SlideShare a Scribd company logo

Office 365 Security And Compliance

Download as PPTX, PDF
Microsoft
Microsoft

Office 365 Security And Compliance

Technology
1 of 27
Security & Compliance NielsKjelstrup
Our commitment to trust
Customer challenges 2 billion records compromised in the last year 140+ days between infiltration and detection 87% of senior managers admit using personal accounts for work 45% of organizations lack data governance which leaves them open to litigation and data security risks Ever-evolving industry standards across geographies
Our unique approach
Our unique approach
Our security platform
User log-ins Unauthorized data access Data encryption Malware System updates Enterprise security Attacks Phishing Denial of service User accounts Device log-ins Multi-factor authentication
300B 1B 200B Our unique intelligence
Our unique approach
Our partnership approach
Enterprise reliability via 100+ data centers and Microsoft’s global network edge Compliance leadership with standards including ISO 27001, FISMA, and EU Model Clauses No standing access to data, transparent operational model, and financial-backed 99.9% SLA Secure by design, operationalized at the physical, logical, and data layers Global, hyper-scale, enterprise-grade infrastructure
Over 1000 controls in the Office 365 compliance framework enable us to stay up to date with the ever-evolving industry standards across geographies. Trust Microsoft’s verified services. Microsoft is regularly audited, submits self-assessments to independent 3rd party auditors, and holds key certifications. Key certifications United States CJIS CSA CCM DISA FDA CFR Title 21 Part 11 FEDRAMP FERPA FIPS 140-2 FISMA HIPPA/HITECH HITRUST IRS 1075 ISO/IEC 27001, 27018 MARS-E NIST 800-171 Section 508 VPATs SOC 1, 2 Argentina Argentina PDPA CSA CCM IRAP (CCSL) ISO/IEC 27001, 27018 SOC 1, 2 Spain CSA CCM ENISA IAF EU Model Clauses EU-U.S. Privacy Shield ISO/IEC 27001, 27018 SOC 1, 2 Spain ENS LOPD United Kingdom CSA CCM ENISA IAF EU Model Clauses ISO/IEC 27001, 27018 NIST 800-171 SOC 1, 2, 3 UK G-Cloud Japan CSA CCM CS Mark (Gold) FISC ISO/IEC 27001, 27018 Japan My Number Act SOC 1, 2 Singapore CSA CCM ISO/IEC 27001, 27018 MTCS SOC 1, 2 New Zealand CSA CCM ISO/IEC 27001, 27018 NZCC Framework SOC 1, 2 Australia CSA CCM IRAP (CCSL) ISO/IEC 27001, 27018 SOC 1, 2 European Union CSA CCM ENISA IAF EU Model Clauses EU-U.S. Privacy Shield ISO/IEC 27001, 27018 SOC 1, 2, China China GB 18030 China MLPS China TRUCS
Privacy Customer is the owner of their data. We do not mine customer data for advertising purposes. Privacy controls enable you to configure your company privacy policies. Microsoft advocates for data privacy on behalf of customers. Microsoft safeguards customer data with strong contractual commitments.
Transparency Know where your data is stored. Understand who has access your data and under what circumstances. Monitor the state of your service, get historic view of uptime. Integrate security events’ feeds into your company security dashboard. Gain insight with access to service dashboards & operational reporting.
Security Built-in operational security Safeguards to prevent unauthorized access and data loss Detect and protect against external threats
Operational security Physical security with 24-hour monitoring and multi-factor authentication Admin background checks Zero-standing access to data Data encryption at-rest and in-transit Red team / Blue team penetration testing and incident response practice Product development using Security Development Lifecycle Bug bounty program to identify vulnerabilities
Safeguarding your data Identify, label, classify, set policies to help protect information. Encrypt your data and restrict access using Azure Information Protection. Safeguard information with Data Loss Prevention. Get visibility into and improve your security position with Secure Score Restrict unauthorized data sharing across apps with MAM. Prevent data leaks with support for Windows Information Protection. Manage data on devices through built-in MDM. Securely communicate with customers using Message Encryption. Personal apps Managed apps
Detect and protect against external threats Block 100% of known malware and 99% of spam with Exchange Online Protection. Provide zero-day protection against unknown malware in attachments and links with Advanced Threat Protection. Providing actionable insights to global attack trends with Threat Intelligence. Get alerts of suspicious behavior using Advanced Security Management. Secure user accounts with Conditional Access and multi-factor authentication.
Compliance Meet compliance obligations for data access with Customer Lockbox. Monitor and investigate events related to your data with full audit tracking. Reduced cost and risk with in-place intelligent Advanced eDiscovery. Efficiently perform risk assessment with Service Assurance. Manage data retention with Advanced Data Governance.
Discover: In-scope: • • • • • • • • • • Inventory: • • • • • • • Microsoft Azure Microsoft Azure Data Catalog Enterprise Mobility + Security (EMS) Microsoft Cloud App Security Dynamics 365 Audit Data & User Activity Reporting & Analytics Office & Office 365 Data Loss Prevention Advanced Data Governance Office 365 eDiscovery SQL Server and Azure SQL Database SQL Query Language Windows & Windows Server Windows Search Example solutions 1
2 Example solutions Manage: Data governance: • • • • • • • • Data classification: • • • • • • • Microsoft Azure Azure Active Directory Azure Role-Based Access Control (RBAC) Enterprise Mobility + Security (EMS) Azure Information Protection Dynamics 365 Security Concepts Office & Office 365 Advanced Data Governance Journaling (Exchange Online) Windows & Windows Server Microsoft Data Classification Toolkit
3 Example solutions Protect: Preventing data attacks: • • • • • • • • Detecting & responding to breaches: • • • • • • Microsoft Azure Azure Key Vault Enterprise Mobility + Security (EMS) Azure Active Directory Premium Microsoft Intune Office & Office 365 Advanced Threat Protection Threat Intelligence SQL Server and Azure SQL Database Transparent data encryption Always Encrypted Windows & Windows Server Windows Defender Advanced Threat Protection Windows Hello Device Guard
4 Example solutions Report: Record-keeping: • • • • • Reporting tools: • • • • • • Microsoft Trust Center Service Trust Portal Microsoft Azure Azure Auditing & Logging Microsoft Azure Monitor Enterprise Mobility + Security (EMS) Azure Information Protection Dynamics 365 Reporting & Analytics Office & Office 365 Service Assurance Office 365 Audit Logs Customer Lockbox Windows & Windows Server Windows Defender Advanced Threat Protection
• Microsoft.com/GDPR
© 2015 Microsoft Corporation. All rights reserved. 27

Recommended

2 Modern Security - Microsoft Information Protection
2 Modern Security - Microsoft Information Protection2 Modern Security - Microsoft Information Protection
2 Modern Security - Microsoft Information ProtectionAndrew Bettany
 
How Microsoft 365 can help with GDPR compliance
How Microsoft 365 can help with GDPR complianceHow Microsoft 365 can help with GDPR compliance
How Microsoft 365 can help with GDPR complianceIT Masterclasses
 
Microsoft Azure Information Protection
Microsoft Azure Information Protection Microsoft Azure Information Protection
Microsoft Azure Information Protection Syed Sabhi Haider
 
Azure information protection_datasheet_en-us
Azure information protection_datasheet_en-usAzure information protection_datasheet_en-us
Azure information protection_datasheet_en-usKjetil Lund-Paulsen
 
Get ahead of cybersecurity with MS Enterprise Mobility + Security
Get ahead of cybersecurity with MS Enterprise Mobility + Security Get ahead of cybersecurity with MS Enterprise Mobility + Security
Get ahead of cybersecurity with MS Enterprise Mobility + Security Kjetil Lund-Paulsen
 
Microsoft 365 Security and Compliance
Microsoft 365 Security and ComplianceMicrosoft 365 Security and Compliance
Microsoft 365 Security and ComplianceDavid J Rosenthal
 
One name unify them all
One name unify them allOne name unify them all
One name unify them allBizTalk360
 
Microsoft Cloud Application Security Overview
Microsoft Cloud Application Security Overview Microsoft Cloud Application Security Overview
Microsoft Cloud Application Security Overview Syed Sabhi Haider
 

Recommended

2 Modern Security - Microsoft Information Protection
2 Modern Security - Microsoft Information Protection2 Modern Security - Microsoft Information Protection
2 Modern Security - Microsoft Information ProtectionAndrew Bettany
 
How Microsoft 365 can help with GDPR compliance
How Microsoft 365 can help with GDPR complianceHow Microsoft 365 can help with GDPR compliance
How Microsoft 365 can help with GDPR complianceIT Masterclasses
 
Microsoft Azure Information Protection
Microsoft Azure Information Protection Microsoft Azure Information Protection
Microsoft Azure Information Protection Syed Sabhi Haider
 
Azure information protection_datasheet_en-us
Azure information protection_datasheet_en-usAzure information protection_datasheet_en-us
Azure information protection_datasheet_en-usKjetil Lund-Paulsen
 
Get ahead of cybersecurity with MS Enterprise Mobility + Security
Get ahead of cybersecurity with MS Enterprise Mobility + Security Get ahead of cybersecurity with MS Enterprise Mobility + Security
Get ahead of cybersecurity with MS Enterprise Mobility + Security Kjetil Lund-Paulsen
 
Microsoft 365 Security and Compliance
Microsoft 365 Security and ComplianceMicrosoft 365 Security and Compliance
Microsoft 365 Security and ComplianceDavid J Rosenthal
 
One name unify them all
One name unify them allOne name unify them all
One name unify them allBizTalk360
 
Microsoft Cloud Application Security Overview
Microsoft Cloud Application Security Overview Microsoft Cloud Application Security Overview
Microsoft Cloud Application Security Overview Syed Sabhi Haider
 
Introduction to Microsoft Enterprise Mobility + Security
Introduction to Microsoft Enterprise Mobility + SecurityIntroduction to Microsoft Enterprise Mobility + Security
Introduction to Microsoft Enterprise Mobility + SecurityAntonioMaio2
 
Identity and Data protection with Enterprise Mobility Security in ottica GDPR
Identity and Data protection with Enterprise Mobility Security in ottica GDPRIdentity and Data protection with Enterprise Mobility Security in ottica GDPR
Identity and Data protection with Enterprise Mobility Security in ottica GDPRJürgen Ambrosi
 
Primend praktiline konverents - Office 365 turvalisus
Primend praktiline konverents - Office 365 turvalisusPrimend praktiline konverents - Office 365 turvalisus
Primend praktiline konverents - Office 365 turvalisusPrimend
 
Microsoft Security - New Capabilities In Microsoft 365 E5 Plans
Microsoft Security - New Capabilities In Microsoft 365 E5 PlansMicrosoft Security - New Capabilities In Microsoft 365 E5 Plans
Microsoft Security - New Capabilities In Microsoft 365 E5 PlansDavid J Rosenthal
 
Office365 security in depth
Office365 security in depthOffice365 security in depth
Office365 security in depthAlberto Pascual
 
Microsoft Advanced Security & Compliance
Microsoft Advanced Security & ComplianceMicrosoft Advanced Security & Compliance
Microsoft Advanced Security & ComplianceChris Genazzio
 
Security management
Security managementSecurity management
Security managementDean Iacovelli
 
Azure information protection
Azure information protectionAzure information protection
Azure information protectionKjetil Lund-Paulsen
 
Tackling GDPR with Microsoft 365 and Office 365 - SpiceWorks
Tackling GDPR with Microsoft 365 and Office 365 - SpiceWorksTackling GDPR with Microsoft 365 and Office 365 - SpiceWorks
Tackling GDPR with Microsoft 365 and Office 365 - SpiceWorksIT Masterclasses
 
EMS Diagram Click Through Web
EMS Diagram Click Through WebEMS Diagram Click Through Web
EMS Diagram Click Through WebEric Inch
 
Microsoft 365 Compliance
Microsoft 365 ComplianceMicrosoft 365 Compliance
Microsoft 365 ComplianceDavid J Rosenthal
 
Log Monitoring and File Integrity Monitoring for PCI DSS, EI3PA and ISO 27001
Log Monitoring and File Integrity Monitoring for PCI DSS, EI3PA and ISO 27001Log Monitoring and File Integrity Monitoring for PCI DSS, EI3PA and ISO 27001
Log Monitoring and File Integrity Monitoring for PCI DSS, EI3PA and ISO 27001ControlCase
 
PCI Compliance Myths, Reality and Solutions for Retail
PCI Compliance Myths, Reality and Solutions for RetailPCI Compliance Myths, Reality and Solutions for Retail
PCI Compliance Myths, Reality and Solutions for RetailInDefense Security
 
PCI Compliance in the Cloud
PCI Compliance in the CloudPCI Compliance in the Cloud
PCI Compliance in the CloudKimberly Simon MBA
 
Microsoft Cloud App Security CASB
Microsoft Cloud App Security CASBMicrosoft Cloud App Security CASB
Microsoft Cloud App Security CASBAmmar Hasayen
 
Smart Analytics for The Big Unknown
Smart Analytics for The Big UnknownSmart Analytics for The Big Unknown
Smart Analytics for The Big UnknownAdrian Dumitrescu
 
Microsoft Azure Rights Management
Microsoft Azure Rights ManagementMicrosoft Azure Rights Management
Microsoft Azure Rights ManagementDavid J Rosenthal
 
Ppt security-database-overview-11g r2
Ppt security-database-overview-11g r2Ppt security-database-overview-11g r2
Ppt security-database-overview-11g r2Oracle BH
 
What Data Center Compliance Means for Your Business
What Data Center Compliance Means for Your BusinessWhat Data Center Compliance Means for Your Business
What Data Center Compliance Means for Your BusinessData Foundry
 
Office 365 Security Best Practices
Office 365 Security Best PracticesOffice 365 Security Best Practices
Office 365 Security Best PracticesCommunity IT Innovators
 
Microsoft Office 365 Security and Compliance
Microsoft Office 365 Security and ComplianceMicrosoft Office 365 Security and Compliance
Microsoft Office 365 Security and ComplianceDavid J Rosenthal
 
MSFT Cloud Architecture Information Protection
MSFT Cloud Architecture Information ProtectionMSFT Cloud Architecture Information Protection
MSFT Cloud Architecture Information ProtectionKesavan Munuswamy
 

More Related Content

What's hot

Introduction to Microsoft Enterprise Mobility + Security
Introduction to Microsoft Enterprise Mobility + SecurityIntroduction to Microsoft Enterprise Mobility + Security
Introduction to Microsoft Enterprise Mobility + SecurityAntonioMaio2
 
Identity and Data protection with Enterprise Mobility Security in ottica GDPR
Identity and Data protection with Enterprise Mobility Security in ottica GDPRIdentity and Data protection with Enterprise Mobility Security in ottica GDPR
Identity and Data protection with Enterprise Mobility Security in ottica GDPRJürgen Ambrosi
 
Primend praktiline konverents - Office 365 turvalisus
Primend praktiline konverents - Office 365 turvalisusPrimend praktiline konverents - Office 365 turvalisus
Primend praktiline konverents - Office 365 turvalisusPrimend
 
Microsoft Security - New Capabilities In Microsoft 365 E5 Plans
Microsoft Security - New Capabilities In Microsoft 365 E5 PlansMicrosoft Security - New Capabilities In Microsoft 365 E5 Plans
Microsoft Security - New Capabilities In Microsoft 365 E5 PlansDavid J Rosenthal
 
Office365 security in depth
Office365 security in depthOffice365 security in depth
Office365 security in depthAlberto Pascual
 
Microsoft Advanced Security & Compliance
Microsoft Advanced Security & ComplianceMicrosoft Advanced Security & Compliance
Microsoft Advanced Security & ComplianceChris Genazzio
 
Tackling GDPR with Microsoft 365 and Office 365 - SpiceWorks
Tackling GDPR with Microsoft 365 and Office 365 - SpiceWorksTackling GDPR with Microsoft 365 and Office 365 - SpiceWorks
Tackling GDPR with Microsoft 365 and Office 365 - SpiceWorksIT Masterclasses
 
EMS Diagram Click Through Web
EMS Diagram Click Through WebEMS Diagram Click Through Web
EMS Diagram Click Through WebEric Inch
 
Log Monitoring and File Integrity Monitoring for PCI DSS, EI3PA and ISO 27001
Log Monitoring and File Integrity Monitoring for PCI DSS, EI3PA and ISO 27001Log Monitoring and File Integrity Monitoring for PCI DSS, EI3PA and ISO 27001
Log Monitoring and File Integrity Monitoring for PCI DSS, EI3PA and ISO 27001ControlCase
 
PCI Compliance Myths, Reality and Solutions for Retail
PCI Compliance Myths, Reality and Solutions for RetailPCI Compliance Myths, Reality and Solutions for Retail
PCI Compliance Myths, Reality and Solutions for RetailInDefense Security
 
Microsoft Cloud App Security CASB
Microsoft Cloud App Security CASBMicrosoft Cloud App Security CASB
Microsoft Cloud App Security CASBAmmar Hasayen
 
Smart Analytics for The Big Unknown
Smart Analytics for The Big UnknownSmart Analytics for The Big Unknown
Smart Analytics for The Big UnknownAdrian Dumitrescu
 
Microsoft Azure Rights Management
Microsoft Azure Rights ManagementMicrosoft Azure Rights Management
Microsoft Azure Rights ManagementDavid J Rosenthal
 
Ppt security-database-overview-11g r2
Ppt security-database-overview-11g r2Ppt security-database-overview-11g r2
Ppt security-database-overview-11g r2Oracle BH
 
What Data Center Compliance Means for Your Business
What Data Center Compliance Means for Your BusinessWhat Data Center Compliance Means for Your Business
What Data Center Compliance Means for Your BusinessData Foundry
 

What's hot (20)

Introduction to Microsoft Enterprise Mobility + Security
Introduction to Microsoft Enterprise Mobility + SecurityIntroduction to Microsoft Enterprise Mobility + Security
Introduction to Microsoft Enterprise Mobility + Security
 
Identity and Data protection with Enterprise Mobility Security in ottica GDPR
Identity and Data protection with Enterprise Mobility Security in ottica GDPRIdentity and Data protection with Enterprise Mobility Security in ottica GDPR
Identity and Data protection with Enterprise Mobility Security in ottica GDPR
 
Primend praktiline konverents - Office 365 turvalisus
Primend praktiline konverents - Office 365 turvalisusPrimend praktiline konverents - Office 365 turvalisus
Primend praktiline konverents - Office 365 turvalisus
 
Microsoft Security - New Capabilities In Microsoft 365 E5 Plans
Microsoft Security - New Capabilities In Microsoft 365 E5 PlansMicrosoft Security - New Capabilities In Microsoft 365 E5 Plans
Microsoft Security - New Capabilities In Microsoft 365 E5 Plans
 
Office365 security in depth
Office365 security in depthOffice365 security in depth
Office365 security in depth
 
Microsoft Advanced Security & Compliance
Microsoft Advanced Security & ComplianceMicrosoft Advanced Security & Compliance
Microsoft Advanced Security & Compliance
 
Security management
Security managementSecurity management
Security management
 
Azure information protection
Azure information protectionAzure information protection
Azure information protection
 
Tackling GDPR with Microsoft 365 and Office 365 - SpiceWorks
Tackling GDPR with Microsoft 365 and Office 365 - SpiceWorksTackling GDPR with Microsoft 365 and Office 365 - SpiceWorks
Tackling GDPR with Microsoft 365 and Office 365 - SpiceWorks
 
EMS Diagram Click Through Web
EMS Diagram Click Through WebEMS Diagram Click Through Web
EMS Diagram Click Through Web
 
Microsoft 365 Compliance
Microsoft 365 ComplianceMicrosoft 365 Compliance
Microsoft 365 Compliance
 
Log Monitoring and File Integrity Monitoring for PCI DSS, EI3PA and ISO 27001
Log Monitoring and File Integrity Monitoring for PCI DSS, EI3PA and ISO 27001Log Monitoring and File Integrity Monitoring for PCI DSS, EI3PA and ISO 27001
Log Monitoring and File Integrity Monitoring for PCI DSS, EI3PA and ISO 27001
 
PCI Compliance Myths, Reality and Solutions for Retail
PCI Compliance Myths, Reality and Solutions for RetailPCI Compliance Myths, Reality and Solutions for Retail
PCI Compliance Myths, Reality and Solutions for Retail
 
PCI Compliance in the Cloud
PCI Compliance in the CloudPCI Compliance in the Cloud
PCI Compliance in the Cloud
 
Microsoft Cloud App Security CASB
Microsoft Cloud App Security CASBMicrosoft Cloud App Security CASB
Microsoft Cloud App Security CASB
 
Smart Analytics for The Big Unknown
Smart Analytics for The Big UnknownSmart Analytics for The Big Unknown
Smart Analytics for The Big Unknown
 
Microsoft Azure Rights Management
Microsoft Azure Rights ManagementMicrosoft Azure Rights Management
Microsoft Azure Rights Management
 
Ppt security-database-overview-11g r2
Ppt security-database-overview-11g r2Ppt security-database-overview-11g r2
Ppt security-database-overview-11g r2
 
What Data Center Compliance Means for Your Business
What Data Center Compliance Means for Your BusinessWhat Data Center Compliance Means for Your Business
What Data Center Compliance Means for Your Business
 
Office 365 Security Best Practices
Office 365 Security Best PracticesOffice 365 Security Best Practices
Office 365 Security Best Practices
 

Similar to Office 365 Security And Compliance

Microsoft Office 365 Security and Compliance
Microsoft Office 365 Security and ComplianceMicrosoft Office 365 Security and Compliance
Microsoft Office 365 Security and ComplianceDavid J Rosenthal
 
MSFT Cloud Architecture Information Protection
MSFT Cloud Architecture Information ProtectionMSFT Cloud Architecture Information Protection
MSFT Cloud Architecture Information ProtectionKesavan Munuswamy
 
Office 365 Security, Privacy and Compliance - SMB Nation 2015
Office 365 Security, Privacy and Compliance - SMB Nation 2015Office 365 Security, Privacy and Compliance - SMB Nation 2015
Office 365 Security, Privacy and Compliance - SMB Nation 2015Robert Crane
 
CSS17: Houston - Azure Shared Security Model Overview
CSS17: Houston - Azure Shared Security Model OverviewCSS17: Houston - Azure Shared Security Model Overview
CSS17: Houston - Azure Shared Security Model OverviewAlert Logic
 
CyberKnight capabilties
CyberKnight capabiltiesCyberKnight capabilties
CyberKnight capabiltiesSneha .
 
20181213 - wazug protecting your data with azure ad
20181213 - wazug protecting your data with azure ad20181213 - wazug protecting your data with azure ad
20181213 - wazug protecting your data with azure adArjan Cornelissen
 
Breakdown of Microsoft Purview Solutions
Breakdown of Microsoft Purview SolutionsBreakdown of Microsoft Purview Solutions
Breakdown of Microsoft Purview SolutionsDrew Madelung
 
Microsoft 365 eEnterprise E5 Overview
Microsoft 365 eEnterprise E5 OverviewMicrosoft 365 eEnterprise E5 Overview
Microsoft 365 eEnterprise E5 OverviewDavid J Rosenthal
 
Top 10 use cases for Microsoft Purview.pptx
Top 10 use cases for Microsoft Purview.pptxTop 10 use cases for Microsoft Purview.pptx
Top 10 use cases for Microsoft Purview.pptxAlistair Pugin
 
Microsoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewMicrosoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewDavid J Rosenthal
 
GDPR Part 2: Quest Relevance
GDPR Part 2: Quest RelevanceGDPR Part 2: Quest Relevance
GDPR Part 2: Quest RelevanceAdrian Dumitrescu
 
B2 - The History of Content Security: Part 2 - Adam Levithan
B2 - The History of Content Security: Part 2 - Adam LevithanB2 - The History of Content Security: Part 2 - Adam Levithan
B2 - The History of Content Security: Part 2 - Adam LevithanSPS Paris
 
Security and Compliance In Microsoft Office 365 Whitepaper
Security and Compliance In Microsoft Office 365 WhitepaperSecurity and Compliance In Microsoft Office 365 Whitepaper
Security and Compliance In Microsoft Office 365 WhitepaperDavid J Rosenthal
 
Information protection & classification
Information protection & classificationInformation protection & classification
Information protection & classificationDavid De Vos
 
20171207 we are moving to the cloud what about security
20171207 we are moving to the cloud what about security20171207 we are moving to the cloud what about security
20171207 we are moving to the cloud what about securityArjan Cornelissen
 

Similar to Office 365 Security And Compliance (20)

Microsoft Office 365 Security and Compliance
Microsoft Office 365 Security and ComplianceMicrosoft Office 365 Security and Compliance
Microsoft Office 365 Security and Compliance
 
MSFT Cloud Architecture Information Protection
MSFT Cloud Architecture Information ProtectionMSFT Cloud Architecture Information Protection
MSFT Cloud Architecture Information Protection
 
Office 365 Security, Privacy and Compliance - SMB Nation 2015
Office 365 Security, Privacy and Compliance - SMB Nation 2015Office 365 Security, Privacy and Compliance - SMB Nation 2015
Office 365 Security, Privacy and Compliance - SMB Nation 2015
 
CSS17: Houston - Azure Shared Security Model Overview
CSS17: Houston - Azure Shared Security Model OverviewCSS17: Houston - Azure Shared Security Model Overview
CSS17: Houston - Azure Shared Security Model Overview
 
GDPR
GDPRGDPR
GDPR
 
CyberKnight capabilties
CyberKnight capabiltiesCyberKnight capabilties
CyberKnight capabilties
 
Webinar: Microsoft 365 - Your Gateway to Data Loss Prevention
Webinar: Microsoft 365 - Your Gateway to Data Loss PreventionWebinar: Microsoft 365 - Your Gateway to Data Loss Prevention
Webinar: Microsoft 365 - Your Gateway to Data Loss Prevention
 
20181213 - wazug protecting your data with azure ad
20181213 - wazug protecting your data with azure ad20181213 - wazug protecting your data with azure ad
20181213 - wazug protecting your data with azure ad
 
Breakdown of Microsoft Purview Solutions
Breakdown of Microsoft Purview SolutionsBreakdown of Microsoft Purview Solutions
Breakdown of Microsoft Purview Solutions
 
Microsoft 365 eEnterprise E5 Overview
Microsoft 365 eEnterprise E5 OverviewMicrosoft 365 eEnterprise E5 Overview
Microsoft 365 eEnterprise E5 Overview
 
Top 10 use cases for Microsoft Purview.pptx
Top 10 use cases for Microsoft Purview.pptxTop 10 use cases for Microsoft Purview.pptx
Top 10 use cases for Microsoft Purview.pptx
 
Security and compliance in Office 365 -Part 1
Security and compliance in Office 365 -Part 1Security and compliance in Office 365 -Part 1
Security and compliance in Office 365 -Part 1
 
Microsoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewMicrosoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 Overview
 
Security and Compliance
Security and ComplianceSecurity and Compliance
Security and Compliance
 
GDPR Part 2: Quest Relevance
GDPR Part 2: Quest RelevanceGDPR Part 2: Quest Relevance
GDPR Part 2: Quest Relevance
 
B2 - The History of Content Security: Part 2 - Adam Levithan
B2 - The History of Content Security: Part 2 - Adam LevithanB2 - The History of Content Security: Part 2 - Adam Levithan
B2 - The History of Content Security: Part 2 - Adam Levithan
 
CIO Forum June Microsoft.pdf
CIO Forum June Microsoft.pdfCIO Forum June Microsoft.pdf
CIO Forum June Microsoft.pdf
 
Security and Compliance In Microsoft Office 365 Whitepaper
Security and Compliance In Microsoft Office 365 WhitepaperSecurity and Compliance In Microsoft Office 365 Whitepaper
Security and Compliance In Microsoft Office 365 Whitepaper
 
Information protection & classification
Information protection & classificationInformation protection & classification
Information protection & classification
 
20171207 we are moving to the cloud what about security
20171207 we are moving to the cloud what about security20171207 we are moving to the cloud what about security
20171207 we are moving to the cloud what about security
 

Recently uploaded

Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 

Recently uploaded (20)

Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 

Office 365 Security And Compliance

  • 2.
  • 4. Customer challenges 2 billion records compromised in the last year 140+ days between infiltration and detection 87% of senior managers admit using personal accounts for work 45% of organizations lack data governance which leaves them open to litigation and data security risks Ever-evolving industry standards across geographies
  • 8. User log-ins Unauthorized data access Data encryption Malware System updates Enterprise security Attacks Phishing Denial of service User accounts Device log-ins Multi-factor authentication
  • 12. Enterprise reliability via 100+ data centers and Microsoft’s global network edge Compliance leadership with standards including ISO 27001, FISMA, and EU Model Clauses No standing access to data, transparent operational model, and financial-backed 99.9% SLA Secure by design, operationalized at the physical, logical, and data layers Global, hyper-scale, enterprise-grade infrastructure
  • 13. Over 1000 controls in the Office 365 compliance framework enable us to stay up to date with the ever-evolving industry standards across geographies. Trust Microsoft’s verified services. Microsoft is regularly audited, submits self-assessments to independent 3rd party auditors, and holds key certifications. Key certifications United States CJIS CSA CCM DISA FDA CFR Title 21 Part 11 FEDRAMP FERPA FIPS 140-2 FISMA HIPPA/HITECH HITRUST IRS 1075 ISO/IEC 27001, 27018 MARS-E NIST 800-171 Section 508 VPATs SOC 1, 2 Argentina Argentina PDPA CSA CCM IRAP (CCSL) ISO/IEC 27001, 27018 SOC 1, 2 Spain CSA CCM ENISA IAF EU Model Clauses EU-U.S. Privacy Shield ISO/IEC 27001, 27018 SOC 1, 2 Spain ENS LOPD United Kingdom CSA CCM ENISA IAF EU Model Clauses ISO/IEC 27001, 27018 NIST 800-171 SOC 1, 2, 3 UK G-Cloud Japan CSA CCM CS Mark (Gold) FISC ISO/IEC 27001, 27018 Japan My Number Act SOC 1, 2 Singapore CSA CCM ISO/IEC 27001, 27018 MTCS SOC 1, 2 New Zealand CSA CCM ISO/IEC 27001, 27018 NZCC Framework SOC 1, 2 Australia CSA CCM IRAP (CCSL) ISO/IEC 27001, 27018 SOC 1, 2 European Union CSA CCM ENISA IAF EU Model Clauses EU-U.S. Privacy Shield ISO/IEC 27001, 27018 SOC 1, 2, China China GB 18030 China MLPS China TRUCS
  • 14. Privacy Customer is the owner of their data. We do not mine customer data for advertising purposes. Privacy controls enable you to configure your company privacy policies. Microsoft advocates for data privacy on behalf of customers. Microsoft safeguards customer data with strong contractual commitments.
  • 15. Transparency Know where your data is stored. Understand who has access your data and under what circumstances. Monitor the state of your service, get historic view of uptime. Integrate security events’ feeds into your company security dashboard. Gain insight with access to service dashboards & operational reporting.
  • 16. Security Built-in operational security Safeguards to prevent unauthorized access and data loss Detect and protect against external threats
  • 17. Operational security Physical security with 24-hour monitoring and multi-factor authentication Admin background checks Zero-standing access to data Data encryption at-rest and in-transit Red team / Blue team penetration testing and incident response practice Product development using Security Development Lifecycle Bug bounty program to identify vulnerabilities
  • 18. Safeguarding your data Identify, label, classify, set policies to help protect information. Encrypt your data and restrict access using Azure Information Protection. Safeguard information with Data Loss Prevention. Get visibility into and improve your security position with Secure Score Restrict unauthorized data sharing across apps with MAM. Prevent data leaks with support for Windows Information Protection. Manage data on devices through built-in MDM. Securely communicate with customers using Message Encryption. Personal apps Managed apps
  • 19. Detect and protect against external threats Block 100% of known malware and 99% of spam with Exchange Online Protection. Provide zero-day protection against unknown malware in attachments and links with Advanced Threat Protection. Providing actionable insights to global attack trends with Threat Intelligence. Get alerts of suspicious behavior using Advanced Security Management. Secure user accounts with Conditional Access and multi-factor authentication.
  • 20. Compliance Meet compliance obligations for data access with Customer Lockbox. Monitor and investigate events related to your data with full audit tracking. Reduced cost and risk with in-place intelligent Advanced eDiscovery. Efficiently perform risk assessment with Service Assurance. Manage data retention with Advanced Data Governance.
  • 21.
  • 22. Discover: In-scope: • • • • • • • • • • Inventory: • • • • • • • Microsoft Azure Microsoft Azure Data Catalog Enterprise Mobility + Security (EMS) Microsoft Cloud App Security Dynamics 365 Audit Data & User Activity Reporting & Analytics Office & Office 365 Data Loss Prevention Advanced Data Governance Office 365 eDiscovery SQL Server and Azure SQL Database SQL Query Language Windows & Windows Server Windows Search Example solutions 1
  • 23. 2 Example solutions Manage: Data governance: • • • • • • • • Data classification: • • • • • • • Microsoft Azure Azure Active Directory Azure Role-Based Access Control (RBAC) Enterprise Mobility + Security (EMS) Azure Information Protection Dynamics 365 Security Concepts Office & Office 365 Advanced Data Governance Journaling (Exchange Online) Windows & Windows Server Microsoft Data Classification Toolkit
  • 24. 3 Example solutions Protect: Preventing data attacks: • • • • • • • • Detecting & responding to breaches: • • • • • • Microsoft Azure Azure Key Vault Enterprise Mobility + Security (EMS) Azure Active Directory Premium Microsoft Intune Office & Office 365 Advanced Threat Protection Threat Intelligence SQL Server and Azure SQL Database Transparent data encryption Always Encrypted Windows & Windows Server Windows Defender Advanced Threat Protection Windows Hello Device Guard
  • 25. 4 Example solutions Report: Record-keeping: • • • • • Reporting tools: • • • • • • Microsoft Trust Center Service Trust Portal Microsoft Azure Azure Auditing & Logging Microsoft Azure Monitor Enterprise Mobility + Security (EMS) Azure Information Protection Dynamics 365 Reporting & Analytics Office & Office 365 Service Assurance Office 365 Audit Logs Customer Lockbox Windows & Windows Server Windows Defender Advanced Threat Protection
  • 27. © 2015 Microsoft Corporation. All rights reserved. 27

Editor's Notes

  1. For additional information on Microsoft’s security stance, please reference the below video featuring Satya Nadella. http://news.microsoft.com/security2015/ Updated August 2016
  2. Bamburgh Castle lidt syd for Edinburgh på grænsen mellem Skotland og England – defeted in 1464 as first British castle (artillery) af Richard Niville – Kongemageren Warwick
  3. MSFT Field - Please view associated material at: http://infopedia/SMSG/Pages/EnterpriseSecurity.aspx   2 billion records compromised in the last year: Risk Based Security 140+ days between infiltration and detection: Mandiant Consulting M-Trends 2016 87% of senior managers admit using personal accounts for work: Stroz Friedberg On the Pulse Information Security in American Business 50% year over year growth in electronic data: AIIM – Information Management in 2016 and Beyond, March   
  4. MSFT Field - Please view associated material at: http://infopedia/SMSG/Pages/EnterpriseSecurity.aspx
  5. People – identity, device, apps, data MSFT Field - Please view associated material at: http://infopedia/SMSG/Pages/EnterpriseSecurity.aspx
  6. People – identity, device, apps, data MSFT Field - Please view associated material at: http://infopedia/SMSG/Pages/EnterpriseSecurity.aspx
  7. Office 365 is a global service with over 1000+ security and privacy controls that enable us to stay up to date with standards and regulations that apply to your industry and geography. We have built a specialist compliance team that is continuously tracking standards and regulations, and developing common control sets for our product team to build into the service. ·         EU Model Clauses: Ensures appropriate safeguards are in place to protect personal data that leaves the European Economic Area. ·         ISO 27018: Microsoft was the first cloud service provider to comply with this new standard which protects personally identifiable information and ensures your data will not be used for advertising purposes  We also regularly audit our controls and submit self assessments to independent 3rd party auditors. We are actively working with countries and regions to stay up to date or meet relevant compliance regulations. For example Microsoft is committing to be GDPR compliant across our cloud services when enforcement begins on May 25, 2018. Read more at https://blogs.microsoft.com/on-the-issues/2017/02/15/get-gdpr-compliant-with-the-microsoft-cloud/#exsm1d4kB8pquRAh.99
  8. Add talk track around GDPR
  9. MSFT Field - Please view presenter notes/talk track at: aka.ms/gdprnotes View the Microsoft external site for more information: www.Microsoft.com/GDPR Microsoft Azure: Microsoft Azure Data Catalog Enterprise Mobility + Security (EMS): Microsoft Cloud App Security Dynamics 365: Audit Data and User Activity Report & Analytics with Dynamics 365 Dynamics 365 metadata & data models Office & Office 365: Data Loss Prevention Advanced Data Governance Office 365 eDiscovery SQL Server and Azure SQL Database: SQL Query Language
  10. MSFT Field - Please view presenter notes/talk track at: aka.ms/gdprnotes View the Microsoft external site for more information: www.Microsoft.com/GDPR
  11. MSFT Field - Please view presenter notes/talk track at: aka.ms/gdprnotes View the Microsoft external site for more information: www.Microsoft.com/GDPR Microsoft Azure: Azure Security Center Data Encryption in Azure Storage Azure Key Vault Log Analytics Enterprise Mobility + Security (EMS): Azure Active Directory (Azure AD) Azure Active Directory Premium Cloud App Security Microsoft Cloud App Security Microsoft Intune Microsoft Azure Information Protection Office & Office 365: Advanced Threat Protection Threat Intelligence Advanced Security Management Office 365 Audit Logs SQL Server and Azure SQL Database: Azure SQL Database firewall SQL Server authentication Dynamic Data Masking (DDM) Row-Level Security (RLS) Transparent Data Encryption Always Encrypted Auditing for SQL Database and SQL Server audit SQL Database Threat Detection Windows 10 & Windows Server 2016: Windows Hello Windows Defender Antivirus Windows Defender Advanced Threat Protection Device Guard Credential Guard BitLocker Drive Encryption Windows Information Protection Shielded Virtual Machines Just Enough Administration and Just in Time Administration
  12. MSFT Field - Please view presenter notes/talk track at: aka.ms/gdprnotes View the Microsoft external site for more information: www.Microsoft.com/GDPR
  13. MSFT Field - Please view presenter notes/talk track at: aka.ms/gdprnotes View the Microsoft external site for more information: www.Microsoft.com/GDPR
  14. One of the biggest challenges in security is protecting users against not only known attack vectors, but unknown ones. With Office 365 Advanced Threat Protection – or ATP – you can do both – and you can also keep track of the targets and types of threats that you face. ATP provides robust defenses against spam, phishing, and other advanced threats within Office 365. But what’s really exciting about this feature is that it can protect even against entirely new, unknown, “zero day” attacks. When a user receives an attachment with an unknown virus signature, the attachment gets held back in a sandbox environment, where behavioral analysis techniques are used to assess it for malicious intent. To avoid delays while that assessment happens, the rest of the email is delivered with a placeholder for the attachment, to be replaced by the attachment itself if it is determined to be safe. Beyond its active protection capabilities, ATP also provides rich reporting and tracking features to help you discover who or what within your organization is being targeted for attack, and what kinds of attacks are being used against you. These critical insights show you where you need to focus additional security resources, and help to suggest what types of protections would be most useful to deploy.
  15. To help organizations with this problem, we built Office 365 Advanced Security Management which provides you with enhanced visibility and control into your Office 365 environment. At a high level, it does this in three ways. You get the ability to detect threats by helping you identify high-risk and abnormal usage, security incidents, and threats. Advanced Security Management also provides you with enhanced control by leveraging granular controls and security policies that can help you shape your Office 365 environment. You also get enhanced visibility and context into your Office 365 usage and shadow IT though the discovery and insights that the solution provides, all without installing an end-point agent. Let’s go a bit deeper into each one of these areas, starting with how we give you the ability to detect threats.
  16. Marissa to get screenshot Meet Compliance Needs Customer Lockbox can enable customers to meet compliance needs by demonstrating that they have procedures in place for explicit data access authorization. Customer Lockbox can help customers meet controls in regulations such as in HIPAA and FEDRAMP. Extended Access Control Use Customer Lockbox to control access to customer content for service operations. Customers who initiate the original request will grant final approval access to the Microsoft engineer. Customers have visibility into the purpose and length of access. Access to customer content will be revoked when service operation is completed. Visibility into Actions Actions taken by Microsoft engineers in response to Customer Lockbox requests are logged and accessible via the Management Activity API or the Security and Compliance Center.
  17. In-place, intelligent eDiscovery Office 365 offers a rich set of eDiscovery in-place capabilities including preservation, search, analysis, and export to help our customers simplify the eDiscovery process to quickly identify relevant data while decreasing cost and risk. Streamline with advanced data analysis The eDiscovery process for a single case often involves sorting through hundreds of thousands of email messages, documents, and other data to find the small number of files that may be relevant. Office 365 Advanced eDiscovery integrates Equivio machine learning, predictive coding, and text analytics to reduce the costs and challenges of sorting through large quantities of data. Enhanced focus on what’s relevant Office 365 Advanced eDiscovery helps to efficiently organize your eDiscovery process and reduce the volume of data by finding near-duplicate files, reconstructing email threads, and identifying key themes and data relationships. You can also use predictive coding to further reduce the volume of data by training the system to intelligently explore and analyze large, unstructured datasets and quickly zero in on what’s relevant. Throughout the process, your data stays in place, indexed in real time with no need to ship massive volumes of data to an outsourced process. This streamlines eDiscovery, saving you time and money while reducing risk because your data remains protected by stringent Microsoft security.  Finally, once you are ready for review, you can export the data to integrated third-party review applications hosted in Azure.
  18. Check with AJ if positioning changed
  19. To address these concerns, Microsoft has released Service Assurance as part of the Office 365 Security and Compliance Center. Service Assurance provides information about how Microsoft’s cloud services maintain security, privacy and compliance with global industry standards. Service Assurance also includes independent third-party audit reports for Office 365, Yammer, Azure, CRM Online, and Intune, as well as implementation and testing details for the security, privacy, and compliance controls used by Office 365 to protect customer data. Providing you immediate access to: Details on how Office 365 implements security, privacy and compliance controls including details of how third-party independent auditors perform audits to test these controls. Third-party independent audit reports including: SSAE 16 / SOC 1, SOC 2 / AT 101, ISO 27001 and ISO 27018. Deep insights into how we implement encryption, incident management, tenant isolation and data resiliency. Information on how you can leverage Office 365 security controls and configurations to protect your data.
  20. Remove barriers to adoption for Office 365 Drive premium value and ARPU Accelerate E5 growth Establish Microsoft as a leader in security & compliance