Presentation is loading. Please wait.

Presentation is loading. Please wait.

Azure Information Protection

Published byStephen Thomas Modified over 6 years ago

Similar presentations

Presentation on theme: "Azure Information Protection"— Presentation transcript:

1 Azure Information Protection
Microsoft Ignite 2016 4/21/2018 4:06 PM BRK2127 Azure Information Protection Adam Hall Customer Success Lead Azure IP engineering Mail: © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

2 Enterprise Mobility + Security
The Microsoft vision Identity Driven Security Users Devices Apps Data Managed Mobile Productivity Comprehensive Solution

3 Enterprise Mobility +Security
The Microsoft solution Azure Active Directory Microsoft Cloud App Security Manage identity with hybrid integration to protect application access from identity attacks Extend enterprise-grade security to your cloud and SaaS apps Intune Protect your users, devices, and apps Detect threats early with visibility and threat analytics Advanced Threat Analytics Azure Information Protection Protect your data, everywhere

4 Azure Information Protection

5 How much control do YOU have?
Unregulated, unknown How much control do YOU have? Hybrid data = new normal It is harder to protect Managed mobile environment Identity, device management protection On-premises Perimeter protection

6 The evolution of Information Protection
LABELING CLASSIFICATION Classify & Label ENCRYPTION Protect ACCESS CONTROL POLICY ENFORCEMENT DOCUMENT TRACKING DOCUMENT REVOCATION Monitor & Respond

7 Azure Information Protection Full Data Lifecycle
CLASSIFICATION LABELING ENCRYPTION ACCESS CONTROL POLICY ENFORCEMENT DOCUMENT TRACKING DOCUMENT REVOCATION Classify & Label Protect Monitor & Respond

8 Classification + Automation + Protection + Reporting + Collaboration
Microsoft Ignite 2016 4/21/2018 4:06 PM Classification + Automation + Protection + Reporting + Collaboration © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

9 Classification Microsoft Ignite 2016 4/21/2018 4:06 PM
© 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

10 Classify Data – Begin the Journey
Classify data based on sensitivity Start with the data that is most sensitive IT can set automatic rules; users can complement it Associate actions such as visual markings and protection IT admin sets policies, templates, and rules Confidential Restricted Personal Internal Public

11 Classification user experiences
4/21/2018 Classification user experiences Reclassification Manual Automatic Recommended © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

12 Apply Labels based on classification
Persistent labels that travel with the document Labels are metadata written to documents Labels are in clear text so that other systems such as a DLP engine can read Labels travel with the document, regardless of location FINANCE CONFIDENTIAL

13 Protection Microsoft Ignite 2016 4/21/2018 4:06 PM
© 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

14 Protect data against unauthorized use
Corporate apps attachment FILE VIEW EDIT COPY PASTE Personal apps Protect data needing protection by: Encrypting data Including authentication requirement and a definition of use rights (permissions) to the data Providing protection that is persistent and travels with the data

15 How Protection Works 4/21/2018
Usage rights and symmetric key stored in file as “license” License protected by customer-owned RSA key Use rights + Water Sugar Brown #16 Water Sugar Brown #16 ()&(*7812(*: PROTECT UNPROTECT Each file is protected by a unique AES symmetric Secret cola formula © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

16 Rights Management Active Directory Key Vault
4/21/2018 How Protection Works LOCAL PROCESSING ON PCS/DEVICES Use rights + Azure RMS never sees the file content, only the license SDK ()&(*7812(*: Use rights + Rights Management Active Directory Key Vault File content is never sent to the RMS server/service Apps protected with RMS enforce rights Apps use the SDK to communicate with the RMS service/servers © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

17 Demo Azure Information Protection Microsoft Ignite 2016
4/21/2018 4:06 PM Demo Azure Information Protection © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

18 Reporting Microsoft Ignite 2016 4/21/2018 4:06 PM
© 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

19 Monitor and Respond Monitor use, control and block abuse MAP VIEW
Sue Bob Jane Sue Joe blocked in Ukraine Jane accessed from France Bob accessed from North America MAP VIEW Jane Competitors Jane access is revoked

20 Logs & Reporting More Soon Microsoft Ignite 2016 4/21/2018 4:06 PM
© 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

21 Collaboration Microsoft Ignite 2016 4/21/2018 4:06 PM
© 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

22 Road to sharing data safely with anyone
Share internally, with business partners, and customers Bob Jane Internal user ******* External user Any device/ any platform Let Bob view and print Let Jane edit and print Sue File share SharePoint LoB

23 Azure Active Directory
4/21/2018 4:06 PM How Sharing Works Using Azure AD for authentication On-premises organizations doing full sync Azure Active Directory On-premises organizations doing partial sync Organizations completely in cloud Organizations created through ad-hoc signup …and all of these organizations can interact with each other. ADFS © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

24 Architectures Microsoft Ignite 2016 4/21/2018 4:06 PM
© 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

25 Topology optional Azure AD Azure Rights Management Azure Key Management Data protection for organizations at different stages of cloud adoption Ensures security because sensitive data is never sent to the RMS server Integration with on-premises assets with minimal effort Authentication & collaboration Service supplied Key BYOK Authorization requests via federation (optional) RMS connector AAD Connect ADFS

26 Regulated Environments
Topology for Regulated Environments optional Azure AD Azure Rights Management Azure Key Management Data protection for organizations at different stages of cloud adoption Ensures security because sensitive data is never sent to the RMS server Integration with on-premises assets with minimal effort Hold your key on premises Authentication & collaboration Service supplied Key BYOK Authorization requests via federation (optional) RMS connector AAD Connect ADFS Rights Management HYOK Key Management

27 Getting started with key scenarios
Classification only Understand your data classification needs, enable the service and define a default policy so all documents are labelled. + Automation Define content based actions to automatically classify and label documents or make recommendations to users to confirm. + Protection For sensitive information, define protection policies that require authentication and enforce use rights. + Reporting Gain insights into the types of information you have, users that work with different sensitivity levels and trends in data creation. Securely share documents and with internal and external recipients. + Collaboration

28 Check out more sessions:
4/21/2018 4:06 PM Check out more sessions: Tuesday: BRK2127 Adopt a comprehensive identity-driven solution for protecting and sharing data securely – 9am THR2107 Collaborate securely using Azure Information Protection – 12:05 pm Wednesday: THR2108 Ensure comprehensive protection of your data with Azure Information Protection – 11:05 am BRK3095 Learn how classification, labeling, and protection delivers persistent data protection – 12:30 pm BRK2128 Protect and share data with anyone securely using Azure Information Protection – 4 pm Friday: BRK3323 Meet Azure Information Protection customers and learn about their success stories – 9:15 am (General Motors) © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

29 Keep going… Try Enterprise Mobility + Security for free, today:
See Microsoft Cloud App Security in action Evaluate and try Microsoft Advanced Threat Analytics now Explore Identity + Access Management Learn more about Azure Information Protection Discover new MDM and MAM solutions with Microsoft Intune Check out new Desktop virtualization capabilities

30 Please evaluate this session
4/21/2018 4:06 PM Please evaluate this session Your feedback is important to us! From your PC or Tablet visit MyIgnite at From your phone download and use the Ignite Mobile App by scanning the QR code above or visiting © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

31 4/21/2018 4:06 PM © 2016 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION. © 2010 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Download ppt "Azure Information Protection"

Similar presentations

Microsoft Virtual Academy

Microsoft Virtual Academy
Secure your complete data lifecycle using Azure Information Protection

Secure your complete data lifecycle using Azure Information Protection
2/20/2018 7:04 PM BRK1038 Meet Azure Information Protection customers and learn about their success stories Jeffrey Kalfut Strategy & Architecture Manager,

2/20/2018 7:04 PM BRK1038 Meet Azure Information Protection customers and learn about their success stories Jeffrey Kalfut Strategy & Architecture Manager,
The time to address enterprise mobility is now

The time to address enterprise mobility is now
Deployment Planning Services

Deployment Planning Services
Azure Information Protection

Azure Information Protection
Microsoft Virtual Academy

Microsoft Virtual Academy
Deployment Planning Services

Deployment Planning Services
Microsoft Ignite 2016 4/27/2018 9:00 AM THR2016

Microsoft Ignite /27/2018 9:00 AM THR2016
Microsoft Ignite /10/2018 3:38 AM

Microsoft Ignite /10/2018 3:38 AM
9/12/2018 6:21 PM BRK2203 Protect and control your sensitive emails with new Office 365 Message Encryption capabilities Praveen Vijayaraghavan Principal.

9/12/2018 6:21 PM BRK2203 Protect and control your sensitive s with new Office 365 Message Encryption capabilities Praveen Vijayaraghavan Principal.
Successfully migrate existing databases to Azure SQL Database

Successfully migrate existing databases to Azure SQL Database
Deployment Planning Services

Deployment Planning Services
Microsoft 2016 6/4/2018 8:21 AM BRK3082 Build solutions and apps with Microsoft OneDrive API and Microsoft Graph API Ryan Gregg Principal Program Manger,

Microsoft /4/2018 8:21 AM BRK3082 Build solutions and apps with Microsoft OneDrive API and Microsoft Graph API Ryan Gregg Principal Program Manger,
Azure Information Protection Strategy and Roadmap

Azure Information Protection Strategy and Roadmap
Configure and Manage Your Hybrid Cloud Environment at Scale

Configure and Manage Your Hybrid Cloud Environment at Scale
Microsoft Virtual Academy

Microsoft Virtual Academy
6/10/2018 5:07 PM THR2218 Deploying Windows Defender AV and more with Intune and Configuration Manager Amitai Rottem @AmitaiTechie Senior Program Manager,

6/10/2018 5:07 PM THR2218 Deploying Windows Defender AV and more with Intune and Configuration Manager Amitai Senior Program Manager,
Deployment Planning Services

Deployment Planning Services
6/17/2018 10:27 AM BRK3341 Unlock extensibility by connecting your service to PowerApps and Microsoft Flow Theresa (Tessa) Palmer–Sr. Program Manager Sunay.

6/17/ :27 AM BRK3341 Unlock extensibility by connecting your service to PowerApps and Microsoft Flow Theresa (Tessa) Palmer–Sr. Program Manager Sunay.

Similar presentations

Ads by Google