Extending classification ,labeling , and protection to 3rd party applications Kartik Kanakasabesan @ Microsoft Tony Themelis @ Digital Guardian Amit Cohen @ Varonis

Microsoft’s information protection solutions help you protect sensitive data throughout the lifecycle – across devices, apps, cloud services and on-premises

Microsoft’s information protection solutions 8/27/2018 6:02 PM Microsoft’s information protection solutions Comprehensive protection of sensitive data across devices, cloud services and on-premises environments Devices OFFICE 365 CLOUD SERVICES, SaaS APPs & ON-PREMISES PCs, tablets, mobile Exchange Online, SharePoint Online & OneDrive for Business Highly regulated Azure 3rd-Party SaaS Datacenters, file shares Windows Information Protection & BitLocker for Windows 10 Office 365 DLP Office 365 Advanced Data Governance Intune MDM & MAM for iOS & Android Azure Information Protection Microsoft Cloud App Security © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Microsoft’s approach to information protection 8/27/2018 6:02 PM Microsoft’s approach to information protection Comprehensive protection of sensitive data throughout the lifecycle – across devices, apps, cloud services and on-premises Detect Classify Protect Monitor Devices cloud On premises © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

MICROSOFT’S INFORMATION PROTECTION TECHNOLOGIES AZURE INFORMATION PROTECTION Classify, label & protect files – beyond Office 365, including on-prem & hybrid MICROSOFT CLOUD APP SECURITY Visibility into 15k+ cloud apps, data access & usage, potential abuse DETECT OFFICE 365 DLP Prevent data loss across Exchange Online, SharePoint Online, OneDrive for Business OFFICE 365 ADVANCED SECURITY MANAGEMENT Visibility into Office 365 app usage and potential data abuse ISV PARTNER APPLICATIONS Enable ISVs to consume labels, apply protection MICROSOFT’S INFORMATION PROTECTION TECHNOLOGIES MONITOR CLASSIFY WINDOWS INFORMATION PROTECTION Separate personal vs. work data on Windows 10 devices and prevent work data from traveling to non-work locations OFFICE APPS Protect sensitive information while working in Excel, Word, PowerPoint, Outlook MESSAGE ENCRYPTION Send encrypted emails in Office 365 to anyone – inside or outside of the company PROTECT OFFICE 365 ADVANCED DATA GOVERNANCE Apply retention and deletion policies to sensitive and important data in Office 365 CONDITIONAL ACCESS Control access to files based on policy, such as identity, machine configuration, geo location SHAREPOINT & GROUPS Protect files in libraries and lists

INFORMATION PROTECTION INTEGRATION Working towards deeper integration across classification, labeling & protection (CLP) GOALS: Cover all organizational data, across Microsoft and Partner environments Consistency across all common end points, applications and services Native integration into apps and services to help maintain productivity Unified policies across workloads, services

Information Protection Ecosystem Congruity Cross platform and Simplified SDK Classification and Protection in a single SDK Light weight and robust Compatible with Microsoft Information Protection Solutions and ADRMS

Information Protection Ecosystem Congruity Source available publicly + Or + Getting developers to build Information Protection solutions faster

MICROSOFT’S INFORMATION PROTECTION TECHNOLOGIES Persistence across various Partner solutions SECURE PRINTING END POINT DLP SOLUTIONS DETECT E-DISCOVERY SOLUTIONS EMAIL GATEWAY SERVICES MOBILE DEVICE MANAGEMENT MICROSOFT’S INFORMATION PROTECTION TECHNOLOGIES MONITOR CLASSIFY CLOUD APPLICATION SECURITY BROKERS MOBILE APPLICATION MANAGEMENT ENTERPRISE FILE SHARING SERVICES PROTECT DLP APPLIANCES NATIVE APPLICATION INTEGRATIONS DATA GOVERNANCE SOLUTIONS

Featured Partners One of the largest Enterprise DLP providers One of the largest Data Security Platform providers

Digital Guardian Data Protection Platform and Azure Information Protection Tony Themelis @ Digital Guardian

A Recognized Leader. Just ask Gartner. Digital Guardian is the only Enterprise Data Loss Prevention Gartner MQ Leader exclusively focused on data protection. Magic Quadrant Leader

The Convergence of DLP & EDR WELCOME TO The Convergence of DLP & EDR DETECT & REMEDIATE EXTERNAL THREATS STOP DATA THEFT BY INSIDERS & OUTSIDERS

The DG Data Protection Platform Discovery Data Classification Data Loss Prevention Cloud Data Protection Endpoint Detection & Response SOLUTIONS DG Agent(s) DG Appliance DIGITAL GUARDIAN PLATFORM DG Analytics & Reporting Cloud DG Management Console

Digital Guardian – Demo Video 8/27/2018 6:02 PM Digital Guardian – Demo Video We will show a user interacting with two files A sensitive file downloaded from OneDrive for Business A non-sensitive file received by webmail The user copies both files to a Box Sync folder DG automatically applies AIP protection on the sensitive file only The user then sends both files by email DG recognizes an unauthorized leakage and warns the user User cancels the email, and removes the offending file © 2017 Microsoft Corporation. All rights reserved. © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

AIP and DG: Working with Labels and Protection Trusted Knowledge workers Users Classify Files Workers not authorized to classify The DLP System Classifies Files Hybrid Both DLP System and User classification

Varonis Data Security Platform & Microsoft Azure Information Protection Amit Cohen @ Varonis

It’s All About the Data We know where our sensitive data lives Sustain a secure state without manual effort Only the right people have access Cyber threats are detected and stopped

Finding sensitive data can be hard

Classification Made Easy Out of the box identifiers, find sensitive data right away GDPR – Personal information, per country, for the entire 28 EU countries HIPAA – Medical terms, Medical conditions, etc. PCI – credit card numbers Possible graphics: Icons which represent the patterns categories we have… Regulation logos OUT OF THE BOX IDENTIFIERS, FIND SENSITIVE DATA RIGHT AWAY 360 built-in Identifiers! Addresses, Banking data… SSN, National IDs, Driver’s license… Cyber Threat Detection Active Directory Monitoring Classification Labels Automatic Quarantining Data Least Privilege Enforcement Data Access Governance User Behavior Analytics Not sure it will be used

Classification Made Easy Out of the box identifiers, find sensitive data right away GDPR – Personal information, per country, for the entire 28 EU countries HIPAA – Medical terms, Medical conditions, etc. PCI – credit card numbers Possible graphics: Icons which represent the patterns categories we have… Regulation logos OUT OF THE BOX IDENTIFIERS, FIND SENSITIVE DATA RIGHT AWAY HIPAA Medical terms, Medical conditions, etc. GDPR Personal information, per country, for the entire 28 EU countries Cyber Threat Detection Active Directory Monitoring Classification Labels Automatic Quarantining Data Least Privilege Enforcement Data Access Governance User Behavior Analytics PCI Credit card numbers Not sure it will be used And much more…

Labeling and Protection Enforce Policies Secured Persistent

The Best of Both Worlds Automatic Manual

Leveraging Security with Classification Labels Alert on misbehavior Ensure least privilege Meet compliance requirements

Even Stronger Together Cyber Threat Detection Active Directory Monitoring Data Access Governance Automatic Quarantining Data Classification Least Privilege Enforcement File & Email User Behavior Analytics Persistent Enforce Policies Secured

Success! Thank You

Information Protection related sessions Date / Time Keep what you need and don’t horde everything with intelligent data governance in Office 365 Tues, 9:00am-10:15am Protecting complete data lifecycle using Microsoft information protection capabilities Tues, 10:45am-12:00pm Elevating your security with Office 365 clients Tues, 4:30pm-5:45pm Discover what’s new in Azure Information Protection and learn about the roadmap and strategy Weds, 9am-10:15am Protect sensitive information with Office 365 DLP Weds, 10:20am-10:40am Accelerate Azure information protection deployment and adoption Weds, 12:30pm-1:45pm Understanding best practices in classifying sensitive data as part of your information protection strategy Weds, 2:00pm-2:45pm Deploying and managing Windows Information Protection Weds, 4:00pm-5:15pm Extending classification, labeling and protection to third-parties with Azure Information Protection Weds, 5:05pm-5:25pm Encryption key management strategies for compliance Thu, 10:15am-11am Protect your sensitive emails through encryption and rights management capabilities in Office 365 Thurs, 2:00pm-2:45pm Understanding advanced concepts in getting the most out of Office 365 Data Loss Prevention Fri, 9:00am-10:15am

8/27/2018 6:02 PM © 2017 Microsoft Corporation. All rights reserved. © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Classification Made Easy Out of the box identifiers, find sensitive data right away GDPR – Personal information, per country, for the entire 28 EU countries HIPAA – Medical terms, Medical conditions, etc. PCI – credit card numbers Possible graphics: Icons which represent the patterns categories we have… Regulation logos 360 built-in Identifiers! SSN, National IDs, Driver’s license… Addresses, Banking data… Cyber Threat Detection Active Directory Monitoring Classification Labels Automatic Quarantining Data Least Privilege Enforcement Data Access Governance User Behavior Analytics Not sure it will be used