This document discusses Microsoft's security offerings for defending against modern threats. It summarizes Aidan Finn and MicroWarehouse's roles in promoting Microsoft security products. It then overviews several Microsoft security solutions like Advanced Threat Analytics, Enterprise Mobility + Security, Cloud App Security, Azure Information Protection, Azure Security Center, and Exchange Online Advanced Threat Protection. It argues these solutions are more affordable for small and medium businesses than dealing with security breaches. It promotes MicroWarehouse's role in reselling these cloud-based security services.

1. www.mwh.ie
Defending Today’s Threats with
Tomorrow’s Security by Microsoft
Aidan Finn, MVP
Technical Sales Lead, MicroWarehouse

2. www.mwh.ie Introduction

3. www.mwh.ie I
About Aidan Finn
• MVP, Cloud & Datacenter
Management (Hyper-V)
• Experienced with Azure, Hyper-V,
Windows Server/Desktop, System
Center, and IT infrastructure
• http://www.aidanfinn.com
• http://www.petri.com/author/aidan-finn
• @joe_elway
• aidanfinn.com
Technical Sales Lead, MicroWarehouse

4. www.mwh.ie I
About MicroWarehouse
• Irish owned/located distributor
• Park West, Dublin 12
• Distributors for:
• Microsoft on-premises & cloud
• Microsoft Surface
• DataOn for Storage Spaces
• Gridstore for Hyper-Convergence
• SkyKick for Office 365 backup
• And many more
• Value added distribution:
• Much more than selling licenses
• Get your licensing right
• Sales education
• Technical training
Value Added Distribution

5. www.mwh.ie I
Entire Hyper-V cluster for a small-mid business in 2U
 12 x clustered data drives (e.g. 4 x SSD + 8 x HDD)
 1023W (1+1) redundant power
 2 x clustered Hyper-V hosts, each with:
o 2 x Intel® Xeon® E5-2600v3 (Haswell-EP)
o DDR4 Reg. ECC memory up to 512GB
o 2 x 1G SFP+ & IPMI management “KVM over IP” port
o 2 x PCI-e 3.0 x8 expansion slots
o 1 x 12Gb/s SAS x4 HD expansion port
o 2 x 2.5” 6Gb/s SATA OS drive bays

6. www.mwh.ie I
Hyper-Converged Infrastructure (HCI) for Hyper-V
Enterprise Strategy Group:
http://www.esg-global.com/lab-reports/gridstore-30/

7. www.mwh.ie This is NOT Forefront!

8. www.mwh.ie I
Microsoft Security in the Past
• Am not talking about:
• Firewall/proxy
• Anti-malware
• Etc
• Microsoft admitted that there were better
vendors
• Many partner with MSFT
• Featured in Azure Marketplace
Forefront was Microsoft’s old brand for security products

9. www.mwh.ie I
Security Challenges Have Changed
What is being attached today?

10. www.mwh.ie I
The Nature of Attacks
How are we being attacked?
• The first 48 hours are critical:
• Detection
• Analysis
• Remediation
• It takes over 200 days to discover a cyber
breach
• 70 days to contain a malicious insider
Symantec 2015 Internet Security Threat Report
• 74% of small businesses were breached in
2015
UK Government 2015 Information Security Breaches Survey
• 60% of compromises took just minutes
Verizon 2015 Data Breach Investigations Report
• 55% of attacks were carried out by insiders
IBM 2015 Cyber Security Intelligence Index

11. www.mwh.ie I
Fear of the Floppy is Failing
Attackers have moved on – why have you not?
• New wave of attacks:
• DDOS
• Crypto-ware
• Phishing
• Spear Phishing
• Watering holes
• Zero-day
• Deep Web / DarkNet
• Top origins of breaches:
• Malware: 5%
• Staff deliberate: 10%
• 3rd party supplier accident: 18%
• Organised crime: 23%
• Staff accident: 26%
UK 2015 INFORMATION SECURITY BREACHES SURVEY

12. www.mwh.ie Protect Identity

13. www.mwh.ie I
How Secure are your Accounts?
• 75% of individuals use only three or four
passwords
Source: Security Week
• Over 60% of all network intrusions are
traced back to credentials
• Remember that 60% of intrusions took just
minutes?
• Compromised credentials lead to easy
attacks
• Weak passwords: Password123, Monkey, Dragon
• Stolen passwords – phishing is easy
• User education is not enough
Old problem that is more vulnerable in the cloud

14. www.mwh.ie I
How ATA Works
Detecting active threats

15. www.mwh.ie I
ATA Availability
• Licensed per-user
• Available via:
• Open: Pre-purchase
• CSP: Pre-pay per month
• Packaging:
• By itself
• Part of Enterprise Mobility + Security (EMS)
Licensing

16. www.mwh.ie I
Enterprise Mobility + Security (EMS)
• Licensed per-user
• Up to 5 devices per user
• Available via:
• Open: Pre-purchase
• CSP: Pre-pay per month
• Contains:
• Advanced Threat Analytics (ATA)
• Azure Rights Management Services (RMS) *
• Microsoft Intune
• Azure AD (AAD) Premium
• Previous webinar: An Introduction to EMS
• http://www.mwh.ie/webinar-recording-microsoft-ems-with-
aidan-finn-1
* See Azure Information Protection
A Reminder

17. www.mwh.ie Manage 3rd Party SaaS Apps

18. www.mwh.ie I
You Cannot Ban The Cloud
• Internet access = cloud access
• Users will find a way
• DropBox, Salesforce, etc
• Where is business data going?
• Accidental/deliberate leakage
• Regulatory compliance eroded
• Embrace the cloud … but take control
It’s like herding cats

19. www.mwh.ie I
What Cloud App Security Does
• Monitor usage via
firewall logs
• Integrate with
13,000+ SaaS
apps
• Create policy
• Control document
flow & monitor ID
Take control of SaaS

20. www.mwh.ie I
Cloud App Security Availability
• Licensed per-user
• Available via:
• Open: Pre-purchase
• CSP: Pre-pay per month
• Packaging:
• By itself
• Part of Enterprise Mobility + Security (EMS) E5
(QTR 4 2016)
Licensing

21. www.mwh.ie Protect Company Information

22. www.mwh.ie I
Data is Like Water
• Personal email
• USB sticks, phones, tablets
• What if:
• The employee joins a competitor?
• A customer forwards your pricing to a competitor?
• Data is stolen?
• Files are leaked to the press?
• Legacy solutions don’t work:
• Blocking/breaking USB
• Disk encyrption
It will always find a way to leak

23. www.mwh.ie I
What Azure Information Protection Offers
Manage documents & emails no matter where they are

24. www.mwh.ie I
Azure Information Protection Availability
• Availability:
• Sold as Azure Rights Management now
• Licensed per-user
• Available via:
• Open: Pre-purchase
• CSP: Pre-pay per month
• Packaging:
• By itself
• P1 available now as Azure Rights Management
• P2 adds automatic classification (QTR 4 2016)
• With the Enterprise Mobility Suite (EMS)
• Automatic classification in EMS E5 (QTR 4 2016)
Coming soon to a cloud near you

25. www.mwh.ie Managing Security

26. www.mwh.ie I
How do you Secure Cloud Deployments
• Point solutions aren’t working together
• Example:
• Increased activity on a database server
• Unusually high amount of traffic going to East
Europe
• And no one notices!
Same problem with on-premises security

27. www.mwh.ie I
How do you Secure Cloud Deployments
• Azure monitors all aspects of
feature deployment.
• Partner appliances also
supply data.
• Microsoft sees nature of
threats to you, other
customers, and Microsoft.
• Azure Machine Learning
analyses data.
• Can detect issues that point
solutions cannot.
• Centralized management (by
you) of all deployments in the
subscription, by policy.
Same problem with on-premises security

28. www.mwh.ie I
Azure Security Center Availability
In preview – will be based on “nodes” + storage consumed

29. www.mwh.ie Email Service Security

30. www.mwh.ie I
Advanced Security Management
• Threat detection
• Alerted when anomalies occur
• Repeated failed login
• Impossible login
• Enhanced control
• Customisable policies
• Logins from risky IP addresses
• Admin rights being granted
• Automatically suspend users
• Discovery & insights
• How is O365 being used
• Is there much shadow IT?
Office 365 E5 or per-user add-on to other E-plans

31. www.mwh.ie I
Exchange Online Advanced Threat Protection
• Changing nature of
attacks:
• Email is an easy vector
• Zero-day malware is detected
never after the damage is done
• It is disguised as business file
• Normal scanning takes
place
• Files & URLs
• Attachments sent to a
cloud “detonation
chamber”
• Any malware is encouraged to
trigger in the sandbox
• Reports:
• Who is being attacked
• Nature of attack
Included in E5, can add to other plans

32. www.mwh.ie I
Information Protection
• Data Loss Prevention for Emails
• Office 365 Pro Plus, E3, E5
• OneDrive & SharePoint
• Policies ID sensitive data
• Prevent unwanted operations
• Compliance
• E1, E3, E5
• Exchange, SharePoint & OneDrive
• Archive
• Auditing
• eDiscovery
Perfect for accountants, solicitors, sales, medical & similar

33. www.mwh.ie It’s All Too Expensive!

34. www.mwh.ie I
Oh Really?
• 74% of SMEs breached
• Up from 60% in 2014
• Median of 4 breaches per
SME
• The nature of attacks is that
they are more targeted
• SMEs are not immune by size
• Average cost to SME was
£75K - £311K
• Up from £65K - £115K
• 44% of SMEs increased
security spending
• Up from 27% in 2014
UK 2015 INFORMATION SECURITY BREACHES SURVEY
How much are the costs lost business & IT upgrades afterwards?
Credit: Foca.tk

35. www.mwh.ie I
Cloud Solution Provider (CSP) Reseller Channel
Cloud-based billing
• Per-month billing
• No CAPEX
• Save customer funds for business operations
• No long-term commitment
• Partners resell the service to the
customer
• Partner owns the customer/invoicing relationship
• MicroWarehouse is a CSP distributor
• Handles all the Microsoft complexity
• Sells to Microsoft partners

36. www.mwh.ie Wrap Up

37. www.mwh.ie I
Value-Added Distribution
• Keep an eye on http://learn.mwh.ie
• Follow @MWHDistribution
• Or take our mailshots off your junk mail filter
• August 4th:
• Affordable Hyper-V Clustering for the
Small/Medium Enterprise & Branch Office
• Go to http://learn.mwh.ie/ for details & to register
We will do our best to help

38. www.mwh.ie I
Thank You!
Aidan Finn
aidanfinn@mwh.ie
@joe_elway
aidanfinn.com
http://learn.mwh.ie
@MWHDistribution
Watch out for emails about future events!