Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Office 365 : Data leakage control, privacy, compliance and regulations in the cloud

934 views

Published on

If you are considering Microsoft Office 365 you need to understand what compliance features and capabilities are available. These features may replace existing compliance functionality or create new opportunities to meet compliance obligations. This session will explore features and capabilities, such as data retention, data leakage protection and discovery and demonstrate usages. The information presented is this session will help you navigate an organisational journey to Microsoft Office 365 by providing knowledge and examples to smooth the transition, whilst maintaining or enhancing your industry's regulatory compliance.

Published in: Internet
  • Be the first to comment

  • Be the first to like this

Office 365 : Data leakage control, privacy, compliance and regulations in the cloud

  1. 1. Edge Pereira edge@superedge.net
  2. 2. Our Agenda for Today (plan) • Data Loss Prevention • eDiscovery • Auditing • Document Fingerprinting • Encrypted Emails
  3. 3. Source: Gartner Report: IT Governance, Risk, and Compliance Management Solutions, http://www.gartner.com/resId=1884814 “Faced with never-ending and expanding regulatory and industry mandates, organizations invest tremendous amounts of energy on audit, compliance, controls, and (in some cases) risk management. At the same time, they seek to free staff resources from mundane tasks such as evidence gathering and simple reporting.”
  4. 4. “By far, the most common record type exposed in 2014 were passwords, followed by usernames, email addresses, and PII (name, address, SSN, DOB, phone number, etc.)…” 1 Billion Criminals are starting to favor PII over financial information, because it's easier to sell and leverage Source: http://www.cio.com/article/2848593/data-breach/nearly-a-billion-records-were-compromised-in-2014.html Records Compromised in 2014
  5. 5. Why are we here?
  6. 6. Compliance – What is it?
  7. 7. Why do we need to take compliance seriously?
  8. 8. So what is Microsoft doing? eDiscovery Auditing Encryption Information Management Policies Records Management
  9. 9. Two faces of compliance in Office 365 Built-in Office 365 capabilities (global compliance) Customer controls for compliance/internal policies • Access Control • Auditing and Logging • Continuity Planning • Incident Response • Risk Assessment • Communications Protection • Identification and Authorisation • Information Integrity • Awareness and Training • Data Loss Prevention • Archiving • eDiscovery • Encryption • S/MIME • Legal Hold • Rights Management
  10. 10. In practise, it looks like this
  11. 11. What does your organisation get? • • • • • •
  12. 12. So what does all that boil down to for ITPro’s? It is all about customer controls! Remembering “A control is a process, function, in fact anything that supports maintaining compliance”
  13. 13. Lets look at Office 365 customer controls Identify Monitor Protect Educate
  14. 14. Data Loss Prevention
  15. 15. 50% Of the IT organizations will use security services firms that specialize in data protection, security risk management and security infrastructure management to enhance their security postures Source: http://www.gartner.com/newsroom/id/2828722 By 2018, Data Leakage Protection
  16. 16. What is meant by Data Loss Prevention? in-use (endpoint actions) in-motion (network traffic) at-rest (data storage) [1] http://en.wikipedia.org/wiki/Data_loss_prevention_software “Quotation...” Good definition http://csrc.nist.gov/groups/SNS/rbac/documents/data-loss.pdf
  17. 17. In-use controls (end-point) • Operating System and Apps fully patched and up to date • End-point security tools installed and correctly configured • Firewall enabled and correctly configured • Access to required applications only • Access to “need to know” data • Compliance Adherence Monitoring
  18. 18. At-rest controls
  19. 19. Country PII Financial Health USA US State Security Breach Laws, US State Social Security Laws, COPPA GLBA & PCI-DSS (Credit, Debit Card, Checking and Savings, ABA, Swift Code) Limited Investment: US HIPPA, UK Health Service, Canada Health Insurance card Rely on Partners and ISVs Germany EU data protection, Drivers License, Passport National Id EU Credit, Debit Card, IBAN, VAT, BIC, Swift Code UK Data Protection Act, UK National Insurance, Tax Id, UK Driver License, Passport EU Credit, Debit Card, IBAN, BIC, VAT, Swift Code Canada PIPED Act, Social Insurance, Drivers License Credit Card, Swift Code France EU data protection, Data Protection Act, National Id (INSEE), Drivers License, Passport EU Credit, Debit Card, IBAN, BIC, VAT, Swift Code Japan PIPA, Resident Registration, Social Insurance, Passport, Driving License Credit Card, Bank Account, Swift Code
  20. 20. Establishing DLP • • • Australian sensitive information types provided by Microsoft • Bank Account Number • Driver's License Number • Medicare Account Number • Passport Number • Tax File Number
  21. 21. DEMO: Data Loss Prevention
  22. 22. eDiscovery
  23. 23. What do we means by eDiscovery? [2] Wikipedia (http://en.wikipedia.org/wiki/Electronic_discovery)
  24. 24. eDiscovery Process Find relevant content (documents, emails, Lync conversions)DISCOVERY PRESERVATION Place content on legal hold to prevent content modification and/or removal Collect and send relevant content for processing Prepare files for review PRODUCTION REVIEW Lawyers determine which content will be supplied to opposition Provide relevant content to opposition COLLECTION PROCESSING
  25. 25. Office 365 eDiscovery Centre
  26. 26. In-place Hold
  27. 27. Find what you need • •
  28. 28. Export for action
  29. 29. eDiscovery Considerations • Recoverable Items quotas separate from mailbox quotas and need to be monitored • In-Place Hold vs. Single Item Recovery vs. Retention Hold • Hybrid data sources
  30. 30. eDiscovery Reports
  31. 31. Important Benefits • Centrally managed proactive enforcement • Reduced collection touch points • Consistent and repeatable • Transparent to users • Minimises the need for offline copies, until they are needed • Instantly searchable/exportable
  32. 32. DEMO: eDiscovery
  33. 33. Auditing
  34. 34. Reporting and Auditing
  35. 35. SharePoint – Auditing Features
  36. 36. SharePoint Audit Reports
  37. 37. DEMO: Document Fingerprinting
  38. 38. DEMO: Encrypted Email
  39. 39. Q & A
  40. 40. Wrap Up • Data Loss Prevention • eDiscovery • Auditing • Document Fingerprinting • Encrypted Emails
  41. 41. Edge Pereira edge@superedge.net www.facebook.com/edgepmo www.twitter.com/superedge www.superedge.net
  42. 42. Learn More TechEd 2014 Office 365 Security and Compliance https://channel9.msdn.com/Events/TechEd/Australia/2014/OSS 304 Office 365 Trust Centre http://office.microsoft.com/en-au/business/office-365-trust- center-cloud-computing-security-FX103030390.aspx Office Blogs http://blogs.office.com/2013/10/23/cloud-services-you-can- trust-security-compliance-and-privacy-in-office-365/ Governance, risk management, and compliance http://en.wikipedia.org/wiki/Governance,_risk_management, _and_compliance Office 365 Service Descriptions http://technet.microsoft.com/en- us/library/jj819284%28v=technet.10%29 Useful Links
  43. 43. DLP extensibility points
  44. 44. Content Analysis Process Content analysis process Joseph F. Foster Visa: 4485 3647 3952 7352 Expires: 2/2012 Get Content 4485 3647 3952 7352  a 16 digit number is detected RegEx Analysis 1. 4485 3647 3952 7352  matches checksum 2. 1234 1234 1234 1234  does NOT match Function Analysis 1. Keyword Visa is near the number 2. A regular expression for date (2/2012) is near the number Additional Evidence 1. There is a regular expression that matches a check sum 2. Additional evidence increases confidence Verdict
  45. 45. Office 365 Message Encryption – Encrypt messages to any SMTP address Information Rights Management – Encrypt content and restrict usage; usually within own organization or trusted partners S/MIME – Sign and encrypt messages to users using certificates Encryption Solutions in Office 365
  46. 46. Registry Key Outlook Client

×