Transcript Customers know where their data is stored

Office 365 security:
everywhere you need it to be
James Lewis and Simon Waight
PRD331
A bit about us…
Sydney Office 365 User Group
Sydney Azure User Group
http://blog.kloud.com.au/
“Some organizations, especially outside the U.S.,
are paying an opportunity cost by allowing
unwarranted fears about security to inhibit their
use of public cloud services.”
Gartner
Source: http://www.gartner.com/technology/reprints.do?id=1-2OEYJKW&ct=150930&st=sbzzz
Security teams: putting the “no” into “technology”.
Leadership in security, privacy & trust
No use of data for
advertising purposes.
Customers know where
their data is stored
No data mining of your
data by Microsoft.
Customers know who can
access their data and why
No co-mingling of
consumer and business
data.
Customers can stay in the
know by choosing to
receive updates regarding
changes to security, privacy
and audit information
Your data is yours and you
can take it any time
ISO 27001
Australia Certified
Cloud Services List
EU Model Clauses
HIPAA-HITECH
FERPA
FISMA
U.K. G-Cloud IL2
CJIS
24 hour monitored physical
datacenters
Logical isolation of data
between tenants
99.9% uptime
Financial guarantees
on uptime
Network segregation.
Redundancy in both
functionality as well data
Encryption at rest and
in transit
Automated monitoring and
recovery systems
Data loss prevention
24x7 on-call engineering
team available to handle
issues
Anti-virus/anti spam
Leadership in security, privacy & trust
No use of data for
advertising purposes.
Customers know where
their data is stored
No data mining of your
data by Microsoft.
Customers know who can
access their data and why
No co-mingling of
consumer and business
data.
Customers can stay in the
know by choosing to
receive updates regarding
changes to security, privacy
and audit information
Your data is yours and
you can take it any time
ISO 27001
Australia Certified
Cloud Services List
EU Model Clauses
HIPAA-HITECH
FERPA
FISMA
U.K. G-Cloud IL2
CJIS
24 hour monitored physical
datacenters
Logical isolation of data
between tenants
99.9% uptime
Financial guarantees
on uptime
Network segregation.
Redundancy in both
functionality as well data
Encryption at rest and
in transit
Automated monitoring and
recovery systems
Data loss prevention
24x7 on-call engineering
team available to handle
issues
Anti-virus/anti spam
Office 365 built-in features
Identity & Access
Management
Mobile device and app
management
Information
protection
Basic identity
management via Azure
AD
Basic mobile device
management via MDM
RMS protection via RMS
for Office 365
Single sign-on for Office 365
Device settings management
Selective wipe
Protection for content stored in
Office (on-premises or Office
365)
Basic multifactor authentication
Built into Office 365
Management Console
Access to RMS SDK
Bring Your Own Key
EMS benefits for Office 365 customers
Identity & Access
Management
Enterprise
Mobility
Suite
Mobile device and app
management
Information
protection
Azure AD for Office 365+
MDM for Office 365+
RMS for Office 365+
Single sign-on for all cloud apps
Advanced multifactor authentication
for all workloads
Self-service group management and
password reset with write back to onpremises directory
Advanced security reports
FIM (now MIM), Server + CAL
PC management
Protection for on-premises Windows
Server file shares
Mobile app management (prevent
cutting/copying/pasting/saving from
corporate apps to personal apps)
Secure content viewers
Certificate provisioning
System Center integration
Email notifications when sharing
documents
Email notifications when shared
documents are forwarded
Assessment matrix
Threat
Source
Risk Likelihood
What the threat
is.
Where the threat What is the
comes from.
chance it will
happen?
Risk Impact
Risk Rating
Risk Mitigation
What is the
impact if it does
happen?
Based on
Likelihood and
Impact assign a
rating.
What can be done
to mitigate the
residual risk?
Top five common risks
Data leakage or loss
Weak authentication
Poor separation of duties
Malware / phishing
Access from untrusted devices.
Commercial Assessments
Trust Center is your
starting point
Work with Partners or
Microsoft to get additional
answers.
Trust Portal
Admin account protection improvements
No longer just one Administrator account
Full multi-factor authentication support.
Office 365 Management APIs (preview)
Don’t replace the current Reporting API
Extends coverage of policy events in both Office 365
and Azure Active Directory
Designed primarily for use by ISVs.
Control which devices access your data
Support for devices with iOS 7+, Android 4+
Enforce device policy - security, no jailbrake, encryption
Supports selective or full device remote wipe.
Extend your protection using EMS
Managed iOS/Android apps deployed via
Intune Company Portal
Blocks copy / paste of content into other apps
Includes desktop/laptop management.
Data Leakage Protection
Available for Exchange Online, SharePoint Online
and OneDrive for Business
Access via Compliance Center in admin portal
Australian-centric rules are available for use
Rolling out now to tenants.
Please do an evaluation!
Sydney Office 365 User Group
Sydney Azure User Group
http://blog.kloud.com.au/
My Ignite
Continue your Ignite learning path
Visit Microsoft Virtual Academy for free online training visit
https://www.microsoftvirtualacademy.com
Visit Channel 9 to access a wide range of Microsoft
training and event recordings https://channel9.msdn.com/
Head to the TechNet Eval Centre to download trials of the latest
Microsoft products http://Microsoft.com/en-us/evalcenter/
© 2015 Microsoft Corporation. All rights reserved.
Microsoft, Windows and other product names are or may be registered trademarks
and/or trademarks in the U.S. and/or other countries.
MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY,
AS TO THE INFORMATION IN THIS PRESENTATION.