Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Office 365 User Group – Brisbane - Australia
Office 365 DLP Makes Data Protection Cool Again!
Edge Pereira – Senior Consul...
About Me
Our Agenda
• Introduction
• Data Loss Prevention
• eDiscovery
• Auditing
• Document Fingerprinting
• Encrypted Email Commu...
Define: Cool
Space Shuttle Endeavour attached to the International Space Station, May 23, 2011
Source: http://www.esa.int/...
Data Breaches
Source: Liam Clearly BRK2142 Microsoft Ignite
World’s
Biggest
Data
Breaches
(by August 2015)
SSSSource: http://www.informationisbeautiful.net/visualizations/worlds-bigg...
“By far, the most common record type exposed in 2014 were passwords, followed by usernames, email addresses,
and PII (name...
“It was often said that people were the weakest link in any security chain—and that was true when attacks were less
sophis...
“SCAMS strip Australians of at least $80 million a year and gathering a vault of personal information that can be used in
...
Source: http://www.forbes.com/sites/gilpress/2015/05/22/stopping-data-breaches-whose-job-is-it-anyway/
Sara Aziz Janet Denis
Sales Finance Sales Manager Legal
Our Demo Participants
DEMO:
Data Loss Prevention
“The personal details of world leaders – including David Cameron, Barack Obama and Vladimir Putin – have been
accidentally...
Source: http://www.canberratimes.com.au/national/public-service/federal-privacy-authorities-called-in-over-centrelink-brea...
DEMO:
eDiscovery
DEMO:
Encrypted Email
Communications
DEMO:
Document
Fingerprinting
50%
Of the IT organizations will use security services firms that
specialize in data protection, security risk management ...
Archiving for Non-Microsoft Data
Social — Twitter, Facebook, Yammer, LinkedIn, etc.
Instant messaging — Yahoo Messenger, G...
Office 365 Roadmap – Exchange
(as of September 2015)
Office 365 Roadmap – SharePoint and PowerBI
(as of September 2015)
Office 365 Roadmap – Collaboration and Search
(as of September 2015)
Office 365 Roadmap – Collaboration and Search
(as of September 2015)
When is the Next Office 365 Roadmap Update?
(as of September 2015)
Q & A
Learn More
TechEd 2014 Security, Privacy and Compliance Overview
https://channel9.msdn.com/Events/TechEd/Australia/2014/OS...
Thank You
www.superedge.net
edge@superedge.net
Twitter: @superedge
Facebook: www.facebook.com/edgepmo
DLP extensibility points
Content Analysis Process
Joseph F. Foster
Visa: 4485 3647 3952 7352
Expires: 2/2012
Get
Content
4485 3647 3952 7352  a 16...
Force the DLP Updates
# Office 365 UserGroup – Brisbane – Australia
# Edge Pereira – edge@superedge.net
#
# Force the DLP ...
Registry Key Outlook Client
Upcoming SlideShare
Loading in …5
×

Office 365 DLP Makes Data Protection Cool Again!

1,172 views

Published on

Edge Pereira will demonstrate in this session why Office 365 DLP is making security cool again. With several demos and samples this session is great for you to understand how DLP works and how to setup one yourself.

  • Be the first to comment

  • Be the first to like this

Office 365 DLP Makes Data Protection Cool Again!

  1. 1. Office 365 User Group – Brisbane - Australia Office 365 DLP Makes Data Protection Cool Again! Edge Pereira – Senior Consultant - Avanade edge@superedge.net
  2. 2. About Me
  3. 3. Our Agenda • Introduction • Data Loss Prevention • eDiscovery • Auditing • Document Fingerprinting • Encrypted Email Communications Source: http://www.phdcomics.com/comics.php?f=1553
  4. 4. Define: Cool Space Shuttle Endeavour attached to the International Space Station, May 23, 2011 Source: http://www.esa.int/spaceinvideos/Videos/2011/06/ISS_with_Space_Shuttle_Endeavour_and_ATV-2_Docked
  5. 5. Data Breaches Source: Liam Clearly BRK2142 Microsoft Ignite
  6. 6. World’s Biggest Data Breaches (by August 2015) SSSSource: http://www.informationisbeautiful.net/visualizations/worlds-biggest- data-breaches-hacks/
  7. 7. “By far, the most common record type exposed in 2014 were passwords, followed by usernames, email addresses, and PII (name, address, SSN, DOB, phone number, etc.)…” 1 Billion Criminals are starting to favour PII over financial information, because it's easier to sell and leverage Source: http://www.cio.com/article/2848593/data-breach/nearly-a-billion-records-were-compromised-in-2014.html Records Compromised in 2014
  8. 8. “It was often said that people were the weakest link in any security chain—and that was true when attacks were less sophisticated. But today, no amount of education will stop hackers from getting into your network.” $400 Million There were 2,122 confirmed data breaches in 2014 Source: http://www.forbes.com/sites/gilpress/2015/05/22/stopping-data-breaches-whose-job-is-it-anyway/ Losses Due to Data Breaches
  9. 9. “SCAMS strip Australians of at least $80 million a year and gathering a vault of personal information that can be used in fraud sprees.” $80 Million Criminals are buying and selling names, addresses, birth dates, bank account and other personal details on the black market to commit identity fraud or find scam victims, a report warns. Source: http://www.heraldsun.com.au/news/law-order/scammers-steal-80-million-a-year-and-personal-information-from-australians/story-fni0fee2-1227358157405 Individual Losses Due to Scammers
  10. 10. Source: http://www.forbes.com/sites/gilpress/2015/05/22/stopping-data-breaches-whose-job-is-it-anyway/
  11. 11. Sara Aziz Janet Denis Sales Finance Sales Manager Legal Our Demo Participants
  12. 12. DEMO: Data Loss Prevention
  13. 13. “The personal details of world leaders – including David Cameron, Barack Obama and Vladimir Putin – have been accidentally revealed in an embarrassing privacy breach.” It has been discovered that an employee at the Australian immigration department mistakenly sent personal information of all world leaders attending the G20 Summit to organisers of the Asian Cup football tournament. And the heads of government were kept in the dark about the employee’s blunder. The passport numbers and visa details of United States president, Barack Obama, the Russian president, Vladimir Putin, the German chancellor, Angela Merkel, the Chinese president, Xi Jinping, the Indian prime minister, Narendra Modi, the Japanese prime minister, Shinzo Abe, the Indonesian president, Joko Widodo, and the British prime minister, David Cameron, were all exposed. Source: http://www.independent.co.uk/news/world/personal-details-of-obama-putin-cameron-and-merkel-sent-to-wrong-email-address-by-g20-summit-organiser-10142539.html Leaks and Training
  14. 14. Source: http://www.canberratimes.com.au/national/public-service/federal-privacy-authorities-called-in-over-centrelink-breach-20140818-105hjw Leaks and Training
  15. 15. DEMO: eDiscovery
  16. 16. DEMO: Encrypted Email Communications
  17. 17. DEMO: Document Fingerprinting
  18. 18. 50% Of the IT organizations will use security services firms that specialize in data protection, security risk management and security infrastructure management to enhance their security postures Source: http://www.gartner.com/newsroom/id/2828722 By 2018, Data Leakage Protection
  19. 19. Archiving for Non-Microsoft Data Social — Twitter, Facebook, Yammer, LinkedIn, etc. Instant messaging — Yahoo Messenger, GoogleTalk, Jabber, etc. Document collaboration — Box, DropBox, etc. Verticals — SalesForce Chatter, Thomson Reuters, Bloomberg, etc. SMS/text messaging — BlackBerry, MobileGuard, etc.
  20. 20. Office 365 Roadmap – Exchange (as of September 2015)
  21. 21. Office 365 Roadmap – SharePoint and PowerBI (as of September 2015)
  22. 22. Office 365 Roadmap – Collaboration and Search (as of September 2015)
  23. 23. Office 365 Roadmap – Collaboration and Search (as of September 2015)
  24. 24. When is the Next Office 365 Roadmap Update? (as of September 2015)
  25. 25. Q & A
  26. 26. Learn More TechEd 2014 Security, Privacy and Compliance Overview https://channel9.msdn.com/Events/TechEd/Australia/2014/OSS203 Office 365 Trust Centre http://office.microsoft.com/en-au/business/office-365-trust-center-cloud-computing-security-FX103030390.aspx Office Blogs http://blogs.office.com/2013/10/23/cloud-services-you-can-trust-security-compliance-and-privacy-in-office-365/
  27. 27. Thank You www.superedge.net edge@superedge.net Twitter: @superedge Facebook: www.facebook.com/edgepmo
  28. 28. DLP extensibility points
  29. 29. Content Analysis Process Joseph F. Foster Visa: 4485 3647 3952 7352 Expires: 2/2012 Get Content 4485 3647 3952 7352  a 16 digit number is detected RegEx Analysis 1. 4485 3647 3952 7352  matches checksum 2. 1234 1234 1234 1234  does NOT match Function Analysis 1. Keyword Visa is near the number 2. A regular expression for date (2/2012) is near the number Additional Evidence 1. There is a regular expression that matches a check sum 2. Additional evidence increases confidence Verdict
  30. 30. Force the DLP Updates # Office 365 UserGroup – Brisbane – Australia # Edge Pereira – edge@superedge.net # # Force the DLP down to the users using remote powershell # $cred = get-credential $session = new-pssession -configurationname Microsoft.Exchange -connectionuri https://ps.outlook.com/powershell/ -credential $cred -authentication basic -allowredirection Import-pssession $session Set-executionpolicy unrestricted Start-managedfolderassistant <username> Get-pssession | remove-pssession
  31. 31. Registry Key Outlook Client

×