9/5/2018 8:22 PM The Microsoft information protection strategy across EMS, Office 365, and Windows © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Challenges affecting information protection 9/5/2018 Challenges affecting information protection Employees use both corporate and personal applications Data protection may get in the way of productivity Data is stored in various locations Compliance rules are complex and always evolving Employees use multiple devices Cybersecurity is a top concern © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
The landscape IT Users Devices Apps Data Employees Customers Business partners
Protect your corporate assets How do you empower users and enable collaboration while still protecting corporate assets? Empower your users SaaS Azure Office 365 Simplify and protect access Cloud Storage Prevent leaks and allow collaboration Stop external threats Stay compliant Cloud Storage Enable collaboration Other employees Business partners Customers
75%+ 80%+ 59% The end of the secure perimeter 9/5/2018 8:22 PM The end of the secure perimeter 80%+ of employees admit to using unapproved software-as-a- service (SaaS) applications in their jobs 59% of organizations are projected to start some kind of BYOD initiative this year 75%+ of all network intrusions are due to compromised user credentials © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Simplify and protect access 9/5/2018 Simplify and protect access Simplify app access with integrated identities and single sign-on Additional layer of security with Azure Multi-Factor Authentication Protect app access with device compliance and conditional access © 2015 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Identity and access management Build 2012 9/5/2018 Identity and access management Simple connection Self-service Single sign-on ••••••••••• Username Other Directories Windows Server Active Directory On premises Cloud SaaS Azure Office 365 Public cloud Microsoft Azure Active Directory
Mobile device compliance and conditional access User SharePoint Online Exchange SharePoint Online Exchange Policy compliance verification User User Device management Device compliance Measured boot integrity status (Windows PPCH) Policy verification Advanced device compliance (antivirus, firewall, patch state, etc.) Device enrolled IT Microsoft Intune Microsoft Intune Microsoft Intune Windows Provable PC Health (PPCH) IT
Azure Multi-Factor Authentication MFA is A trusted additional method of authentication that offers more security with a phone call, app, or SMS MFA prevents Unauthorized access to on-premises and cloud apps with additional authentication required MFA offers Very flexible enforcement with user, device, or per app to reduce compliance risks
Even better protection with Windows 10 Azure AD Join and MDM auto-enrollment Enhanced conditional access Microsoft Passport
58% 90% 600M 61% Collaboration is changing the game 9/5/2018 8:22 PM Collaboration is changing the game 58% of workers have accidently sent sensitive information to the wrong person 600M Records breached (known) from April 2005 to Dec 2012 90% of data leakages can be traced back to user behavior 61% of workers mix personal and work tasks © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Prevent leaks and allow collaboration Separation of data at app and device level Detect, monitor, and protect sensitive data Allow secure sharing of information
Separate corporate and personal data Configure and manage EDP policies with Intune and Azure Rights Management Control app access to corporate data and prevent copy and paste-related data leaks Protect data at rest and in motion* Separate at the app level Corporate versus personal data identifiable wherever it rests on the device MAM and data protection capabilities built into the platform Protect data at rest and in motion* Separate at the platform level Microsoft Intune & Office Mobile Apps Enterprise Data Protection Apply policies User File share Save Save Personal storage Share files and enforce policies Corporate network * Some roaming scenarios use Azure Right Management
Mobile application management Personal apps Managed apps Personal apps Managed apps Corporate data Personal Multi-identity policy User IT Maximize mobile productivity and protect corporate resources with Office mobile apps—including multi-identity support Extend these capabilities to your existing line-of-business apps using the Intune App Wrapping Tool Enable secure viewing of content using the Managed Browser, PDF Viewer, AV Player, and Image Viewer apps
Data Loss Prevention in Office 365 1. Email, Outlook, OWA 2. SharePoint, OneDrive for Business 3. Office 2016, Word, Excel, PowerPoint Greatly enhanced security capabilities while retaining rich Office productivity experience Identify, monitor, and protect sensitive information as they move in the organization Educate and empower your users while they work on sensitive content
DLP system walkthrough 9/5/2018 8:22 PM DLP system walkthrough Configuration Policy application Admin DLP policy configuration Audit content aggregation Backend policy evaluation Centralized policy store Contextual policy education Policy distribution across workloads Information workers © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Wide range of actions available to control data sharing 9/5/2018 8:22 PM Wide range of actions available to control data sharing Override Append Configure data protection policies Review Encrypt Classify Redirect Use policy templates for protecting emails Alert Block Transport rules Azure Rights Management Office 365 Message Encryption © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Authentication and collaboration Build 2012 9/5/2018 Share protected Data encryption Document tracking Access control Azure Active Directory Azure Rights Management Share internally Share externally Authentication and collaboration z On any device
Demo
$500B 200+ $3.5M Attacks are getting more sophisticated The median number of days that attackers reside within a victim’s network before detection $500B The total potential cost of cybercrime for the global economy $3.5M The average cost of a data breach for a company The frequency and sophistication of cybersecurity attacks are increasing
Stop external threats Stop malicious codes Protect against identity theft Detect and block threats
Prevent attacks with an end-to-end defense and in-depth approach 9/5/2018 8:22 PM Prevent attacks with an end-to-end defense and in-depth approach Prevent attacks Detect and respond to potential attacks EOP/ATP SmartScreen Prevent via email/web browsing with Exchange Online Protection/Advanced Threat Protection Prevent with Windows SmartScreen technology, end- point security services, such as app control, antivirus, and vulnerability migration Run insights on compromises with ATA and Azure AD to detect compromises and Malicious link tracking © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Strong Perimeter Strong interior Block Unknown Malware 9/5/2018 8:22 PM Strong Perimeter Exchange Online Protection Exchange Online Advanced Threat Protection SmartScreen Block Unknown Malware Time-of-click protection URL tracking and reporting Block spam Block known malware Block malicious links on browser Strong interior Device guard Enables a Windows desktop to be locked down to only run trusted apps, just like many mobile OS’s (e.g. Windows Phone) Resistant to tampering by an administrator or malware © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Detect attacks Digital crime units monitoring the dark web Azure Active Directory telemetry Event logs and SIEM
Windows Server Management Marketing 9/5/2018 Monitor and respond Built-in security features Security reporting that tracks inconsistent access patterns, analytics, and alerts Reporting API © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Microsoft Advanced Threat Analytics Forensics for known attacks and issues Advanced Threat Analytics Behavioral Analytics ATA Devices and servers SIEM Active Directory Active Directory Profile normal entity behavior (normal vs. abnormal) Search for known security attacks & issues Detect suspicious user activities, known attacks, and issues
Demo
147 90% $1M Industry regulations and standards are evolving U.S. corporations currently engaged in litigation 147 Average number of active lawsuits for companies larger than $1 billion $1M Average per case cost of eDiscovery
Stay compliant Analytics for eDiscovery Legal hold 9/5/2018 8:22 PM Stay compliant Analytics for eDiscovery Legal hold Archiving and retention © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Microsoft vision for compliance Discover and act on risk Productivity first Educate and empower end users to be compliant without affecting productivity Bring your own device Get compliant fast Built-in features Deliver rich, low-cost compliance via built-in features Educate and empower people Operate across suites Easily apply consistent compliance controls, reports, and UX across Office 365
Office 365 compliance investment areas Integrated tools to help you import, store, preserve, and expire data Office 365 Archiving IN-PLACE No need to maintain a separate, duplicate store UNIFIED Unified policy across Exchange, SharePoint, and Skype for Business EXTENSIBLE Migrated data from third-party stores and with more formats Broad and deep service insights and forensics about customer data Office 365 Auditing CENTRALIZED Tenant-based Office 365 wide experiences, no silos CONSISTENT Logging across SharePoint, Exchange, OneDrive for Business, and Azure COMPLETE One API to extract audit data out of Office 365 Office 365 eDiscovery IN-Place Hold Retain content in place, in real time Search, analytics and export Find up-to-date and relevant content quickly and export for review Unified SharePoint, Skype for Business, and OneDrive for Business and Exchange Applies machine learning to enable users to explore large, unstructured sets of data in order to quickly find what is relevant Equivio Analytics THEMATIC ANALYSIS Clustering technology to identify data relationships; reducing data sent for review PREDICTIVE CODING Trains the system to identify relevant documents EMAIL THREADING Reconstruct email threads from unstructured data
Security and compliance signals ISVs Security and compliance signals Users Security Report/dashboards Activity API Admins Engagement Compliance Microsoft Operations Showcase partner solutions available today—learn more in this blog Interested customers and partners sign up here for Private Preview starts this Summer
What we’ve learned about information protection Simplify and protect access Simplify app access with integrated identities and SSO Additional layer of security with MFA Allow secure sharing of information Allow collaboration while preventing data loss Separation of data at app and device level Detect, monitor, and protect sensitive data Allow secure sharing of information Stop external threats Stop malicious codes Prevent identity theft Detect and block threats Stay compliant Analytics for eDiscovery Legal hold Archiving and retention
Microsoft solutions can help you stay protected SaaS Azure Office 365 Simplify and protect access Cloud Storage Prevent leaks and allow collaboration Stop external threats Stay compliant Cloud Storage Empower your users Enable collaboration Other employees Business partners Enterprise Mobility Suite Customers
Next steps To explore To do Q&A Try Enterprise Mobility now 9/5/2018 8:22 PM Next steps To explore Try Enterprise Mobility now http://www.microsoft.com/ems TechNet @ http://technet.microsoft.com/ MSDN @ http://www.msdn.com/ To do Rate the session Q&A Accelerate your journey to the cloud with integrated identity © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
9/5/2018 8:22 PM © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.