Collaboration often drives how we work especially when our workforce is mobile, when it is working off premises and serving clients in the field. Our employees adopt cloud solutions to communicate, exchange ideas and files, and to collaborate without our knowledge…this approach keeps security officers sleepless not only in Seattle but also in Columbus…
This presentation is an overview of Office 365 functionality, security and compliance (reporting) capabilities to manage information privacy, security and compliance risks, and related documentation. Office 365 email security and management, SharePoint collaboration platform and Azure Active Directory reporting will be reviewed. This is a business/technical (not in depth technical) presentation to help business / technical audience understand the security and functionality of Office 365 solution when considering cloud solutions adoption.
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Robert Brzezinski - Office 365 Security & Compliance: Cloudy Collaboration...Really?
1. Robert Brzezinski, CHPS, CISA
BizWit LLC
Information Security
Risk Management
Columbus, OH
www.bizwit.us
OFFICE 365 SECURITY AND COMPLIANCE
CLOUDY COLLABORATION … REALLY?
(C) 2011 - 2016 BizWit LLC
2. 1. Understand Office 365 security and
compliance
2. Satisfying business, security and
compliance needs
3. Verify configuration
4. Define audit scope
5. Make educated decision
OFFICE 365 SECURITY AND COMPLIANCE
(C) 2011 - 2016 BizWit LLC
3. OFFICE 365 SECURITY AND COMPLIANCE
1. How hackers break in?
2. Office 365 and Federal regulations?
3. Email protection
4. Protecting data and collaboration
environment
5. Protecting user credentials
6. Meeting Compliance requirements
7. Is the Cloud right for you?
(C) 2011 - 2016 BizWit LLC
4. Protection of Sensitive Data - # 1 driver for
security spending (SANS)
Regulatory Compliance - # 2 driver for
security spending (SANS)
(C) 2011 - 2016 BizWit LLC
SECURITY PRIORITIES AND OFFICE 365
5. Source: Verizon 2015 Data Breach Investigation Report (DBIR) Threats and Security Incidents
(C) 2011 - 2016 BizWit LLC
SECURITY PRIORITIES AND OFFICE 365
Source: Verizon 2016 Data Breach Digest (DBD)
6. (C) 2011 - 2016 BizWit LLC
Source: 2015 Verizon DBIR
• Email
• Phishing / Malware
• Malicious website
• Compromised credentials
• Email mistakes
• Lost data or device
• Compromised data
• Compromised credentials
• Privilege misuse
Threat actions
HOW HACKERS BREAK IN? SECURITY PRIORITIES AND OFFICE 365
FBI – Business Email Compromise 2013-15
Exposed Dollars Loss $800 M – $1.2 B
7. OFFICE 365 TRUST CENTER - COMPLIANCE WITH
FEDERAL REGULATIONS
Top 10 compliance standards of Office 365:
HIPAA, FedRAMP/FISMA, SSAE16, GLBA, PIPEDA, FERPA, EU, ISO
27001
Office 365 receives FedRAMP Authority to Operate (ATO) from
HHS OIG
FBI CJIS Addendum
Office 365 listed in CSA Security, Trust & Assurance Registry
(STAR)
(C) 2011 - 2016 BizWit LLC
9. OFFICE 365 PROTECTION OF SENSITIVE DATA
(C) 2011 - 2016 BizWit LLC
Protecting Outbound Email and Data
Mail flow rules
• Malware + / Flag external
• Data Loss Prevention (DLP)
• Encryption / decryption
• Secure attachments
• Email supervisory workflow
• Incident reporting
Mobile device access
Miscellaneous
Errors
10. DLP & ENCRYPTION
(C) 2011 - 2016 BizWit LLC
OFFICE 365 PROTECTION OF SENSITIVE DATA
11. OFFICE 365 EMAIL COMPLIANCE
(C) 2011 - 2016 BizWit LLC
• Data Loss Prevention (DLP)
• eDiscovery
• Litigation Hold
• Retention policies
• Archiving
• Auditing reports
• Non-owner mailbox access
• Admin and external admin log
• Configuration changes by admin
• Admin role group changes
Privilege Misuse
12. OFFICE 365 PROTECTION OF SENSITIVE DATA
(C) 2011 - 2016 BizWit LLC
Protecting Data - SharePoint Collaboration
Sites Architecture
• Data Containers / Logical Separation
Permissions and sharing
• Very granular permissions
• External sharing blocking
Data Loss Prevention (DLP) & Alerting
• SharePoint / OneDrive and Exchange
• Malware scanning
• Alerts for e.g. content changes
Miscellaneous
Errors
13. OFFICE 365 PROTECTION OF SENSITIVE DATA
(C) 2011 - 2016 BizWit LLC
Protecting Data with Rights Management Services
• Encrypt attachments
• Limit access and editing capabilities
• Manage content expiry
• View document use
Miscellaneous
Errors
Information Rights Management for SharePoint and
for Desktop / Email
• Protect / encrypt documents in place (on laptop)
14. (C) 2011 - 2016 BizWit LLC
OFFICE 365 PROTECTION OF SENSITIVE DATA
Rights Management Services (RMS)
15. OFFICE 365 PROTECTION OF SENSITIVE DATA
(C) 2011 - 2016 BizWit LLC
Rights Management Services
(RMS)
16. (C) 2011 - 2016 BizWit LLC
OFFICE 365 SHAREPOINT COMPLIANCE
• Data Loss Prevention (DLP)
• eDiscovery
• Retention policies & Archiving
• Auditing reports
• Editing or viewing content
• Editing users and permissions
• Office 365 audit log
Rights Management Services /
Information Rights Management
Privilege Misuse
Miscellaneous
Errors
17. (C) 2011 - 2016 BizWit LLC
OFFICE 365 PROTECTION OF SENSITIVE DATA
Protecting User Credentials - Security Configuration
User management in Office 365
• Admin, licensing and self-service
• Azure AD (Active Directory)
• Synchronization
• Authentication & notification
• IP ranges
• Multifactor Authentication (MFA)
Privilege Misuse
Miscellaneous
Errors
18. (C) 2011 - 2016 BizWit LLC
OFFICE 365 PROTECTION OF SENSITIVE DATA
Protecting User Credentials – Alerting & Reporting
User access monitoring
• Sign ins from unknown sources
• Sign ins from IP addresses with
suspicious activity
• Users with anomalous sign in
activity
• Password reset activity
Privilege Misuse
Miscellaneous
Errors