Presentation is loading. Please wait.

Presentation is loading. Please wait.

Secure your Active Directory to mitigate risk in the cloud

Published byBenedict O’Brien’ Modified over 6 years ago

Similar presentations

Presentation on theme: "Secure your Active Directory to mitigate risk in the cloud"— Presentation transcript:

1 Secure your Active Directory to mitigate risk in the cloud
Microsoft Ignite 2016 11/17/2018 7:08 AM BRK3298 Secure your Active Directory to mitigate risk in the cloud Jieming Zhu, VP, Engineering, Dell Software Alvaro Vitta, Principal Solutions Architect, Dell Software © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

2 Agenda Evolution of Active Directory Market Trends
11/17/2018 7:08 AM Agenda Evolution of Active Directory Market Trends Azure Active Directory and O365 Enter Hybrid Directory © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

3 Evolution of Active Directory

4 Organizations have used Active Directory to authenticate since 2001
2008 Add new resource forest for security 2010 Upgrades, M&As, BYOD, security risks TODAY Future-ready Windows Infrastructure 2004 is now business critical 2013-TODAY Organizations begin taking the cloud seriously 2009 Server 2008R2 -new forest level 2007 Collaboration heats up 2003 2001 AD replaces NT Organizations have used Active Directory to authenticate since 2001

5 Market Trends

6 Office 365 adoption is growing rapidly
22 million consumers ( 55% YOY growth from 12.4 M) and 70 million commercial customers who have active Office 365 subscriptions. In the commercial segment, Office 365 had a 57 percent month-over-month jump in the latest 2016 quarter Year over year growth about 1 million subscribers a month adopting O365

7 Why do organizations move to the Office 365?
Reduce infrastructure, licensing and maintenance costs eliminating on premise infrastructure and finding storage efficiencies Empower workforce to operate from anywhere from any device Increase scalability and business continuity

8 Office 365 and Azure Active Directory
Office 365 *requires* an Azure AD instance Azure AD provides the Directory Service for Office 365 applications Azure AD integrates with on-prem AD creating a HYBRID Directory environment Azure Active Directory

9 Hybrid environment: Azure AD Connect Synchronization Workflow
11/17/2018 7:08 AM Hybrid environment: Azure AD Connect Synchronization Workflow © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

10 How important is protecting on-prem AD resources?
75% of enterprises with more than 500 employees sync their on prem. AD accounts to AzureAD/O365 (AD on prem. is authoritative)

11 Hybrid AD Surface attack area
Microsoft Ignite 2016 Hybrid AD Surface attack area 11/17/2018 7:08 AM AD on-premises Azure AD 10 billion daily authentications 90% of companies use AD to auth 95 Million accounts under attack every day. 1.3 billion daily logons 10 million number of Azure AD tenants MS Cloud daily cyberattacks 700 million Azure AD accounts 375 million Hybrid AD accounts 500 million Active AD accounts 75% of Orgs. > 500 users synch AD-On prem. >> AAD © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

12 Hybrid Active Directory Security challenges

13 Dangers and pitfalls if you don’t secure AD on-prem
Hybrid Active Directory Challenges Business challenges Technical challenges Data Exfiltration Insider threats Compliance Failures Prolonged Operational Downtime Revenue loss due to downtime, loss of productivity and potentially fines No Permission Baselining No automatic remediation Lack of Detailed auditing Labor-intense/error-prone Lack of granular delegation Disjointed administration Manual DR Processes Dangers and pitfalls if you don’t secure AD on-prem

14 What’s the solution? Securing the weakest link in your Hybrid AD Directory

15 Active Directory Security Lifecycle Methodology

16 Continually Assess Who has access to what sensitive data and how did they get that access? Who has elevated privileged permissions in AD, servers and SQL DBs? What systems are vulnerable to security threats?

17 Detect and Alert How will I know if any suspicious privileged account activities have occurred? Have any changes occurred that could be significant of an insider threat? How will I know, quickly, if an intrusion has happened? Could we be under brute-force attack right now?

18 Remediate and Mitigate
Is access control allowing those whitelisted in and blacklisted out? Do my users have the lowest level of user rights possible to do their jobs? Are my sensitive resources protected? How much time will it take me to manually remediate unauthorized changes?

19 Investigate and Recover
How can I be sure that ‘it’ doesn’t happen again? How can I test my business continuity plan without going off line? How long will it take us to recover from an AD security incident, manually? What is my AD RTO after a disaster? Can I secure access to my DC before next time?

20 Hybrid Active Directory Security protects all the way around
11/17/2018 7:08 AM Hybrid Active Directory Security protects all the way around © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

21 Secure your Active Directory to Mitigate risk
Organizations moving to Office 365 have real and significant security challenges around Active Directory. On-premises AD remains the core of security even in a cloud/hybrid environment. Dell Software offers the only end to end AD Security solution in the market Don’t let your on-premises AD be your Hybrid Achilles Heel!

22 Thank you.

23 Free IT Pro resources To advance your career in cloud technology
Microsoft Ignite 2016 11/17/2018 7:08 AM Free IT Pro resources To advance your career in cloud technology Plan your career path Microsoft IT Pro Career Center Cloud role mapping Expert advice on skills needed Self-paced curriculum by cloud role $300 Azure credits and extended trials Pluralsight 3 month subscription (10 courses) Phone support incident Weekly short videos and insights from Microsoft’s leaders and engineers Connect with community of peers and Microsoft experts Get started with Azure Microsoft IT Pro Cloud Essentials Demos and how-to videos Microsoft Mechanics Connect with peers and experts Microsoft Tech Community © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

24 Please evaluate this session
11/17/2018 7:08 AM Please evaluate this session Your feedback is important to us! From your PC or Tablet visit MyIgnite at From your phone download and use the Ignite Mobile App by scanning the QR code above or visiting © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

25 11/17/2018 7:08 AM © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Download ppt "Secure your Active Directory to mitigate risk in the cloud"

Similar presentations

Learn how the cloud is accelerating network transformation

Learn how the cloud is accelerating network transformation
C# and VB code-focused development with Visual Studio

C# and VB code-focused development with Visual Studio
2/20/2018 7:04 PM BRK1038 Meet Azure Information Protection customers and learn about their success stories Jeffrey Kalfut Strategy & Architecture Manager,

2/20/2018 7:04 PM BRK1038 Meet Azure Information Protection customers and learn about their success stories Jeffrey Kalfut Strategy & Architecture Manager,
BRK1017 Taking your hybrid management and security strategy to the cloud with Operations Management Suite Jeremy Winter and Srini Chandrasekar.

BRK1017 Taking your hybrid management and security strategy to the cloud with Operations Management Suite Jeremy Winter and Srini Chandrasekar.
Enterprise grade security in your Hadoop clusters on Azure

Enterprise grade security in your Hadoop clusters on Azure
Microsoft Ignite 2016 4/30/2018 9:28 PM BRK3174

Microsoft Ignite /30/2018 9:28 PM BRK3174
Microsoft Ignite 2016 4/27/2018 9:00 AM THR2016

Microsoft Ignite /27/2018 9:00 AM THR2016
Extending IT Best Practices to Microsoft Azure

Extending IT Best Practices to Microsoft Azure
Transform yourself and build your IT cloud career path

Transform yourself and build your IT cloud career path
Deliver business insights with Microsoft Dynamics AX and Power BI

Deliver business insights with Microsoft Dynamics AX and Power BI
Examine information management in Cortana Intelligence

Examine information management in Cortana Intelligence
Develop, debug and deploy containerized applications with Docker

Develop, debug and deploy containerized applications with Docker
Build interactive data analysis environments using Apache Spark

Build interactive data analysis environments using Apache Spark
Microsoft Ignite 2016 6/2/2018 6:37 AM BRK2293

Microsoft Ignite /2/2018 6:37 AM BRK2293
Microsoft 2016 6/2/2018 3:42 PM BRK3129 Query Big Data using the Expanded T-SQL footprint with PolyBase in SQL Server 2016 Casey Karst Program Manager.

Microsoft /2/2018 3:42 PM BRK3129 Query Big Data using the Expanded T-SQL footprint with PolyBase in SQL Server 2016 Casey Karst Program Manager.
BRK3288-Discover data-driven apps that learn and adapt

BRK3288-Discover data-driven apps that learn and adapt
Microsoft 2016 6/4/2018 8:21 AM BRK3082 Build solutions and apps with Microsoft OneDrive API and Microsoft Graph API Ryan Gregg Principal Program Manger,

Microsoft /4/2018 8:21 AM BRK3082 Build solutions and apps with Microsoft OneDrive API and Microsoft Graph API Ryan Gregg Principal Program Manger,
Windows Server* 2016 & Intel® Technologies

Windows Server* 2016 & Intel® Technologies
Conduct a successful pilot deployment of Microsoft Intune

Conduct a successful pilot deployment of Microsoft Intune
Review the Nutanix Cloud Platform System Standard solution

Review the Nutanix Cloud Platform System Standard solution

Similar presentations

Ads by Google