You are admin'ing wrong!

In the world of Microsoft Entra and M365, privileged accounts are the managers, and the Global Administrator holds the master key to your entire kingdom. You’d expect these accounts to be protected from any compromise, yet in real environments they’re often exposed by weak processes, misconfigurations, and a false sense of security.

You Are Admin’ing Wrong! is an advanced (Level 300) deep‑dive into real‑world security missteps I’ve seen first‑hand while working with customers as a consultant. Too often, privileged accounts in Entra are wide open to theft or misuse. Sometimes through simple oversights, sometimes through risky shortcuts.

In this session, I’ll dissect some of the most common gaps, including:

- Missing or untested break‑glass accounts
- No Privileged Access Workstations (PAWs)
- Poorly scoped Conditional Access rules
- Role‑based access control blind spots
- Stale privileged identities
- MFA setups that look secure, but aren’t

By the end you’ll know exactly what to check, and how, so you can avoid some of the most common admin mistakes out there.

Urgent access without security compromise!

Disasters don't wait until it is convenient; they strike when you're busy or unavailable! So let us show you how Microsoft Entra and Microsoft Purview can work together and form a highly secure access solution, which is flexible enough to provide temporary access in times of crises.

Hold onto your access tokens! Per-Torben is packing his bags and heading to sunny Spain. But while he is sipping sangria, disaster strikes back home in Norway, and suddenly he needs to step in and this requires immediate access to a top secret project. But surely we can't give him access to this incredibly sensitive project without compromising our security posture! Or can we?

In this session, Åsne Holtklimpen and Per-Torben Sørensen explains how Microsoft Entra and Microsoft Purview can work together and form a highly secure access solution which is flexible enough to provide temporary access from sunny Spain in a time of crisis.

We will explain and demo:
* How Conditional Access policies and Access Packages provide flexible geo-filtering for your environment
* How sensitivity labels can tap into Conditional Access policies and together they can be your best travel companions
* Why Microsoft Information Protection (MIP) is the (sun)screen your data needs, no matter where in the world you are.

Kontroll i AI-alderen: Her er hvordan vi faktisk får det til

✔️ Datasikkerhet og tilgangsstyring
Copilot bygger på den samme sikkerhetsmodellen som resten av Microsoft 365. Den ser bare det brukeren har tilgang til – akkurat som om det var en menneskelig kollega. Du får ingen innsikt du ikke egentlig skulle hatt. RBAC, DLP, Purview – det spiller alle sammen inn.

✔️ Informasjonsstyring og governance
Med Microsoft Purview får du innsikt i hva AI har tilgang til, hvor data ligger, og hvordan det brukes. Sensitiv informasjon kan klassifiseres og beskyttes – og AI forholder seg til det.

✔️ Transparens og sporbarhet
Alle AI-genererte forslag og handlinger kan spores. Du vet hvor informasjonen kommer fra, og du kan ettergå beslutningene. AI blir ikke en svart boks – det blir et gjennomsiktig verktøy du har kontroll over.

How on earth do we stay in control in a Copilot world?

We are in the middle of a technological quantum leap – AI agents, automation, and Copilots working around the clock for us. It’s powerful. It’s efficient. But let’s be honest: how much control do we really have when AI reads, interprets, and acts on our behalf at record speed?

Welcome to a new everyday life with intelligent assistants
Microsoft Copilot is no longer just a tool – it’s a digital colleague. It pulls insights from Teams, Word, Outlook, SharePoint, and Planner. It suggests, writes, prioritises, and even thinks – almost. And the big question is:
How do we make sure it does this correctly, safely, and with the right access?

No more identity theft! Harden your identity security today

This session is a level 300 session designed to provide a comprehensive understanding of how to enhance the security of Entra ID using Conditional Access and passkeys. The session begins with an overview of Multi-Factor Authentication (MFA) in Entra ID, a robust identity management solution, and the importance of identity security and MFA in the current digital landscape.

The focus then shifts to Conditional Access, a critical component in maintaining security. Participants will learn how Conditional Access works and how it can be leveraged to strengthen Entra ID security. The session will delve into the steps for hardening Conditional Access, providing participants with practical knowledge they can apply in their organizations.

The session also covers the use of passkeys as an additional layer of security. Participants will learn how passkeys can be integrated with Entra ID and Conditional Access for enhanced security and perhaps even a passwordless solution.

Copilot og informasjonssikkerhet

Et år etter - Har vi lært å sikre dataen?
Det ser ut til at mens noen organisasjoner har styrket sine datahåndteringsprosesser, har andre oppdaget “gammel gjeld” i form av eksisterende sikkerhetshull eller mangler i tilgangsstyringen. Dette har ført til en viktig læringskurve for mange, og understreker behovet for kontinuerlig vurdering og forbedring av informasjonssikkerhetspraksiser.

Så hvordan kan vi sørge for at vi sikrer oss?

Unlocking Digital Safety: Mastering Information and Identity Security in M365

Ever wondered how to ensure using Copilot and other digital tools remains safe and effective? What roles do Microsoft Purview and Copilot Security play in creating a secure information and identity environment? This session explores why confidentiality, integrity, availability, identity security, and legal compliance are crucial. Learn how M365 tools, combined with Microsoft Purview and Copilot Security, provide the security foundation for your data, ensuring only authorized access.

Despite ongoing discussions about securing data with Copilot, many organizations still face challenges in prioritizing it and understanding its importance. In this session, you will discover the essential role of Microsoft Purview and Copilot Security in safeguarding your environment from unauthorized access, data breaches, and compliance risks. You will also learn how these tools can help you manage and govern your data across M365 and other platforms.

This session is ideal for those looking to understand the critical role of Microsoft Purview and Copilot Security in creating a secure information and identity environment within the M365 universe. The session highlights the importance of using Microsoft Purview and Copilot Security to ensure a secure and compliant environment within the M365 universe, and aims to provide insights into how these tools can help manage and govern data, safeguard against unauthorized access, and mitigate compliance risks.

Copilot and Information security

Time flies when you are having fun with Copilot - Have we finally secured our data or just lost track of time?

What do we have to think about when we start with Copilot - a inspiring session with a bit of technology

Hit PLAY on Copilot - What could possibly go wrong`?

What happens when you want to hit PLAY and give yourself the turbo boost you need to accelerate user adoption? And when you hit PAUSE and say: “Wait a moment!” before unleashing AI. Here we’ll give you the most important safety measures you need to have in place – otherwise, things can go wrong.

This is not just a presentation – it’s a wake-up call with real stories, practical tips, and experiences from the real world.
So… will you press Play or Pause?
Come and find out what happens when you give Copilot control – with both your head and your heart in the right place.

Agents in the Wild – Taming Copilot Studio for Real Work

Copilot Studio agents can run free like wild animals—or be carefully trained to handle real-life business processes with precision. In this session, Åsne Holtklimpen and Gunnar Reyr Sigurðsson will take you on a playful safari through the world of Copilot Studio, showing how agents can bring real value when designed with the right mix of creativity and guardrails. We’ll explore how to capture ideas, turn them into working agents, and keep them from turning into compliance nightmares. Expect real examples, smart tips, and a dose of humour as we balance the excitement of “anything is possible” with the reality of keeping your environment safe. Curious about what agents can really do?