Most companies have moved into the cloud and on-premises applications and systems remain. This configuration is reasonably referred to as "hybrid"; in the cloud and not at the same time. Hybrid cloud requires integration and communication between the remaining on-prem infrastructure and the new(er) cloud services.
This talk describes several scenarios that appear to subvert typical security and protections which involve federation configuration, Identity Access Management (IAM), and interaction between SaaS and IaaS in the Microsoft Cloud.