1. The Information Protection Problem
TechReady 18
8/1/2018
The Information Protection Problem
EMS Partner Bootcamp
© 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.
The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

2. Structured data vs. unstructured data
SMSG Readiness
8/1/2018
Structured data vs. unstructured data
Structured data:
Stored in a central location and dynamically transferred to clients as needed
Only updated and modified in the central location
Follows a consistent structure with occasional free-form fields
Can be the source for the creation of unstructured data
Examples: Databases, line of business app data, stream data (video, audio)
Unstructured data:
Composed of documents of variable format and structure
Created by anyone, stored anywhere
Distributed and utilized by copying and sending
Occasionally stored in central servers (file servers, SharePoint), but frequently copied
No systematic versioning or management of the data
Examples: Documents, , text files
Unstructured data amounts to about 80 percent of corporate data
© Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.
The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

3. Problems with unstructured data
SMSG Readiness
8/1/2018
Problems with unstructured data
© Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.
The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

4. Information protection realities
87% of senior managers admit to regularly uploading work files to a personal or cloud account.*
87%
58% have accidentally sent sensitive information to the wrong person.*
58%
>80% focus on data leak prevention for personal devices, but ignore the issue on corporate owned devices where the risks are the same
??%
* Source: Stroz Friedberg, “On The Pulse: Information Security In American Business,” 2013

5. Traditional security of unstructured data is location-based
Information Author
In a typical organization, users generate and transform content in many ways, storing it in the form of documents or messages in servers, workstations, mobile devices, and removable storage. The traditional approach to information protection relies on restricting access to the documents, as they are stored in their repositories, to the authorized users. This generally implies that, once a user is authorized to access a certain piece of information, they must be trusted to manage it properly and not to share it, either in its original, printed or copied form, with unauthorized parties.
Historically, this approach has not been very efficient, as users tend to underestimate the importance of information protection and the risks of information disclosure. Also, in some cases, they might evaluate that the benefit for them of sharing a certain piece of information compares favorably with the negative impact, providing they are not caught. In most cases, tracing an information leak to an individual is difficult, as is the ability to demonstrate that a certain act was intentional – so users performing unauthorized information disclosure can get away with it.
Even though the technology solutions for protecting information at its source location is generally well understood, this type of protection does not extend beyond its point of publication. Once the information reaches its intended users, it is beyond the control of the organization’s policies.
External Users
USB Drive
Recipient
Mobile Devices
© Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.
The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

6. Evolving IT landscape SaaS PaaS Clients Servers Outside Data Centers
Other PaaS Services
SaaS
Other Consumer storage
PaaS
Clients
Servers AD
Outside Data Centers
Supply Chain
© Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.
The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

7. The traditional perimeter is rapidly eroding
Industry trends
Consumerization of IT
Users need access, from any device
Externalization of IT
Applications are on-premises and in the cloud
More data, stored in more places
Dispersed enterprise data needs protection
Social Enterprise
Data is shared between people and applications
The traditional perimeter is rapidly eroding
IT needs continuous data protection that works across ‘classic boundaries’
© Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.
The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

8. Do you manage your IT environment?
Can you?
Enumerate your users
Authenticate them
Control what they can do
Control where they login
Track their accesses
Revoke their access
Customize their experiences
Can you?
Enumerate your devices
Authenticate them
Configure them centrally
Deploy them remotely
Gather configuration and logs
Block undesired devices
Can you?
Inventory your applications
Verify their legitimacy
Deploy them remotely
Configure them centrally
Block undesired software
Can you?
Enumerate your documents
Control access to them centrally
Control how they are used
Block undesired actions
Track their usage
Revoke access to them

9. When we add all those capabilities…
You can protect your data from leakage
Block access by untrusted actors
Block undesired actions
You can *know* your data is secure
Know when it is accessed and by whom
Know what they did
Users can be more productive
They know where their documents are and how they are being used
They can collaborate confidently
Users stay in control
They can take action over their already shared files
They can be informed when something wrong happens
Management can stay on-top
Discover patterns
Understand data flows