Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

SPC18 - Getting Started with Office 365 Advanced Threat Protection for SharePoint, OneDrive for Business and Teams

256 views

Published on

This is the deck from my presentation at SPC18 on Getting Started with Office 365 Advanced Threat Protection for SharePoint, OneDrive for Business and Teams.

Published in: Technology
  • Be the first to comment

SPC18 - Getting Started with Office 365 Advanced Threat Protection for SharePoint, OneDrive for Business and Teams

  1. 1. I have over 30 years of IT industry experience, including over 18 years working with SharePoint. I specialize in managing, designing, securing and deploying Microsoft Cloud, On-Premises and Hybrid based solutions on SharePoint, Office 365 and Azure. I am a Microsoft P-CSA as well as a SharePoint author (SharePoint 2013 Disaster Recovery Guide). LinkedIn - https://www.linkedin.com/in/jeffgellman83 Twitter – http://twiller.com/jeffgellman
  2. 2. WinWire Technologies WinWire helps clients gain competitive advantage through Innovative Software Solutions Four Consecutive Years RANKED ON CRN FAST GROWTH 150 LIST More than 100 CUSTOMERS IN SEVERAL INDUSTRIES 11+ years AND 7 GLOBAL OFFICES 450+ CONSULTANTS
  3. 3. Azure based Solutions Data & AI Application Modernization Collaboration Enterprise Mobility Intelligent Cloud transforms the way you work AI, ML and Bots yields actionable business insights Application Modernization for Digital Transformation Collaborate using SharePoint & Office 365 services Mobilizing Your Enterprise
  4. 4. Customer • Law Firm currently using Lotus Notes , Office 2016, SharePoint 2013 and AirWatch MDM • Using ADFS 3.0 for SSO to multiple internal and SaaS applications • Purchased 1400 licenses for Office 365 E3 and 250 licenses for EM+S E3 • Very sensitive about what information can and should be stored in the cloud • Security is of upmost importance Customer Goals • Understand how to use and take advantage of the full capabilities of Office 365 and EM+S. • Understand the benefits of moving from Lotus Notes and Domino to Office 365 • Understand how to best protect and secure company email, IP and client files in the cloud. • Develop a strategy for deploying Office ProPlus • Develop and implement an MAM strategy. Post-Assessment Opportunities • Demonstrate the benefits of moving from Lotus Notes to Office 365. • Demonstrate how Azure Information Protection and Advanced Data Governance can help them manage and secure their IP. • Demonstrate how they can leverage Office 365 Advanced Threat Protection to protect their email and Office 365 files • Demonstrate how they can leverage Azure Active Directory and Conditional Access Case Study - Law Firm - Office 365 Consulting & Security Assessment
  5. 5. Sources: McKinsey, Ponemon Institute, Verizon, Microsoft “CYBER SECURITY IS A CEO ISSUE.” - M C K I N S E Y CYBER THREATS ARE A MATERIAL RISK TO YOUR BUSINESS is the average cost of a data breach per incident. of breaches involve weak or stolen passwords. $4.0M 81% new malware samples are created and spread every day. >300K of senior managers have admitted to accidentally leaking business data. 87%
  6. 6. Inability to Detect Malicious Activity Exposure to Advanced Attacks Difficulty in Responding to Threats Quickly The escalation in the number of threats and sophistication of these threats leave many organizations more exposed to attacks. With the volume of threats and enhanced capabilities of attackers, detection of malicious activity has become increasingly difficult. It is often difficult to know how to respond to a threats and the length of time to respond can add to the devastating effects of a breach.
  7. 7. Unique insights, informed by trillions of signals. This signal is leveraged across all of Microsoft’s security services Microsoft Intelligent Security Graph 450B monthly authentications 18+B Bing web pages scanned750M+ Azure user accounts Enterprise security for 90% of Fortune 500 Malware data from Windows Defender Shared threat data from partners, researchers and law Enforcement worldwide Botnet data from Microsoft Digital Crimes Unit 1.2B devices scanned each month 400B emails analyzed 200+ global cloud consumer and Commercial services
  8. 8. PROTECT organizations from advanced cyber attacks RESPOND to threats quickly DETECT malicious activities
  9. 9. Protect Your Email and Office 365 Productivity Files Stop malicious attachments Provide time of click protection against malicious links Stop known email and Office 365 productivity file based threats Protect
  10. 10. Visibility into Malicious Emails/ Files and Activity Access message and url trace reports Determine email attachment detonation results Gain visibility into the threat landscape Determine top targeted users Read detailed campaign reports Detect
  11. 11. Respond to Malicious Email and Office 365 Productivity Files Remove emails found to be malicious after they land in user inbox. Intelligent filters which update based on evolving cyber threat landscape. Ability to remediate for real-time malicious emails and Office 365 productivity files. Respond
  12. 12. Office 365 Advanced Threat Protection (ATP)
  13. 13. Your Success Depends on Protection From Cyber Threats
  14. 14. Feature Office 365 ATP Exchange Online Protection Safe Links Yes No Safe Attachments Yes No Spoof intelligence Yes No Quarantine Yes Yes Advanced anti-phishing capabilities Yes No
  15. 15. Sandboxing Multiple AV engines 1st and 3rd party reputation • anonymous links • companywide sharing • explicit sharing • guest user activity • file activity In Teams Collaboration signals • malware in email + SPO • Windows Defender • Windows Defender ATP • suspicious logins • risky IP addresses Threat feeds • users • IPs • On-demand patterns (e.g. WannaCry, Petra) Activity watch lists Leverage signals Files in SharePoint Online, OneDrive for Business, Microsoft Teams Applyheuristics Improves your security against zero-day attacks by directly integrating into OneDrive for Business, SharePoint Online, and Teams Safeguard your environment by blocking malicious content identified by ATP Protect your users from malicious links within shared documents in OneDrive for Business, SharePoint Online, and Teams Office 365 ATP SharePoint Online OneDrive for Business Microsoft Teams
  16. 16. Office 365 ATP Setup and Configuration Demo
  17. 17. True (recommended) False (defaut) All actions, except Delete, are blocked for detected files. All actions, except Delete and Download, are blocked for detected files. People cannot open, move, copy, or share detected files. People cannot open, move, copy, or share detected files. People see a visual cue that indicates that a file has been identified as malicious. No one can download the file. People see a visual cue that indicates a file has been identified as malicious, but they can choose to accept the risk and download the file anyway.
  18. 18. Attack vector OneDrive for Business How Office 365 ATP protects you OneDrive for Business OneDrive for Business File sharing events Detonation with ATP Block malicious files
  19. 19. Attack vector SharePoint Online How Office 365 ATP protects you SharePoint Online SharePoint Online OneDrive sync client File sharing events Detonation with ATP Block malicious files
  20. 20. Attack vector Microsoft Teams How Office 365 ATP protects you Microsoft Teams Microsoft Teams Microsoft Teams Files in Microsoft Teams Detonation with ATP Block malicious files
  21. 21. Office 365 ATP Demo
  22. 22. https://bit.ly/1QiOREh https://bit.ly/2k0VCRT https://bit.ly/2IHdjUu https://bit.ly/2L2W6TC https://bit.ly/2L1WtxQ https://bit.ly/2GjarYJ https://bit.ly/2L0yIq5
  23. 23. https://www.linkedin.com/in/jeffgellman83 http://twiller.com/jeffgellman http://www.winwire.com https://www.linkedin.com/company/winwire-technologies/ https://twitter.com/WinWire

×