Download presentation
Presentation is loading. Please wait.
Published byDarrell Wright Modified over 5 years ago
1
In the attack index…what number is your Company?
2
Microsoft Secures Microsoft with Microsoft An Overview
Justin Nelson | Office of CIO | Microsoft Corporation | 27th February 2006
3
Agenda The Microsoft Landscape Managing Risk What does IT cost?
Strategies, Tactics, Solutions
4
Microsoft IT Environment
111K+ server accounts 1.9 Tb Db Single Instance SAP 334K+ PCs and devices Dublin Redmond Tukwila Tokyo SVC 3M+ internal messages per day 10M+ s from the Internet per day 9M+ rejected as spam 99.99% availability Singapore 106K+ end users 98 countries 441 buildings 9.5M+ remote connections per month
5
Enterprise Risk Model Unacceptable Risk Impact to Business
5 Enterprise Risk Model High Unacceptable Risk Risk assessment drives to acceptable risk (Defined by Business Owner) Impact to Business Acceptable Risk Low Low Probability of Exploit (Defined by Corporate Security) High
6
Microsoft IT Spend Breakdown
FY05 Breakdown Cost Element View People 72% Data & Voice 16% Hardware 5% Facilities 5% Software 2% Software 5% (adjusted to include estimate if MS software were included) Functional View Applications 60% App Development (29%) App Support (31%) Infrastructure 40% Network (14%) Data Center (7%) Employee Services (5%) Voice (5%) Helpdesk (5%) Security (3%) Employee Services = monitoring/Tier 2 (2%), messaging (1%), software deployment (1%), collaboration (0.5%), data protection (0.5%)
7
Microsoft CISO Concerns
Regulatory compliance Mobility of data Unauthorized access to data Malicious software Supporting an evolving client
8
Key Strategies and Tactics
Assessment of risk Identification of potential threats Mitigate risk through five key strategies Secure the Network Identity & Access Management IP and Data Protection Enhanced Auditing & Monitoring Awareness
9
Key Strategies and Tactics
Secure the Network Identity & Access Management IP and Data Protection Enhanced Auditing & Monitoring Awareness Secure Extranet and Partner Connections Secure Remote Access Network Segmentation Network Intrusion Detection Systems Hardening the Wireless Network Strong Passwords Public Key Infrastructure: Certificate Services Hygiene and Trustworthy Messaging Least Privileged Access Managed Source Code Security Development Lifecycle - IT Securing Mobile Devices Automated Vulnerability Scans Combating Malware Security Event Collection Information Security Policies Training and Communications For More Information
10
In summary The Microsoft Landscape Risk Management approach Budgeting
Strategies, Tactics, Securing Microsoft with Microsoft For More Information
11
For More Information Additional content about Microsoft IT deployments and best practices can be found on Microsoft TechNet Microsoft Case Study Resources IT Showcase
12
© 2005 Microsoft Corporation. All rights reserved.
This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
Similar presentations
© 2024 SlidePlayer.com Inc.
All rights reserved.