Download presentation
Presentation is loading. Please wait.
Published byGervais Gregory Modified over 8 years ago
1
OSP214
2
SECURITY PRIVACY RELIABILITY & SERVICE CONTINUITY COMPLIANCE
3
Compliance Management Information Security Policy Security Privacy & Regulatory Privacy & Regulatory Service Continuity 3
4
4 Microsoft Confidential
5
Security Management Threat & Vulnerability Management, Monitoring & Response Edge Routers, Firewalls, Intrusion Detection, Vulnerability scanning Network perimeter Dual-factor Auth, Intrusion Detection, Vulnerability scanning Internal Network Access Control & Monitoring, Anti-Malware, Patch & Config Mgmt Host Secure Engineering (SDL), Access Control & Monitoring, Anti-Malware Application Access Control & Monitoring, File/Data Integrity Data User Account Mgmt, Training & Awareness, Screening Facility Physical controls, video surveillance, Access Control Strategy: employ a risk-based, multi-dimensional approach to safeguarding services and data 5
6
Microsoft believes that delivering secure software requires Executive commitment Ongoing Process Improvements SDL a mandatory policy at Microsoft since 2004 Technology and Process EducationAccountability
7
ISO 27001 SAS 70 Type I (BPOS-S) SAS 70 Type II (BPOS-D) Services (BPOS and FOPE) ISO 27001 SAS 70 Type II Data Centers Safe Harbor Microsoft 7
8
8
9
9
10
10
11
11
12
12
13
13
14
14
15
15 Microsoft Confidential
16
Business Rules for protecting information and systems which store and process information System or procedural specific requirements that must be met Step by step procedures A process or system to assure the implementation of policy 16
17
17
18
18
19
19 Microsoft Confidential
20
20
21
21
22
22
23
Secondary mailbox with separate quota Appears in Outlook and Outlook Web App Automated and time- based criteria Set policies at item or folder level Expiry date shown in email message EWS Support Capture deleted and edited email messages Offers single item restore Notify user on hold Web-based UI Search primary, archive, and recoverable items Delegate through roles-based admin Annotate content De-duplication after discovery Alert sender about possible risks or policy violations Option of customized MailTips MailTipsMailTips Inspect both messages and attachments Apply controls to all email sent and received Delegate through roles- based admin Apply IRM automatically Access messages in OWA, EAS Decrypt protected messages to enable search, filtering, journaling, transport rules Protect sensitive voicemail Extend access to partners Transport Rules IRM Integration
Similar presentations
© 2024 SlidePlayer.com Inc.
All rights reserved.