Customers Security in Context Microsoft & Office 365 / Azure Cloud Security Engagement Framework & References Real World application Frameworks.

Slides:



Advertisements
Similar presentations
Curtis Parker | December 2010 | Microsoft Corporation.
Advertisements

Security Controls – What Works
Information Security Policies and Standards
MyCloudIT Removes the Complexity of Moving Cloud Customers’ Entire IT Infrastructures to Microsoft Azure – Including the Desktop MICROSOFT AZURE ISV: MYCLOUDIT.
Why Microsoft makes the cloud shine Nigel Watson, Platform Strategy Advisor.
Brian Bradley.  Data is any type of stored digital information.  Security is about the protection of assets.  Prevention: measures taken to protect.
Video gallery HD video or high resolution photos of attendees H.264 SVC support Personalized collaboration experiences Intuitive controls Consistent.
Version 2.0 for Office 365. Day 1 Administering Office 365 Day 2 Administering Exchange Online Office 365 Overview & InfrastructureLync Online Administration.
JANUARY 08, 2010 Cerf urges standards for cloud computing Management of cloud assets requires protocols, standards, and research, Internet.
OSP214. SECURITY PRIVACY RELIABILITY & SERVICE CONTINUITY COMPLIANCE.
SIM309. Connection Analysis (IP-based edge blocks) Reputation Analysis Connection Filtering Protect businesses from receiving –borne viruses.
1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.
No one questions that Microsoft can write great software. Customers want to know if we can be innovative, scalable, reliable in the cloud. (1996) 450M+
SEC835 Database and Web application security Information Security Architecture.
Lesson 8-Information Security Process. Overview Introducing information security process. Conducting an assessment. Developing a policy. Implementing.
Marketing of Information Security Products. The business case for Information Security Management.
HIPAA COMPLIANCE WITH DELL
SIM 302. Unprepared UninformedUnaware Untrained Unused.
Dell Connected Security Solutions Simplify & unify.
Security Best-in-class security with over a decade of experience building Enterprise software & Online services Physical and data security with access.
Introducing Microsoft Azure Government Steve Read Barbara Brucker.
Alert Logic Provides a Fully Managed Security and Compliance Solution Based in the Cloud, Powered by the Robust Microsoft Azure Platform MICROSOFT AZURE.
Understanding Microsoft Forefront Online Protection for Exchange Nathan Winters Microsoft Corporation EXL201.
Module 12: Responding to Security Incidents. Overview Introduction to Auditing and Incident Response Designing an Audit Policy Designing an Incident Response.
Implementing Microsoft Exchange Online with Microsoft Office 365
Develop your Legal Practice using “Cloud” applications, but … Make sure your data is safe! Tuesday 17 November 2015 The Law Society, London Allan Carton,
Microsoft Azure Integrated with C21 Live Cloud Mosaic Helps Control Your Live Streaming from Anywhere by Deploying in Global Azure Regions MICROSOFT AZURE.
DenyAll Delivering Next-Generation Application Security to the Microsoft Azure Platform to Secure Cloud-Based and Hybrid Application Deployments MICROSOFT.
IS3220 Information Technology Infrastructure Security
Built on the Powerful Microsoft Azure Platform, Forensic Advantage Helps Public Safety and National Security Agencies Collect, Analyze, Report, and Distribute.
Office 365 is cloud- based productivity, hosted by Microsoft. Business-class Gain large, 50GB mailboxes that can send messages up to 25MB in size,
© 2011 IBM Corporation IBM Security Services Smarter Security Enabling Growth and Innovation Obbe Knoop – Security Services Leader Pacific.
ASHRAY PATEL Securing Public Web Servers. Roadmap Web server security problems Steps to secure public web servers Securing web servers and contents Implementing.
By: Matt Winkeler.  PCI – Payment Card Industry  DSS – Data Security Standard  PAN – Primary Account Number.
MICROSOFT AZURE APP BUILDER PROFILE: RAVERUS LTD. Raverus is a customer-driven company engaged in providing software applications designed to improve and.
Barracuda Networks. Safe Public Cloud Transitions Why Barracuda? The Challenge When organizations move workloads to the public cloud, data protection.
Managed IT Services JND Consulting Group LLC
Trusting Office 365 Privacy Transparency Compliance Security.
Discover How You Can Increase Collaboration with External Partners While Reducing Your Cost in Managing an Extranet from the Azure Cloud MICROSOFT AZURE.
UNIT V Security Management of Information Technology.
SYMANTEC ENDPOINT SECURITY SERVICE PROVIDERS | ALLIANCE PRO IT HYDERABAD (CORPORATE OFFICE) ALLIANCE PRO IT PRIVATE LIMITED, 3A, HYNDAVA TECHNO PARK, TECHNO.
SYMANTEC ENDPOINT SECURITY SERVICE PROVIDERS | ALLIANCE PRO IT HYDERABAD (CORPORATE OFFICE) ALLIANCE PRO IT PRIVATE LIMITED, 3A, HYNDAVA TECHNO PARK, TECHNO.
Law Firm Data Security: What In-house Counsel Need to Know
Your Office 365 Journey Prepare, Migrate, and Operate with Barracuda
Partner Toolbox Cloud Infrastructure & Management
Barracuda Networks Creates Next-Generation Security Solutions That Enable Customers to Accelerate Their Adoption of Microsoft Azure MICROSOFT AZURE APP.
Ralleo Enterprise-Grade Solution for Managing Change and Business Transformation Provides Opportunities to Better Analyze Real-Time Data MICROSOFT AZURE.
New Heights by Guiding Them into the Cloud
Partner Toolbox Cloud Application Development
9/4/2018 6:45 PM Secure your Office 365 environment with best practices recommended for political campaigns Ethan Chumley Campaign Technology Advisor Civic.
CLM USE GUIDE FOR MICROSOFT TRUSTED CLOUD
BUILDING A PRIVACY AND SECURITY PROGRAM FOR YOUR NON-PROFIT
Nigel Gibbons Executive Chairman UniTech tm
Veeam Backup Repository
Built on the Powerful Microsoft Azure Platform, Lievestro Delivers Care Information, Capacity Management Solutions to Hospitals, Medical Field MICROSOFT.
Skyhigh Enables Enterprises to Use Productivity Tools of Microsoft Office 365 While Meeting Their Security, Compliance & Governance Requirements Partner.
Logsign All-In-One Security Information and Event Management (SIEM) Solution Built on Azure Improves Security & Business Continuity MICROSOFT AZURE APP.
Partner Logo Reblaze Utilizes Microsoft Azure Cloud Technology to Provide Web Assets with a Comprehensive, Robust, Protective Shield Against Internet Threats.
The Only Digital Asset Management System on Microsoft Azure, MediaValet Is Uniquely Equipped to Meet Any Company’s Needs MICROSOFT AZURE ISV PROFILE: MEDIAVALET.
DeFacto Planning on the Powerful Microsoft Azure Platform Puts the Power of Intelligent and Timely Planning at Any Business Manager’s Fingertips Partner.
SMB practice development: Security play
Introducing Qwory, a Business-to-Business Search Engine That’s Powered by Microsoft Azure and Detects Vital Contact Information for Businesses MICROSOFT.
Druva inSync: A 360° Endpoint and Cloud App Data Protection and Information Management Solution Powered by Azure for the Modern Mobile Workforce MICROSOFT.
Dell Data Protection | Rapid Recovery: Simple, Quick, Configurable, and Affordable Cloud-Based Backup, Retention, and Archiving Powered by Microsoft Azure.
Keep Your Digital Media Assets Safe and Save Time by Choosing ImageVault to be Your Digital Asset Management Solution, Hosted in Microsoft Azure Partner.
Protect Your Microsoft Azure Cloud Assets Against Inside and Outside Threats With Balabit’s Shell Control Box Privileged User Monitoring Solution Partner.
SMB practice development: Security play
Microsoft Azure, RightsWATCH Help Users Keep Sensitive Information Safe from Security Breaches Resulting from Accidental or Malicious Disclosure MICROSOFT.
Cloud Computing for Wireless Networks
Presentation transcript:

Customers Security in Context Microsoft & Office 365 / Azure Cloud Security Engagement Framework & References Real World application Frameworks

(submitted by Antii Roppola)

Risk Trust Security

90% internal 80% external

Cloud All in!

The case for a Cloud Business Technology Roadmap Technical Certification

Little margin in subscription annuity Money is in the service tail, but how?

Honesty Confidence Trust

ISO Services (Office 365 and FOPE) ISO SAS 70 Type II Data Centers Safe Harbor Microsoft

Security Management Threat & Vulnerability Management, Monitoring & Response Edge Routers, Firewalls, Intrusion Detection, Vulnerability scanning Network perimeter Dual-factor Auth, Intrusion Detection, Vulnerability scanning Internal Network Access Control & Monitoring, Anti-Malware, Patch & Config Mgmt Host Secure Engineering (SDL), Access Control & Monitoring, Anti-Malware Application Access Control & Monitoring, File/Data Integrity Data User Account Mgmt, Training & Awareness, Screening Facility Physical controls, video surveillance, Access Control Strategy: employ a risk-based, multi-dimensional approach to safeguarding services and data

Encryption impacts service functionality (e.g. search) Technical solutions are challenging, e.g. identity and key management issues Data stored non- encrypted For “sensitive” data, customers implement Rights Management For “sensitive” externally sent/received , customers employ PGP or similar Solution

Require TLS for all mail between customer and partner domain (in and outbound) Centralized mail control (all mail for domain sent/received from customer servers) - Enables custom filtering and archiving Outbound mail delivery to a smarthost - Enables additional processing, e.g. DLP Future: Expanded DLP capabilities in Forefront Online Protection for Exchange (FOPE)

Microsoft believes customers should control their own information When compelled by U.S. law enforcement to produce customer records, Microsoft will first attempt to redirect these demands to the customer Microsoft will notify the customer unless it cannot, either because Microsoft is unable to reach the customer or is legally prohibited from doing so! Microsoft will only produce the specific records ordered by law enforcement and nothing else

Yes, a robust service continuity program is in place based on industry best practices and provides the ability to recover subscribed services in a timely manner Does Microsoft have a formalized continuity program in place? Yes, all offerings have redundancy and resiliency to ensure that any major outage is minimized Does each service have the ability to recover from a disastrous event? The plan and solution are validated at least on an annual basis Is the plan exercised (tested) on a regular basis?

MeasureAssessEvaluateManage

International Association of Microsoft Channel Partners (IAMCP) Compromise Customer Data Obtain Backup Media Intercept Hack Web Server Burglarise Office £ 5,000 Bribe Staff or Service Provider £ 10,000 Hack teleworker Home System £ 1,000 Hack Firewall £ 5,000 Hack SMTP service £ 2,000 £10,000 £1,000 £7,000 £5,000 £50,000 £1m+ Value to Business

Microsoft Security Assessment Tool Gain visibility of service revenue potential Identify in competency areas Out of competency = Engage a Pro!

Peer to Peer NetworkingRhythm of events occurring globally AdvocacyTo legislatures, the media, to Microsoft and Microsoft Partners (liaison with VFI) Community OutreachOn the lines of Social Entrepreneurship Education and GrowthProvide Programs & experiences to grow Partner business capability & capacity

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.