Transcript Deliver compliance with Skype for Business Online

BRK2089
Current Role:
Group Product Manager – Trust
Past Roles:
Principal Service Engineering Manager SfB Online
UC Cloud Architect for Enterprise Cloud (BPOS-D)
MSIT Architect for Live Communication Server
Network Security Engineer for MSN
Group Product Manager
Skype for Business
https://www.linkedin.com/in/danielstrader
Limited set of pre-defined policies with
limited compliance flexibility
Custom Policies provide the granularity
needed to deliver a customized compliance
and security experience for users
High overlap with on-premise deployments
Enhanced
compliance
controls for
Online
Example
New-CsConferencingPolicy |
select identity
Fine grained policy
for meeting evolving
compliance needs in
the cloud
• Tenant Level
Global
Location
User
• Conferencing Policy
• Client Policy
• External Access Policy
• Country Level
• Dial Plan
• PSTN Conference Policy
• User Level
• Conferencing Policy
• Client Policy
• External Access Policy
NOAM DATA
CENTERS
EMEA DATA
CENTERS
APAC DATA
CENTERS
Host Online Meetings in the same region as the meeting organizer
Reduce time spent on public internet
http://aka.ms/skypeModernAuth
Office 365 Trust
Built-in capabilities and flexible customer controls
Security
Best-in-class security
• Physical and data security with access control, encryption and strong authentication
• Security best practices like penetration testing, defense-in-depth to protect against cyber-threats
• Unique customer controls with Rights Management Services to empower customers to protect information
Compliance
Privacy
Commitment to compliance
•
Enable customers to meet global compliance standards in ISO 27001, EUMC, HIPAA, FISMA
•
Contractually commit to privacy, security and handling of customer data through Data Processing Agreements
•
Admin Controls like, Legal Hold, E-Discovery to enable organizational compliance
Privacy by design
•
No mining of data for advertising, commitment to use customers’ information only to provide services
•
Transparency with the location of customer data, who has access and under what circumstances
•
Privacy controls to regulate sharing of sites, libraries, folders and communications with external parties
Data
Threat and vulnerability management, monitoring, and response
Access control and monitoring, file/data integrity, encryption
User
Account management, training and awareness, screening
Application
Secure engineering (SDL), access control and monitoring, anti-malware
Host
Access control and monitoring, anti-malware, patch and
configuration management
Internal network
Dual-factor authentication, intrusion detection, vulnerability
scanning
Network perimeter
Facility
Edge routers, intrusion detection, vulnerability scanning
Physical controls, video surveillance, access control
https://products.office.com/enus/business/office-365-trustcenter-welcome
http://aka.ms/E5Trial
Microsoft Cloud for Government Office 365 U.S. Government Trial
Split Domain
Cloud Connectivity
Support for Exchange Online and Exchange Server
From Inside the Cloud Series – Security and Compliance
http://aka.ms/sfbcommunity
http://fasttrack.microsoft.com/
http://techcommunity.microsoft.com
http://myignite.microsoft.com
https://aka.ms/ignite.mobileapp