How can Cloud help your Security. Christophe Van Mollekot Solution Advisor Microsoft

Transcription

1 How can Cloud help your Security Christophe Van Mollekot Solution Advisor Microsoft

2 Global datacenter footprint 100+ Datacenters in over 40 countries

3

4 Integral to business transformation 71% of strategic buyers cite scalability, cost and business agility as the most important drivers for using cloud services. Gigaom Research

5 Efficiently Scalability Scale

6 Test Costs & Dev

7 Agility

8 Global attacks are increasing and costs are rising Risk of cyber attacks can cost business up to $3 trillion a year 1 Cybercrime extracts between 15- of the value created by the Internet. 2 20% 91% agree consumers have lost control over how personal information is collected and used by companies 5 More than 800M in individual records were breached in The number of recorded data breaches increased 78%

9 How can Cloud help your Security

10 How can Cloud help your Security No one is able to use your data in a way that you do not approve. Your content is stored and managed in compliance with applicable laws, regulations and standards. You have visibility into how your data is being handled and used.

11 12 Infrastructure protection 24 hour monitored physical security System monitoring and logging Patch management Anti-Virus/Anti-Malware protection Intrusion detection/ddos Penetration testing

12 Network protection Network isolation Encrypted connections Virtual Networks ExpressRoute

13 Identity & access Enterprise cloud identity Windows Azure AD Access monitoring Single sign-on Multi-Factor Authentication Role based access controls

14 15 Data protection Encrypted data transfer Encryption options for stored data Data segregation Choice of data location Data redundancy Data destruction

15 Traditional protect & recover security strategy

16 The mindset shift

17 Assume Breach FUNDAMENTALLY, IF SOMEBODY WANTS TO GET IN, THEY'RE GETTING IN ACCEPT THAT. WHAT WE TELL CLIENTS IS: NUMBER ONE, YOU'RE IN THE FIGHT, WHETHER YOU THOUGHT YOU WERE OR NOT. NUMBER TWO, YOU ALMOST CERTAINLY ARE PENETRATED. Michael Hayden Former Director of NSA & CIA

18 19 If you found out tomorrow that your most critical systems had been infiltrated or that your most critical data was being exfiltrated, would you be prepared to deal with the breach?

19 RED vs. BLUE All your bases BELONG to us

20 Assume Breach Execution Wargame exercises Monitor emerging threats Red teaming Execute post breach Insider attack simulation Blue teaming 22

21 Post Breach Execution Establish security baselines Time to detect Time to contain Time to fix Time to recover Framework to inventory damage Identify reactive security investments Update response plans If you measure MTTR in WEEKS/MONTHS/YEARS instead of hours/days, then YOU VE FAILED! 23

22 How can Cloud help your Security The confidentiality, integrity, and availability of your data is protected. Your content is stored and managed in compliance with applicable laws, regulations and standards. You have visibility into how your data is being handled and used.

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41 We ll keep your data secure Your data is private and under your control We manage your data in accordance with the law You know what we re doing with your data

42

43 How can Cloud help your Security The confidentiality, integrity, and availability of your data is protected. No one is able to use your data in a way that you do not approve. You have visibility into how your data is being handled and used.

44 Microsoft Cloud Compliance Certifications

45 How can Cloud help your Security The confidentiality, integrity, and availability of your data is protected. No one is able to use your data in a way that you do not approve. Your content is stored and managed in compliance with applicable laws, regulations and standards.

46 Law Enforcement Requests

47 Transparency Center Microsoft NDA-To be shared under NDA only

48 How can Cloud help your Security

49 One last word

50 An on-premises solution to identify advanced security attacks before they cause damage Comparison: Microsoft Advanced Threat Analytics brings this concept to IT and users of a particular organization Credit card companies monitor cardholders behavior. If there is any abnormal activity, they will notify the cardholder to verify charge.

51 An on-premises solution to identify advanced security attacks before they cause damage Behavioral Analytics Detection for known attacks and issues Advanced Threat Detection

52 Detect threats fast with Behavioral Analytics Adapt as fast as your enemies Focus on what is important fast using the simple attack timeline Reduce the fatigue of false positives

53 Thank You

54 Additional Resources Learn more about the Microsoft Enterprise Cloud Visit the Microsoft Trust Centers: Azure, Intune, Office 365, and Dynamics CRM Review the Microsoft Law Enforcement Request Report and US National Security Orders Report Read our blogs: Microsoft Cyber Trust and Microsoft On the Issues Follow us on