Loryan Strant
Office 365 MVP
Paradyne
How Does Microsoft
Secure My Email
with Office 365?
www.devconnections.com
SESSION TITLE
WHO AM I?
 Office 365 MVP & vTSP
 Business owner
 Blogger
 Speaker
http://theclou...
www.devconnections.com
SESSION TITLE
WHAT AM I TALKING
ABOUT?
Security of public cloud
Microsoft and security
Owning it
Pe...
www.devconnections.com
SESSION TITLE
PUBLIC CLOUD
SECURITY
It is possible!
It does exist!
4
www.devconnections.com
SESSION TITLE
MICROSOFT AND SECURITY
Historically questionable /
laughable
Trustworthy Computing
In...
www.devconnections.com
SESSION TITLE
OFFICE 365 SECURITY
6
www.devconnections.com
SESSION TITLE
OFFICE 365 SECURITY
Built-in security
•24-hour
monitored
physical
hardware
•Isolated
...
www.devconnections.com
SESSION TITLE
ENCRYPTION
Secure Data
3rd Party
Solutions
Rights
Management
BitLocker &
SSL
8
www.devconnections.com
SESSION TITLE
ENCRYPTION: BITLOCKER & SSL
 Email data in the datacentre is
encrypted at rest using...
www.devconnections.com
SESSION TITLE
ENCRYPTION: RIGHTS MANAGEMENT
Encrypts individual files
Supported in Office 2010 & 20...
www.devconnections.com
SESSION TITLE
ENCRYPTION: 3RD PARTY – WHY?
Loss of control
Peace of mind
Not about distrust of Micr...
www.devconnections.com
SESSION TITLE
3RD PARTY ENCRYPTION COMPARISON
S/MIME
• Supported
in Outlook,
not OWA
PGP
• Desktop
...
www.devconnections.com
SESSION TITLE
WHAT DOES ENCRYPTION LOOK LIKE?
13
www.devconnections.com
SESSION TITLE
DEMONSTRATION
14
www.devconnections.com
SESSION TITLE
SUBPOENA WORKFLOW
Subpoena /
Court Order
served
Engage your
lawyer
Respond to
subpoen...
www.devconnections.com
SESSION TITLE
SUBPOENA WORKFLOW REVISITED
Subpoena / Court
Order served
Engage your
lawyer
Respond ...
www.devconnections.com
SESSION TITLE
COMPLIANCE FEATURES
Data loss prevention (DLP)
Auditing and retention policies
eDisco...
www.devconnections.com
SESSION TITLE
WHAT ELSE?
Safe/blocked senders
BYO mail filtering service
Custom routing of outbound...
www.devconnections.com
SESSION TITLE
INDEPENDENT VERIFICATION &
COMPLIANCE
ISO 27001
FISMA
HIPAA BAA
EU Model Clauses
Clou...
www.devconnections.com
SESSION TITLE
KEEPING IT REAL
Security
Hybrid/routing
Encryption
Compliance
Rights
Management
20
www.devconnections.com
SESSION TITLE
MORE INFORMATION
 Office 365 Trust Center:
http://trust.office365.com
 Security in ...
www.devconnections.com
SESSION TITLE
THANK YOU
Questions?
22
http://thecloudmouth.com
@thecloudmouth
Upcoming SlideShare
Loading in …5
×

How does Microsoft secure my email with Office 365

2,074 views

Published on

Presented at IT/Dev Connections in 2013 at Las Vegas.
Covers the security built into Office 365, as well as 3rd party solutions available.

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
2,074
On SlideShare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
54
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide
  • http://technet.microsoft.com/en-us/library/hh852540.aspx
  • WAADIRM: http://technet.microsoft.com/en-us/library/jj585024.aspxOn-premIRM:To enable advanced Active Directory Rights Management Services features introduced in Exchange Server 2010, administrators can import the Trusted Publishing Domain from their Active Directory Rights Management Services server to Exchange Online using Remote PowerShell. After this one-time import, the following features become available:Support for IRM in Outlook Web AppSupport for IRM in Exchange ActiveSyncIRM searchTransport protection rulesProtected voicemailJournal report decryptionOutlook protection rules
  • Statement: Exchange Online will transport and store messages that are encrypted using client-side, third-party encryption solutions such as PGP. Exchange Online does not host the public keys, nor does it provide key repository, key management, or key directory services.
  • PGP: Outlook pluginVaultive: Exchange onlyCipherCloud: Salesforce, Gmail, Box, AWS3rd party solutions are actively warned against by Microsoft
  • Inbound filteringRoute mail directly to servers instead of via Internet or MXVoicemail set to Do Not ForwardHybrid: keep sensitive content on-premises
  • How does Microsoft secure my email with Office 365

    1. 1. Loryan Strant Office 365 MVP Paradyne How Does Microsoft Secure My Email with Office 365?
    2. 2. www.devconnections.com SESSION TITLE WHO AM I?  Office 365 MVP & vTSP  Business owner  Blogger  Speaker http://thecloudmouth.com @thecloudmouth
    3. 3. www.devconnections.com SESSION TITLE WHAT AM I TALKING ABOUT? Security of public cloud Microsoft and security Owning it Peace of mind 3
    4. 4. www.devconnections.com SESSION TITLE PUBLIC CLOUD SECURITY It is possible! It does exist! 4
    5. 5. www.devconnections.com SESSION TITLE MICROSOFT AND SECURITY Historically questionable / laughable Trustworthy Computing Initiative Has come a long way Often more secure than competitors 5
    6. 6. www.devconnections.com SESSION TITLE OFFICE 365 SECURITY 6
    7. 7. www.devconnections.com SESSION TITLE OFFICE 365 SECURITY Built-in security •24-hour monitored physical hardware •Isolated customer data •Automated operations •Secure network •Encrypted data Best practices •Security development lifecycle •Preventing DoS attacks •Breach prevention & management Customer controls •Advanced encryption •Federation and SSO provisions •Two-factor authentication 7
    8. 8. www.devconnections.com SESSION TITLE ENCRYPTION Secure Data 3rd Party Solutions Rights Management BitLocker & SSL 8
    9. 9. www.devconnections.com SESSION TITLE ENCRYPTION: BITLOCKER & SSL  Email data in the datacentre is encrypted at rest using BitLocker  Data in transit is encrypted using SSL/TLS  Opportunistic TLS  Forced TLS 9
    10. 10. www.devconnections.com SESSION TITLE ENCRYPTION: RIGHTS MANAGEMENT Encrypts individual files Supported in Office 2010 & 2013, OWA & ActiveSync Define who can open, modify, print, forward, save. Set expiry on content Integrated with Exchange Online & SharePoint Online Use on-prem AD or WAAD 10
    11. 11. www.devconnections.com SESSION TITLE ENCRYPTION: 3RD PARTY – WHY? Loss of control Peace of mind Not about distrust of Microsoft Will work, but is not supported 11
    12. 12. www.devconnections.com SESSION TITLE 3RD PARTY ENCRYPTION COMPARISON S/MIME • Supported in Outlook, not OWA PGP • Desktop client • No server- side • Individual control • Not supported Vaultive • Gateway between Exchange & user • Virtual appliance • Mixed mode CipherCloud • Similar to Vaultive • Supports other solutions 12
    13. 13. www.devconnections.com SESSION TITLE WHAT DOES ENCRYPTION LOOK LIKE? 13
    14. 14. www.devconnections.com SESSION TITLE DEMONSTRATION 14
    15. 15. www.devconnections.com SESSION TITLE SUBPOENA WORKFLOW Subpoena / Court Order served Engage your lawyer Respond to subpoena after legal consultation Comply with agreed upon terms Serve objections Move to quash subpoena Move for protective order Subpoena/Court Order served to CSP CSP turns over your data Subpoena Workflow for On-Premise Email / Data Subpoena Workflow for Cloud Email / Data
    16. 16. www.devconnections.com SESSION TITLE SUBPOENA WORKFLOW REVISITED Subpoena / Court Order served Engage your lawyer Respond to subpoena after legal consultation Serve objections Move to quash subpoena Move for protective order Comply with agreed upon terms Subpoena served to CSP CSP turns over useless gibberish Court resubmits subpoena to end user End User engages their lawyer Serve objections Move to quash subpoena Move for protective order Comply with the agreed upon terms Subpoena Workflow for On-Premise Email / Data With Encryption: Subpoena Workflow for Cloud Email / Data
    17. 17. www.devconnections.com SESSION TITLE COMPLIANCE FEATURES Data loss prevention (DLP) Auditing and retention policies eDiscovery Data spillage management 17
    18. 18. www.devconnections.com SESSION TITLE WHAT ELSE? Safe/blocked senders BYO mail filtering service Custom routing of outbound mail Protected voicemail Hybrid 18
    19. 19. www.devconnections.com SESSION TITLE INDEPENDENT VERIFICATION & COMPLIANCE ISO 27001 FISMA HIPAA BAA EU Model Clauses Cloud Security Alliance 19
    20. 20. www.devconnections.com SESSION TITLE KEEPING IT REAL Security Hybrid/routing Encryption Compliance Rights Management 20
    21. 21. www.devconnections.com SESSION TITLE MORE INFORMATION  Office 365 Trust Center: http://trust.office365.com  Security in Office 365 white paper: http://www.microsoft.com/en- us/download/details.aspx?id=26552  Global Foundation Services: http://www.globalfoundationservices.com 21
    22. 22. www.devconnections.com SESSION TITLE THANK YOU Questions? 22 http://thecloudmouth.com @thecloudmouth

    ×