Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Cloud & Sécurité

984 views

Published on

Conférence 25/11 à l'Axis Parc Mont Saint Guibert : Vos données sont elles vraiment sécurisées ?

  • Be the first to comment

Cloud & Sécurité

  1. 1. Le Cloud & la Sécurité Christophe Van Mollekot Solution Advisor – Microsoft
  2. 2. Cloud vs Security
  3. 3. Global datacenter footprint 100+ Datacenters in over 40 countries
  4. 4. “71% of strategic buyers cite scalability, cost and business agility as the most important drivers for using cloud services.“ – Gigaom Research Integral to business transformation
  5. 5. Efficiently ScaleScalability
  6. 6. Test & DevCosts
  7. 7. Agility
  8. 8. trillion a year1 Risk of cyber attacks can cost business up to 3$ individual records were breached in 2013.4 More than 800M in 2014.3 The number of recorded data breaches increased 78% of the value created by the Internet.2 Cybercrime extracts between 15-20% agree consumers have lost control over how personal information is collected and used by companies5 91% Global attacks are increasing and costs are rising
  9. 9. How can Cloud help your Security
  10. 10. No one is able to use your data in a way that you do not approve. You have visibility into how your data is being handled and used. Your content is stored and managed in compliance with applicable laws, regulations and standards. How can Cloud help your Security
  11. 11. 13 24 hour monitored physical security System monitoring and logging Patch management Anti-Virus/Anti-Malware protection Intrusion detection/DDoS Penetration testing Infrastructure protection
  12. 12. Network protection Encrypted connections Virtual Networks ExpressRouteNetwork isolation
  13. 13. Enterprise cloud identity – Windows Azure AD Access monitoring Single sign-on Multi-Factor Authentication Role based access controls Identity & access
  14. 14. Encrypted data transfer Encryption options for stored data Data segregation Choice of data location Data redundancy Data destruction 16 Data protection
  15. 15. Traditional protect & recover security strategy
  16. 16. The mindset shift
  17. 17. “FUNDAMENTALLY, IF SOMEBODY WANTS TO GET IN, THEY'RE GETTING IN…ACCEPT THAT. WHAT WE TELL CLIENTS IS: NUMBER ONE, YOU'RE IN THE FIGHT, WHETHER YOU THOUGHT YOU WERE OR NOT. NUMBER TWO, YOU ALMOST CERTAINLY ARE PENETRATED. ” Michael Hayden Former Director of NSA & CIA AssumeBreach
  18. 18. 20 If you found out tomorrow that your most critical systems had been infiltrated or that your most critical data was being exfiltrated, would you be prepared to deal with the breach?
  19. 19. RED All your bases BELONG to us vs. BLUE
  20. 20. AssumeBreachExecution 23 Wargame exercises Blue teaming Red teaming Monitor emerging threats Execute post breach Insider attack simulation
  21. 21. PostBreachExecution 24 Establish security baselines  Time to detect  Time to contain  Time to fix  Time to recover Framework to inventory damage Identify reactive security investments Update response plans If you measure MTTR in WEEKS/MONTHS/YEARS instead of hours/days, then YOU’VE FAILED!
  22. 22. The confidentiality, integrity, and availability of your data is protected. You have visibility into how your data is being handled and used. Your content is stored and managed in compliance with applicable laws, regulations and standards. How can Cloud help your Security
  23. 23. We’ll keep your data secure Your data is private and under your control We manage your data in accordance with the law You know what we’re doing with your data
  24. 24. No one is able to use your data in a way that you do not approve. The confidentiality, integrity, and availability of your data is protected. You have visibility into how your data is being handled and used. How can Cloud help your Security
  25. 25. Microsoft Cloud Compliance Certifications
  26. 26. No one is able to use your data in a way that you do not approve. The confidentiality, integrity, and availability of your data is protected. Your content is stored and managed in compliance with applicable laws, regulations and standards. How can Cloud help your Security
  27. 27. http://www.microsoft.com/about/corporatecitizenship/en-us/reporting/transparency/ Law Enforcement Requests
  28. 28. Microsoft NDA-To be shared under NDA only Transparency Center
  29. 29. How can Cloud help your Security
  30. 30. One last word…
  31. 31. An on-premises solution to identify advanced security attacks before they cause damage  Credit card companies monitor cardholders’ behavior.  If there is any abnormal activity, they will notify the cardholder to verify charge. Microsoft Advanced Threat Analytics brings this concept to IT and users of a particular organization Comparison:
  32. 32. Behavioral Analytics Detection for known attacks and issues Advanced Threat Detection An on-premises solution to identify advanced security attacks before they cause damage
  33. 33. Detect threats fast with Behavioral Analytics Adapt as fast as your enemies Focus on what is important fast using the simple attack timeline Reduce the fatigue of false positives
  34. 34. Thank You
  35. 35. Learn more about the Microsoft Enterprise Cloud Visit the Microsoft Trust Centers: Azure, Intune, Office 365, and Dynamics CRM Review the Microsoft Law Enforcement Request Report and US National Security Orders Report Read our blogs: Microsoft Cyber Trust and Microsoft On the Issues Follow us on Twitter: @MSFTSecurity Additional Resources

×