Premium, we're huge fans of safe links, safe attachments and dynamic delivery. I will be going over those actually during a demo, so you might wanna pay a little extra attention to that. This license type is ideal for advanced security, faith-based organizations and mobile app protection. In the Office 365 Enterprise E3 license, our favorite security feature is Azure Rights Management Service. RMS is essentially the feature through which you are able to encrypt email messages. This is obviously ideal for clinics, social service and referral agencies, as well as legal aid organizations. Moving over to Office 365 Enterprise E5, my personal favorite, and I just had the pleasure of creating my first campaign last week is Attack Simulator. Attack Simulator is a platform through which an administrator can essentially create a campaign in which they are able to disseminate a test email. That test email could contain phishing components as well as and or malicious software that can be injected by users interacting with certain elements of the email. This is an ideal arrangement for organizations with larger international presence that may be more well-known and be more likely subject to attack by hackers, human rights organizations and those with complex regulatory demands. Okay, and with that, we're gonna go to the security defaults and configurations of the demo session. This is where Kevin's actually gonna take you into his tenant to show you how it's done. The first portion is MFA, multi-factor authentication. Thanks, Phil. Let me go ahead and then jump into my tenant here. So this is a demo tenant. So just that those of you are aware, this is not real or live information. This is information pre-populated fictitiously by Microsoft for the purpose of performing demonstrations to Microsoft customers. From the admin portal, which you can find at admin.microsoft.com, you will need to have a global administrator or similar permission level access in order to configure this to address multi-factor authentication after logging in. We're gonna go down to the left side dashboard, click settings, work settings, and then we're gonna scroll down to multi-factor authentication. I'm gonna click configure multi-factor authentication. In this particular case, you can see that MFA has been enabled. If you arrive at this page and you see that MFA is disabled, what you'll wanna do is click the check mark to select your group, or if you wanna do it at an individual level, and instead of it reading disable, it will read enable. This is the directional for clicking enforcement. I'm not going to do that, but to enforce MFA, you would need, after it's enabled, to then click enforce through the quick step menu options. So giving into the items, the item as far as MFA, where we've heard some concerns regarding the ability to authenticate for using a platform other than the Microsoft Authenticator app, this is where you wanna pay special attention. So I clicked on the service settings tab, and what I'm going to do is I'm going to scroll down, and you will see this check box right here. You'll wanna go ahead and click, I've turned this on previously, but the text message to phone, you'll want to enable that option, and then you'll want to hit save. There's some other items here, such as trusted IPs, and then remembering multi-factor on trusted devices. We can discuss that in greater detail later. If those are some items that you are interested in possibly learning how to configure, but for the sake of this demo, I'm just gonna go ahead and complete that. So next up, Phil, we have... Yeah, we're gonna raise the level of protection against malware. So from the same admin home portal, we're gonna go down to security, and this is gonna lead me into the defender for endpoint. We're gonna scroll down under email and collaboration to policy rules. You said this was anti-fishing, I'm sorry, Phil. No, this is raising protection against malware. Perfect, okay, so under policies, we're gonna click anti-malware, and I'm gonna go ahead and create a policy here. I'm gonna give it a name, it's just gonna be for demonstration. See, there you go. And then I'm gonna go ahead and give it a description, and then I'm gonna click next. So you'll see this across all of the units that we're gonna demonstrate here. So when you're assigning this policy to a tenancy, it can be done at a user level, it can be done at a group level, and it can be performed at a domain. If you are not using Microsoft 365 groups to manage policy within your tenancy, you will have to add each of your users in order to encapsulate that. If you are managing by groups, you can assign this to groups, and then you will want to add, if you have a custom domain, which I'm assuming you do at this point, if you're using Exchange for email, then you're gonna want to add your domain, which has already been configured. So for the sake of simplicity, I'm going to just apply this to a single individual within the demo account that I have, and then I'm going to add a domain. And you can also choose to exclude users or groups and or domains. If you're using multiple domains within a singular account, a.org, a.com, multiple.org names, you can go ahead and configure that there. I'm not going to for the sake of the demo. I'm going to click next. So we go down through here through protection settings. So by default, Microsoft disables certain document attachment types. So .ace.ani. You don't really need to know any of these per se, but if you're ever curious on understanding these, it's a value to know, especially something like an executable file, which is in EXE. If somebody is adding applications, such as installing Office, if it's through Windows, it runs through an executable file. So this is something that you're going to definitely want to have, which Microsoft already includes by default. If you ever have any questions about this or any other configurations, the really cool thing I want to point out is these eyes with circles give you a much better summary than I can probably articulate as to what this actual feature does. In the case here, specified file types are automatically identified as malware and email messages. So you can customize your file types if you want to exclude certain types. The next step down here is zero hour auto purge. You will see this in parenthesis where Microsoft identifies certain features or functions as recommended. For the majority of those, I can think about the top of my head. I probably would enable those. Again, if you have any questions on what that is, you can simply hover over the information arrow. Now, there are certain policies that when they're turned on or they begin enforcement, they will by default quarantine certain components. Now, you have to make a decision as part of the policy how you want a particular function to be quarantined. The demo guys are not cooperating with me right now. For this, I don't know why, but in this particular policy, what I'm going to want to do is I'm going to want to enable access only to an administrator and then you have notifications. Again, many hands make light work. So somebody either at an administrative standpoint or someone you designate that handles security within your organization's tenant, I would include notifications here to that two said admin. So I'm going to go ahead and just add as an example here about undeliverables. See if it's going to cooperate now and it's not. So I'm going to go ahead and click next. It's going to give me a review of the policy, what it includes as users, recipients, settings, et cetera. And then I'm going to go ahead and click submit. And I'm going to close that out. So the next, Kevin, are you ready? Ready. So the next thing we're going to talk about is how to protect against malicious attachments and files with safe attachments. All right, cool thing here about this demonstration is it's all under the same banner. So security, email, policy and rules, and then threat policies. So I'm going to click on safe attachments. I'm going to go ahead and click add to a policy, give it a name and a description. Again, just as how we demonstrated before, it's add a user and or group level and then your domain. And I'm going to click next. Okay. Now you'll notice here that the safe attachment policy is turned off by default. So going back earlier to that slide where we said one of our favorite things is safe links, safe attachments and dynamic delivery. Dynamic delivery is a preview future. So just so you understand that without getting too jargony that a preview feature is one that is available to use, but it doesn't necessarily mean that that's how the feature is going to work when it becomes what's called generally available. I still think that dynamic delivery is a fantastic feature because it allows you to look at the text within a mail message without actually receiving the attachment until it goes through a secondary scan. So at the very least I would want to configure this to block current and future messages and attachments with detected malware. Here, once again, go through the quarantine policy. I'm glad that this is cooperating through this portal because this is what you should have seen in the last one. I'm going to go ahead and enable the policy as admin only access policy. Regular users do not need to be concerned about this nor should they probably be dealing with this unless that you've designated them as either a global admin or a security administrator. So messages that are flagged, you can decide whether or not you want these to be redirected. So when dealing with security issues, my thought process is, and I'm speaking just from my experience, is that if there is something going on, it's worth investigating. So in the case of that, I would probably like this to be redirected to the admin account. And then I am going to press Next. And again, reviewing the policy here and then click Submit. Okay. And the last and not least, this is probably the most important, right? We're gonna show you how to protect against your email from phishing attacks. And keep in mind that this is the most damaging and most widespread threat to cybersecurity. So this is one of the most important features. Thanks, Phil. So from here, I'm gonna click the anti-phishing policy. I'm going to create a name for the policy, description. Again, this comes down to user group domain. So you'll notice that the user interface is a little bit different here. So what it starts out here is with a meter. This is somewhat similar to the toggle that you have in SharePoint access controls through the admin portal in that there are multiple levels of protection. As you can see here, again, I love these informational components that they have. This explains to you that it controls the sensitive for applying ML models to messages or determining phishing verdict. So really quickly, just to get on about this, my thought process with this and more, and I will double back to all of the components that we're showing here is that it's important that you test these first. The reason obviously for that is in the case of phishing or anything to do with email, the goal here is really not to, certain email flows need to come in, right? Like you get that no dash reply from TechSoup. Now you can address those things and save sender links, but if you find that you are not receiving email from say a partner, for example, or another organization that you work with directly, it may be worth taking a look at how the Exchange Online Protection default configuration is handling message flows, right? So here you have it down from one to standard to the most aggressive policy. This explains how it treats those. Again, this is something that you're going to, like all these policies, you'll wanna test them first within like a small user group. And then you could then move those into full active what they call production. So in here with impersonation, this is, these are a couple of features I'm just going to turn on just because I find value in those, this is deals specifically with things like spoofing and trusted senders. I'm gonna go ahead and enable users to protect and then enable impersonation protection. And I'm going to, in this case, include the domain that I've been using as an example. And the domain that I own is the domain that I have been putting in the domain box when configuring these. Added trusted senders and domains. This is something to control at the level. Again, this goes back to, are you dealing with someone that's at example.org? And their emails are not coming through. This is where as an administrator, you want to take a second and go, do I want to include that full domain listing as a trusted sender? Because again, EOP will sometimes detect local UPN aliases, which is the at the left of the at sign and or the contents that are within an email itself, things like that have like a lot of links to them, a lot of pictures, and we'll just automatically assume that this doesn't save. Most of the time, that's a great thing. There are some times where you will run into issues on very occasions where you have an issue. Again, that's where you may want to address that under the trusted senders and or domains. The enable intelligence for impersonation protection. It explains down here what that is. Again, Microsoft recommends it. I would recommend it being turned on. The last part here is spoof intelligence, which kind of ties into all of this. It's protecting the domain like at the DNS level and then enabling spoof intelligence. These are all good things to do. You can of course learn more about all of these, which is the great thing that Microsoft has is there are links to a majority of the configurations they have. I'm gonna go ahead and click next. Now, as far as safety tips and indicators, now again, you just hover over to what the information arrow shows. And this tip is to show recipients when they first receive a message from a sender or they don't regularly receive messages from the sender that Microsoft has a default message that it pops up to them to say, hey, there's something about this email that you might wanna take a secondary look at in a capacity as an administrator or even from a security standpoint, you don't necessarily have the ability to constantly be looking at everything all the time. So that's something I'd recommend just really turning on because it's better to get a phone call or a message from somebody in your organization saying, hey, Microsoft took a look at this. I don't really understand what this is. Like, you know, and then at that point that's where the investigation process might begin. You can also put on a toggle on to impersonation safety tips, domain impersonation safety tips, unusual character safety tips. Again, you can look up what these are and then decide whether or not that's best for you. To me, I'm more of a fan about just general notifications and or disclaimers to keep things a little bit more manageable in the beginning until you're comfortable with advanced security configurations. I'm gonna go ahead and click next and this is a review of the policy and then I'm going to click submit. All right, Kevin, thank you for that demo and for the audience, I know that was a lot. So we have a couple of resources here to help you as well as the Q&A that we're gonna do, but I wanna share with you our resources page. I highly recommend joining our digital transformation forum. You can find how-to videos, guides, post questions and have conversations with fellow members. The forum is moderated by this exact team and we do our best to answer all your questions in a timely manner. It's a bit of a self-help model but I find it very, very useful. And once again, we'll be sending a copy of the deck to anyone who's registered for this event and the links for these resources should be available on chat at this time. Another thing I wanna highlight is that we have a security in the cloud course and that should be available in chat as well. It's about $10, it's very well worth it. So you should consider that. And with that, we're gonna open the floor to questions. There's a couple in the chat so we could start there. Okay, give me one moment folks. Okay, Kevin, you ready to start the Q&A session? I'm ready. Okay, Brad asks, what data is protected by 365? Do you mean SharePoint and OneDrive? Any other apps? So digital assets in general. So SharePoint is the definitive repository for your data, right? So it's essentially a file server in the cloud. So the contents that you create within that are those that are considered data or digital assets are what's protected as part of that. So it could be PowerPoint presentations, it could be Excel spreadsheets, it could be Word documents, it could be Teams chats because Teams is backed up, information is backed up in SharePoint. So it extends to all of those types of assets for lack of better words that are contained within 365. Okay, and the next question is for Marty. He says Marty is in Office 365 E3 and does not see the Safe Attachments option wrong license? The feature that enables Safe Links and Safe Attachments is Defender for Office 365 Plan 1. The Office 365 E3 license, I do not believe has that feature. I'd have to double check to confirm that, but I'm fairly certain that that's the case. Kevin, are there any add-ons that Marty can look into? Yeah, the Defender for Office 365 Plan 1, I believe is, I don't wanna misquote the price, I think it's like 80 cents per user. But in the particular case of E3, to be honest, it might even be worth looking at Defender for Plan 2, for Defender for Office 365 Plan 2, just because of privileged identity management. But that's something I'd be more than happy to talk about at a greater length personally. Okay, thank you, and we'll address that at the end as well. Kurt asks, is first contact safety tip always given for any email from the contact first time, or just if it would otherwise qualify as phishing? Yeah, only if the AI and ML would actually indicate that there's a higher potential that it is. So the platform that is used, like there's a library that defines these, that Microsoft obviously has ownership of that. So it's really about whether or not it's going to recognize that there is a potential risk there. It's not gonna be something that's by default, it's gonna be something that it recognizes as potentially malicious, and it's going to provide that notification as a result of that trigger being basically turned on, if you will, though. If you find in any case, if you find that something is, and I'm gonna be straight up, is that there are certain triggers, and we had this conversation a lot, where there's what's called false flags. If you find that something is returning a lot of false flags or false positives, then that's a time to look at what the policy is in general. Maybe it's something that doesn't need to be, again, be applied to everybody. Maybe it's something that needs only to be applied to certain people with either PPI or PHI or bank information or something of that nature. But the great thing about this is that you have the ability to toggle features on and off. You have the ability to apply these policies at a user or Android group level. Okay, thanks, Kevin. So Michael T. As, who's actually on camera, does adding these security policies negate the need for installing Norton on individual computers? That's a really good question. So as far as like Norton Lifelock, Barracuda email essentials, Bitdefender Gravity Zone, this is really, they're all great products. So it's really like, what is your cup of tea? Like, I like cheese on my hamburgers. You know, some people don't. So it doesn't negate the use of a secondary tool and Microsoft, that's why Microsoft has a ton of secondary and tertiary partners because they recognize that there are certain things that they do well and they recognize that there are things that other people do well. So really it's just about, again, it's testing the value of these policies. So that's the cool thing is the ability to just kind of isolate a couple of accounts. They don't even have to be like necessarily real accounts. They could be licensing that you picked up to just try and apply these features and test them. They could even be through a trial acquisition, a 30 day trial acquisition and then just see how this is. If you feel that after reviewing, building out your tendency using these features provides a equivalent level of security, then you could perhaps run that all within one. But if you're comfortable that you know, like, you know, that's like, I really would encourage you to use what's most comfortable with and you feel most protected with. Yeah, I've heard I'm working with another customer right now and we use the term wearing a belt and suspenders. So this is probably an example of that. Okay, Paul asked, can Office 365 detect encryption activity initiated by ransomware attack and stop the process? So the email itself, it's as far as how that, like how Log Analytics, for example, work, that's one of the components that will pull that in. When there is encryption, like depending on what type of encryption is, again, this is configuration policies. Decrypting mail messages are something that you do have control over. So if somebody is transmitting, for example, a message encrypted using SMEM, you can actually control it to where that message is not released until you take a secondary look at it. I can follow up with information regarding that because if you're in an environment where you're, again, PPI, PHI, you're using standard and or SMEM, or if you're even bringing over like a self-published certificate from Exchange on-prem, like that's something that merits a much deeper conversation. Okay, great. And Marty just had a comment here. He said he was breached in September. So he wants to strengthen up his security as well. But Marty, we've heard a couple of our customers say the same thing and they even went so far as to do ransomware. And luckily, what this one particular customer we have, they were able to recoup their data and they didn't have to pay the ransom, but we've seen it happen. So that's why security is such a hot topic these days. Okay, oh, go ahead, Kevin. Yeah, no, first off, the big thing to me is just the psychology behind security, right? Is that there are people that look at that and think of that as something that it is terrible, but really kind of think of it as a learning opportunity too. And that's where you could even get into something like a tax simulator like I was talking about. There's nothing wrong with testing how in tune your users are with email security, like understanding that simple things, like should this person even be emailing me right now? Like it's like if I'm talking with Phil and then we're going back and forth, I can anticipate if it's something by email that there's probably a greater chance that this is a legitimate email and you might not necessarily think twice about it. Now, if he messages me at one o'clock in the morning with something that has nothing to do with anything, that's probably gonna be a cause for concern. I thought he would probably do that, but that's something where it's like, where is the logic behind the content of the email, the time of the email? And even honestly, just taking a quick look to see where the domain comes from because domain spoofing is something where there's an injection in like the DNS top level where it's just like, you could say like tech soup, but spelling tech with like three C's or two C's, you wouldn't necessarily catch that, but somebody of course has gone out and taken the time to do that with the hope that by leasing that domain and sending you that malicious email that you're not gonna pay attention to it because you're just gonna glance over it, you recognize the name, you didn't really look at the domain that it came from. Those are the kind of things where it's just like, understanding where people are at on that is a great educational opportunity. Yeah. Okay, can you enable MFA for all users at one time and then work with users individually to activate, configure over a few days? So you can enable it and then work with them and then enforce that as a policy afterwards, like how I was showing in that. So yeah, you can work with individuals again. If they're struggling with something like Authenticator, I get it, it's not the easiest thing. I spent an hour and a half with my dad setting that up. Yeah, it's something where you could schedule that. Again, you just don't want like basic authentication, but that's really the takeaway from this. Username and password just doesn't cut it anymore. And even something like where even passwordless, yeah, lots of dancer care. So that's good. Like even something passwordless might be worth discussing. And again, that goes into something that I mentioned earlier called Azure Seamless Single Sign-On. So there is a little bit of a step with that, not gonna get into the details of it during this webinar, but it might be something worth having a discussion about with us, maybe even with one of our managed partner providers to where you honestly, you identify what the best security scenario is for you again, going forward and just make sure that you've moved beyond username and password. Okay, I don't see any more questions, but I do, I think this group is small enough where we can try something different. If you are comfortable enough, you can go off mute and ask the question. It was easier without having to type in your question or you can raise a hand, whatever you're comfortable with. I know this complex, this topic is very complex, yet very necessary for your organization. So that being said, I'd like to offer a special 30 minute session with our customer success team and Kevin to do a deeper dive into your tenant. No agenda, just bring your questions, come and ask anything you like and we can do our best to help. If you need security assessment, we can help you out there as well. We can refer some services. If you're interested, email us at customer success at techsoup.org, which should be available in the chat now and we'll send you an invitation. Or you can book directly with Kevin using his bookings link which is also available in the chat box. Vanessa, can you add our, okay, I see that email, sorry about that. So it looks like we don't have any other questions and we can offer a little bit more one-on-one time but thank you again for joining us and we look forward to seeing you in the next session on October 19th, where we will focus on Microsoft Outlook. We'll discuss the best practices, explore tips and tricks to help improve communication and collaboration. We are building upon working on apps which is what the audience recommended or suggested. So we'll start with Outlook. We'll move on to Teams. We'll go to SharePoint and OneDrive as we progress through our webinar series here or virtual office hours. With that, once again, I'd like to thank you and oh, looks like we have a question here. Dave, was that you? That was me clicked it by accident, sorry. Okay, no worries. Anyway, thank you again for attending. We're so happy that year we, this is a makeup session so appreciate your time. Spending it out with us means a lot to us and hope to see you soon. Okay, thank you everyone.