In the attack index…what number is your Company?

Slides:

Advertisements

Similar presentations

Incident Response Managing Security at Microsoft Published: April 2004.

Advertisements

Security Controls – What Works

Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Qualitative.

Challenges in the Enterprise Sunjeev Pandey Sr. Director - GTS Microsoft IT.

Windows XP Professional Deployment and Support Microsoft IT Shares Its Experiences Published: May 2002 (Revised October 2004)

Smart Card Deployment David Gautrey IT Manager – Microsoft New Zealaand Microsoft Corporation.

Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

© Centrify Corporation. All Rights Reserved. Unified Identity Management across Data Center, Cloud and Mobile.

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Telenet for Business Mobile & Security? Brice Mees Security Services Operations Manager.

Partnering For Profitability Growing your business with Microsoft Forefront Security Solutions Mark Hassall Director Security & Access BG Microsoft Corporation.

Enterprise Computing Community June , 2010February 27, Information Security Industry View Linda Betz IBM Director IT Policy and Information.

1. Windows Vista Enterprise And Mid-Market User Scenarios 2. Customer Profiling And Segmentation Tools 3. Windows Vista Business Value And Infrastructure.

Brad Allen Windows Client Technical Specialist Microsoft Corporation.

Deploying PKI Inside Microsoft The experience of Microsoft in deploying its own corporate PKI Published: December 2003.

Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.

Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.

Deploying SharePoint Products and Technologies for Enterprise Collaboration Microsoft IT group’s Centrally Hosted Collaboration Solution.

Asif Jinnah Microsoft IT – United Kingdom. Security Challenges in an ever changing landscape Evolution of Security Controls: Microsoft’s Secure Anywhere.

Robert Boccia Technology Strategist Microsoft Session Code: ISB201.

CFO Summit The Business Value of IT Rick Devenuti Corporate Vice President & CIO Rick Devenuti Corporate Vice President & CIO.

1 The New Security Blueprint : Challenges & Opportunities Ajay Goel, Managing Director, Symantec India & SAARC Sept 1, 2011.

The Infrastructure Optimization Journey Kamel Abu Ayash Microsoft Corporation.

Note1 (Admi1) Overview of administering security.

Microsoft Belgium Security Summit Georges Ataya S olvay B usiness S chool, ISACA Belux Detlef Eckert Microsoft EMEA.

Rob Davidson, Partner Technology Specialist Microsoft Management Servers: Using management to stay secure.

Information Security Measures Confidentiality IntegrityAccessibility Information cannot be available or disclosed to unauthorized persons, entities or.

Be Microsoft’s first and best customer Enabling world-class and predictable customer, client, and partner experience Protecting Microsoft’s physical and.

Safe’n’Sec IT security solutions for enterprises of any size.

Connect with life Ravi Sankar Technology Evangelist | Microsoft Corporation Ravisankar.spaces.live.com/blog.

Tim Rains Group Product Manager Microsoft Session Code: SIA101.

Infrastructure for the People-Ready Business. Presentation Outline POINT B: Pro-actively work with your Account manager to go thru the discovery process.

Securing Tomorrow’s World Microsoft Security Roadmap Ed Gibson & Steve Lamb Microsoft Ltd.

BYOD: An IT Security Perspective. What is BYOD? Bring your own device - refers to the policy of permitting employees to bring personally owned mobile.

© ITT Educational Services, Inc. All rights reserved. IS3220 Information Technology Infrastructure Security Unit 10 Network Security Management.

Welcome Information Security Office Services Available to Counties Security Operations Center Questions.

Implementing and Managing Azure Multi-factor Authentication

Securing Information Systems

Deployment Planning Services

Risk management.

Cybersecurity - What’s Next? June 2017

Journey to Microsoft Secure Cloud

Security Insights: How Microsoft Secures IT

Threat Management Gateway

Microsoft’s Security Strategy

Office 365 with confidence: security features for Office 365

IS4550 Security Policies and Implementation

IT Management, Simplified

Cybersecurity Strategy

Skyhigh Enables Enterprises to Use Productivity Tools of Microsoft Office 365 While Meeting Their Security, Compliance & Governance Requirements Partner.

SAM GDPR Assessment <Insert partner logo here>

Protect your OneDrive and SharePoint files on mobile devices

Cyber Security in New Jersey State Government

Secure your Active Directory to mitigate risk in the cloud

11/17/2018 9:32 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.

Identity Infrastructure Fundamentals and Key Capabilities

Microsoft Virtual Academy

Maritime Business Solutions

How to Mitigate the Consequences What are the Countermeasures?

Implementing Client Security on Windows 2000 and Windows XP Level 150

Supercharge Your Growth in Depth

Enabling the hybrid cloud with remote access appliances

The MobileIron® Threat Detection difference:

5/12/2019 2:57 PM © Microsoft Corporation. All rights reserved.

Microsoft Data Insights Summit

Security in the Real World – Plenary Day One

Security Insights: Secure Messaging

Cloud Computing for Wireless Networks

Presentation transcript:

In the attack index…what number is your Company?

Microsoft Secures Microsoft with Microsoft An Overview Justin Nelson | Office of CIO | Microsoft Corporation | 27th February 2006

Agenda The Microsoft Landscape Managing Risk What does IT cost? Strategies, Tactics, Solutions

Microsoft IT Environment 111K+ e-mail server accounts 1.9 Tb Db Single Instance SAP 334K+ PCs and devices Dublin Redmond Tukwila Tokyo SVC 3M+ internal e-mail messages per day 10M+ e-mails from the Internet per day 9M+ rejected as spam 99.99% availability Singapore 106K+ end users 98 countries 441 buildings 9.5M+ remote connections per month

Enterprise Risk Model Unacceptable Risk Impact to Business 5 Enterprise Risk Model High Unacceptable Risk Risk assessment drives to acceptable risk (Defined by Business Owner) Impact to Business Acceptable Risk Low Low Probability of Exploit (Defined by Corporate Security) High

Microsoft IT Spend Breakdown FY05 Breakdown Cost Element View People 72% Data & Voice 16% Hardware 5% Facilities 5% Software 2% Software 5% (adjusted to include estimate if MS software were included) Functional View Applications 60% App Development (29%) App Support (31%) Infrastructure 40% Network (14%) Data Center (7%) Employee Services (5%) Voice (5%) Helpdesk (5%) Security (3%) Employee Services = monitoring/Tier 2 (2%), messaging (1%), software deployment (1%), collaboration (0.5%), data protection (0.5%)

Microsoft CISO Concerns Regulatory compliance Mobility of data Unauthorized access to data Malicious software Supporting an evolving client

Key Strategies and Tactics Assessment of risk Identification of potential threats Mitigate risk through five key strategies Secure the Network Identity & Access Management IP and Data Protection Enhanced Auditing & Monitoring Awareness

Key Strategies and Tactics Secure the Network Identity & Access Management IP and Data Protection Enhanced Auditing & Monitoring Awareness Secure Extranet and Partner Connections Secure Remote Access Network Segmentation Network Intrusion Detection Systems Hardening the Wireless Network Strong Passwords Public Key Infrastructure: Certificate Services E-Mail Hygiene and Trustworthy Messaging Least Privileged Access Managed Source Code Security Development Lifecycle - IT Securing Mobile Devices Automated Vulnerability Scans Combating Malware Security Event Collection Information Security Policies Training and Communications For More Information

In summary The Microsoft Landscape Risk Management approach Budgeting Strategies, Tactics, Securing Microsoft with Microsoft For More Information

For More Information Additional content about Microsoft IT deployments and best practices can be found on http://www.microsoft.com Microsoft TechNet http://www.microsoft.com/technet/itshowcase Microsoft Case Study Resources http://www.microsoft.com/resources/casestudies E-mail IT Showcase showcase@microsoft.com

© 2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.