1 / 26

Taking steps three, two and one to Zero Trust

Taking steps three, two and one to Zero Trust. BRK2252. Alex Weinert Group Program Manager, Identity Security and Protection Microsoft. Security perimeters were simpler in the old world. The world we live in is hyper connected. THREE: Identity is the control plane.

pgeorge
Download Presentation

Taking steps three, two and one to Zero Trust

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Taking steps three, two and one to Zero Trust BRK2252 Alex Weinert Group Program Manager, Identity Security and Protection Microsoft

  2. Security perimeters were simpler in the old world

  3. The world we live in is hyper connected

  4. THREE: Identity is the control plane

  5. TWO: Assume every resource is on the open internet

  6. ONE: Never Trust. Always verify. 0…

  7. 0…

  8. Workloads People Intelligence Data Devices

  9. Azure AD Conditional Access 27Mactive users realizing benefits of Zero Trust Assumes every service is on the open internet. Addresses threat detection and prevention 300%growth in usage YoY

  10. Azure AD ADFS Conditions Controls MSA 40TB Google ID Android Allow/block access Employee & PartnerUsers and Roles Machinelearning Microsoft Cloud iOS SessionRisk MacOS 3 MicrosoftCloud App Security Limited access Windows Trusted &Compliant Devices WindowsDefender ATP Real timeEvaluation Engine Require MFA Cloud SaaS apps Geo-location Browser apps Physical &Virtual Location Force password reset Policies CorporateNetwork Client apps Effectivepolicy Client apps &Auth Method Block legacyauthentication On-premises apps ******

  11. Implementing Zero Trust Workloads People Intelligence Data Devices

  12. Verify identity Protect against compromised credentials, impersonation, and insider threats Connect all identities. Use MFA Enable SSO for all apps (SaaS and on-premises) Reduce administrator accounts and implement policies. Monitor user behavior on-premises People

  13. Managing devices Protect against infected or vulnerable devices Ensure devices are known, healthy and compliant Require endpoint threat detection and anti-malware software on all devices. Devices

  14. Managing applications Protect against risky applications Restrict access to approved mobile apps and configurations Discover apps in use in your organization Monitor and manage application sessions Workloads

  15. Protecting data Protecting data against unauthorized access and leaks Enable users to label data based on sensitivity. Apply encryption at rest and in transit. Define rules and conditions to apply labels and encryption automatically. Data

  16. Azure AD conditional access demo

  17. Leveraging Intelligence Protect against unknown or unsecured networks Block or change compromised creds MFA challenge session risk Deny access to infected devices Revoke access to documents at risk Automatically defend against emerging threats Intelligence

  18. Shared threat data from partners, researchers, and law enforcement worldwide 6.5 trillion correlated signals per day Microsoft Intelligent Security Graph 930M threats detected on devices every month OneDrive Outlook 1.2B devices scanned each month 400B emails analyzed 200+ global cloud consumer and commercialservices Microsoftaccounts Botnet data from Microsoft Digital Crimes Unit Windows Enterprise security for90%of Fortune 500 Azure 18B+ Bing web pages scanned Bing 450B monthly authentications 1.1B+ Azure user accounts Xbox Live

  19. Intelligent Cloud Stopping cyber attacks Real-world intelligence at work Local ML models, behavior-based detection algorithms, generics, heuristics Intelligent Edge Metadata-based ML models Sample analysis-based ML models Detonation-based ML models Big data analytics March 6 – Behavior-based detection algorithms blocked more than 400,000 instances of the Dofoil trojan. October 2017 – Cloud-based detonation ML models identified Bad Rabbit, protecting users 14 minutes after the first encounter. 2017 2018 February 3 – Client machine learning algorithms automatically stopped the malware attack Emotet in real time.

  20. More intelligence Increase your awareness with auditing and monitor security alerts Strengthen your credentials • MFA reduces compromise by 99.99% Attackers escape detection inside a victim’s network for a median of 101 days. (Source: FireEye) Reduce your attack surface Blocking legacy authenticationreduces compromise by 66%. Enable self-help for more predictable and complete end user security 60% of enterprises experienced social engineering attacks in 2016. (Source: Agari) Automate threat response Implementing risk policiesreduces compromise by 96%

  21. Getting the Basics Right 5 steps to secure your identity infrastructure Strengthen your credentials aka.ms/securitysteps Reduce your attack surface Automate threat response Increase your awareness with auditing and monitor security alerts Enable self-help for more predictable and complete end user security aka.ms/securitysteps

  22. Making Zero Trust easy demo

  23. HAPPYLANDINGS!

  24. Thank you. • aka.ms/identity

  25. Please evaluate this sessionYour feedback is important to us! Please evaluate this session through MyEvaluations on the mobile appor website. Download the app:https://aka.ms/ignite.mobileApp Go to the website: https://myignite.techcommunity.microsoft.com/evaluations

More Related