SlideShare a Scribd company logo

Moving to the cloud securely

Download as PPTX, PDF
Arjan Cornelissen
Arjan Cornelissen

DIWUG Presentation on security in general. What is changing when you go from an on-premises environment to a cloud environment. Also what Microsoft gives to protect against threats

Technology
1 of 24
We are moving to the cloud, what about security
Arjan Cornelisssen SharePoint & Office 365 Architect WorkTogether.tech @arjancornelis
How did we do security?
Sobering statistics The frequency and sophistication of cybersecurity attacks are escalating $6T annual cost of cybercrime to the global economy $4M average cost of a data breach to a company 140+ median # days attackers reside within a victim’s network before detection network intrusions due to compromised user credentials 75%+
Common passwords 1. 123456 2. 123456789 3. qwerty 4. 111111 5. 12345678 6. 123123 7. password 8. 1234567 9. 12345 10. 1234567890 11. abc123 12. 123 13. 123321 14. password1 15. qwertyuiop 16. 666666 17. a123456 18. 1234 19. 654321 20. 5201314 21. 123456a 22. iloveyou 23. 11111111 24. 159753 25. 123123123
Updated NIST Guidelines Three main changes: 1. No more periodic password changes 2. No more imposed password complexity 3. Validate new passwords against commonly used passwords http://aka.ms/passwordguidance Minimum Length Requirements (to defeat brute force hash attacks) Don’t use commonly attacked passwords Use unique passwords
Cloud security
On-premises / Private cloud
Conditional Access Microsoft Cloud 3rd Party SaaS Apps On Premises Apps Microsoft Azure Prevent data leak Disable print Restrict download Enforce MFA Block sign-in Allow sign-in Access Control Session Restrictions OS Platform Is Compliant / Domain joined Is lost or stolen Device Risk Device User identity Group membership Session Risk User Mobile or Cloud app Per app policy App Location IP range Country / Region ApplicationsPolicy ControlsPolicy Conditions Windows Defender Azure AD Identity Protection Service Terms of Use Partners
IF Privileged user? Credentials found in public? Accessing sensitive app? Unmanaged device? Malware detected? IP detected in Botnet? Impossible travel? Anonymous client? High Medium Low User risk 10TB per day THEN Require MFA Allow access Deny access Force password reset****** Limit access High Medium Low Session risk Azure Bing OneDrive Microsoft Cyber Defense Operations Center Microsoft Cybercrime Center Xbox Live Microsoft Accounts Skype Risk-based conditional access
Multi Factor Authentication
Conditional Access with MFA
SharePoint Conditional Access
Windows 10 Hello
Access granted to data Microsoft Enterprise Mobility + Security Apps Risk MICROSOFT INTUNE AZURE ACTIVE DIRECTORY MICROSOFT CLOUD APP SECURITY AZURE INFORMATION PROTECTION MICROSOFT ADVANCED THREAT ANALYTICS ! Device ! CONDITIONAL ACCESS Location Classify Audit Protect Label ! !
Device and Application security
Microsoft Enterprise Mobility + Security Technology Benefit E3 E5 Azure Active Directory Premium P1 Secure single sign-on to cloud and on-premises app MFA, conditional access, and advanced security reporting ● ● Azure Active Directory Premium P2 Identity and access management with advanced protection for users and privileged identities ● Microsoft Intune Mobile device and app management to protect corporate apps and data on any device ● ● Azure Information Protection P1 Encryption for all files and storage locations Cloud-based file tracking ● ● Azure Information Protection P2 Intelligent classification and encryption for files shared inside and outside your organization ● Microsoft Cloud App Security Enterprise-grade visibility, control, and protection for your cloud applications ● Microsoft Advanced Threat Analytics Protection from advanced targeted attacks leveraging user and entity behavioral analytics ● ● Identity and access management Managed mobile productivity Information protection Threat Detection
Privileged Identity Management Enforce on-demand, just-in-time administrative access when needed Ensure policies are met with alerts, audit reports and access reviews Manage admins access in Azure AD and also in Azure RBAC User Administrator Discover, restrict, and monitor privileged identities UserAdministrator privileges expire after a specified interval
Privileged Identity
Office 365 Secure Score
Azure monitoring
Our Security mindset needs to be updated

Recommended

20180120 spsbre - we are moving to the cloud what about security
20180120 spsbre - we are moving to the cloud what about security20180120 spsbre - we are moving to the cloud what about security
20180120 spsbre - we are moving to the cloud what about securityArjan Cornelissen
 
Sikkerhed & Compliance i en cloud-verden
Sikkerhed & Compliance i en cloud-verdenSikkerhed & Compliance i en cloud-verden
Sikkerhed & Compliance i en cloud-verdenMicrosoft
 
Microsoft Defender and Azure Sentinel
Microsoft Defender and Azure SentinelMicrosoft Defender and Azure Sentinel
Microsoft Defender and Azure SentinelDavid J Rosenthal
 
Microsoft Office 365 Security and Compliance
Microsoft Office 365 Security and ComplianceMicrosoft Office 365 Security and Compliance
Microsoft Office 365 Security and ComplianceDavid J Rosenthal
 
1 Modern Security - Keynote
1 Modern Security - Keynote1 Modern Security - Keynote
1 Modern Security - KeynoteAndrew Bettany
 
Security O365 Using AI-based Advanced Threat Protection
Security O365 Using AI-based Advanced Threat ProtectionSecurity O365 Using AI-based Advanced Threat Protection
Security O365 Using AI-based Advanced Threat ProtectionBitglass
 
Microsoft Threat Protection
Microsoft Threat ProtectionMicrosoft Threat Protection
Microsoft Threat ProtectionThierry DEMAN
 
Cloud Security Demo
Cloud Security DemoCloud Security Demo
Cloud Security DemoCheah Eng Soon
 

Recommended

20180120 spsbre - we are moving to the cloud what about security
20180120 spsbre - we are moving to the cloud what about security20180120 spsbre - we are moving to the cloud what about security
20180120 spsbre - we are moving to the cloud what about securityArjan Cornelissen
 
Sikkerhed & Compliance i en cloud-verden
Sikkerhed & Compliance i en cloud-verdenSikkerhed & Compliance i en cloud-verden
Sikkerhed & Compliance i en cloud-verdenMicrosoft
 
Microsoft Defender and Azure Sentinel
Microsoft Defender and Azure SentinelMicrosoft Defender and Azure Sentinel
Microsoft Defender and Azure SentinelDavid J Rosenthal
 
Microsoft Office 365 Security and Compliance
Microsoft Office 365 Security and ComplianceMicrosoft Office 365 Security and Compliance
Microsoft Office 365 Security and ComplianceDavid J Rosenthal
 
1 Modern Security - Keynote
1 Modern Security - Keynote1 Modern Security - Keynote
1 Modern Security - KeynoteAndrew Bettany
 
Security O365 Using AI-based Advanced Threat Protection
Security O365 Using AI-based Advanced Threat ProtectionSecurity O365 Using AI-based Advanced Threat Protection
Security O365 Using AI-based Advanced Threat ProtectionBitglass
 
Microsoft Threat Protection
Microsoft Threat ProtectionMicrosoft Threat Protection
Microsoft Threat ProtectionThierry DEMAN
 
Cloud Security Demo
Cloud Security DemoCloud Security Demo
Cloud Security DemoCheah Eng Soon
 
2 Modern Security - Microsoft Information Protection
2 Modern Security - Microsoft Information Protection2 Modern Security - Microsoft Information Protection
2 Modern Security - Microsoft Information ProtectionAndrew Bettany
 
4 Modern Security - Integrated SecOps and incident response with MTP
4 Modern Security - Integrated SecOps and incident response with MTP4 Modern Security - Integrated SecOps and incident response with MTP
4 Modern Security - Integrated SecOps and incident response with MTPAndrew Bettany
 
AVG 2016 business edition customer deck - 屢獲殊榮的防毒軟體保護您的企業免於最新的威脅與病毒
AVG 2016 business edition customer deck - 屢獲殊榮的防毒軟體保護您的企業免於最新的威脅與病毒AVG 2016 business edition customer deck - 屢獲殊榮的防毒軟體保護您的企業免於最新的威脅與病毒
AVG 2016 business edition customer deck - 屢獲殊榮的防毒軟體保護您的企業免於最新的威脅與病毒Cheer Chain Enterprise Co., Ltd.
 
How to get deeper administration insights into your tenant
How to get deeper administration insights into your tenantHow to get deeper administration insights into your tenant
How to get deeper administration insights into your tenantRobert Crane
 
Azure Sentinel Tips
Azure Sentinel Tips Azure Sentinel Tips
Azure Sentinel Tips Mario Worwell
 
Identity and Data protection with Enterprise Mobility Security in ottica GDPR
Identity and Data protection with Enterprise Mobility Security in ottica GDPRIdentity and Data protection with Enterprise Mobility Security in ottica GDPR
Identity and Data protection with Enterprise Mobility Security in ottica GDPRJürgen Ambrosi
 
cyber-security-reference-architecture
cyber-security-reference-architecturecyber-security-reference-architecture
cyber-security-reference-architectureBirendra Negi ☁️
 
Thr30117 - Securely logging to Microsoft 365
Thr30117 - Securely logging to Microsoft 365Thr30117 - Securely logging to Microsoft 365
Thr30117 - Securely logging to Microsoft 365Robert Crane
 
Alessandro Monforte Cisco - SMAU Napoli 2017
Alessandro Monforte Cisco - SMAU Napoli 2017Alessandro Monforte Cisco - SMAU Napoli 2017
Alessandro Monforte Cisco - SMAU Napoli 2017SMAU
 
Re solution - corona virus cyber security infographic
Re solution - corona virus cyber security infographicRe solution - corona virus cyber security infographic
Re solution - corona virus cyber security infographicJacob Tranter
 
Microsoft Office 365 Advanced Threat Protection
Microsoft Office 365 Advanced Threat ProtectionMicrosoft Office 365 Advanced Threat Protection
Microsoft Office 365 Advanced Threat ProtectionDavid J Rosenthal
 
LIFT OFF 2017: AWS and Cloud Computing
LIFT OFF 2017: AWS and Cloud ComputingLIFT OFF 2017: AWS and Cloud Computing
LIFT OFF 2017: AWS and Cloud ComputingRobert Herjavec
 
Msft cloud architecture_security_commonattacks
Msft cloud architecture_security_commonattacksMsft cloud architecture_security_commonattacks
Msft cloud architecture_security_commonattacksAkram Qureshi
 
Stop Hackers with Integrated CASB & IDaaS Security
Stop Hackers with Integrated CASB & IDaaS SecurityStop Hackers with Integrated CASB & IDaaS Security
Stop Hackers with Integrated CASB & IDaaS SecurityCloudLock
 
Microsoft Cloud App Security Demo
Microsoft Cloud App Security DemoMicrosoft Cloud App Security Demo
Microsoft Cloud App Security DemoCheah Eng Soon
 
Partnering to Deliver Cost Efficient and Reliable Corporate Services to Agenc...
Partnering to Deliver Cost Efficient and Reliable Corporate Services to Agenc...Partnering to Deliver Cost Efficient and Reliable Corporate Services to Agenc...
Partnering to Deliver Cost Efficient and Reliable Corporate Services to Agenc...Amazon Web Services
 
Be A Hero: Combat Cloud Security Threats with Google Apps Unlimited & CloudLock
Be A Hero: Combat Cloud Security Threats with Google Apps Unlimited & CloudLockBe A Hero: Combat Cloud Security Threats with Google Apps Unlimited & CloudLock
Be A Hero: Combat Cloud Security Threats with Google Apps Unlimited & CloudLockCloudLock
 
Daniel Grabski | Microsofts cybersecurity story
Daniel Grabski | Microsofts cybersecurity storyDaniel Grabski | Microsofts cybersecurity story
Daniel Grabski | Microsofts cybersecurity storyMicrosoft Österreich
 
Seguridad en Capas: Smart & Actionable Data
Seguridad en Capas: Smart & Actionable DataSeguridad en Capas: Smart & Actionable Data
Seguridad en Capas: Smart & Actionable DataCristian Garcia G.
 
Codeless Security for the Apps You Buy & Build on AWS
Codeless Security for the Apps You Buy & Build on AWSCodeless Security for the Apps You Buy & Build on AWS
Codeless Security for the Apps You Buy & Build on AWSCloudLock
 
ASMC 2017 - Martin Vliem - Security < productivity < security: syntax ...
ASMC 2017 - Martin Vliem - Security < productivity < security: syntax ...ASMC 2017 - Martin Vliem - Security < productivity < security: syntax ...
ASMC 2017 - Martin Vliem - Security < productivity < security: syntax ...PlatformSecurityManagement
 
Softwerx Microsoft 365 Security Webinar Presentation
Softwerx Microsoft 365 Security Webinar PresentationSoftwerx Microsoft 365 Security Webinar Presentation
Softwerx Microsoft 365 Security Webinar PresentationPatrick Leckie
 

More Related Content

What's hot

2 Modern Security - Microsoft Information Protection
2 Modern Security - Microsoft Information Protection2 Modern Security - Microsoft Information Protection
2 Modern Security - Microsoft Information ProtectionAndrew Bettany
 
4 Modern Security - Integrated SecOps and incident response with MTP
4 Modern Security - Integrated SecOps and incident response with MTP4 Modern Security - Integrated SecOps and incident response with MTP
4 Modern Security - Integrated SecOps and incident response with MTPAndrew Bettany
 
AVG 2016 business edition customer deck - 屢獲殊榮的防毒軟體保護您的企業免於最新的威脅與病毒
AVG 2016 business edition customer deck - 屢獲殊榮的防毒軟體保護您的企業免於最新的威脅與病毒AVG 2016 business edition customer deck - 屢獲殊榮的防毒軟體保護您的企業免於最新的威脅與病毒
AVG 2016 business edition customer deck - 屢獲殊榮的防毒軟體保護您的企業免於最新的威脅與病毒Cheer Chain Enterprise Co., Ltd.
 
How to get deeper administration insights into your tenant
How to get deeper administration insights into your tenantHow to get deeper administration insights into your tenant
How to get deeper administration insights into your tenantRobert Crane
 
Azure Sentinel Tips
Azure Sentinel Tips Azure Sentinel Tips
Azure Sentinel Tips Mario Worwell
 
Identity and Data protection with Enterprise Mobility Security in ottica GDPR
Identity and Data protection with Enterprise Mobility Security in ottica GDPRIdentity and Data protection with Enterprise Mobility Security in ottica GDPR
Identity and Data protection with Enterprise Mobility Security in ottica GDPRJürgen Ambrosi
 
cyber-security-reference-architecture
cyber-security-reference-architecturecyber-security-reference-architecture
cyber-security-reference-architectureBirendra Negi ☁️
 
Thr30117 - Securely logging to Microsoft 365
Thr30117 - Securely logging to Microsoft 365Thr30117 - Securely logging to Microsoft 365
Thr30117 - Securely logging to Microsoft 365Robert Crane
 
Alessandro Monforte Cisco - SMAU Napoli 2017
Alessandro Monforte Cisco - SMAU Napoli 2017Alessandro Monforte Cisco - SMAU Napoli 2017
Alessandro Monforte Cisco - SMAU Napoli 2017SMAU
 
Re solution - corona virus cyber security infographic
Re solution - corona virus cyber security infographicRe solution - corona virus cyber security infographic
Re solution - corona virus cyber security infographicJacob Tranter
 
Microsoft Office 365 Advanced Threat Protection
Microsoft Office 365 Advanced Threat ProtectionMicrosoft Office 365 Advanced Threat Protection
Microsoft Office 365 Advanced Threat ProtectionDavid J Rosenthal
 
LIFT OFF 2017: AWS and Cloud Computing
LIFT OFF 2017: AWS and Cloud ComputingLIFT OFF 2017: AWS and Cloud Computing
LIFT OFF 2017: AWS and Cloud ComputingRobert Herjavec
 
Msft cloud architecture_security_commonattacks
Msft cloud architecture_security_commonattacksMsft cloud architecture_security_commonattacks
Msft cloud architecture_security_commonattacksAkram Qureshi
 
Stop Hackers with Integrated CASB & IDaaS Security
Stop Hackers with Integrated CASB & IDaaS SecurityStop Hackers with Integrated CASB & IDaaS Security
Stop Hackers with Integrated CASB & IDaaS SecurityCloudLock
 
Microsoft Cloud App Security Demo
Microsoft Cloud App Security DemoMicrosoft Cloud App Security Demo
Microsoft Cloud App Security DemoCheah Eng Soon
 
Partnering to Deliver Cost Efficient and Reliable Corporate Services to Agenc...
Partnering to Deliver Cost Efficient and Reliable Corporate Services to Agenc...Partnering to Deliver Cost Efficient and Reliable Corporate Services to Agenc...
Partnering to Deliver Cost Efficient and Reliable Corporate Services to Agenc...Amazon Web Services
 
Be A Hero: Combat Cloud Security Threats with Google Apps Unlimited & CloudLock
Be A Hero: Combat Cloud Security Threats with Google Apps Unlimited & CloudLockBe A Hero: Combat Cloud Security Threats with Google Apps Unlimited & CloudLock
Be A Hero: Combat Cloud Security Threats with Google Apps Unlimited & CloudLockCloudLock
 
Daniel Grabski | Microsofts cybersecurity story
Daniel Grabski | Microsofts cybersecurity storyDaniel Grabski | Microsofts cybersecurity story
Daniel Grabski | Microsofts cybersecurity storyMicrosoft Österreich
 
Seguridad en Capas: Smart & Actionable Data
Seguridad en Capas: Smart & Actionable DataSeguridad en Capas: Smart & Actionable Data
Seguridad en Capas: Smart & Actionable DataCristian Garcia G.
 
Codeless Security for the Apps You Buy & Build on AWS
Codeless Security for the Apps You Buy & Build on AWSCodeless Security for the Apps You Buy & Build on AWS
Codeless Security for the Apps You Buy & Build on AWSCloudLock
 

What's hot (20)

2 Modern Security - Microsoft Information Protection
2 Modern Security - Microsoft Information Protection2 Modern Security - Microsoft Information Protection
2 Modern Security - Microsoft Information Protection
 
4 Modern Security - Integrated SecOps and incident response with MTP
4 Modern Security - Integrated SecOps and incident response with MTP4 Modern Security - Integrated SecOps and incident response with MTP
4 Modern Security - Integrated SecOps and incident response with MTP
 
AVG 2016 business edition customer deck - 屢獲殊榮的防毒軟體保護您的企業免於最新的威脅與病毒
AVG 2016 business edition customer deck - 屢獲殊榮的防毒軟體保護您的企業免於最新的威脅與病毒AVG 2016 business edition customer deck - 屢獲殊榮的防毒軟體保護您的企業免於最新的威脅與病毒
AVG 2016 business edition customer deck - 屢獲殊榮的防毒軟體保護您的企業免於最新的威脅與病毒
 
How to get deeper administration insights into your tenant
How to get deeper administration insights into your tenantHow to get deeper administration insights into your tenant
How to get deeper administration insights into your tenant
 
Azure Sentinel Tips
Azure Sentinel Tips Azure Sentinel Tips
Azure Sentinel Tips
 
Identity and Data protection with Enterprise Mobility Security in ottica GDPR
Identity and Data protection with Enterprise Mobility Security in ottica GDPRIdentity and Data protection with Enterprise Mobility Security in ottica GDPR
Identity and Data protection with Enterprise Mobility Security in ottica GDPR
 
cyber-security-reference-architecture
cyber-security-reference-architecturecyber-security-reference-architecture
cyber-security-reference-architecture
 
Thr30117 - Securely logging to Microsoft 365
Thr30117 - Securely logging to Microsoft 365Thr30117 - Securely logging to Microsoft 365
Thr30117 - Securely logging to Microsoft 365
 
Alessandro Monforte Cisco - SMAU Napoli 2017
Alessandro Monforte Cisco - SMAU Napoli 2017Alessandro Monforte Cisco - SMAU Napoli 2017
Alessandro Monforte Cisco - SMAU Napoli 2017
 
Re solution - corona virus cyber security infographic
Re solution - corona virus cyber security infographicRe solution - corona virus cyber security infographic
Re solution - corona virus cyber security infographic
 
Microsoft Office 365 Advanced Threat Protection
Microsoft Office 365 Advanced Threat ProtectionMicrosoft Office 365 Advanced Threat Protection
Microsoft Office 365 Advanced Threat Protection
 
LIFT OFF 2017: AWS and Cloud Computing
LIFT OFF 2017: AWS and Cloud ComputingLIFT OFF 2017: AWS and Cloud Computing
LIFT OFF 2017: AWS and Cloud Computing
 
Msft cloud architecture_security_commonattacks
Msft cloud architecture_security_commonattacksMsft cloud architecture_security_commonattacks
Msft cloud architecture_security_commonattacks
 
Stop Hackers with Integrated CASB & IDaaS Security
Stop Hackers with Integrated CASB & IDaaS SecurityStop Hackers with Integrated CASB & IDaaS Security
Stop Hackers with Integrated CASB & IDaaS Security
 
Microsoft Cloud App Security Demo
Microsoft Cloud App Security DemoMicrosoft Cloud App Security Demo
Microsoft Cloud App Security Demo
 
Partnering to Deliver Cost Efficient and Reliable Corporate Services to Agenc...
Partnering to Deliver Cost Efficient and Reliable Corporate Services to Agenc...Partnering to Deliver Cost Efficient and Reliable Corporate Services to Agenc...
Partnering to Deliver Cost Efficient and Reliable Corporate Services to Agenc...
 
Be A Hero: Combat Cloud Security Threats with Google Apps Unlimited & CloudLock
Be A Hero: Combat Cloud Security Threats with Google Apps Unlimited & CloudLockBe A Hero: Combat Cloud Security Threats with Google Apps Unlimited & CloudLock
Be A Hero: Combat Cloud Security Threats with Google Apps Unlimited & CloudLock
 
Daniel Grabski | Microsofts cybersecurity story
Daniel Grabski | Microsofts cybersecurity storyDaniel Grabski | Microsofts cybersecurity story
Daniel Grabski | Microsofts cybersecurity story
 
Seguridad en Capas: Smart & Actionable Data
Seguridad en Capas: Smart & Actionable DataSeguridad en Capas: Smart & Actionable Data
Seguridad en Capas: Smart & Actionable Data
 
Codeless Security for the Apps You Buy & Build on AWS
Codeless Security for the Apps You Buy & Build on AWSCodeless Security for the Apps You Buy & Build on AWS
Codeless Security for the Apps You Buy & Build on AWS
 

Similar to Moving to the cloud securely

ASMC 2017 - Martin Vliem - Security < productivity < security: syntax ...
ASMC 2017 - Martin Vliem - Security < productivity < security: syntax ...ASMC 2017 - Martin Vliem - Security < productivity < security: syntax ...
ASMC 2017 - Martin Vliem - Security < productivity < security: syntax ...PlatformSecurityManagement
 
Softwerx Microsoft 365 Security Webinar Presentation
Softwerx Microsoft 365 Security Webinar PresentationSoftwerx Microsoft 365 Security Webinar Presentation
Softwerx Microsoft 365 Security Webinar PresentationPatrick Leckie
 
Office 365 Security And Compliance
Office 365 Security And ComplianceOffice 365 Security And Compliance
Office 365 Security And ComplianceMicrosoft
 
Cloud Security for Startups - From A to E(xit)
Cloud Security for Startups - From A to E(xit)Cloud Security for Startups - From A to E(xit)
Cloud Security for Startups - From A to E(xit)Shahar Geiger Maor
 
"Evolving Cybersecurity Strategies" - Threat protection and incident managment
"Evolving Cybersecurity Strategies" - Threat protection and incident managment"Evolving Cybersecurity Strategies" - Threat protection and incident managment
"Evolving Cybersecurity Strategies" - Threat protection and incident managmentDean Iacovelli
 
Addressing the Cyber-Security Landscape
Addressing the Cyber-Security LandscapeAddressing the Cyber-Security Landscape
Addressing the Cyber-Security LandscapeePlus
 
20181206 sps geneve we are moving to the cloud what about security
20181206 sps geneve we are moving to the cloud what about security20181206 sps geneve we are moving to the cloud what about security
20181206 sps geneve we are moving to the cloud what about securityArjan Cornelissen
 
Webinar: Securing Remote Workforce on the Microsoft Cloud
Webinar: Securing Remote Workforce on the Microsoft CloudWebinar: Securing Remote Workforce on the Microsoft Cloud
Webinar: Securing Remote Workforce on the Microsoft CloudWithum
 
Ibm security overview 2012 jan-18 sellers deck
Ibm security overview 2012 jan-18 sellers deckIbm security overview 2012 jan-18 sellers deck
Ibm security overview 2012 jan-18 sellers deckArrow ECS UK
 
Microsoft 365 eEnterprise E5 Overview
Microsoft 365 eEnterprise E5 OverviewMicrosoft 365 eEnterprise E5 Overview
Microsoft 365 eEnterprise E5 OverviewDavid J Rosenthal
 
Getting secure in a mobile-first world with EMS
Getting secure in a mobile-first world with EMSGetting secure in a mobile-first world with EMS
Getting secure in a mobile-first world with EMSSoftchoice Corporation
 
Microsoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewMicrosoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewDavid J Rosenthal
 
Complete Endpoint protection
Complete Endpoint protectionComplete Endpoint protection
Complete Endpoint protectionxband
 
CSS17: Houston - Introduction to Security in the Cloud
CSS17: Houston - Introduction to Security in the CloudCSS17: Houston - Introduction to Security in the Cloud
CSS17: Houston - Introduction to Security in the CloudAlert Logic
 
O365Con18 - Deep Dive into Microsoft 365 - Jussi Roine
O365Con18 - Deep Dive into Microsoft 365 - Jussi RoineO365Con18 - Deep Dive into Microsoft 365 - Jussi Roine
O365Con18 - Deep Dive into Microsoft 365 - Jussi RoineNCCOMMS
 

Similar to Moving to the cloud securely (20)

ASMC 2017 - Martin Vliem - Security < productivity < security: syntax ...
ASMC 2017 - Martin Vliem - Security < productivity < security: syntax ...ASMC 2017 - Martin Vliem - Security < productivity < security: syntax ...
ASMC 2017 - Martin Vliem - Security < productivity < security: syntax ...
 
Softwerx Microsoft 365 Security Webinar Presentation
Softwerx Microsoft 365 Security Webinar PresentationSoftwerx Microsoft 365 Security Webinar Presentation
Softwerx Microsoft 365 Security Webinar Presentation
 
Secure the modern Enterprise
Secure the modern EnterpriseSecure the modern Enterprise
Secure the modern Enterprise
 
Office 365 Security And Compliance
Office 365 Security And ComplianceOffice 365 Security And Compliance
Office 365 Security And Compliance
 
Cloud Security for Startups - From A to E(xit)
Cloud Security for Startups - From A to E(xit)Cloud Security for Startups - From A to E(xit)
Cloud Security for Startups - From A to E(xit)
 
MID_SIEM_Boubker_EN
MID_SIEM_Boubker_ENMID_SIEM_Boubker_EN
MID_SIEM_Boubker_EN
 
"Evolving Cybersecurity Strategies" - Threat protection and incident managment
"Evolving Cybersecurity Strategies" - Threat protection and incident managment"Evolving Cybersecurity Strategies" - Threat protection and incident managment
"Evolving Cybersecurity Strategies" - Threat protection and incident managment
 
Addressing the Cyber-Security Landscape
Addressing the Cyber-Security LandscapeAddressing the Cyber-Security Landscape
Addressing the Cyber-Security Landscape
 
20181206 sps geneve we are moving to the cloud what about security
20181206 sps geneve we are moving to the cloud what about security20181206 sps geneve we are moving to the cloud what about security
20181206 sps geneve we are moving to the cloud what about security
 
Webinar: Securing Remote Workforce on the Microsoft Cloud
Webinar: Securing Remote Workforce on the Microsoft CloudWebinar: Securing Remote Workforce on the Microsoft Cloud
Webinar: Securing Remote Workforce on the Microsoft Cloud
 
Community IT - Single Sign On
Community IT - Single Sign OnCommunity IT - Single Sign On
Community IT - Single Sign On
 
Ibm security overview 2012 jan-18 sellers deck
Ibm security overview 2012 jan-18 sellers deckIbm security overview 2012 jan-18 sellers deck
Ibm security overview 2012 jan-18 sellers deck
 
Modern Workplace with Microsoft 365
Modern Workplace with Microsoft 365Modern Workplace with Microsoft 365
Modern Workplace with Microsoft 365
 
Microsoft 365 eEnterprise E5 Overview
Microsoft 365 eEnterprise E5 OverviewMicrosoft 365 eEnterprise E5 Overview
Microsoft 365 eEnterprise E5 Overview
 
Getting secure in a mobile-first world with EMS
Getting secure in a mobile-first world with EMSGetting secure in a mobile-first world with EMS
Getting secure in a mobile-first world with EMS
 
Microsoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewMicrosoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 Overview
 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security Overview
 
Complete Endpoint protection
Complete Endpoint protectionComplete Endpoint protection
Complete Endpoint protection
 
CSS17: Houston - Introduction to Security in the Cloud
CSS17: Houston - Introduction to Security in the CloudCSS17: Houston - Introduction to Security in the Cloud
CSS17: Houston - Introduction to Security in the Cloud
 
O365Con18 - Deep Dive into Microsoft 365 - Jussi Roine
O365Con18 - Deep Dive into Microsoft 365 - Jussi RoineO365Con18 - Deep Dive into Microsoft 365 - Jussi Roine
O365Con18 - Deep Dive into Microsoft 365 - Jussi Roine
 

More from Arjan Cornelissen

20191010 - O365 connect setting up a secure office 365 environment
20191010 - O365 connect setting up a secure office 365 environment20191010 - O365 connect setting up a secure office 365 environment
20191010 - O365 connect setting up a secure office 365 environmentArjan Cornelissen
 
20190622 - SPS Mardid - using automation in office 365
20190622 - SPS Mardid - using automation in office 36520190622 - SPS Mardid - using automation in office 365
20190622 - SPS Mardid - using automation in office 365Arjan Cornelissen
 
20181220 diwug setting up a secure office 365 environment
20181220 diwug setting up a secure office 365 environment20181220 diwug setting up a secure office 365 environment
20181220 diwug setting up a secure office 365 environmentArjan Cornelissen
 
20181213 - wazug protecting your data with azure ad
20181213 - wazug protecting your data with azure ad20181213 - wazug protecting your data with azure ad
20181213 - wazug protecting your data with azure adArjan Cornelissen
 
20181115 O365 connect protecting your data in office 365
20181115 O365 connect protecting your data in office 36520181115 O365 connect protecting your data in office 365
20181115 O365 connect protecting your data in office 365Arjan Cornelissen
 
20181110 sps leicester connect protecting your data in office 365
20181110 sps leicester connect protecting your data in office 36520181110 sps leicester connect protecting your data in office 365
20181110 sps leicester connect protecting your data in office 365Arjan Cornelissen
 
20180630 spsnl using office 365 for your first line workers
20180630 spsnl using office 365 for your first line workers20180630 spsnl using office 365 for your first line workers
20180630 spsnl using office 365 for your first line workersArjan Cornelissen
 
20170610 spsnl how to solve azure ad connect sync issues
20170610 spsnl how to solve azure ad connect sync issues20170610 spsnl how to solve azure ad connect sync issues
20170610 spsnl how to solve azure ad connect sync issuesArjan Cornelissen
 
20170518 wat kan azure automation bieden voor office 365 klanten
20170518 wat kan azure automation bieden voor office 365 klanten20170518 wat kan azure automation bieden voor office 365 klanten
20170518 wat kan azure automation bieden voor office 365 klantenArjan Cornelissen
 

More from Arjan Cornelissen (9)

20191010 - O365 connect setting up a secure office 365 environment
20191010 - O365 connect setting up a secure office 365 environment20191010 - O365 connect setting up a secure office 365 environment
20191010 - O365 connect setting up a secure office 365 environment
 
20190622 - SPS Mardid - using automation in office 365
20190622 - SPS Mardid - using automation in office 36520190622 - SPS Mardid - using automation in office 365
20190622 - SPS Mardid - using automation in office 365
 
20181220 diwug setting up a secure office 365 environment
20181220 diwug setting up a secure office 365 environment20181220 diwug setting up a secure office 365 environment
20181220 diwug setting up a secure office 365 environment
 
20181213 - wazug protecting your data with azure ad
20181213 - wazug protecting your data with azure ad20181213 - wazug protecting your data with azure ad
20181213 - wazug protecting your data with azure ad
 
20181115 O365 connect protecting your data in office 365
20181115 O365 connect protecting your data in office 36520181115 O365 connect protecting your data in office 365
20181115 O365 connect protecting your data in office 365
 
20181110 sps leicester connect protecting your data in office 365
20181110 sps leicester connect protecting your data in office 36520181110 sps leicester connect protecting your data in office 365
20181110 sps leicester connect protecting your data in office 365
 
20180630 spsnl using office 365 for your first line workers
20180630 spsnl using office 365 for your first line workers20180630 spsnl using office 365 for your first line workers
20180630 spsnl using office 365 for your first line workers
 
20170610 spsnl how to solve azure ad connect sync issues
20170610 spsnl how to solve azure ad connect sync issues20170610 spsnl how to solve azure ad connect sync issues
20170610 spsnl how to solve azure ad connect sync issues
 
20170518 wat kan azure automation bieden voor office 365 klanten
20170518 wat kan azure automation bieden voor office 365 klanten20170518 wat kan azure automation bieden voor office 365 klanten
20170518 wat kan azure automation bieden voor office 365 klanten
 

Recently uploaded

Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Hyundai Motor Group
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 

Recently uploaded (20)

Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 

Moving to the cloud securely

  • 1. We are moving to the cloud, what about security
  • 2. Arjan Cornelisssen SharePoint & Office 365 Architect WorkTogether.tech @arjancornelis
  • 3. How did we do security?
  • 4. Sobering statistics The frequency and sophistication of cybersecurity attacks are escalating $6T annual cost of cybercrime to the global economy $4M average cost of a data breach to a company 140+ median # days attackers reside within a victim’s network before detection network intrusions due to compromised user credentials 75%+
  • 5. Common passwords 1. 123456 2. 123456789 3. qwerty 4. 111111 5. 12345678 6. 123123 7. password 8. 1234567 9. 12345 10. 1234567890 11. abc123 12. 123 13. 123321 14. password1 15. qwertyuiop 16. 666666 17. a123456 18. 1234 19. 654321 20. 5201314 21. 123456a 22. iloveyou 23. 11111111 24. 159753 25. 123123123
  • 6. Updated NIST Guidelines Three main changes: 1. No more periodic password changes 2. No more imposed password complexity 3. Validate new passwords against commonly used passwords http://aka.ms/passwordguidance Minimum Length Requirements (to defeat brute force hash attacks) Don’t use commonly attacked passwords Use unique passwords
  • 9.
  • 10. Conditional Access Microsoft Cloud 3rd Party SaaS Apps On Premises Apps Microsoft Azure Prevent data leak Disable print Restrict download Enforce MFA Block sign-in Allow sign-in Access Control Session Restrictions OS Platform Is Compliant / Domain joined Is lost or stolen Device Risk Device User identity Group membership Session Risk User Mobile or Cloud app Per app policy App Location IP range Country / Region ApplicationsPolicy ControlsPolicy Conditions Windows Defender Azure AD Identity Protection Service Terms of Use Partners
  • 11. IF Privileged user? Credentials found in public? Accessing sensitive app? Unmanaged device? Malware detected? IP detected in Botnet? Impossible travel? Anonymous client? High Medium Low User risk 10TB per day THEN Require MFA Allow access Deny access Force password reset****** Limit access High Medium Low Session risk Azure Bing OneDrive Microsoft Cyber Defense Operations Center Microsoft Cybercrime Center Xbox Live Microsoft Accounts Skype Risk-based conditional access
  • 16. Access granted to data Microsoft Enterprise Mobility + Security Apps Risk MICROSOFT INTUNE AZURE ACTIVE DIRECTORY MICROSOFT CLOUD APP SECURITY AZURE INFORMATION PROTECTION MICROSOFT ADVANCED THREAT ANALYTICS ! Device ! CONDITIONAL ACCESS Location Classify Audit Protect Label ! !
  • 18. Microsoft Enterprise Mobility + Security Technology Benefit E3 E5 Azure Active Directory Premium P1 Secure single sign-on to cloud and on-premises app MFA, conditional access, and advanced security reporting ● ● Azure Active Directory Premium P2 Identity and access management with advanced protection for users and privileged identities ● Microsoft Intune Mobile device and app management to protect corporate apps and data on any device ● ● Azure Information Protection P1 Encryption for all files and storage locations Cloud-based file tracking ● ● Azure Information Protection P2 Intelligent classification and encryption for files shared inside and outside your organization ● Microsoft Cloud App Security Enterprise-grade visibility, control, and protection for your cloud applications ● Microsoft Advanced Threat Analytics Protection from advanced targeted attacks leveraging user and entity behavioral analytics ● ● Identity and access management Managed mobile productivity Information protection Threat Detection
  • 19. Privileged Identity Management Enforce on-demand, just-in-time administrative access when needed Ensure policies are met with alerts, audit reports and access reviews Manage admins access in Azure AD and also in Azure RBAC User Administrator Discover, restrict, and monitor privileged identities UserAdministrator privileges expire after a specified interval
  • 21.
  • 24. Our Security mindset needs to be updated

Editor's Notes

  1. Eigen datacenter welke met dikke firewalls waren afgeschermd Alles in eigen beheer of door lokale partij uitbesteed
  2. Password Spray (aka Brute Force, Hammering) Complexiteit, expiration werkt niet. Medewerkers gebruiken zaken die te onthouden zijn. Sticky notes
  3. Nu gaan we naar de cloud, hoe zit het nu met security We verlaten ons fort en nu wie kan er allemaal bij?
  4. De medewerker wordt nu het centrale punt om te beveiligen
  5. 11
  6. Custom Controls
  7. Ook op site collective niveau
  8. Azure Domain join
  9. 16
  10. 18