The document discusses new blind spots for IT security including data breaches from weak passwords, shadow IT with unauthorized software usage, and increased cybercrimes. It promotes Microsoft's security solutions for holistic, innovative, and intelligent protection across users, devices, data, apps, and platforms both on-premises and in the cloud. The solutions aim to protect at the front door, detect attacks before damage occurs, and protect data from user mistakes through identity-driven security scenarios.
Microsoft Azure Information Protection helps organizations classify and protect sensitive data across devices and locations. It allows automatic or manual classification of data based on content, context and source. Once classified, a persistent label is embedded with the data and optional encryption can be applied. This ensures the data remains protected regardless of where it is stored or shared. The solution provides visibility into how data is used through tracking and reporting features.
This is Microsoft Azure Information Protection which helps you out to protect your data being accessible to the unauthorized users. This is an overview for the AIP
The document summarizes Microsoft's enterprise mobility and security solution. It focuses on identity-driven security, managed mobile productivity, and providing a comprehensive solution through products like Azure Active Directory, Microsoft Cloud App Security, Azure Information Protection, and Intune. These products help secure users, devices, apps and data across cloud apps, SaaS, and on-premises environments through features such as identity management, data classification, labeling, encryption, access controls and monitoring/response capabilities.
We are living a complete digital transformation where people are not restricted by apps or devices or even location. Work can be done anywhere and on any device which leads to greater security concerns regarding this business data living on mobile devices and shared with external (sometimes not trusted users). Microsoft Unified Labeling protection leverages the power of the cloud and ease of use (a few clicks for implementation) to provide a complete Information Protection solution. Now with the new unified Azure label client, users can administer the labels from one location while being integrated across the whole Microsoft platform. Attendees will learn how to configure Unified labels with real case scenarios.
Detect, classify, and protect sensitive information across cloud services and on-premises environments. Microsoft's solutions can scan for sensitive data, classify it based on sensitivity levels, and apply protections like encryption, access restrictions, and policies. Administrators can monitor protection events, access, and sharing for control and to tune policies.
This document outlines Microsoft's Enterprise Mobility + Security (EMS) solution. EMS provides identity and access management, extends identity to the cloud, protects identities with multi-factor authentication and single sign-on, secures devices and applications with mobile device management, and secures data with classification, encryption, and rights management. The full solution brings together identity protection, conditional access, privileged identity management, data control, and threat prevention to manage access to corporate resources across devices and applications.
Microsoft Azure Information Protection helps organizations classify and protect sensitive data across devices and locations. It allows automatic or manual classification of data based on content, context and source. Once classified, a persistent label is embedded with the data and optional encryption can be applied. This ensures the data remains protected regardless of where it is stored or shared. The solution provides visibility into how data is used through tracking and reporting features.
This is Microsoft Azure Information Protection which helps you out to protect your data being accessible to the unauthorized users. This is an overview for the AIP
The document summarizes Microsoft's enterprise mobility and security solution. It focuses on identity-driven security, managed mobile productivity, and providing a comprehensive solution through products like Azure Active Directory, Microsoft Cloud App Security, Azure Information Protection, and Intune. These products help secure users, devices, apps and data across cloud apps, SaaS, and on-premises environments through features such as identity management, data classification, labeling, encryption, access controls and monitoring/response capabilities.
We are living a complete digital transformation where people are not restricted by apps or devices or even location. Work can be done anywhere and on any device which leads to greater security concerns regarding this business data living on mobile devices and shared with external (sometimes not trusted users). Microsoft Unified Labeling protection leverages the power of the cloud and ease of use (a few clicks for implementation) to provide a complete Information Protection solution. Now with the new unified Azure label client, users can administer the labels from one location while being integrated across the whole Microsoft platform. Attendees will learn how to configure Unified labels with real case scenarios.
Detect, classify, and protect sensitive information across cloud services and on-premises environments. Microsoft's solutions can scan for sensitive data, classify it based on sensitivity levels, and apply protections like encryption, access restrictions, and policies. Administrators can monitor protection events, access, and sharing for control and to tune policies.
This document outlines Microsoft's Enterprise Mobility + Security (EMS) solution. EMS provides identity and access management, extends identity to the cloud, protects identities with multi-factor authentication and single sign-on, secures devices and applications with mobile device management, and secures data with classification, encryption, and rights management. The full solution brings together identity protection, conditional access, privileged identity management, data control, and threat prevention to manage access to corporate resources across devices and applications.
Microsoft Azure Rights Management provides a comprehensive policy-based enterprise solution to help protect your valuable information, no matter whom you share it with. For $2.00 per user per month, you get Information Rights Management capabilities such as Do Not Forward and Company Confidential, as well as Office 365 Message Encryption, which allows you send encrypted emails to anyone!
Easily enforce policies to improve data security
Both Information Rights Management and Office 365 Message Encryption are policy based and designed to work with the Exchange transport rule engine. That means Microsoft Azure Rights Management allows you to set up complex policy restrictions easily, with just a single action.
Simple and convenient communication management
Information Rights Management is built to work across multiple workloads such as Exchange, SharePoint, and Office documents, and it makes it easier to set restrictions and provide permissions. Office 365 Message Encryption comes with a modern user interface that makes it easy to use.
The document discusses Microsoft's threat protection services, including Office 365 ATP, Windows Defender, and Microsoft Cloud App Security. It provides overviews of new capabilities for detecting and remediating threats across email, endpoints, and cloud apps. Microsoft Threat Protection leverages services like the Intelligent Security Graph to securely defend against multiple attack vectors through enhanced detection, response, and training capabilities.
Introduction to Microsoft Enterprise Mobility + SecurityAntonioMaio2
Microsoft has given us some amazing capabilities with the Microsoft Enterprise Mobility + Security (EM+S) suite to help protect both our information and our investments in Office 365. This collection of features gives you just about everything you need in the Microsoft Cloud for security, compliance and Information Protection. With such a vast array of services, tools and features, its often challenging to understand everything this product provides or how its layered on top of existing Office 365 security controls. In this session we’ll review the capabilities available to you in Microsoft EM+S, and you'll discover which ones may best fit with your security and compliance needs. Come and join us, as we also dive deep into some of the most useful Microsoft EM+ S tools.
This document discusses information rights management and protecting data in the cloud. It introduces Microsoft's Enterprise Mobility + Security solution, which provides identity-driven security, comprehensive security solutions, and managed mobile productivity. Key capabilities include Azure Active Directory for identity management, Azure Information Protection for data protection across apps and devices, and Microsoft Cloud App Security. The document also discusses challenges of protecting data and identities in complex environments and how these solutions can help.
Microsoft's information protection solutions help organizations protect sensitive data throughout its lifecycle, both inside and outside the organization. These solutions classify, label, and protect data across devices, cloud services, and on-premises environments with a unified approach. The solutions also monitor use and control of protected data and can revoke access. Microsoft is working to improve the user experience of these solutions by integrating them more fully into native Office clients and providing a unified policy for information protection across Office and Azure.
Global Azure Bootcamp 216 - Azure Rights ManagementRiwut Libinuko
This document discusses Azure Rights Management (RMS) and how it can be used to protect documents and files. It provides an overview of RMS and how it combines encryption with usage policies. It then describes how to activate and configure RMS in Azure, SharePoint Online, and Exchange Online. It also covers topics like installing RMS sharing apps, using default or custom tenant keys, creating RMS templates, and integrating RMS with on-premises file shares. The document aims to explain the complete Azure RMS fabric and how information rights management works.
Protect customer's personal information eng 191018sang yoo
Let's take a look at the mcloudoc-based personal information protection function!
First of all, by unifying the personal information management points, all information managed sporadically on a personal PC is easily managed, reducing the management cost!
In addition, it is possible to control the personal information document because the authority to handle the document can be granted depending on the role of the employee who manages the personal information document.
Even personal information hidden in centralized documents can be detected, and the work history of users using personal information documents can also be tracked, which can also be used to leak malicious documents.
Now, how about realizing the protection of personal information documents with mcloudoc?
Start with mcloudoc!
B2 - The History of Content Security: Part 2 - Adam LevithanSPS Paris
We're currently living Part 1 of the Content Security Journey and now we've reached a critical juncture where technologies have evolved to support Part 2. Our journey to reach the Secure Productive Enterprise (SPE) includes understanding users, their roles, what devices they're working on, and how to protect that content at rest and flying across the network. Based on real-life use cases in the Aerospace & Defence and Life Sciences industries you will walk away with an understanding of the technologies available to you, and a clear way to communicate with business stakeholders.
Harald Leitenmüller | DSGVO - globaler, zeitgemäßer Datenschutzstandard für M...Microsoft Österreich
The document discusses Microsoft's approach to data protection and compliance with the GDPR. It provides an overview of Microsoft's security operations, including its cyber defense operations center and intelligence security graph. It also describes Microsoft's Next Generation Privacy framework for inventorying and standardizing how customer data is treated. Tools like SecureScore and the Compliance Manager are introduced for assessing compliance and managing tasks. Additional resources on GDPR, security reference architectures and blogs are listed in an appendix.
The document discusses Microsoft's approach to security and how the threat landscape is evolving. It emphasizes building an integrated security experience that combines data from across Microsoft products and services with machine learning to better detect and respond to threats. It also outlines Microsoft's strategy to make attacks more costly for threat actors by disrupting their economic models and technical playbooks through rapid response capabilities and a defense in depth approach across identity, devices, infrastructure and applications.
This document discusses how Microsoft's cloud security services help organizations be more secure. It provides an overview of Microsoft's security tools across threat protection, information protection, identity and access management, and security management. These include services like Azure Active Directory, Azure Security Center, Microsoft Threat Protection, and more. The document also emphasizes that Microsoft partners with other security vendors and organizations to provide a more comprehensive ecosystem of intelligent security solutions.
Thread Legal and Microsoft 365 SecurityThread Legal
Safeguard your business against external threats and leaks, and easily manage devices with Microsoft 365. Protect business data, and control who has access to sensitive information. Learn more in this in-depth deck.
Stefan van der Wiele | Protect users identities and control access to valuabl...Microsoft Österreich
This document summarizes a presentation on machine learning-based identity protection in Azure Active Directory. The key points are:
1. Azure AD uses machine learning to analyze over 10TB of logs and data from various sources to classify users as "seems good" or "seems bad" in real time.
2. The machine learning classifier is continually improved by analyzing outcomes when users are later determined to be malicious or legitimate. Code updates are deployed to improve classification accuracy.
3. A case study example describes how Azure AD detected an education sector attack through anomalous password lockout activity and suspicious IP patterns that differed from normal in-country traffic.
The document discusses cybersecurity and protecting information. It provides statistics on why organizations want to protect information, such as to reduce data leakage, meet compliance requirements, and partition sensitive data from unauthorized users. It then lists some of Microsoft's security capabilities for protecting devices, customer data in the cloud, on-premises environments, and customer data both in the cloud and on-premises.
Big data, cybersecurity threats, and cybercrime are growing issues according to the document. Microsoft takes a layered approach to security across its many products and services to help protect customers. Key aspects of Microsoft's security approach include detection of threats using signals and machine learning, responding quickly to issues, and protecting endpoints. The Microsoft Digital Crimes Unit works with law enforcement and through public-private partnerships to disrupt malware and fight technical support scams and other technology-facilitated crimes.
Learn how to protect against and recover from data breaches in Office 365AntonioMaio2
Microsoft provides robust Cloud based tools to help protect our data and services in Office 365 from attackers and data breaches. These tools include capabilities for auditing, monitoring, enforcing policies and protecting critical enterprise data. However, Office 365 is not immune to attack. In this session you’ll learn common patterns used by attackers to compromise Office 365 tenants in the real world, how to make use of Microsoft Cloud based tools to protect your Office 365 tenant, and how to investigate and recover from an attack so that you can help prevent it from happening again. Microsoft Premier Field Engineer Theresa Eller and six time Microsoft MVP Antonio Maio share their experiences investigating data breaches, recovering from them and helping Office 365 customers from future data breaches.
Microsoft 365 Defender provides integrated security across endpoints, identities, email and applications to help defenders connect alerts and get ahead of attackers. It utilizes solutions like Microsoft Defender for Endpoint, Defender for Identity, and Cloud App Security for detection, prevention, investigation and response. Conditional access rules, multi-factor authentication, and device compliance policies can also block access from risky locations or non-compliant devices to further secure access to cloud resources and services. Comprehensive data protection measures including encryption, data loss prevention policies, and device-level policies help prevent data from being removed from the environment by attackers or malicious insiders.
This document discusses key aspects of data security when using cloud computing services, including data in transit, at rest, and during processing. It notes that data confidentiality can be ensured through encryption, but integrity also requires message authentication codes. Data lineage and provenance are difficult for public clouds. Remanence risks inadvertent data exposure. The document recommends that sensitive data not be placed in public clouds and that data confidentiality, integrity, and availability be addressed in service level agreements.
Value and contributions of the E5 offer
This document deals only with the features brought by microsoft 365 E5 and deliberately ignores the features of previous plans (M365 F1/E1/E3)
Get Ahead of Cyber Attacks with Microsoft Enterprise Mobility + SecurityDavid J Rosenthal
Digital transformation with freedom and peace of mind
Holistic, identity-driven protection
Help guard your data from attacks on multiple levels using innovative, identity-driven security techniques.
Productivity without compromise
Preserve the mobile and desktop experiences your workers need to stay working with familiar apps and tools.
Flexible, comprehensive solutions
Do more with less—protect users, devices, apps, and data with intuitive mobile management on a future-ready platform.
microsoft@atidan.com
This document discusses security as a service and how it can provide identity-driven security through Azure Active Directory. It describes how Azure AD can secure devices, content, and the "front door" through risk-based conditional access policies leveraging machine learning. This allows blocking of risky logins while providing a great employee experience through single sign-on access to applications on any device with optional multi-factor authentication.
Microsoft Azure Rights Management provides a comprehensive policy-based enterprise solution to help protect your valuable information, no matter whom you share it with. For $2.00 per user per month, you get Information Rights Management capabilities such as Do Not Forward and Company Confidential, as well as Office 365 Message Encryption, which allows you send encrypted emails to anyone!
Easily enforce policies to improve data security
Both Information Rights Management and Office 365 Message Encryption are policy based and designed to work with the Exchange transport rule engine. That means Microsoft Azure Rights Management allows you to set up complex policy restrictions easily, with just a single action.
Simple and convenient communication management
Information Rights Management is built to work across multiple workloads such as Exchange, SharePoint, and Office documents, and it makes it easier to set restrictions and provide permissions. Office 365 Message Encryption comes with a modern user interface that makes it easy to use.
The document discusses Microsoft's threat protection services, including Office 365 ATP, Windows Defender, and Microsoft Cloud App Security. It provides overviews of new capabilities for detecting and remediating threats across email, endpoints, and cloud apps. Microsoft Threat Protection leverages services like the Intelligent Security Graph to securely defend against multiple attack vectors through enhanced detection, response, and training capabilities.
Introduction to Microsoft Enterprise Mobility + SecurityAntonioMaio2
Microsoft has given us some amazing capabilities with the Microsoft Enterprise Mobility + Security (EM+S) suite to help protect both our information and our investments in Office 365. This collection of features gives you just about everything you need in the Microsoft Cloud for security, compliance and Information Protection. With such a vast array of services, tools and features, its often challenging to understand everything this product provides or how its layered on top of existing Office 365 security controls. In this session we’ll review the capabilities available to you in Microsoft EM+S, and you'll discover which ones may best fit with your security and compliance needs. Come and join us, as we also dive deep into some of the most useful Microsoft EM+ S tools.
This document discusses information rights management and protecting data in the cloud. It introduces Microsoft's Enterprise Mobility + Security solution, which provides identity-driven security, comprehensive security solutions, and managed mobile productivity. Key capabilities include Azure Active Directory for identity management, Azure Information Protection for data protection across apps and devices, and Microsoft Cloud App Security. The document also discusses challenges of protecting data and identities in complex environments and how these solutions can help.
Microsoft's information protection solutions help organizations protect sensitive data throughout its lifecycle, both inside and outside the organization. These solutions classify, label, and protect data across devices, cloud services, and on-premises environments with a unified approach. The solutions also monitor use and control of protected data and can revoke access. Microsoft is working to improve the user experience of these solutions by integrating them more fully into native Office clients and providing a unified policy for information protection across Office and Azure.
Global Azure Bootcamp 216 - Azure Rights ManagementRiwut Libinuko
This document discusses Azure Rights Management (RMS) and how it can be used to protect documents and files. It provides an overview of RMS and how it combines encryption with usage policies. It then describes how to activate and configure RMS in Azure, SharePoint Online, and Exchange Online. It also covers topics like installing RMS sharing apps, using default or custom tenant keys, creating RMS templates, and integrating RMS with on-premises file shares. The document aims to explain the complete Azure RMS fabric and how information rights management works.
Protect customer's personal information eng 191018sang yoo
Let's take a look at the mcloudoc-based personal information protection function!
First of all, by unifying the personal information management points, all information managed sporadically on a personal PC is easily managed, reducing the management cost!
In addition, it is possible to control the personal information document because the authority to handle the document can be granted depending on the role of the employee who manages the personal information document.
Even personal information hidden in centralized documents can be detected, and the work history of users using personal information documents can also be tracked, which can also be used to leak malicious documents.
Now, how about realizing the protection of personal information documents with mcloudoc?
Start with mcloudoc!
B2 - The History of Content Security: Part 2 - Adam LevithanSPS Paris
We're currently living Part 1 of the Content Security Journey and now we've reached a critical juncture where technologies have evolved to support Part 2. Our journey to reach the Secure Productive Enterprise (SPE) includes understanding users, their roles, what devices they're working on, and how to protect that content at rest and flying across the network. Based on real-life use cases in the Aerospace & Defence and Life Sciences industries you will walk away with an understanding of the technologies available to you, and a clear way to communicate with business stakeholders.
Harald Leitenmüller | DSGVO - globaler, zeitgemäßer Datenschutzstandard für M...Microsoft Österreich
The document discusses Microsoft's approach to data protection and compliance with the GDPR. It provides an overview of Microsoft's security operations, including its cyber defense operations center and intelligence security graph. It also describes Microsoft's Next Generation Privacy framework for inventorying and standardizing how customer data is treated. Tools like SecureScore and the Compliance Manager are introduced for assessing compliance and managing tasks. Additional resources on GDPR, security reference architectures and blogs are listed in an appendix.
The document discusses Microsoft's approach to security and how the threat landscape is evolving. It emphasizes building an integrated security experience that combines data from across Microsoft products and services with machine learning to better detect and respond to threats. It also outlines Microsoft's strategy to make attacks more costly for threat actors by disrupting their economic models and technical playbooks through rapid response capabilities and a defense in depth approach across identity, devices, infrastructure and applications.
This document discusses how Microsoft's cloud security services help organizations be more secure. It provides an overview of Microsoft's security tools across threat protection, information protection, identity and access management, and security management. These include services like Azure Active Directory, Azure Security Center, Microsoft Threat Protection, and more. The document also emphasizes that Microsoft partners with other security vendors and organizations to provide a more comprehensive ecosystem of intelligent security solutions.
Thread Legal and Microsoft 365 SecurityThread Legal
Safeguard your business against external threats and leaks, and easily manage devices with Microsoft 365. Protect business data, and control who has access to sensitive information. Learn more in this in-depth deck.
Stefan van der Wiele | Protect users identities and control access to valuabl...Microsoft Österreich
This document summarizes a presentation on machine learning-based identity protection in Azure Active Directory. The key points are:
1. Azure AD uses machine learning to analyze over 10TB of logs and data from various sources to classify users as "seems good" or "seems bad" in real time.
2. The machine learning classifier is continually improved by analyzing outcomes when users are later determined to be malicious or legitimate. Code updates are deployed to improve classification accuracy.
3. A case study example describes how Azure AD detected an education sector attack through anomalous password lockout activity and suspicious IP patterns that differed from normal in-country traffic.
The document discusses cybersecurity and protecting information. It provides statistics on why organizations want to protect information, such as to reduce data leakage, meet compliance requirements, and partition sensitive data from unauthorized users. It then lists some of Microsoft's security capabilities for protecting devices, customer data in the cloud, on-premises environments, and customer data both in the cloud and on-premises.
Big data, cybersecurity threats, and cybercrime are growing issues according to the document. Microsoft takes a layered approach to security across its many products and services to help protect customers. Key aspects of Microsoft's security approach include detection of threats using signals and machine learning, responding quickly to issues, and protecting endpoints. The Microsoft Digital Crimes Unit works with law enforcement and through public-private partnerships to disrupt malware and fight technical support scams and other technology-facilitated crimes.
Learn how to protect against and recover from data breaches in Office 365AntonioMaio2
Microsoft provides robust Cloud based tools to help protect our data and services in Office 365 from attackers and data breaches. These tools include capabilities for auditing, monitoring, enforcing policies and protecting critical enterprise data. However, Office 365 is not immune to attack. In this session you’ll learn common patterns used by attackers to compromise Office 365 tenants in the real world, how to make use of Microsoft Cloud based tools to protect your Office 365 tenant, and how to investigate and recover from an attack so that you can help prevent it from happening again. Microsoft Premier Field Engineer Theresa Eller and six time Microsoft MVP Antonio Maio share their experiences investigating data breaches, recovering from them and helping Office 365 customers from future data breaches.
Microsoft 365 Defender provides integrated security across endpoints, identities, email and applications to help defenders connect alerts and get ahead of attackers. It utilizes solutions like Microsoft Defender for Endpoint, Defender for Identity, and Cloud App Security for detection, prevention, investigation and response. Conditional access rules, multi-factor authentication, and device compliance policies can also block access from risky locations or non-compliant devices to further secure access to cloud resources and services. Comprehensive data protection measures including encryption, data loss prevention policies, and device-level policies help prevent data from being removed from the environment by attackers or malicious insiders.
This document discusses key aspects of data security when using cloud computing services, including data in transit, at rest, and during processing. It notes that data confidentiality can be ensured through encryption, but integrity also requires message authentication codes. Data lineage and provenance are difficult for public clouds. Remanence risks inadvertent data exposure. The document recommends that sensitive data not be placed in public clouds and that data confidentiality, integrity, and availability be addressed in service level agreements.
Value and contributions of the E5 offer
This document deals only with the features brought by microsoft 365 E5 and deliberately ignores the features of previous plans (M365 F1/E1/E3)
Get Ahead of Cyber Attacks with Microsoft Enterprise Mobility + SecurityDavid J Rosenthal
Digital transformation with freedom and peace of mind
Holistic, identity-driven protection
Help guard your data from attacks on multiple levels using innovative, identity-driven security techniques.
Productivity without compromise
Preserve the mobile and desktop experiences your workers need to stay working with familiar apps and tools.
Flexible, comprehensive solutions
Do more with less—protect users, devices, apps, and data with intuitive mobile management on a future-ready platform.
microsoft@atidan.com
This document discusses security as a service and how it can provide identity-driven security through Azure Active Directory. It describes how Azure AD can secure devices, content, and the "front door" through risk-based conditional access policies leveraging machine learning. This allows blocking of risky logins while providing a great employee experience through single sign-on access to applications on any device with optional multi-factor authentication.
Global Azure Bootcamp 2018 completed recently across the world with a huge success, and I had the opportunity to co-organize the event in Chennai, India. Also delivered a session under the IT Pro track on "Securing Your Organization with Microsoft 365. Uploaded the Session Slides here.
Event url: http://chennai-gab2018.azurewebsites.net/
The document discusses Microsoft's Enterprise Mobility + Security (EMS) solution. EMS provides identity-driven security, managed mobile productivity, and a comprehensive solution to address challenges of mobility and cloud adoption. It secures access across devices, apps and user identities on-premises and in the cloud with integrated solutions like Azure Active Directory, Microsoft Intune and Advanced Threat Analytics.
Identity-Driven Security with Forsyte I.T. Solutions - Demos and DiscoveryForsyte I.T. Solutions
An organization's data is their most valuable asset, yet most enterprises aren’t doing enough to control access to that data.
Security requires a layered approach and that starts with a great user authentication experience with automatic, policy-based rules for access to sensitive information regardless of location or device type. Once that’s in place you can apply threat protection and security management tools to keep users, data, devices, and applications safe and optimize your security posture.
An organization’s data can be spread across multiple applications, on-premises and in the cloud, and accessed by multiple devices and users, internal and external. Identity can be the central point of control that connects it all. You need a comprehensive identity and access management solution that protects your internal and external users, but also helps your business to grow and thrive by improving the user experience and productivity.
The document discusses enterprise mobility and security solutions from Microsoft. It addresses challenges of managing user identities, devices, applications and data across cloud and on-premises environments. The key solutions discussed are identity-driven security to protect access to resources, managed mobile productivity to encourage secure mobile work habits, and a comprehensive solution that integrates capabilities to offer advanced security while saving costs.
Xylos Clients Day - Public cloud and security go hand in hand, if you approac...Karim Vaes
https://www.xylos.com/en/corporate/events/explore-new-digital-ways
Public cloud and security go hand in hand, if you approach it properly
The cloud is already being well used, but lots of organisations still have questions about its security. Is data protection in the cloud really optimal, or is this uncertainty justified? In this breakout session we look at the main concerns we hear from our customers. Can we build a perimeter around cloud applications? Which sectors or scenarios are not suitable for the cloud, and where in particular is it recommended? How do I get to grips with ‘shadow IT’? Do I have to manage things myself in the cloud? Does the public cloud satisfy the strictest security requirements? And what's the most secure authentication? Data protection isn't just limited to firewalls or intrusion systems, after all. The key lies in having a comprehensive security policy, and in this session we zoom in on the major components and challenges.
Speaker: Karim Vaes, Solution Architect, Xylos
A Zero Trust approach should extend throughout the entire digital estate and serve as an integrated security philosophy and end to end strategy.
Identities. Identities whether they represent people, services, or IOT devices define the Zero Trust control plane. When an identity attempts to access a resource, we need to verify that identity with strong authentication, ensure access is compliant and typical for that identity, and follows least privilege access principles.
Devices. Once an identity has been granted access to a resource, data can flow to a variety of different devices From IoT devices to smartphones, BYOD to partner managed devices, and on premises workloads to cloud hosted servers. This diversity creates a massive attack surface area, requiring we monitor and enforce device health and compliance for secure access.
Applications. Applications and APIs provide the interface by which data is consumed. They may be legacy on premises, lift and shifted to cloud workloads, or modern SaaS applications. Controls and technologies should be applied to discover Shadow IT, ensure appropriate in-app permissions, gate access based on real-time analytics, monitor for abnormal behavior, control of user actions, and validate secure configuration options.
Data. Ultimately, security teams are focused on protecting data. Where possible, data should remain safe even if it leaves the devices, apps, infrastructure, and networks the organization controls. Data should be classified, labeled, and encrypted, and access restricted based on those attributes.
Infrastructure. Infrastructure (whether on premises servers, cloud based VMs, containers, or micro services) represents a critical threat vector. Assess for version, configuration, and JIT access to harden defense, use telemetry to detect attacks and anomalies, and automatically block and flag risky behavior and take protective actions.
Networks. All data is ultimately accessed over network infrastructure. Networking controls can provide critical “in pipe” controls to enhance visibility and help prevent attackers from moving laterally across the network. Networks should be segmented (including deeper in network micro segmentation) and real time threat protection, end to end encryption, monitoring, and analytics should be employed.
Each of these six foundational elements serves as a source of the signal, a control plane for enforcement, and a critical resource to defend. You should appropriately spread your investments across each of these elements for maximum protection.
19.10.2016 klo 9.30 järjestimme webinaarin, jossa kävimme teknisen tietoturvan keskeiset osa-alueet lävitse ja kerromme, mitkä ovat kunkin osa-alueen asiat, jotka vähintään pitää olla kunnossa, jotta voi yöllä nukkua rauhallisin mielin. Asiantuntijavieraana webinaarissa on Microsoftin Partner Technology Strategist, Ari Auvinen, joka osaltaan kertoi, millaisia teknisiä ratkaisuja tietoturva-asioiden kunnostamiseen on olemassa.
Overgangen fra on-premise til en cloud-baseret løsning er med til at skabe digital transformation, men stiller også nye krav til, hvordan du skal tænke sikkerhed.
Fx skal du i en overgangsfase beskytte og håndtere to arkitekturer på én gang. Denne
session gennemgår sikkerhed og cloud strategi for Microsoft Office 365, Azure, og andre cloud services. Vi præsenterer også kort, hvordan Microsoft Consulting kan assistere med håndteringen af dette nye paradigme.
Anders Brabæk, Enterprise Architect, Microsoft
Platform + Intelligence + Partners
This new understanding has led us to build new solutions for our customers. It informs our entire approach across three critical elements:
Building a platform that looks holistically across all the critical end-points we talked about – building security into our platform as well as providing security tools and technologies to you
Acting on the Intelligence that comes from our security-related signals and insights – helps you and us to detect threats more quickly
Fostering a vibrant ecosystem of partners who help us raise the bar across the industry – we know we’re not your only security vendor, and we want to work with the industry and take a holistic approach to technology
Microsoft 365 provides holistic security that is aligned to these four pillars of security.
By helping enterprise businesses secure corporate data and manage risk in today’s mobile-first, cloud-first world Microsoft 365 E5 enables customers to digitally transform by unifying user productivity and enterprise security tools into a single suite that enables the modern workplace.
Identity & Access Mgmt
Protect users’ identities and control access to valuable resources based on user risk level
Information Protection
Ensure documents and emails are seen only by authorized people
Threat Protection
Protect against advanced threats and recover quickly when attacked
Security Management
Gain visibility and control over security tools
This document discusses Microsoft's Cloud App Security solution. It provides discovery of cloud apps in use, protection of data in cloud apps, and threat detection. It can discover shadow IT usage, assess app risks, and integrate with Azure AD for conditional access policies. The solution includes discovery of cloud apps, data loss prevention across SaaS apps, anomaly detection using behavioral analytics, and integration with Microsoft's security graph. It aims to provide visibility, control and protection of data and access in cloud applications and services.
The document discusses security challenges in a mobile-first, cloud-first world where data, users, devices, and apps are distributed across on-premises, private cloud, public cloud, and mobile environments. It outlines how traditional perimeter-based security is no longer effective and Microsoft 365 provides a holistic solution to protect organizations at the front door, detect and remediate attacks, and protect data anywhere it goes.
Microsoft Intune y Gestión de Identidad Corporativa Plain Concepts
Gestiona todos tus dispositivos corporativos Windows 10 desde Microsoft Intune. Entornos híbridos de autenticación, autenticación multi factor y acceso seguro a aplicaciones SaaS. Por Jose María Genzor
Microsoft Enterprise Mobility + Security
Control identity + access in the cloud
Centrally manage single sign-on across devices, your datacenter, and the cloud.
Get identity-driven security
Comprehensive, intelligent protection against today's advanced attacks.
Manage mobile devices + apps
Securely manage apps and data on iOS, Android, and Windows from one place.
Protect your information
Intelligently safeguard your corporate data and enable secured collaboration.
Virtualize your desktops
Efficiently deliver and manage Windows desktops and apps on all devices.
This Deck, gives you an overview of the zero trust security posture, considerations you should have while looking to adopt that posture, and the advantages of doing so.
Today, security is so much more than just a firewall. As we saw in our recent webinar, co-hosted with Microsoft to discuss their new Enterprise Mobility + Security Suite (EMS), breaches are resulting from weak end-user passwords or error, as well as a lax attitude toward SaaS and third party "Shadow IT." Add to that infrastructure complexity brought on by cloud and hybrid environments and everything you knew about security is changing.
Importance of Identity Management in Security - Microsoft Tech Tour @TowsonAdam Levithan
The document discusses identity and content security for cloud services like Office 365. It describes the evolving threat landscape where data breaches are increasingly common. It then outlines various approaches Microsoft takes to secure user identity, access to applications and content, device management, and auditing and monitoring in its cloud services. These include multi-factor authentication, conditional access policies, encryption of data in transit and at rest, activity monitoring and alerts, and mobile device management capabilities. The document aims to help organizations understand how to translate on-premises security practices to the cloud to properly secure user identity and regulate access to content.
Knowledge is power. This session will explore the rich real-time telemetry and tools available in Windows and in our cloud services for analyzing security activity in your IT environment.
The document discusses best practices for securing remote work during the COVID-19 pandemic. It describes how cybercriminals are taking advantage of COVID-19 fears through phishing campaigns. It then provides tips on protecting infrastructure and identities, including enabling multi-factor authentication and conditional access. Finally, it summarizes a Secure Remote Work workshop that examines how to protect data and detect threats across cloud apps and devices.
Similar to Get ahead of cybersecurity with MS Enterprise Mobility + Security (20)
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfMalak Abu Hammad
Discover how MongoDB Atlas and vector search technology can revolutionize your application's search capabilities. This comprehensive presentation covers:
* What is Vector Search?
* Importance and benefits of vector search
* Practical use cases across various industries
* Step-by-step implementation guide
* Live demos with code snippets
* Enhancing LLM capabilities with vector search
* Best practices and optimization strategies
Perfect for developers, AI enthusiasts, and tech leaders. Learn how to leverage MongoDB Atlas to deliver highly relevant, context-aware search results, transforming your data retrieval process. Stay ahead in tech innovation and maximize the potential of your applications.
#MongoDB #VectorSearch #AI #SemanticSearch #TechInnovation #DataScience #LLM #MachineLearning #SearchTechnology
Infrastructure Challenges in Scaling RAG with Custom AI modelsZilliz
Building Retrieval-Augmented Generation (RAG) systems with open-source and custom AI models is a complex task. This talk explores the challenges in productionizing RAG systems, including retrieval performance, response synthesis, and evaluation. We’ll discuss how to leverage open-source models like text embeddings, language models, and custom fine-tuned models to enhance RAG performance. Additionally, we’ll cover how BentoML can help orchestrate and scale these AI components efficiently, ensuring seamless deployment and management of RAG systems in the cloud.
UiPath Test Automation using UiPath Test Suite series, part 6DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 6. In this session, we will cover Test Automation with generative AI and Open AI.
UiPath Test Automation with generative AI and Open AI webinar offers an in-depth exploration of leveraging cutting-edge technologies for test automation within the UiPath platform. Attendees will delve into the integration of generative AI, a test automation solution, with Open AI advanced natural language processing capabilities.
Throughout the session, participants will discover how this synergy empowers testers to automate repetitive tasks, enhance testing accuracy, and expedite the software testing life cycle. Topics covered include the seamless integration process, practical use cases, and the benefits of harnessing AI-driven automation for UiPath testing initiatives. By attending this webinar, testers, and automation professionals can gain valuable insights into harnessing the power of AI to optimize their test automation workflows within the UiPath ecosystem, ultimately driving efficiency and quality in software development processes.
What will you get from this session?
1. Insights into integrating generative AI.
2. Understanding how this integration enhances test automation within the UiPath platform
3. Practical demonstrations
4. Exploration of real-world use cases illustrating the benefits of AI-driven test automation for UiPath
Topics covered:
What is generative AI
Test Automation with generative AI and Open AI.
UiPath integration with generative AI
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
HCL Notes and Domino License Cost Reduction in the World of DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-and-domino-license-cost-reduction-in-the-world-of-dlau/
The introduction of DLAU and the CCB & CCX licensing model caused quite a stir in the HCL community. As a Notes and Domino customer, you may have faced challenges with unexpected user counts and license costs. You probably have questions on how this new licensing approach works and how to benefit from it. Most importantly, you likely have budget constraints and want to save money where possible. Don’t worry, we can help with all of this!
We’ll show you how to fix common misconfigurations that cause higher-than-expected user counts, and how to identify accounts which you can deactivate to save money. There are also frequent patterns that can cause unnecessary cost, like using a person document instead of a mail-in for shared mailboxes. We’ll provide examples and solutions for those as well. And naturally we’ll explain the new licensing model.
Join HCL Ambassador Marc Thomas in this webinar with a special guest appearance from Franz Walder. It will give you the tools and know-how to stay on top of what is going on with Domino licensing. You will be able lower your cost through an optimized configuration and keep it low going forward.
These topics will be covered
- Reducing license cost by finding and fixing misconfigurations and superfluous accounts
- How do CCB and CCX licenses really work?
- Understanding the DLAU tool and how to best utilize it
- Tips for common problem areas, like team mailboxes, functional/test users, etc
- Practical examples and best practices to implement right away
UiPath Test Automation using UiPath Test Suite series, part 5DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 5. In this session, we will cover CI/CD with devops.
Topics covered:
CI/CD with in UiPath
End-to-end overview of CI/CD pipeline with Azure devops
Speaker:
Lyndsey Byblow, Test Suite Sales Engineer @ UiPath, Inc.
Full-RAG: A modern architecture for hyper-personalizationZilliz
Mike Del Balso, CEO & Co-Founder at Tecton, presents "Full RAG," a novel approach to AI recommendation systems, aiming to push beyond the limitations of traditional models through a deep integration of contextual insights and real-time data, leveraging the Retrieval-Augmented Generation architecture. This talk will outline Full RAG's potential to significantly enhance personalization, address engineering challenges such as data management and model training, and introduce data enrichment with reranking as a key solution. Attendees will gain crucial insights into the importance of hyperpersonalization in AI, the capabilities of Full RAG for advanced personalization, and strategies for managing complex data integrations for deploying cutting-edge AI solutions.
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!SOFTTECHHUB
As the digital landscape continually evolves, operating systems play a critical role in shaping user experiences and productivity. The launch of Nitrux Linux 3.5.0 marks a significant milestone, offering a robust alternative to traditional systems such as Windows 11. This article delves into the essence of Nitrux Linux 3.5.0, exploring its unique features, advantages, and how it stands as a compelling choice for both casual users and tech enthusiasts.
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc
How does your privacy program stack up against your peers? What challenges are privacy teams tackling and prioritizing in 2024?
In the fifth annual Global Privacy Benchmarks Survey, we asked over 1,800 global privacy professionals and business executives to share their perspectives on the current state of privacy inside and outside of their organizations. This year’s report focused on emerging areas of importance for privacy and compliance professionals, including considerations and implications of Artificial Intelligence (AI) technologies, building brand trust, and different approaches for achieving higher privacy competence scores.
See how organizational priorities and strategic approaches to data security and privacy are evolving around the globe.
This webinar will review:
- The top 10 privacy insights from the fifth annual Global Privacy Benchmarks Survey
- The top challenges for privacy leaders, practitioners, and organizations in 2024
- Key themes to consider in developing and maintaining your privacy program
Programming Foundation Models with DSPy - Meetup SlidesZilliz
Prompting language models is hard, while programming language models is easy. In this talk, I will discuss the state-of-the-art framework DSPy for programming foundation models with its powerful optimizers and runtime constraint system.
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slackshyamraj55
Discover the seamless integration of RPA (Robotic Process Automation), COMPOSER, and APM with AWS IDP enhanced with Slack notifications. Explore how these technologies converge to streamline workflows, optimize performance, and ensure secure access, all while leveraging the power of AWS IDP and real-time communication via Slack notifications.
Unlocking Productivity: Leveraging the Potential of Copilot in Microsoft 365, a presentation by Christoforos Vlachos, Senior Solutions Manager – Modern Workplace, Uni Systems
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
GraphRAG for Life Science to increase LLM accuracyTomaz Bratanic
GraphRAG for life science domain, where you retriever information from biomedical knowledge graphs using LLMs to increase the accuracy and performance of generated answers
How to Get CNIC Information System with Paksim Ga.pptxdanishmna97
Pakdata Cf is a groundbreaking system designed to streamline and facilitate access to CNIC information. This innovative platform leverages advanced technology to provide users with efficient and secure access to their CNIC details.
How to Get CNIC Information System with Paksim Ga.pptx
Get ahead of cybersecurity with MS Enterprise Mobility + Security
1.
2. New blind spots for IT
Data breaches
63% of confirmed data
breaches involve weak,
default, or stolen passwords
Shadow IT
>80% of employees admit
using non-approved SaaS
apps for work purposes
Cybercrimes
32% of businesses
reported to be affected
by cybercrimes
3. Employees
Partners
Customers
Identity Devices Apps & Data
On-premises
apps and data
Cloud
apps and data
Transition to
cloud & mobility
New attack
landscape
Current defenses
not sufficient+ =
?
Microsoft Azure
?
4. Protects your data from
new and changing
cybersecurity attacks
Innovative
Enhances threat and anomaly
detection with the Microsoft
Intelligent Security Graph
driven by a vast amount of
datasets and machine
learning in the cloud
Intelligent
Offers one protected
common identity for secure
access to all corporate
resources, on-premises and
in the cloud, with risk-based
conditional access
Identity-driven
Addresses security
challenges across users
(identities), devices, data,
apps, and platforms―on-
premises and in the cloud
Holistic
5. Holistic. Innovative. Intelligent.
Safeguard your resources at the front door with innovative
and advanced risk-based conditional accesses
Protect at the front door
Gain deep visibility into user, device, and data activity
on-premises and in the cloud.
Protect your data against user mistakes
Uncover suspicious activity and pinpoint threats with deep
visibility and ongoing behavioral analytics.
Detect attacks before they cause damage
6. Conditions
Allow access
Block access
Actions
Location (IP range)
Device state
User groupUser
Identity Protection
MFA
Risk
On-premises
applications
Microsoft Azure
Risk-based
conditional access
Privileged Identity
Management
How can I protect my
organization at the front door?
7. Cloud App Security
Risk scoring
Shadow IT Discovery
Policies for data control
How do I gain visibility
and control of my
cloud apps?
Microsoft Intune
How do I prevent data
leakage from my
mobile apps?
LOB app protection
DLP for Office 365 mobile apps
Optional device management
Azure Information Protection
Classify & Label
Protect
How do I control data
on-premises and in
the cloud
Monitor and Respond
8. How do I detect attacks
in the cloud?
Cloud App Security
(App level)
• Behavioral analytics
• Anomaly detection
How do I detect
on-premises attacks?
Azure Active Directory
(Identity level)
• Behavioral Analytics
• Security reporting and monitoring
On-premises
Microsoft Advanced Threat
Analytics
Detection
in the
cloud
On-premises
detection
Cloud
Microsoft Cloud App Security
Azure Active Directory Premium
Advanced Threat Analytics
• User and Entity Behavioral Analytics
• Detection of known malicious
attacks and security issues
9. Azure Information
ProtectionProtect your data,
everywhere
Microsoft Cloud App Security
Azure Active Directory
Extend enterprise-grade
security to your cloud
and SaaS apps
Protect devices and
apps
Microsoft Intune
Enterprise Mobility + Security
Detect problems
early with visibility
and threat analytics
Microsoft Advanced
Threat Analytics
Manage identity with hybrid
integration to protect application
access from identity attacks
10. Information
protection
Identity-driven
security
Managed mobile
productivity
Identity and access
management
Azure Information
Protection Premium P2
Intelligent classification and
protection for files and emails
shared inside and outside
your organization
(includes all capabilities in P1)
Azure Information
Protection Premium P1
Manual classification and
protection for files and emails
shared inside and outside
your organization
Cloud-based file tracking
Microsoft Cloud
App Security
Enterprise-grade visibility,
control, and protection for
your cloud applications
Microsoft Advanced
Threat Analytics
Protection from advanced
targeted attacks leveraging
user and entity behavioral
analytics
Microsoft Intune
Mobile device and app
management to protect
corporate apps and data on
any device
Azure Active Directory
Premium P2
Identity and access
management with advanced
protection for users and
privileged identities
(includes all capabilities in P1)
Azure Active Directory
Premium P1
Secure single sign-on to
cloud and on-premises apps
MFA, conditional access, and
advanced security reporting
EMS
E3
EMS
E5
12. Try Enterprise Mobility + Security for free, today:
www.microsoft.com/en-us/cloud-platform/enterprise-mobility-trial
See Microsoft Cloud App Security in action
www.microsoft.com/en-us/server-cloud/products/cloud-app-security/
Explore Identity + Access Management
www.microsoft.com/en-us/cloud-platform/identity-management
Learn more about Azure Information Protection
www.microsoft.com/en-us/cloud-platform/information-protection
Discover new MDM and MAM solutions with Microsoft Intune
www.microsoft.com/en-us/cloud-platform/mobile-device-managementlink
Check out new Desktop virtualization capabilities
www.microsoft.com/en-us/cloud-platform/desktop-virtualization
17. Is it possible to keep up?
Employees Business partners Customers
The Microsoft vision
Secure and protect against new threats
Maximum productivity experience
Comprehensive and integrated
Apps
Devices
Data
Users
18. On-premises
Firewall
Corp email, business apps
• Open access for users – any device, any network
• Unrestricted sharing methods – users decide how to share
• Cloud app ecosystem
• Limited visibility and control
• Access via managed devices and networks
• Layers of defense protecting internal apps
• Known security perimeter
LIFE AFTER CLOUD AND MOBILITYLIFE BEFORE CLOUD AND MOBILITY
Office 365
19. Transitioning to
cloud and mobility
Controlling/securing
critical data across devices
Lack of visibility and
control for cloud apps
End users making non-
compliant choices
New attack
landscape
Costly recovery from
advanced attacks
Changes in attackers’
techniques
Credential theft
Traditional security
solutions
False positives
Not up to the challenge
Complex
20. Protect at the
front door
Detect attacks before
they cause damage
Protect your data
against user mistakes
Identity-driven security scenarios
21. Risk severity calculation
Remediation recommendations
Risk-based conditional access automatically
protects against suspicious logins and
compromised credentials
Gain insights from a consolidated view of
machine learning based threat detection
Leaked
credentials
Infected
devices
Configuration
vulnerabilities
Risk-based
policies
MFA Challenge
Risky Logins
Block attacks
Change bad
credentials
Machine-Learning Engine
Brute force
attacks
Suspicious sign-
in activities
PROTECT AT THE FRONT DOOR
Identity Protection at its best
22. Security/Monitoring/Reporting
SolutionsNotifications
Data Extracts/Downloads
Reporting APIs
Power
BI
Apply Microsoft learnings to your
existing security tools
SIEM
Monitor
Tools
Microsoft machine - learning engine
PROTECT AT THE FRONT DOOR
Use the power of Identity Protection in PowerBI, SIEM and other monitoring tools
Leaked
credentials
Infected
devices
Configuration
vulnerabilitiesBrute force
attacks
Suspicious sign-
in activities
23. Audit
SECURITY
ADMIN
Configure Privileged
Identity Management
USER
PRIVILEGED IDENTITY MANAGEMENT
Identity
verification
Monitor
Access reports
MFA
ALERT
Read only
ADMIN PROFILES
Billing Admin
Global Admin
Service Admin
PROTECT AT THE FRONT DOOR
How time-limited activation of privileged roles works
MFA enforced during activation process
Alerts inform administrators about out-
of-band changes
Users need to activate their privileges
to perform a task
Users retain privileges for a pre-configured
amount of time
Security admins can discover all privileged
identities, view audit reports, and review
everyone who is eligible to activate via
access reviews
24. Protect at the
front door
Detect attacks before
they cause damage
Protect your data
against user mistakes
Identity-driven security scenarios
25. PROTECT YOUR DATA AGAINST USER MISTAKES
• Discover 13,000+ cloud apps in
use—no agents required
• Identify all users, IP addresses,
top apps, top users
Shadow IT discovery
• Get an automated risk score
driven by 60+ parameters
• See each app’s risk assessment
based on its security mechanisms
and compliance regulations
Risk scoring
• Ongoing risk detection, powerful
reporting, and analytics on users,
usage patterns, upload/download
traffic, and transactions
• Ongoing anomaly detection for
discovered apps
Ongoing analytics
26. PROTECT YOUR DATA AGAINST USER MISTAKES
• Set granular-control security
policies for your approved apps
• Use out-of-the-box policies or
customize your own
Policy definition
• Prevent data loss both inline and
at rest
• Govern data in the cloud, such as
files stored in cloud drives,
attachments, or within cloud apps
• Use pre-defined templates or
extend existing DLP policies
DLP and data sharing
• Identify policy violations, investigate
on a user, file, activity level
• Enforce actions such as quarantine
and permissions removal
• Block sensitive transactions, limit
sessions for unmanaged devices
Policy enforcement
28. Full Data
Lifecycle
Azure Information
Protection DOCUMENT
TRACKING
DOCUMENT
REVOCATION
Monitor
& respond
LABELINGCLASSIFICATION
Classification
& labeling
ENCRYPTION
Protect
ACCESS
CONTROL
POLICY
ENFORCEMENT
PROTECT YOUR DATA AGAINST USER MISTAKES
29. PROTECT YOUR DATA AGAINST USER MISTAKES
Simplify BYOD program - device
management is optional
Secure your LOB apps with App
SDK and App Wrapping Tool
Prevent data loss from Office
mobile apps; natively built in.
Personal apps
Corporate apps
MDM
policies
MAM
policies
File
policies
MDM – optional
(Intune or third party)
Azure Rights
Management
Microsoft Intune
Corporate
data
Personal
data
Multi-identity policy
Extend protection at file level with
Azure Information Protection
30. Protect at the
front door
Detect attacks before
they cause damage
Protect your data
against user mistakes
Identity-driven security scenarios
31. Microsoft Advanced Threat Analytics
brings the behavioral analytics concept
to IT and the organization’s users.
An on-premises platform to identify advanced security attacks and insider
threats before they cause damage
DETECT ATTACKS BEFORE THEY CAUSE DAMAGE
Behavioral
Analytics
Detection of advanced
attacks and security risks
Advanced Threat
Detection
32. Analyze1
DETECT ATTACKS BEFORE THEY CAUSE DAMAGE
ATA analyzes all Active Directory-
related traffic and collects
relevant events from SIEM
ATA builds the organizational security
graph, detects abnormal behavior,
protocol attacks, and weaknesses, and
constructs an attack timeline
ATA automatically learns all entities’
behaviors
Learn2 Detect3
33. DETECT ATTACKS BEFORE THEY CAUSE DAMAGE
Behavioral analytics Attack detection
• Identify anomalies in your
cloud environment which may
be indicative of a breach
• Leverage behavioral analytics
(each user’s interaction with
SaaS apps) to assess risk in
each transaction
• Identify and stop known attack
pattern activities originating from
risky sources with threat
prevention enhanced with vast
Microsoft threat intelligence
• Coming soon: send any file
through real-time behavioral
malware analysis
34. Protect at the
front door
Detect attacks before
they cause damage
Protect your data
against user mistakes
Identity-driven security scenarios
35. Microsoft Intelligent Security Graph
Unique insights into the threat landscape
Informed by trillions of signals from
billions of sources
Powered by inputs we receive across our
endpoints, consumer services, commercial
services, and on-premises technologies
Anomaly detection that draws from our vast
amount of threat intelligence, machine learning,
security research, and development data Intelligence