Secure your Active Directory to mitigate risk in the cloud

Slides:

Advertisements

Similar presentations

Learn how the cloud is accelerating network transformation

Advertisements

C# and VB code-focused development with Visual Studio

2/20/2018 7:04 PM BRK1038 Meet Azure Information Protection customers and learn about their success stories Jeffrey Kalfut Strategy & Architecture Manager,

BRK1017 Taking your hybrid management and security strategy to the cloud with Operations Management Suite Jeremy Winter and Srini Chandrasekar.

Enterprise grade security in your Hadoop clusters on Azure

Microsoft Ignite /30/2018 9:28 PM BRK3174

Microsoft Ignite /27/2018 9:00 AM THR2016

Extending IT Best Practices to Microsoft Azure

Transform yourself and build your IT cloud career path

Deliver business insights with Microsoft Dynamics AX and Power BI

Examine information management in Cortana Intelligence

Develop, debug and deploy containerized applications with Docker

Build interactive data analysis environments using Apache Spark

Microsoft Ignite /2/2018 6:37 AM BRK2293

Microsoft /2/2018 3:42 PM BRK3129 Query Big Data using the Expanded T-SQL footprint with PolyBase in SQL Server 2016 Casey Karst Program Manager.

BRK3288-Discover data-driven apps that learn and adapt

Microsoft /4/2018 8:21 AM BRK3082 Build solutions and apps with Microsoft OneDrive API and Microsoft Graph API Ryan Gregg Principal Program Manger,

Windows Server* 2016 & Intel® Technologies

Conduct a successful pilot deployment of Microsoft Intune

Review the Nutanix Cloud Platform System Standard solution

Microsoft Ignite /11/2018 1:18 AM BRK4017

Use Azure Security Center to prevent, detect, and respond to threats

Microsoft /23/2018 1:11 AM BRK3180 Migrate CRM OnPremise organizations to CRM Online cloud using Dynamics Lifecycle Services (LCS) Aditya Varma Ganapathy.

Web development productivity with Visual Studio

Deep Dive into the Azure Container Service

Innovate with Microsoft BI in the enterprise

Red Hat OpenShift on Microsoft Azure

Microsoft Virtual Academy

Elastic database patterns for SaaS applications in Azure

The power of common identity across any cloud

Examine common architectures for hybrid identity

Protect sensitive information with Office 365 DLP

Microsoft Ignite /22/2018 3:27 PM BRK2121

Secure Remote Access to on-premises Web Apps using Azure AD

BRK2264 Move 13,000+ global Dynamics CRM users from on-premises to Online at Caterpillar Inc. Todd Byrne & John Finney 1 Business Unit Name Here.

Microsoft Ignite /31/ :08 AM

Master Modern PaaS for the Enterprise with Azure App Service

BRK1018 Discover how Manulife and Rackspace manage their hybrid environments today Satya Vel Principal Program Manager Operations Management Suite + System.

Easily secure your sensitive with Office 365 message encryption

Get Started with Common Data Model (CDM) and PowerApps

Microsoft Ignite /8/2018 3:50 PM BRK2112

Design Seamless Upgrades to SQL Server 2016 with Query Store

Microsoft /8/2018 4:45 PM BRK3062 BRK3062- Build smarter and scalable applications using Microsoft Azure Database Services Moshe Gutman CEO, GeoSafe.

Windows 10 Subscription Activation

Bring new levels of visibility to your datacenter with Cisco Tetration

9/14/2018 2:22 AM THR2026 Set up secure and efficient collaboration for your organization with Office 365 Joe Davies Senior Content Developer Brenda Carter.

Using AAD B2C for WordPress & Secure Deployment Scenario

Microsoft Ignite /16/2018 2:39 PM BRK3307

Add intelligence to Dynamics AX with Cortana Intelligence suite

Use server-based personal desktops in Windows Server 2016

Azure SQL Data Warehouse Scaling: Configuration and Guidance

Accelerate Your Transition from Traditional IT to the Cloud

Deploy Windows 10 Mobile for the mobile workforce

Protect your OneDrive and SharePoint files on mobile devices

Explore web development with Microsoft ASP.NET Core 1.0

Microsoft Ignite /14/ :21 AM BRK2101

Migrate to CRM Online - Tips and Tricks

Determine your role in a managed service

Dive into Predictive Maintenance using Cortana Intelligence Suite

11/17/2018 9:32 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.

Project Springfield Fuzz your code before hackers do

Microsoft Ignite /20/2018 2:21 PM

Microsoft Ignite /22/2018 3:58 PM BRK2254

Automating Windows 10 and software deployments from the Cloud

Task recorder in Dynamics AX

12/5/2018 2:50 AM How to secure your front door with real-time risk assessments of your logons Jan Ketil Skanke COO and Principal Cloud Architect CloudWay.

Learn how to use and customize the Dynamics AX interactive help system

Office 365 Secure Score: Actionable Security Analytics

Surviving identity management in a hybrid world

Discussion Panel: Windows Server MVP Panel

Presentation transcript:

Secure your Active Directory to mitigate risk in the cloud Microsoft Ignite 2016 11/17/2018 7:08 AM BRK3298 Secure your Active Directory to mitigate risk in the cloud Jieming Zhu, VP, Engineering, Dell Software Alvaro Vitta, Principal Solutions Architect, Dell Software © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Agenda Evolution of Active Directory Market Trends 11/17/2018 7:08 AM Agenda Evolution of Active Directory Market Trends Azure Active Directory and O365 Enter Hybrid Directory © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Evolution of Active Directory

Organizations have used Active Directory to authenticate since 2001 2008 Add new resource forest for security 2010 Upgrades, M&As, BYOD, security risks TODAY Future-ready Windows Infrastructure 2004 Email is now business critical 2013-TODAY Organizations begin taking the cloud seriously 2009 Server 2008R2 -new forest level 2007 Collaboration heats up 2003 2001 AD replaces NT Organizations have used Active Directory to authenticate since 2001

Market Trends

Office 365 adoption is growing rapidly 22 million consumers ( 55% YOY growth from 12.4 M) and 70 million commercial customers who have active Office 365 subscriptions. In the commercial segment, Office 365 had a 57 percent month-over-month jump in the latest 2016 quarter Year over year growth about 1 million subscribers a month adopting O365

Why do organizations move to the Office 365? Reduce infrastructure, licensing and maintenance costs eliminating on premise infrastructure and finding storage efficiencies Empower workforce to operate from anywhere from any device Increase scalability and business continuity

Office 365 and Azure Active Directory Office 365 *requires* an Azure AD instance Azure AD provides the Directory Service for Office 365 applications Azure AD integrates with on-prem AD creating a HYBRID Directory environment Azure Active Directory

Hybrid environment: Azure AD Connect Synchronization Workflow 11/17/2018 7:08 AM Hybrid environment: Azure AD Connect Synchronization Workflow © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

How important is protecting on-prem AD resources? 75% of enterprises with more than 500 employees sync their on prem. AD accounts to AzureAD/O365 (AD on prem. is authoritative)

Hybrid AD Surface attack area Microsoft Ignite 2016 Hybrid AD Surface attack area 11/17/2018 7:08 AM AD on-premises Azure AD 10 billion daily authentications 90% of companies use AD to auth 95 Million accounts under attack every day. 1.3 billion daily logons 10 million number of Azure AD tenants MS Cloud daily cyberattacks 700 million Azure AD accounts 375 million Hybrid AD accounts 500 million Active AD accounts 75% of Orgs. > 500 users synch AD-On prem. >> AAD © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Hybrid Active Directory Security challenges

Dangers and pitfalls if you don’t secure AD on-prem Hybrid Active Directory Challenges Business challenges Technical challenges Data Exfiltration Insider threats Compliance Failures Prolonged Operational Downtime Revenue loss due to downtime, loss of productivity and potentially fines No Permission Baselining No automatic remediation Lack of Detailed auditing Labor-intense/error-prone Lack of granular delegation Disjointed administration Manual DR Processes Dangers and pitfalls if you don’t secure AD on-prem

What’s the solution? Securing the weakest link in your Hybrid AD Directory

Active Directory Security Lifecycle Methodology

Continually Assess Who has access to what sensitive data and how did they get that access? Who has elevated privileged permissions in AD, servers and SQL DBs? What systems are vulnerable to security threats?

Detect and Alert How will I know if any suspicious privileged account activities have occurred? Have any changes occurred that could be significant of an insider threat? How will I know, quickly, if an intrusion has happened? Could we be under brute-force attack right now?

Remediate and Mitigate Is access control allowing those whitelisted in and blacklisted out? Do my users have the lowest level of user rights possible to do their jobs? Are my sensitive resources protected? How much time will it take me to manually remediate unauthorized changes?

Investigate and Recover How can I be sure that ‘it’ doesn’t happen again? How can I test my business continuity plan without going off line? How long will it take us to recover from an AD security incident, manually? What is my AD RTO after a disaster? Can I secure access to my DC before next time?

Hybrid Active Directory Security protects all the way around 11/17/2018 7:08 AM Hybrid Active Directory Security protects all the way around © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Secure your Active Directory to Mitigate risk Organizations moving to Office 365 have real and significant security challenges around Active Directory. On-premises AD remains the core of security even in a cloud/hybrid environment. Dell Software offers the only end to end AD Security solution in the market Don’t let your on-premises AD be your Hybrid Achilles Heel!

Thank you.

Free IT Pro resources To advance your career in cloud technology Microsoft Ignite 2016 11/17/2018 7:08 AM Free IT Pro resources To advance your career in cloud technology Plan your career path Microsoft IT Pro Career Center www.microsoft.com/itprocareercenter Cloud role mapping Expert advice on skills needed Self-paced curriculum by cloud role $300 Azure credits and extended trials Pluralsight 3 month subscription (10 courses) Phone support incident Weekly short videos and insights from Microsoft’s leaders and engineers Connect with community of peers and Microsoft experts Get started with Azure Microsoft IT Pro Cloud Essentials www.microsoft.com/itprocloudessentials Demos and how-to videos Microsoft Mechanics www.microsoft.com/mechanics Connect with peers and experts Microsoft Tech Community https://techcommunity.microsoft.com © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Please evaluate this session 11/17/2018 7:08 AM Please evaluate this session Your feedback is important to us! From your PC or Tablet visit MyIgnite at http://myignite.microsoft.com From your phone download and use the Ignite Mobile App by scanning the QR code above or visiting https://aka.ms/ignite.mobileapp © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

11/17/2018 7:08 AM © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.