Securing Privileged Identities Joseph Dadzie, Principal PM Manager, Microsoft 2016 Redmond Summit | Identity Without Boundaries May 26, 2016 James Cowling,

Slides:



Advertisements
Similar presentations
Attie Naude 14 May 2013 Windows Azure Mobile Services.
Advertisements

Common Question Who can benefit from Cloud? Every enterprise today can benefit from Cloud.
Notes: Update as of 1/13/2010. Vulnerabilities are included for SQL Server 2000, SQL Server 2005, SQL Server Oracle (8i, 9i, 9iR2, 10g, 10gR2,11g),
Power BI Sites and Mobile BI. What You Will Learn Sharing and Collaboration Introducing Power BI Exploring Power BI Features and Services Partner Opportunities.
Audit Issues regarding Passwords on Elevated Privilege Accounts Gene Scheckel Global Internal Audit.
Deploying and Managing Active Directory Certificate Services
Continually improving products and services to protect against cyber-attacks targeting administration First in Windows Server, and Active Directory......Next.
Security Controls – What Works
Understanding Active Directory
Notes: Update as of 12/31/2010 inclusive. Chart counts NIST CVE – Reported Software Flaws by “published” date, utilizing the NIST NVD. SQL Server.
Introduction To Windows NT ® Server And Internet Information Server.
4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.
Pre-adoption concern 60% cited concerns around data security as a barrier to adoption 45% concerned that the cloud would result in a lack of data control.
Network security policy: best practices
Christopher Chapman | MCT Content PM, Microsoft Learning, PDG Planning, Microsoft.
Understanding Active Directory
1 Continuous Monitoring Proprietary Information of SecureInfo ® Corporation © 2011 All Rights Reserved.
Module 8: Implementing Administrative Templates and Audit Policy.
Cracking Windows Access Control Andrey Kolishchak Hack.lu 2007.
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
A Product of Copyright © ANGLER Technologies AURA – Quality Compliance Monitoring & Process Management System.
Overview of Access and Information Protection
NUAGA May 22,  IT Specialist, Utah Department of Technology Services (DTS)  Assigned to Department of Alcoholic Beverage Control  PCI Professional.
Inventory Management & Administration System Tourism suite What is the PCI DSS? The PCI DSS stands for Payment Card Industry Data Security Standard.
Christopher Chapman | MCT Content PM, Microsoft Learning, PDG Planning, Microsoft.
Hands-On Microsoft Windows Server 2008
Hands-On Microsoft Windows Server Security Enhancements in Windows Server 2008 Windows Server 2008 was created to emphasize security –Reduced attack.
Designing Group Security Designing security groups Designing user rights.
Planning a Microsoft Windows 2000 Administrative Structure Designing default administrative group membership Designing custom administrative groups local.
Version 2.0 for Office 365. Day 1 Administering Office 365 Day 2 Administering Office 365 Office 365 Overview & InfrastructureAdministering Lync Online.
Module 3 Creating Groups and Organizational Units.
Building a Fully Trusted Authentication Environment
James Lewis and Simon Waight Office 365 security: everywhere you need it to be PRD33 1.
Privileged Access Management (PAM) with MIM 2016
Brandon Traffanstedt Systems Engineer - Southeast
Module 10: Implementing Administrative Templates and Audit Policy.
Module 7: Designing Security for Accounts and Services.
OTech CalCloud Security General 1  Meets the operational and compliance requirements of the State  SAM/SIMM  NIST  FedRAMP v2  Other necessary regulatory.
Copyright © New Signature Who we are: Focused on consistently delivering great customer experiences. What we do: We help you transform your business.
Security. Audit. Compliance.
Microsoft Identity Manager 2016 Handbook
By: Matt Winkeler.  PCI – Payment Card Industry  DSS – Data Security Standard  PAN – Primary Account Number.
Hybrid Identity Deep dive Ross Adams 2016 Redmond Summit | Identity Without Boundaries May 25 th 2016 Azure AD
The Payment Card Industry Data Security Standard (PCI DSS) is a proprietary information security standard for organizations that handle branded credit.
MIM/PAM Case Study Dean Guenther IAM Manager Washington State University May 2016 Copyright 2016, Washington State University.
Windows Active Directory – What is it? Definition - Active Directory is a centralized and standardized system that automates network management of user.
Azure Active Directory Uday Hegde 2016 Redmond Summit | Identity Without Boundaries May 26, 2016 Group Program Manager, Azure AD
James Cowling MIM Privileged Access Management.
Protect your data Enable your users Desktop Virtualization Information protection Mobile device & application management Identity and Access Management.
Protect your data Enable your users Desktop Virtualization Information protection Mobile device & application management Identity and Access Management.
Follow OCG Learning Twitter Facebook LinkedIn
Implementing and Managing Azure Multi-factor Authentication
Managing User and Service Accounts
Identity and Access Management
Security. Audit. Compliance.
Rights Management Services (RMS)
Identity Driven Security
Real Microsoft Exam Questions and Answers
11/15/2018 3:42 AM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
Running a Tight Ship: Controlling Microsoft Teams
Security. Audit. Compliance.
Protecting your data with Azure AD
BACHELOR’S THESIS DEFENSE
BACHELOR’S THESIS DEFENSE
4/9/2019 5:05 AM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS.
4/9/ :42 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
Use this presentation with Section 2 of the Deployment Workbook.
Microsoft Data Insights Summit
SharePoint Server Assessment Results
Presentation transcript:

Securing Privileged Identities Joseph Dadzie, Principal PM Manager, Microsoft 2016 Redmond Summit | Identity Without Boundaries May 26, 2016 James Cowling, CTO, Oxford Computer Group

Administrator privileges will be compromised: social engineering, bribery, private initiative 50 years ago we gave the administrator the keys to the kingdom; we can’t just take it away All the commonplace attacks exploit privileged accounts: Stolen admin credentials Insiders Malicious service provider staff 

Capability and time needed Result = limited in time & capability

Secure Privileged Access: On-Premises MIM 2016 PAM

1 2 3

X

PAM Demo Microsoft Identity Manager 2016

Complete list of cmdlets at:

Azure AD Privileged Identity Management

DEMO Azure AD Privileged Identity Management

Global adoption (over 40 countries) Increasing customer usage (weekly) Data from a Preview Customer

-Upcoming Update Microsoft Identity Manager 2016

JIT groups for Priv domain PAM PowerShell Deployment requests and approvals with Exchange Online Customer Reported Bug Fixes Hardened Security Updated Platform Support Cross Browser Support

2016 Redmond Summit Sponsors

Thank you!

Just In Time Administration Compliance Mapping JIT Security and Compliance Capability ISO 27001: 2013PCI DSS 3.1FedRAMP; NIST Revision 4 Controlling Logical Access Privileges and Implementing Least Privilege Access A.9.1 – Business requirement of access control A – Access to networks and network services A – User access provisioning A – Management of privileged access rights A – Information access restriction A – Access control to program source code 7.1 – System components and cardholder data access restricted to job-based needs – User ID access based on least privileges – Assigning access to job function and classification – Documented approval of access privileges – Assigning privileges to job function and classification – Default “deny-all” setting – Administer user accounts – Monitor and control all access to data AC-2 – Account Management AC-3 – Access Enforcement AC-6 – Least Privilege AC-6 (1) – Authorize Access to Security Functions AC-6 (2) – Non-Privileged Access for Non-Security Functions AC-6 (5) – Privileged Accounts AU-9 (4) – Audit Access by Subset of Privileged Users CM-5 – Access Restrictions for Change CM-5 (1) – Automated Access Enforcement CM-5 (5) – Limit Production / Operational Privileges Access Logging / Monitoring / Auditing A – Event logging A – Administrator and operator logs – Logging actions by root privileges individual – User changes logging AC-2 – Account Management AC-2 (4) – Automated Audit Actions AC-2 (12) – Account Monitoring AC-6 (9) – Auditing Use of Privileged Functions AU-2 – Audit Events AU-12 – Audit Generation CM-5 (1) – Automated Access Enforcement

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.