Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Upcoming SlideShare
SPUnite17 Setting Up Development Environment
Next
Download to read offline and view in fullscreen.

Share

SPUnite17 Secure Collaboration with AIP

Download to read offline

SharePoint Unite 2017 Session

Related Books

Free with a 30 day trial from Scribd

See all
  • Be the first to like this

SPUnite17 Secure Collaboration with AIP

  1. 1. SECURE COLLABORATION: START CLASSIFYING, LABELING,AND PROTECTING YOUR (MOST VALUABLE) DATA Bram de Jager Lead Architect
  2. 2. Challenges with the complex environment Employees Business partners Customers Apps Devices Data Users Data leaks Lost device Compromised identity Stolen credentials
  3. 3. The problem is ubiquitous Intellectual Property theft has increased 56% rise data theft Accidental or malicious breaches due to lack of internal controls 88% of organizations are Losing control of data 80% of employees admit to use non-approved SaaS app 91% of breaches could have been avoided Organizations no longer confident in their ability to detect and prevent threats Saving files to non-approved cloud storage apps is common
  4. 4. Unregulated, unknown Managed mobile environment On-premises Perimeter protection Identity, device management protection Hybrid data = new normal It is harder to protect
  5. 5. DOCUMENT TRACKING DOCUMENT REVOCATION Monitor & respond LABELINGCLASSIFICATION Classification & labeling ENCRYPTION Protect ACCESS CONTROL POLICY ENFORCEMENT
  6. 6. Azure Information Protection Full Data LifecycleDOCUMENT TRACKING DOCUMENT REVOCATION LABELING CLASSIFICATION ENCRYPTION ACCESS CONTROL POLICY ENFORCEMENT
  7. 7. SECRET CONFIDENTIAL GENERAL PUBLIC IT admin sets policies, templates, and rules PERSONAL Classify data based on sensitivity Start with the data that is most sensitive IT can set automatic rules; users can complement it Associate actions such as visual markings and protection
  8. 8. Reclassification You can override a classification and optionally be required to provide a justification Automatic Policies can be set by IT Admins for automatically applying classification and protection to data Recommended Based on the content you’re working on, you can be prompted with suggested classification User set Users can choose to apply a sensitivity label to the email or file they are working on with a single click
  9. 9. %##&$^#*!~@& FINANCE CONFIDENTIAL %$^#*@& Persistent labels that travel with the document Labels are metadata written to documents Labels are in clear text so that other systems such as a DLP engine can read it and a hash of policies, rules, and user information
  10. 10. VIEW EDIT COPY PASTE Email attachment FILE Protect data needing protection by: Encrypting data Including authentication requirement and a definition of use rights (permissions) to the data Providing protection that is persistent and travels with the data Personal apps Corporate apps
  11. 11. DEMO SET AN INFORMATION PROTECTION PLATFORM FOR YOUR BUSINESS - IN MINUTES
  12. 12. DEMO – SCENARIOS Manual and default labels Label action: content marking & RMS protection Conditions: automatic & recommended Setting your information protection policy in minutes (administration experience)
  13. 13. USINGVARIABLES INVISUAL MARKINGS ${Item.Label} for the selected label. For example: Internal ${Item.Name} for the file name or email subject. For example: JulySales.docx ${Item.Location} for the path and file name for documents, and the email subject for emails. For example: Sales2016Q3JulyReport.docx ${User.Name} for the owner of the document or email, by the Windows signed in user name. For example: rsimone ${User.PrincipalName} for the owner of the document or email, by the Azure Information Protection client signed in email address (UPN). For example: rsimone@vanarsdelltd.com ${Event.DateTime} for the date and time when the selected label was set. For example: 8/16/2016 1:30 PM 15
  14. 14. WRAP-UP
  15. 15. AZURE INFORMATION PROTECTION PREMIUM P1/P2 Feature Azure Information Protection Premium P1 (EMS E3) Azure Information Protection Premium P2 (EMS E5) Manual labeling (user driven) Yes Yes View labels and watermarks in Office Yes Yes Apply content marking and RMS protection in Office Yes Yes Automatic and recommended labeling (conditions) Yes Classification, labeling and protection with MCAS Yes HYOK (Hold your own key – multi RMS server support) Yes
  16. 16. ROADMAP - H2 CY17 H1 CY18 Unified Classification and Labeling across Microsoft 365 solutions (preview) Native labeling in Office Mac (preview) AIP scanner for on-premises file shares (preview) AIP convergence to 80+ sensitive information types used in Office 365 Information Protection SDK on Mac, Windows, Linux (preview) Native Labeling experience in Word, PowerPoint & Excel on Max, iOS, Android and web apps More automatic DLP integrations with labels Information Protection SDK on Mac, Windows, Linux, iOS, Android
  17. 17. KEYTAKEAWAYS Azure Information Protection is about (Detect), Classify, Label, Protect, and Monitor & Respond Helps your organization to understand and really use business information protection based on data classification Think about compliancy for the General Data Protection Regulation (GDPR), which is active as off May 25th 2018
  18. 18. THANKYOU! @bramdejager bram.dejager@delaware.pro bramdejager.wordpress.com

SharePoint Unite 2017 Session

Views

Total views

135

On Slideshare

0

From embeds

0

Number of embeds

0

Actions

Downloads

14

Shares

0

Comments

0

Likes

0

×