Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Securing your Organization with Microsoft 365

389 views

Published on

Global Azure Bootcamp 2018 completed recently across the world with a huge success, and I had the opportunity to co-organize the event in Chennai, India. Also delivered a session under the IT Pro track on "Securing Your Organization with Microsoft 365. Uploaded the Session Slides here.

Event url: http://chennai-gab2018.azurewebsites.net/

Published in: Technology
  • Be the first to comment

Securing your Organization with Microsoft 365

  1. 1. Ravikumar Sathyamurthy @shakthiravi Microsoft MVP | Office Servers and Services Securing Your Organization with Microsoft 365 21/04/2018 www.anywherexchange.com
  2. 2. THE WORLD HAS CHANGED
  3. 3. THE WORLD IS NOW A GIANT NETWORK
  4. 4. DIGITAL TRANSFORMATION
  5. 5. IN THE PAST, THE FIREWALL WAS THE SECURITY PERIMETER devices datausers apps On-premises / Private cloud
  6. 6. On-premises
  7. 7. 10 Cyberthreats by the numbers across 3 key attack zones Within 4 minutes 286 days 80 days 63% 58% 80% 55,000 200,000 53 seconds $1 BillionIt takes hackers 4 min to get into networks through email attacks and 286 days for detection followed by an additional 80 days for damage control 90% User DeviceEmail
  8. 8. A complete, intelligent solution that empowers everyone to be creative and work together, securely Unlock creativity Built for teamwork Integrated for simplicity Intelligent security Microsoft 365 Office 365 + Windows 10 + Enterprise Mobility + Security
  9. 9. Threat Protection Protect, detect, and respond to the most advanced threats using advanced based hardware security and the power of the cloud Protect, Detect & Respond Identity Protection Kick passwords to the curb with a convenient, easy to use and enterprise-grade alternative that is designed for today’s mobile-first world. Information Protection Protect data on lost and stolen devices and prevent accidental data leaks using data separation, containment, and encryption. Servicing and Centralized Security Management Microsoft 365 Security
  10. 10. Bing Xbox Live OneDrive Microsoft Digital Crimes Unit Microsoft Cyber Defense Operations Center Azure Microsoft Accounts Skype Enterprise Mobility + Security Azure Active Directory Office365
  11. 11. Unique insights, informed by trillions of signals. This signal is leveraged across all of Microsoft’s security services POWERED BY THE INTELLIGENT SECURITY GRAPH 450B monthly authentications 18+B Bing web pages scanned750M+ Azure user accounts Enterprise security for 90% of Fortune 500 Malware data from Windows Defender Shared threat data from partners, researchers and law Enforcement worldwide Botnet data from Microsoft Digital Crimes Unit 1.2B devices scanned each month 400B emails analyzed 200+ global cloud consumer and Commercial services
  12. 12. Microsoft 365 Momentum Monthly Active Users 100M+ Office 365 Monthly Active Devices 500M+ Windows 10 Growth in Cloud Data Stored 250% SharePoint Authentications Per Month 60B Azure Active Directory
  13. 13. Microsoft 365 Microsoft 365 Business Microsoft 365 Enterprise Microsoft 365 Education Microsoft 365E5 Microsoft 365E3 Microsoft 365F1
  14. 14. Office 365 Enterprise Chat- centric workspace Email & Calendar Voice, Video & Meetings Office applications/ co-authoring Sites & Content Management Analytics Advanced Security & Compliance Enterprise Mobility+ Security Identity & Access Management Managed Mobile Productivity Information Protection Identity Driven Security Windows 10 Enterprise Advanced Endpoint Security Designed For Modern IT More Productive Powerful, Modern devices Microsoft 365 Enterprise
  15. 15. On-premises / Private cloud
  16. 16. Windows Server Active Directory Azure Public cloud Microsoft Azure Active Directory Commercial IdPs Consumer IdPs Partners Customers Azure AD Connect
  17. 17. Mobile device & app management Information protection Holistic and innovative solutions for protection across users, devices, apps and data Protect at the front door Detect & remediate attacks Protect your data anywhere Azure Active Directory Premium Microsoft Intune Azure Information Protection Microsoft Cloud App Security Microsoft Advanced Threat Analytics Identity and access management Threat detection
  18. 18. Technology Benefit E3 E5 Azure Active Directory Premium P1 Secure single sign-on to cloud and on-premises app MFA, conditional access, and advanced security reporting ● ● Azure Active Directory Premium P2 Identity and access management with advanced protection for users and privileged identities ● Microsoft Intune Mobile device and app management to protect corporate apps and data on any device ● ● Azure Information Protection P1 Encryption for all files and storage locations Cloud-based file tracking ● ● Azure Information Protection P2 Intelligent classification and encryption for files shared inside and outside your organization ● Microsoft Cloud App Security Enterprise-grade visibility, control, and protection for your cloud applications ● Microsoft Advanced Threat Analytics Protection from advanced targeted attacks leveraging user and entity behavioral analytics ● ● Identity and access management Managed mobile productivity Information protection Threat Detection
  19. 19. Apps Risk MICROSOFT INTUNE Make sure your devices are compliant and secure, while protecting data at the application level AZURE ACTIVE DIRECTORY Ensure only authorized users are granted access to personal data using risk-based conditional access MICROSOFT CLOUD APP SECURITY Gain deep visibility, strong controls and enhanced threat protection for data stored in cloud apps AZURE INFORMATION PROTECTION Classify, label, protect and audit data for persistent security throughout the complete data lifecycle MICROSOFT ADVANCED THREAT ANALYTICS Detect breaches before they cause damage by identifying abnormal behavior, known malicious attacks and security issues ! Device ! Access granted to data CONDITIONAL ACCESS Classify LabelAudit Protect ! ! Location
  20. 20. Identity-driven security CLOUD-POWERED PROTECTION Conditions Allow access or Block access Actions Enforce MFA per user/per app User, App sensitivity Device state LocationUser NOTIFICATIONS, ANALYSIS, REMEDIATION, RISK-BASED POLICIES CLOUD APP DISCOVERY PRIVILEGED IDENTITY MANAGEMENT MFA IDENTITY PROTECTION Risk
  21. 21. Require MFA Allow access Deny access Force password reset****** Limit access Controls On-premises apps Web apps Users Devices Location Apps Conditions Machine learning Policies Real time Evaluation Engine Session Risk 3 10TB Effective policy
  22. 22. Identity Protection at its best Risk severity calculation Remediation recommendations Risk-based conditional access automatically protects against suspicious logins and compromised credentials Gain insights from a consolidated view of machine learning based threat detection Leaked credentials Infected devices Configuration vulnerabilities Risk-based policies MFA Challenge Risky Logins Block attacks Change bad credentials Machine-Learning Engine Brute force attacks Suspicious sign- in activities
  23. 23. Discover, restrict, and monitor privileged identities Enforce on-demand, just-in-time administrative access when needed Provides more visibility through alerts, audit reports and access reviews Global Administrator Billing Administrator Exchange Administrator User Administrator Password Administrator
  24. 24. On-premises app Web app SaaS service Device unlock Microsoft Authenticator Device + Biometric Biometric on device + Windows 10 or other OS Microsoft Edge or other browser Any device Azure Active Directory Microsoft account
  25. 25. DEMOS!
  26. 26. INFORMATION PROTECTION Detect ProtectClassify Monitor C L O U DD E V I C E S O N P R E M I S E S Protect sensitive data throughout the lifecycle – inside and outside the organization
  27. 27. PCs, tablets, mobile Office 365 DLP Windows Information Protection & BitLocker for Windows 10 Azure Information Protection Exchange Online, SharePoint Online & OneDrive for Business Highly regulated Intune MDM & MAM for iOS & Android Microsoft Cloud App Security Office 365 Advanced Data Governance Datacenters, file shares Azure 3rd-Party SaaS MICROSOFT’S INFORMATION PROTECTION SOLUTIONS Comprehensive protection of sensitive data across devices, cloud services and on- premises environments O F F I C E 3 6 5D E V I C E S C L O U D S E R V I C E S , S A A S A P P S & O N - P R E M I S E S
  28. 28. Data is created, imported, & modified across various locations Data is detected Across devices, cloud services, on-prem environments Sensitive data is classified & labeled Based on sensitivity; used for either protection policies or retention policies Data is protected based on policy Protection may in the form of encryption, permissions, visual markings, retention, deletion, or a DLP action such as blocking sharing Data travels across various locations, shared Protection is persistent, travels with the data Data is monitored Reporting on data sharing, usage, potential abuse; take action & remediate Retain, expire, delete data Via data governance policies
  29. 29. DEMOS!
  30. 30. PROTECT Apps and Data Stop Malicious email attachments Avoid malicious email links Defend the gateway File inspection and remediation Mitigate shadow IT Automatically block over sharing Risk detection for data in cloud apps PROTECT Your Devices Prevent encounters Isolate threats Control execution PROTECT Users Identify advanced persistent threats Detect suspicious activity Reduce false positives PROTECT workloads across hybrid infrastructure Assess security state continuously Remediate vulnerabilities and drive compliance Enable security controls
  31. 31. VISIBILITY CONTROL GUIDANCE Understand the security state and risks across resources Define consistent security policies and enable controls Enhance security through built-in intelligence and recommendations INTELLIGENT SECURITY MANAGEMENT APPS / DATADEVICES Powered by the Intelligent Security Graph IDENTITY INFRASTRUCTURE INFRASTRUCTUREAPPS / DATADEVICESIDENTITY
  32. 32. https://docs.microsoft.com/en-us/microsoft-365-enterprise/
  33. 33. FastTrack for Microsoft 365 Move to the cloud with confidence Migrate email, content, and light up Microsoft 365 services Deploy and securely manage devices Enable your business and gain end-user adoption Delivered by Microsoft engineers as part of your subscription Tight integration with qualified partners for additional services Maximized ROI Faster Deployment Higher Adoption FastTrack.microsoft.com
  34. 34. Questions?

×