Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Microsoft 365 Security and Compliance

233 views

Published on

Cyberspace is the new battlefield:
We’re seeing attacks on civilians and organizations from nation states. Attacks are no longer just against governments or enterprise systems directly. We’re seeing attacks against private property—the mobile devices we carry around everyday, the laptop on our desks—and public infrastructure. What started a decade-and-a-half ago as a sense that there were some teenagers in the basement hacking their way has moved far beyond that. It has morphed into sophisticated international organized crime and, worse, sophisticated nation state attacks.

Personnel and resources are limited:
According to an annual survey of 620 IT professional across North America and Western Europe from ESG, 51% respondents claim their organization had a problem of shortage of cybersecurity skills—up from 23% in 2014.1 The security landscape is getting more complicated and the stakes are rising, but many enterprises don’t have the resources they need to meet their security needs.

Virtually anything can be corrupted:
The number of connected devices in 2018 is predict to top 11 billion – not including computers and phones. As we connect virtually everything, anything can be disrupted. Everything from the cloud to the edge needs to be considered and protected.2

Published in: Technology
  • Be the first to comment

Microsoft 365 Security and Compliance

  1. 1. Cyberspace is the new battlefield Security skills are in short supply Virtually anything can be attacked The cybersecurity landscape is rapidly changing
  2. 2. Source: https://informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/
  3. 3. Microsoft Intelligent Security Graph
  4. 4. Stopping cyber attacks Real-world intelligence at work Intelligent Edge Intelligent Cloud Local ML models, behavior-based detection algorithms, generics, heuristics Metadata-based ML models Sample analysis-based ML models Detonation-based ML models Big data analytics March 6 – Behavior-based detection algorithms blocked more than 400,000 instances of the Dofoil trojan. February 3 – Client machine learning algorithms automatically stopped the malware attack Emotet in real time. October 2017 – Cloud-based detonation ML models identified Bad Rabbit, protecting users 14 minutes after the first encounter. 2017 2018 August 2018 – Cloud machine learning algorithms blocked a highly targeted campaign to deliver Ursnif malware to under 200 targets
  5. 5. The changing landscape of enterprise security Mobile workforce 72% of the US workforce will be mobile by 2020, relying on devices other than their laptops to be productive. 72% 1/3 Shadow IT By 2022, a third of successful attacks experienced by enterprises will be on their shadow IT resources. Compromised passwords 81% of confirmed data breaches involved weak, default, or stolen passwords. 81%
  6. 6. Everyone agrees that security is important… Of global organizations indicate that security is a top challenge 77%
  7. 7. …but most don’t prioritize it. Of global organizations indicate that security is a top challenge 77% Of customers have turned on multi-factor authentication2%
  8. 8. Intelligent security Protect users’ identities and control access to valuable resources Protect against advanced threats and recover quickly when attacked Ensure documents and emails are seen only by authorized people Gain visibility and control over security tools Identity & access management Threat protection Security management Information protection
  9. 9. Securing Privileged Access Office 365 Security Rapid Cyberattacks (Wannacrypt/Petya) https://aka.ms/MCRA Video Recording Strategies SQL Encryption & Data Masking Office 365 Dynamics 365 +Monitor Data Loss Protection Data Governance eDiscovery
  10. 10. Securing Privileged Access Office 365 Security Rapid Cyberattacks (Wannacrypt/Petya) https://aka.ms/MCRA Video Recording Strategies SQL Encryption & Data Masking Office 365 Dynamics 365 +Monitor Data Loss Protection Data Governance eDiscovery
  11. 11. Intelligent security Protect users’ identities and control access to valuable resources Protect against advanced threats and recover quickly when attacked Ensure documents and emails are seen only by authorized people Gain visibility and control over security tools Identity & access management Threat protection Security management Information protection
  12. 12. The path to reducing vulnerabilities with your Microsoft 365 Security products Advanced securityFundamental baseline security
  13. 13. Fundamental baseline security The path to reducing vulnerabilities with your Microsoft 365 Security products Advanced security
  14. 14. Baseline security Covering your bases Identity protection Device protection App/information protection
  15. 15. Baseline security Covering your bases Identity protection Device protection App/information protection Azure Active Directory Conditional access Multifactor authentication Single sign-on Password reset PROTECTING AGAINST: Password hacks and credential theft Basic device protection for mobile devices Intune Mobile Device Management Mobile App Management PROTECTING AGAINST: Unauthorized data access/ data leakage Office ATP Basic email protection PROTECTING AGAINST: Email and URL hacking
  16. 16. Fundamental baseline security Advanced security The path to reducing vulnerabilities with your Microsoft 365 Security products
  17. 17. Fundamental baseline security Advanced security IDENTITY AND THREAT PROTECTION INFORMATION PROTECTION AND COMPLIANCE The path to reducing vulnerabilities with your Microsoft 365 Security products
  18. 18. Advanced security Identity and threat protection Identity protection Device protection App/information protection
  19. 19. Advanced security Identity and threat protection Identity protection Device protection App/information protection PROTECTING AGAINST: Unacceptable access/Insider threats PROTECTING AGAINST: Cyber threats to endpoints PROTECTING AGAINST: Anomalous use against policies /Shadow IT Azure Active Directory P2–Identity Protection Azure Active Directory P2–Privileged Identity Management Azure Advanced Threat Protection Windows Defender Advanced Threat Protection Microsoft Cloud App Security Advanced endpoint protection EDR Visibility and control of cloud applications
  20. 20. Fundamental baseline security Advanced security IDENTITY AND THREAT PROTECTION INFORMATION PROTECTION AND COMPLIANCE The path to reducing vulnerabilities with your Microsoft 365 Security products
  21. 21. Advanced security Information protection and compliance Information protection Compliance
  22. 22. Advanced security Information protection and compliance Data Loss Protection for Office workloads—starter for blocking sharing of exchange files Office DLP Basic classification/labeling/ encryption Azure Information Protection P1 Automatic classification and labeling for content on prem or in cloud Azure Information Protection P2 Information protection Compliance PROTECTING AGAINST: Unauthorized access or sharing of classified content Perform search of content sources in organization, relevant to legal or compliance cases, analysis Use ML to drive governance, find/retain important data while eliminating unnecessary data Provision/manage keys used to encrypt data at rest in Office 365 Approve/reject access request made by support engineers to access customer data Advanced eDiscovery Advanced data governance 2nd Customer Key 2nd Customer Lock Box PROTECTING AGAINST: Unauthorized content searches
  23. 23. Default file encryptions Permissions for SharePoint and OneDrive for Business libraries External sharing policies Device access policies for SharePoint Online and OneDrive for Business Intune device management of PCs Protect data Protect people and devices Getting to baseline security
  24. 24. Protect data Protect people and devices Mobile apps protection Intune device management of PCs and phones/tablets Azure Active Directory multi-factor authentication Azure Active Directory conditional access Classification, labeling, and protection Getting to advanced security Bring Your Own Key (BYOK) with Azure information Protection and SharePoint Online Hold Your Own Key (HYOK) with Active Directory Rights Management Service and SharePoint Online Data Loss Prevention (DLP) in Office 365 Office 365 service encryption with Customer Key (coming soon) Windows 10 capabilities: Bitlocker and Windows Information Protection (WIP) Azure Active Directory Identity Protection Microsoft Cloud App Security or, Office 365 Cloud App Security Azure Active Directory Privileged Identity Management
  25. 25. Secure identities to reach zero trust Identity & access management Security management Strengthen your security posture with insights and guidance Threat protection Help stop damaging attacks with integrated and automated security Locate and classify information anywhere it lives Information protection Infrastructure security
  26. 26. Infrastructure security Defense in Depth Azure Built-in Controls Identity & Access Apps & Data Security Network Security Threat Protection Security Management
  27. 27. Infrastructure security Defense in Depth Microsoft + Partners Role based access Encryption DDoS Protection Antimalware Log Management Multi-Factor Authentication Confidential Computing NG Firewall AI Based Detection and Response Security Posture Assessment Central Identity Management Key Management Web App Firewall Cloud Workload Protection Policy and governance Identity Protection Certificate Management Enterprise Connectivity SQL Threat Protection Regulatory Compliance Privileged Identity Management Information Protection Network Segmentation IoT Security SIEM Identity & Access Apps & Data Security Network Security Threat Protection Security Management
  28. 28. Secure data through its lifecycle Protect data in useStandard Data Protection At rest Encrypt inactive data when stored in blob storage, database, etc. In transit Encrypt data that is flowing between untrusted public or private networks In use Protect/Encrypt data that is in use during computation
  29. 29. Manage keys and certificates for secure applications Key, Secrets & Certificate Management, backed by cloud hosted HSMs- Azure Key Vault Virtual machines Applications Storage & databases Encrypt keys and small secrets using keys in Hardware Security Modules (HSMs) Simplify and automate tasks for SSL/TLS certificates, enroll and automatically renew certificates Rapidly scale to meet the cryptographic needs of your cloud applications and match peak demand Safeguard cryptographic keys and other secrets used by cloud apps and services
  30. 30. Application protection Network protection services enabling zero trust Network Security Groups Distributed inbound & outbound network (L3-L4) traffic filtering on VM, Container or subnet DDoS protection DDOS protection tuned to your application traffic patterns Micro segmentation Web Application Firewall Centralized inbound web application protection from common exploits and vulnerabilities Azure Firewall Centralized outbound and inbound (non-HTTP/S) network and application (L3-L7) filtering Service Endpoints Restrict access to Azure service resources (PaaS) to only your Virtual Network
  31. 31. Manage Security Posture and Define Governance Continuous Assessment & Recommendations Centralized Security Policy Compliance Reports Templates & Blueprints Cloud Security Posture Management + Governance
  32. 32. Identity and access management Conditional access Identity protectionSecure authentication
  33. 33. Secure authentication Getting to a world without passwords Microsoft Authenticator FIDO2 Security KeysWindows Hello
  34. 34. Secure authentication Microsoft Authenticator MFA for enterprise and consumer accounts and applications Device registration (workplace join) Single sign-on to native mobile apps Certificate-based SSO
  35. 35. Identity protection An integral component of Microsoft Threat Protection Azure AD Identity Protection Azure ATP Microsoft Cloud App Security
  36. 36. Microsoft Threat Protection Correlate across attack vectors Detect & remediate breaches Protect the digital estate Help stop damaging attacks with integrated and automated security
  37. 37. Microsoft Threat Protection Identities Endpoints User Data Cloud Apps Infrastructure Intelligent Security Graph | 6.5 TRILLION signals per day
  38. 38. Protect the digital estate Guidance for better control over expanding attack surface Shared signal helps protect all attack vectors Unparalleled visibility helps you focus on the right actions
  39. 39. Correlate across attack vectors
  40. 40. Detect and remediate breaches Seamless integration across services to stop advanced threats Detailed, real-time telemetry to provide threat campaign information In-depth alerts and intelligent recommendations for threat mitigation
  41. 41. Microsoft Information Protection Discover & classify sensitive information Apply protection based on policy Monitor & remediate Apps On-premisesCloud servicesDevices Across Accelerate Compliance
  42. 42. Follow the data—throughout its lifecycle Apply protection based on policy Have you defined what “sensitive data” means for your company? Do you have a way to detect sensitive data across your company? Do you have a way to ensure that labels persist with the data—wherever it travels? Which regulations and compliance factors impact you? Are you able to empower end-users to classify and label content themselves, or apply automatically based on company policies? Detect & classify sensitive information Monitor & remediate Do you have visibility into how sensitive data is being access and shared, even across 3rd-party SaaS apps and cloud services? Are you able to remediate actions immediately, such as quarantine data or block access? Are you able to integrate event information into your SIEM system or other tools?
  43. 43. Security management Strengthen your security posture with insights and guidance Visibility Control Guidance Devices InfrastructureApps & dataIdentity Across
  44. 44. Visibility
  45. 45. Control
  46. 46. Guidance
  47. 47. M365 F1 M365 E31 M365 E51 Operating System Windows Enterprise (including VDA rights) ⚫2 ⚫ ⚫ Productivity & Collaboration Office client apps (Word, Excel, PowerPoint, OneNote, Access) ⚫ ⚫ Office Mobile apps, chat and meetings (Microsoft Teams, Skype for Business Online), email & calendar (Outlook, Exchange), social & Internet (SharePoint, Yammer), task management (PowerApps, Flow, Planner) ⚫3 ⚫ ⚫ Device & App Management Microsoft Intune, Windows AutoPilot, Fine Tuned User Experience, and Windows Analytics Device Health ⚫ ⚫ ⚫ Security Microsoft Advanced Threat Analytics, Windows Defender Antivirus, Device Guard4, Azure Active Directory Plan 1, Windows Hello, Credential Guard, Direct Access4 ⚫ ⚫ ⚫ Microsoft 365 E5 Security (Microsoft Cloud App Security, Azure Active Directory Plan 2, Office 365 Advanced Threat Protection Plan 2, Azure Advanced Threat Protection, Windows Defender Advanced Threat Protection) ⚫ Compliance Windows Information Protection, BitLocker, Azure Information Protection Plan 1 ⚫ ⚫ ⚫ Office 365 Data Loss Prevention ⚫ ⚫ Microsoft 365 E5 Compliance (Office 365 Advanced Compliance, Azure Information Protection Plan 2) ⚫ Communications Audio Conferencing, Phone System ⚫ Analytics MyAnalytics ⚫ ⚫ ⚫ Delve ⚫ ⚫ Power BI Pro ⚫ SeeSpeakerNotesforfootnotes Microsoft 365 Enterprise Plan Overview
  48. 48. challenges integrating with customers’ existing security tools and workflows connecting customers’ security technologies to streamline operations and improve threat defense opportunities+
  49. 49. Unify integration with Microsoft Graph ALL • Microsoft 365 • Azure • Microsoft Partners ONE https://graph.microsoft.com
  50. 50. Microsoft Graph Security API Streamline alert correlation and management Simplify orchestration and automation Unlock context to inform security operations
  51. 51. What is the Security API? Microsoft services – no extra cost
  52. 52. Alerts Other Security Entities* (context, actions, …) Common Libraries, Authentication, and Authorization Graph Security API Federates Queries, Aggregates Results, Applies Common Schema Secure Score Other Graph Services (Azure AD, O365, SharePoint, Intune …) Intune Azure AD Identity Protection Azure ATP Cloud Application Security Azure Security Center Azure Info ProtectionOffice 365 ATP Windows Defender ATP SIEM + log analytics Your custom app Security applications
  53. 53. Contact Information © 2019 Razor Technology, LLCwww.razor-tech.com David Rosenthal VP & General Manager Digital Business @DavidJRosenthal Slideshare Blog: www.razor-tech.com 5 Tower Bridge 300 Barr Harbor Dr., Suite 705 West Conshohocken, PA 19428 www.razor-tech.com David.Rosenthal@razor-tech.com Cell: 215.801.4430 Office: 866.RZR.DATA LETS KEEP IN TOUCH

×