Presentation is loading. Please wait.

Presentation is loading. Please wait.

OUC207. Identity-centric environment Targeted attacks Cloud computing Regulatory/compliance issues Consumerisation of IT Key trends affecting security.

Published byNorman Phelps Modified over 8 years ago

Similar presentations

Presentation on theme: "OUC207. Identity-centric environment Targeted attacks Cloud computing Regulatory/compliance issues Consumerisation of IT Key trends affecting security."— Presentation transcript:

1 OUC207

2 Identity-centric environment Targeted attacks Cloud computing Regulatory/compliance issues Consumerisation of IT Key trends affecting security 2

3

4 19891995200020052010 1 st Microsoft Data Center Microsoft Security Response Center (MSRC) Windows Update Active Update Xbox Live Global Foundation Services (GFS) Trustworthy Computing Initiative (TwC) BillG Memo Microsoft Security Engineering Center/ Security Development Lifecycle Malware Protection Center SAS-70 Certification ISO 27001 Certification FISMA Certification

5

6 Choice to keep Office 365 Customer Data separate from consumer services. Office 365 Customer Data belongs to the customer. Customers can export their data at any time. Customers can report on necessary Microsoft access to data. At Microsoft, our strategy is to consistently set a “high bar” around privacy practices that support global standards for data handling and transfer No Mingling Data Portability No advertising products out of Customer Data. No marketing emails to users. No scanning of email or documents to build analytics or mine data. No Advertising Microsoft shares details of where customer data is stored. Data Centers are independently audited. Transparent Data Location

7 Microsoft security best practices 24-hour monitored physical hardware Isolated customer data Secure network Encrypted data Automated operations Office 365 built-in security Office 365 customer controls Office 365 independent verification & compliance

8 Microsoft security best practices 24-hour monitored physical hardware Isolated customer data Secure network Encrypted data Automated operations

9 Seismic bracing 24x7 onsite security staff Days of backup power Tens of thousands of servers

10 Logically isolated customer data within Office 365 Physically separated consumer and commercial services

11 Network Separated Data Encrypted Networks within the Office 365 data centers are segmented. Physical separation of critical, back-end servers & storage devices from public-facing interfaces. Edge router security allows ability to detect intrusions and signs of vulnerability.

12 Office 365 provides data encryption BitLocker 256bit AES Encryption of messaging content in Exchange Online Information Rights Management for encryption of documents in SharePoint Online Transport Layer Security (TLS)/ Secure Sockets Layer (SSL) Third-party technology such as PGP

13 O365 Admin requests access Grants temporary privilege

14 24-hour monitored physical hardware Isolated customer data Secure network Encrypted data Automated operations Microsoft security best practices

15 ResponseReleaseVerificationImplementationDesignRequirementsTraining Incident response plan Final security review Release archive Execute incident response plan Use approved tools Deprecate unsafe functions Static analysis Dynamic analysis Fuzz testing Attack surface review Est. Security requirements Create quality gates / bug bars Security & privacy risk assess. Establish design requirements Analyze attack surface Threat modeling Core security training Education Administer and track security training Process Guide product teams to meet SDL requirements Accountability

16 Throttling to prevent DoS attacks Exchange Online baselines normal traffic & usage Ability to recognize DoS traffic patterns Automatic traffic shaping kicks in when spikes exceed normal Mitigates: Non-malicious excessive use Buggy clients (BYOD) Admin actions DoS attacks

17 Prevent breach

18 Mitigate breach

19 Microsoft security best practices 24-hour monitored physical hardware Isolated customer data Secure network Encrypted data Automated operations Office 365 built-in security Office 365 customer controls Office 365 independent verification & compliance

20 Information can be protected with RMS at rest or in motion Data protection in motion

21

22 Integrated with Active Directory, Azure Active Directory, and Active Directory Federation Services Enables additional authentication mechanisms: Two-factor authentication – including phone-based 2FA Client-based access control based on devices/locations Role-based access control

23 Empower users to manage their compliance Contextual policy education Doesn’t disrupt user workflow Works even when disconnected Configurable and customizable Admin customizable text and actions Built-in templates based on common regulations Import DLP policy templates from security partners or build your own Prevents sensitive data from leaving organization Provides an alert when data such as social security & credit card number is emailed. Alerts can be customized by Admin to catch intellectual property from being emailed out.

24

25 In-Place ArchiveGovernanceHoldeDiscovery Secondary mailbox with separate quota Managed through EAC or PowerShell Available on-premises, online, or through EOA Automated and time-based criteria Set policies at item or folder level Expiration date shown in email message Capture deleted and edited email messages Time-based in-place hold Granular query-based in-place hold Optional notification Web-based eDiscovery Center and multi-mailbox search Search primary, in-place archive, and recoverable items Delegate through roles- based administration De-duplication after discovery Auditing to ensure controls are met SearchPreserve

26 Comprehensive protection Multi-engine antimalware protects against 100% of known viruses Continuously updated anti-spam protection captures 98%+ of all inbound spam Advanced fingerprinting technologies that identify and stop new spam and phishing vectors in real time Easy to use Preconfigured for ease of use Integrated administration console Granular control Mark all bulk messages as spam Block unwanted email based on language or geographic origin

27 Independent verification & compliance Microsoft security best practices 24-hour monitored physical hardware Isolated customer data Secure network Encrypted data Automated operations Office 365 built-in security Office 365 customer controls Office 365 independent verification & compliance

28 “I need to know Microsoft is doing the right things” Microsoft provides transparency

29 ISO SOC HIPAA FERPA HMG IL2 EUMC CertMarketRegion SSAE/SOCFinanceGlobal ISO27001Global EUMCEurope FERPAEducationU.S. FISMAGovernmentU.S. HIPAAHealthcareU.S. HITECHHealthcareU.S. ITARDefenseU.S. HMG IL2GovernmentUK CJISLaw EnforcementU.S. Certification status Queued or In Progress

30

31 31

32 Win. Attend any Office 365 or Lync Session and be in-to-win a 1 Year Subscription to Office 365 Home Premium, Spot Prizes, Your $2,500 Office in the Cloud, or one of 30 Attacknid Doom Razors!

33

34 Head to... aka.ms/te

35

Download ppt "OUC207. Identity-centric environment Targeted attacks Cloud computing Regulatory/compliance issues Consumerisation of IT Key trends affecting security."

Similar presentations

Email/Calendar Collaboration Document Management Messaging Web Conferencing Best experience across devices.

/Calendar Collaboration Document Management Messaging Web Conferencing Best experience across devices.
Common Question Who can benefit from Cloud? Every enterprise today can benefit from Cloud.

Common Question Who can benefit from Cloud? Every enterprise today can benefit from Cloud.
Provide a platform built on security, privacy, and trust Maintain an evergreen service Offer highly configurable and scalable services.

Provide a platform built on security, privacy, and trust Maintain an evergreen service Offer highly configurable and scalable services.
Enterprise CAL Overview. Different Types of CALs Standard CAL base A component Standard CAL is a base CAL that provides access rights to basic features.

Enterprise CAL Overview. Different Types of CALs Standard CAL base A component Standard CAL is a base CAL that provides access rights to basic features.
“ “ Accidental email with attachment exposed hundreds of individuals’ names and Social Security Numbers… “ “

“ “ Accidental with attachment exposed hundreds of individuals’ names and Social Security Numbers… “ “
Chapter 7 HARDENING SERVERS.

Chapter 7 HARDENING SERVERS.
Optimize for Software + Services E-mail ArchivingE-mail Archiving Protect CommunicationsProtect Communications Advanced SecurityAdvanced Security Manage.

Optimize for Software + Services Archiving Archiving Protect CommunicationsProtect Communications Advanced SecurityAdvanced Security Manage.
Respond to customer feedback through agile development Deliver new features and valueTrust and compliance Cloud value Continuous innovation with confidence.

Respond to customer feedback through agile development Deliver new features and valueTrust and compliance Cloud value Continuous innovation with confidence.
Pre-adoption concern 60% cited concerns around data security as a barrier to adoption 45% concerned that the cloud would result in a lack of data control.

Pre-adoption concern 60% cited concerns around data security as a barrier to adoption 45% concerned that the cloud would result in a lack of data control.
Version 2.0 for Office 365. Day 1 Administering Office 365 Day 2 Administering Exchange Online Office 365 Overview & InfrastructureLync Online Administration.

Version 2.0 for Office 365. Day 1 Administering Office 365 Day 2 Administering Exchange Online Office 365 Overview & InfrastructureLync Online Administration.
Security challenges Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of emails a day Using Thousands of.

Security challenges Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of s a day Using Thousands of.
Security Best-in-class security with over a decade of experience building Enterprise software & Online services Physical and data security with.

Security Best-in-class security with over a decade of experience building Enterprise software & Online services Physical and data security with.
Why Compliance Legal and Regulatory requirements Organizational governance requests Internal and external threats Today’s Challenges Duplicate solutions.

Why Compliance Legal and Regulatory requirements Organizational governance requests Internal and external threats Today’s Challenges Duplicate solutions.
Exchange 2010 Overview Name Title Group. What You Tell Us Communication overload Globally distributed customers and partners High cost of communications.

Exchange 2010 Overview Name Title Group. What You Tell Us Communication overload Globally distributed customers and partners High cost of communications.
Office 365 Trust Center Answer key questions of Security Compliance Officers Dynamic engaging content that is refreshed every two weeks www.trust.office365.com.

Office 365 Trust Center Answer key questions of Security Compliance Officers Dynamic engaging content that is refreshed every two weeks
PreserveDiscover In-Place Archive with secondary quota Available on-prem, online, or EOA Lync Archives into Exchange Search across Primary & Archive –

PreserveDiscover In-Place Archive with secondary quota Available on-prem, online, or EOA Lync Archives into Exchange Search across Primary & Archive –
Agenda: Compliance Vision Archive Preserve (Hold) Delete (Messaging Records Management) Q&A.

Agenda: Compliance Vision Archive Preserve (Hold) Delete (Messaging Records Management) Q&A.
OSP214. SECURITY PRIVACY RELIABILITY & SERVICE CONTINUITY COMPLIANCE.

OSP214. SECURITY PRIVACY RELIABILITY & SERVICE CONTINUITY COMPLIANCE.
What’s New in Exchange Online. Disclaimer This presentation contains preliminary information that may be changed substantially prior to final commercial.

What’s New in Exchange Online. Disclaimer This presentation contains preliminary information that may be changed substantially prior to final commercial.
Cliff Evans Security and Privacy Lead Trustworthy Computing Group Microsoft UK.

Cliff Evans Security and Privacy Lead Trustworthy Computing Group Microsoft UK.

Similar presentations

Ads by Google