Lync and learn   data security and compliancy
Upcoming SlideShare
Loading in...5

Lync and learn data security and compliancy






Total Views
Views on SlideShare
Embed Views



0 Embeds 0

No embeds



Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment

    Lync and learn   data security and compliancy Lync and learn data security and compliancy Presentation Transcript

    • Jethro Seghers@jseghers –
    • Located in Belgium Provides IT Business Consultancy  SharePoint 2010 and Online  Cloud Services – Office 365 and Windows Intune  IT as a service – MOF and ITIL v3@jseghers –
    • Agenda Office 365 Terminology Infrastructure settings Exchange Online Lync Online SharePoint Online Sources of Information@jseghers –
    • Data Security
    • The protection of data fromunauthorized (accidental or intentional)modification, destruction, or disclosure
    • Data Compliance
    • Compliance is either a state of being inaccordance with establishedguidelines, specifications, or legislationor the process of becoming so
    • Infrastructure
    • Overview Microsoft Datacenters & their locations DataFlow Privacy Encryption Identity Protection Password Policies@jseghers –
    • Microsoft Datacenters . Physical Security  Secure physical access for authorized personnel only  State of the Art datacenters Hosted Applications Security  Anti SPAM  Encryption Mail Security Development Lifecycle  Potential threats while running a service  Exposed aspects of the service that are open to attack@jseghers –
    • Microsoft Datacenters .. Secured Office 365 Services Infrastructure  Server Monitoring via System Center  Secure Remote Access via RDS  Intrusion Detection Network-level Security Measures  Customer Access via SSL  Uptime 99,9 % Identity & Access Management  Access control follows the separation of duties principle and granting least privilege.@jseghers –
    • Where is our data stored: Example: EMEA A primary data center is where the application software and the customer data running on the application software are hosted. A backup data center is used for failover purposes Data center Dublin: Primary for F.O.P.E. Data center The Netherlands: SharePoint Online Dublin + The Netherlands: interchangeably Exchange Online + Lync Online@jseghers –
    • What is stored in the US: EMEA Customer Information Microsoft Online Portal Routing Lync Online Communications Office 365 Authentication Additionally, Microsoft abides by the Safe Harbor Framework for transfer of data between the European Union and the United States.@jseghers –
    • Privacy .Microsoft Online Usage Data Account and Customer Data CoreServices Customer Address Book (excluding Core Customer DataData Data Customer Data)Operating and Yes Yes Yes YesTroubleshooting theServiceSecurity, Spam and Yes Yes Yes YesMalware PreventionImproving the Yes Yes Yes NoPurchased Service,AnalyticsPersonalization, No Yes No NoUser ProfilePromotionsCommunications No Yes No No(Tips, Advice,Surveys,Promotions) – @jseghers
    • Privacy ..Microsoft Online Usage Data Account and Customer Data CoreServices Customer Address Book (excluding Core Customer DataData Data Customer Data)Voluntary No No No NoDisclosure to LawEnforcementAdvertising No No No No @jseghers –
    • Encryption HTTPS Communication with HTTPS Communication between clients and Exchange Online for all protocols PGP: Transportation and storage of Exchange Online Messages Lync Online: Instant Messaging, IM Federation SharePoint Online: HTTPS Connection (only for Enterprise)@jseghers –
    • Identity Protection Identity stored in Microsoft Online Identity federation via SSO Granular Licenses Different Administrator Roles@jseghers –
    • Identity architecture: Identity options1. Microsoft Online IDs Microsoft Office 365 Services Bronze Sky customer premises Trust Federation Exchange Gateway Online Active Directory Authentication Federation Server platform SharePoint 2.0 IdP Online IdP MS Online Directory Provisioning Sync Directory Lync AD platform Store Online Service connector Admin Portal
    • Identity options comparison 1. MS Online IDs 2. MS Online IDs + Dir Sync 3. Federated IDs + Dir SyncAppropriate for Appropriate for Appropriate for • Smaller organizations without • Orgs with AD on-premise • Larger enterprise organizations AD on-premise with AD on-premise ProsPros • Users and groups mastered on- Pros • No servers required on- premise • SSO with corporate cred premise • Enables co-existence scenarios • Users and groups mastered on- premise Cons • Password policy controlled on-Cons • No SSO premise • No SSO • 2 sets of credentials to manage • Enables co-existence scenarios • 2 sets of credentials to with differing password policies manage with differing • Single server deployment Cons password policies • High availability server • Users and groups mastered in deployments required the cloud
    • Password Policy Password Restriction: 8 characters minimum and 16 characters maximum  Values allowed:  A-Z  a-z  0-9  !@#$%^&*-_+=[]{}|:‘,.?/`~“<>();  No UNICODE  Cannot contain the username alias (part before @ symbol) Password expiry duration:  This is set to 90 days and is not configurable@jseghers –
    • Password Policy Password expiry:  Can be enabled/disable via powershell at user level Password strength  Strong passwords require 3 out of 4 of the following:  Lowercase characters  Uppercase characters  Numbers (0-9)  Symbols (see password restrictions above) Password history  Last password cannot be used again@jseghers –
    • Password Policy Account Lockout  After 10 unsuccessful logon attempts (wrong password), the user will need to solve a CAPTCHA dialog as part of logon.@jseghers –
    • Is thisIndependentlyVerified?
    • MS Online Certification and Compliance Finder Certified for ISO 27001 EU Safe Harbor HIPAA-Business Associate Agreement Data Processing Agreement FISMA@jseghers –
    • Exchange Online
    • Exchange Online . Archiving  100 GB for E Subscriptions – 25 GB for P Subscriptions Moderation Security/Distribution Groups Item Level Recovery  14 days Transport Rules Retention Policies – Managed Folder Assistent Deleted Mailbox Recovery  Within 30 days@jseghers –
    • Exchange Online .. Journaling F.O.P.E. Auditing Retention Hold  Only via PowerShell  Disables Retention Policies on Mailbox Litigation Hold  Only via PowerShell  Logging of every change on a Mailbox Mobile Device@jseghers –
    • DEMO
    • Lync Online
    • Lync Online Privacy Settings External Communications User Defined Settings  Sending files via IM  Make audio and video calls  Record Call and conferences  Federation with Lync users in other organizations  Federation with Users of public IM service providers  Dial-in Conferencing@jseghers –
    • DEMO
    • SharePoint Online
    • SharePoint Online . Information Management Policy – Records Use Of Term Store & Required Fields – Content Types Drop Off Library Audit Blocked File Types Security Versioning Recycle Bin Backup: 14 days@jseghers –
    • SharePoint Online .. Governance defines your security and compliancy  Very hard to maintain and to make it required.  Missing functionalities that are available on Premise.@jseghers –
    • DEMO
    • 3rd Party Tools Backup SharePoint Online:  Metavis  AvePoint: DocAve Online Compliance Tools:  Axceler: Control Point  AvePoint: DocAve Online@jseghers –
    • Sources Of Information Office 365 Trust Center : us/office365/trust-center.aspx Service Description Office 365 Password Policy Security White Paper Data Boundaries@jseghers –
    • Questions