1 / 37

James Lewis and Simon Waight

Learn about the pillars of Office 365 security, including privacy, transparency, compliance, and continuity. Discover how Office 365 addresses common security themes and provides built-in features for identity and access management, mobile device and app management, and information protection. Explore the benefits of Enterprise Mobility Suite for Office 365 customers and the various security assessments available. Take advantage of the commercial and operational mitigations offered by Office 365 and gain control over data access and security.

Download Presentation

James Lewis and Simon Waight

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Office 365 security: everywhere you need it to be James Lewis and Simon Waight PRD331

  2. A bit about us… James Lewis james.lewis@kloud.com.au @jimmy_lewis Sydney Office 365 User Group Simon Waight simon.waight@kloud.com.au @simonwaight Sydney Azure User Group http://blog.kloud.com.au/

  3. “Some organizations, especially outside the U.S., are paying an opportunity cost by allowing unwarranted fears about security to inhibit their use of public cloud services.” Gartner Source: http://www.gartner.com/technology/reprints.do?id=1-2OEYJKW&ct=150930&st=sbzzz

  4. Session Overview Pillars of Office 365 security Security assessments – common themes How Office 365 security addresses common themes

  5. Security teams: putting the “no” into “technology”.

  6. Pillars ofOffice 365 security

  7. Leadership in security, privacy & trust Privacy Transparency Compliance Security Continuity No use of data for advertising purposes. No data mining of your data by Microsoft. No co-mingling of consumer and business data. Your data is yours and you can take it any time Customers know where their data is stored Customers know who can access their data and why Customers can stay in the know by choosing to receive updates regarding changes to security, privacy and audit information ISO 27001 • Australia Certified Cloud Services List EU Model Clauses HIPAA-HITECH FERPA FISMA U.K. G-Cloud IL2 CJIS 24 hour monitored physical datacenters Logical isolation of data between tenants Network segregation. Encryption at rest and in transit Data loss prevention Anti-virus/anti spam 99.9% uptime Financial guarantees on uptime Redundancy in both functionality as well data Automated monitoring and recovery systems 24x7 on-call engineering team available to handle issues

  8. Leadership in security, privacy & trust Privacy Transparency Compliance Security Continuity No use of data for advertising purposes. No data mining of your data by Microsoft. No co-mingling of consumer and business data. Your data is yours and you can take it any time Customers know where their data is stored Customers know who can access their data and why Customers can stay in the know by choosing to receive updates regarding changes to security, privacy and audit information ISO 27001 • Australia CertifiedCloud Services List EU Model Clauses HIPAA-HITECH FERPA FISMA U.K. G-Cloud IL2 CJIS 24 hour monitored physical datacenters Logical isolation of data between tenants Network segregation. Encryption at rest and in transit Data loss prevention Anti-virus/anti spam 99.9% uptime Financial guarantees on uptime Redundancy in both functionality as well data Automated monitoring and recovery systems 24x7 on-call engineering team available to handle issues

  9. Office 365 built-in features Identity & Access Management Mobile device and app management Information protection Basic identity management via Azure AD Single sign-on for Office 365 Basic multifactor authentication Basic mobile device management via MDM Device settings management Selective wipe Built into Office 365 Management Console RMS protection via RMS for Office 365 Protection for content stored in Office (on-premises or Office 365) Access to RMS SDK Bring Your Own Key

  10. EMS benefits for Office 365 customers Identity & Access Management Mobile device and app management Information protection Azure AD for Office 365+ Single sign-on for all cloud apps Advanced multifactor authentication for all workloads Self-service group management and password reset with write back to on-premises directory Advanced security reports FIM (now MIM), Server + CAL MDM for Office 365+ PC management Mobile app management (prevent cutting/copying/pasting/saving from corporate apps to personal apps) Secure content viewers Certificate provisioning System Center integration RMS for Office 365+ Protection for on-premises Windows Server file shares Email notifications when sharing documents Email notifications when shared documents are forwarded Enterprise Mobility Suite

  11. Security assessments

  12. Types of assessment Commercial Operational and Data

  13. Assessment matrix

  14. Top five common risks Data leakage or loss Weak authentication Poor separation of duties Malware / phishing Access from untrusted devices. Have a crack!

  15. Commercial mitigations

  16. Commercial Assessments Trust Center is yourstartingpoint Work with Partners or Microsoft to get additional answers.

  17. NEW! Trust Portal

  18. Operational mitigations

  19. Anomaly reporting Basic reports include: Sign ins from unknown sources Sign ins after multiple failures Signs from multiple geographies Users with threatened creds.

  20. Admin account protection improvements No longer just one Administrator account Full multi-factor authentication support.

  21. Office 365 Management APIs (preview) Don’t replace the current Reporting API Extends coverage of policy events in both Office 365 and Azure Active Directory Designed primarily for use by ISVs.

  22. Data security mitigations

  23. Control which devices access your data Support for devices with iOS 7+, Android 4+ Enforce device policy - security, no jailbrake, encryption Supports selective or full device remote wipe.

  24. Extend your protection using EMS Managed iOS/Android apps deployed via Intune Company Portal Blocks copy / paste of content into other apps Includes desktop/laptop management.

  25. Data Leakage Protection Available for Exchange Online, SharePoint Online and OneDrive for Business Access via Compliance Centerin admin portal Australian-centric rules are available for use Rolling out now to tenants.

  26. OneDrive for Business Domain Join Avoid data leakage onto totally unmanaged devices Supports multiple AD directories Relatively new feature – some restrictions: Doesn’t block mobile clients Mac clients are blocked No retrospective file deletion of remote devices.

  27. Next steps (for you)

  28. Key takeaways Office 365 has a strong default security stance Pre-purchase: refer to the five pillars and leverage Trust Center Already using: strengthen admin access with use of roles and MFA leverage DLP and other configurations to increase consider EMS upgrade to access advanced features.

  29. Questions?

  30. Please do an evaluation! James Lewis james.lewis@kloud.com.au @jimmy_lewis Sydney Office 365 User Group Simon Waight simon.waight@kloud.com.au @simonwaight Sydney Azure User Group http://blog.kloud.com.au/

  31. Complete your session evaluation on My Ignite for your chance to win one of many daily prizes.

  32. Continue your Ignite learning path Visit Microsoft Virtual Academy for free online training visit https://www.microsoftvirtualacademy.com Visit Channel 9 to access a wide range of Microsoft training and event recordings https://channel9.msdn.com/ Head to the TechNet Eval Centre to download trials of the latest Microsoft products http://Microsoft.com/en-us/evalcenter/

More Related