James Lewis and Simon Waight Office 365 security: everywhere you need it to be PRD33 1
A bit about us…
“Some organizations, especially outside the U.S., are paying an opportunity cost by allowing unwarranted fears about security to inhibit their use of public cloud services.” Gartner Source:
Security teams: putting the “no” into “technology”.
Leadership in security, privacy & trust Customers know where their data is stored Customers know who can access their data and why Customers can stay in the know by choosing to receive updates regarding changes to security, privacy and audit information No use of data for advertising purposes. No data mining of your data by Microsoft. No co-mingling of consumer and business data. Your data is yours and you can take it any time ISO Australia Certified Cloud Services List EU Model Clauses HIPAA-HITECH FERPA FISMA U.K. G-Cloud IL2 CJIS 24 hour monitored physical datacenters Logical isolation of data between tenants Network segregation. Encryption at rest and in transit Data loss prevention Anti-virus/anti spam 99.9% uptime Financial guarantees on uptime Redundancy in both functionality as well data Automated monitoring and recovery systems 24x7 on-call engineering team available to handle issues
Leadership in security, privacy & trust Customers know where their data is stored Customers know who can access their data and why Customers can stay in the know by choosing to receive updates regarding changes to security, privacy and audit information No use of data for advertising purposes. No data mining of your data by Microsoft. No co-mingling of consumer and business data. Your data is yours and you can take it any time ISO Australia Certified Cloud Services List EU Model Clauses HIPAA-HITECH FERPA FISMA U.K. G-Cloud IL2 CJIS 24 hour monitored physical datacenters Logical isolation of data between tenants Network segregation. Encryption at rest and in transit Data loss prevention Anti-virus/anti spam 99.9% uptime Financial guarantees on uptime Redundancy in both functionality as well data Automated monitoring and recovery systems 24x7 on-call engineering team available to handle issues
Office 365 built-in features Mobile device and app management Information protection Basic identity management via Azure AD Single sign-on for Office 365 Basic multifactor authentication Basic mobile device management via MDM Device settings management Selective wipe Built into Office 365 Management Console RMS protection via RMS for Office 365 Protection for content stored in Office (on-premises or Office 365) Access to RMS SDK Bring Your Own Key Identity & Access Management
EMS benefits for Office 365 customers Enterprise Mobility Suite Mobile device and app management Information protection Azure AD for Office 365+ Single sign-on for all cloud apps Advanced multifactor authentication for all workloads Self-service group management and password reset with write back to on- premises directory Advanced security reports FIM (now MIM), Server + CAL MDM for Office 365+ PC management Mobile app management (prevent cutting/copying/pasting/saving from corporate apps to personal apps) Secure content viewers Certificate provisioning System Center integration RMS for Office 365+ Protection for on-premises Windows Server file shares notifications when sharing documents notifications when shared documents are forwarded Identity & Access Management
Assessment matrix ThreatSourceRisk LikelihoodRisk ImpactRisk RatingRisk Mitigation What the threat is. Where the threat comes from. What is the chance it will happen? What is the impact if it does happen? Based on Likelihood and Impact assign a rating. What can be done to mitigate the residual risk?
Top five common risks Data leakage or loss Weak authentication Poor separation of duties Malware / phishing Access from untrusted devices.
Commercial Assessments Trust Center is your starting point Work with Partners or Microsoft to get additional answers.
Trust Portal
Admin account protection improvements No longer just one Administrator account Full multi-factor authentication support.
Office 365 Management APIs (preview) Don’t replace the current Reporting API Extends coverage of policy events in both Office 365 and Azure Active Directory Designed primarily for use by ISVs.
Control which devices access your data Support for devices with iOS 7+, Android 4+ Enforce device policy - security, no jailbrake, encryption Supports selective or full device remote wipe.
Extend your protection using EMS Managed iOS/Android apps deployed via Intune Company Portal Blocks copy / paste of content into other apps Includes desktop/laptop management.
Data Leakage Protection Available for Exchange Online, SharePoint Online and OneDrive for Business Access via Compliance Center in admin portal Australian-centric rules are available for use Rolling out now to tenants.
Please do an evaluation!
Continue your Ignite learning path Visit Microsoft Virtual Academy for free online training visit Visit Channel 9 to access a wide range of Microsoft training and event recordings Head to the TechNet Eval Centre to download trials of the latest Microsoft products