Protect your organization against external threats (Security) Last updated 10/23/2017 Unlocks creativity Built for teamwork Intelligent security Integrated for simplicity Protect your organization against external threats (Security) CISO CIO VP of Sales VP of Human Resources Chief Legal Officer Buyers Key customer concerns Gaining visibility into attacks is difficult, but the threat of a costly data breach is high Putting data in the cloud may make us less protected Protecting users’ personal mobile devices seems out of the question Managing multiple security products from multiple vendors is difficult and time-consuming, plus it could put us at a higher security risk Product value Customer value Identity and Access Management (site)- Protect users’ identities and control access to valuable resources based on user risk level Protect users’ identities with Multi-Factor Authentication; plus Identity Protection† (Azure AD Premium) Control access to resources; plus Privileged Identity Management† (Azure AD Premium) Login faster and more securely (Windows Hello) Prevent Pass-the-Hash attacks (Windows Defender Credential Guard) by protecting single sign-in tokens Thwart advanced threats and protect identity, apps, data, and devices Protection against new threats - Protect, detect, and respond to malware; prevent data leaks and safeguard your data. Plus, use machine learning that intelligently protects against sophisticated threats.† Comprehensive and integrated - Instead of piecing together multiple products, Microsoft provides security capabilities that are built in and not bolted on. Productive end-user experiences - Holistic, end-to-end approach doesn’t interfere with user experience. Information Protection (site)- Ensure documents and emails are seen only by authorized people Detect and prevent data leakage, restrict unauthorized data sharing – encryption, labeling, distribution, enforcement (Office 365 Data Loss Prevention, Azure Information Protection, Windows Information Protection, Office 365 Message Encryption) Classify and retain data – eDiscovery; plus selective retention† (Advanced Data Governance) and Advanced eDiscovery† Protect data on lost and stolen devices (BitLocker) Monitor and manage device and applications on mobile devices (Intune) Threat Protection (site)- Protect against advanced threats and recover quickly when attacked Block malicious links and attachments† (Office 365 ATP); protect from malicious websites (Windows Defender SmartScreen); protect devices† (Windows Defender ATP); prevent malware from running (Windows Defender AV) Identify anomalous user behavior (ATA, CAS†); isolate potential threats (Windows Defender Application Guard) Post-breach detection and automated response (Azure Security Center, ATA, CAS†) Security Management (site)- Gain visibility and control over security tools Security Center (Azure Security Center, Microsoft 365 Security and Compliance Center) Discover apps in an organization: all SaaS applications† (CAS) Endpoint security management† (Windows Defender ATP) DIFFERENTIATOR Powered by the Microsoft Intelligent Security Graph, Microsoft 365 offers unique intelligence plus a holistic approach to security †Microsoft 365 E5 required. Offer Prioritization Description Compelling Events Microsoft 365 E3 Built-in security capabilities that seamlessly protect user’s identity, devices, documents, and emails with encryption and access control based on policies set by your IT team Security breach event End of Life for Office 2010 & Win 7 Cloud adoption Regulatory requirements e.g. GDPR Renewals Microsoft 365 E5 Builds on Microsoft 365 E3 and adds advanced threat detection, intelligence and quick remediation against sophisticated cyber attacks using Microsoft’s industry leading cyber security expertise based on machine learning and heuristics Offer guidance VDW scenarios Protect your information and reduce risk of data loss. Detect and protect against external threats—Monitor, report and analyze activity to react promptly to provide organizational security. Protect your users and their accounts. Work securely from anywhere, anytime on any device to achieve more while maintaining a flexible workstyle. CONFIDENTIAL. Distribution Only to Partners Under Nondisclosure. © 2017 Microsoft. All rights reserved.

Protect your organization against external threats Sales Playcard – Security | Partner Version Protect your organization against external threats Steps to sell Understand the CISO’s concerns with the cloud. Present the Microsoft 365 vision in context of the cross- company Microsoft Secure* story. Demonstrate the Microsoft 365 security capabilities that address the most common concerns. Use Business Value tools aligned to each sales stage. Deliver a high quality Customer Success Plan. Discovery questions: What are your security concerns? Can you quickly identify suspicious activities and attacks? How do you secure platforms and devices, especially for mobile workers? How do you maintain visibility, control, and protection of your applications? DISCOVER ENVISION VALIDATE COMMIT ONBOARD REALIZE VALUE Microsoft 365 Partner Portal 7 Ways O365 Prioritizes Security & Compliance eBook Mechanics GEP Value Discovery Workshop Demo assets: security and threat CIE Value Calculator Customer Evidence Offers & Incentives* Battlecards FastTrack and FastTrack Assets Microsoft 365 Partner Portal Deployment program Productivity Library *NOTE: Engage with your Territory Channel Manager for more information Have all-up security discussion– With Microsoft 365 E5, security is built into the platform Get the right team– Engage your TSP 1) Use ATP (make sure EOP is configured optimally or it affects results) 2) Use Azure AD for multi-factor authentication 3) Turn on Azure Security Center. Engage the CISO– Security can remain the key blocker for the cloud until the CISO and CIO are convinced that the cloud can be more secure than on-premises. Whiteboard the security story– The story for identity, mobile device management, email, and cyber attacks is more effectively told via whiteboard instead of PPTs. Perform cost justification– E5 uplift cost is often less than the standalone cost of the security components needed or the third-party products they’d replace. After identifying current, planned security products, use the Value Calculator. Emphasize Intelligent Security Graph– With Microsoft being pervasive, it has unique insights from billions of emails analyzed, user authentications, device protection, and web pages. Best practices Dow Chemical – “We’re using Microsoft 365 to support a workplace culture that fosters the creativity and teamwork that we need to make our strategies a success—while protecting our environment with intelligent security solutions.” –Mario Ferket, IT engineering director, Dow Chemical How to tailor the conversation Situation Talk to… (Role) Focus on helping the customer understand… Financial Services CISO Microsoft has information protection and data loss prevention capabilities that help prevent sensitive financial and customer data from leaking.  Government, Defense CISO, Leader Microsoft has offerings designed for the unique security needs of government and defense organizations, such as data location requirements. Customer lockbox can help satisfy some requirements for special security clearance. Healthcare Microsoft has information protection and data loss prevention capabilities that help prevent sensitive financial and patient data from leaking.  Retail The cloud can provide better security than many retailers can provide with on- premises solutions. Data protection capabilities can help protect customer data. CONFIDENTIAL. Distribution Only to Partners Under Nondisclosure. © 2017 Microsoft. All rights reserved.