Cloud aber Sicher. Florian van Keulen. Senior Consultant Cloud & Security



Similar documents
Microsoft Enterprise Mobility Suite

Conditional Access and Mobile Application Management explained

Azure Active Directory

Microsoft SharePoint Architectural Models

Google Identity Services for work

Cloud App Security. Tiberio Molino Sales Engineer

Security Overview Enterprise-Class Secure Mobile File Sharing

Microsoft Azure. IaaS Networking Storage. Stefan Geiger Gerry

Secure Collaboration within Organizations, B2B and B2C.

Alexander De Houwer Technology Advisor Devices Win 10 Vincent Dal Technology Advisor Business Productivity

Sichere Software- Entwicklung für Java Entwickler

White Paper How Noah Mobile uses Microsoft Azure Core Services

SAFELY ENABLING MICROSOFT OFFICE 365: THREE MUST-DO BEST PRACTICES

Alliance Key Manager Solution Brief

Security Best Practices for Microsoft Azure Applications

Key & Data Storage on Mobile Devices

FileCloud Security FAQ

Ben Hall Technical Pre-Sales Manager

MICROSOFT EXCHANGE, OFFERED BY INTERCALL

Cloud Computing In a Post Snowden World. Guy Wiggins, Kelley Drye & Warren LLP Alicia Lowery Rosenbaum, Microsoft Legal and Corporate Affairs

INCREASINGLY, ORGANIZATIONS ARE ASKING WHAT CAN T GO TO THE CLOUD, RATHER THAN WHAT CAN. Albin Penič Technical Team Leader Eastern Europe

Managing Enterprise Devices and Apps using System Center Configuration Manager

Introducing MachPanel v.5

Microsoft Azure Multi-Factor authentication. (Concept Overview Part 1)

Microsoft Enterprise Mobility Suite

Enterprise Mobility Suite (EMS) Sean Lewis Principal Partner Technology Strategist

Small Business (1-25) Midsize Business (1-300) Enterprise (unlimited)

Building High Growth Services on the Microsoft Cloud Platform. Rich Cannon Senior Director, US Partner Hosting and Cloud Services

Ensuring Enterprise Data Security with Secure Mobile File Sharing.

Meet Exchange Server 2016

Information Rights Management in SharePoint. by André Vala

Mobile Security and Management Opportunities for Telcos and Service Providers

UNCLASSIFIED. UK Archiving powered by Mimecast Service Description

Microsoft Enterprise Mobility and Client Futures

Enterprise Mobility Management Migration Migrating from Legacy EMM to an epo Managed EMM Environment. Paul Luetje Enterprise Solutions Architect

How To Ensure Data Security On Anor

APS Connect Denver, CO

Trend Micro Cloud App Security for Office 365. October 27, 2015 Trevor Richmond

CLOUD SERVICES FOR EMS

Chapter 4 Application, Data and Host Security

Overview of Microsoft Enterprise Mobility Suite (EMS) Cloud University

License table for Competency partners

Andrej Zdravkovic Regional Vice President, Platform Solutions Intellinet

Quick Start and Trial Guide (Mail) Version 3 For ios Devices

MySQL Security: Best Practices

SOUG-SIG Data Replication With Oracle GoldenGate Looking Behind The Scenes Robert Bialek Principal Consultant Partner

Guidance End User Devices Security Guidance: Apple OS X 10.9

Windows Phone 8 Security Overview

VAULTIVE & MICROSOFT: COMPLEMENTARY ENCRYPTION SOLUTIONS. White Paper

Securing Office 365 with MobileIron

Securely Yours LLC IT Hot Topics. Sajay Rai, CPA, CISSP, CISM

SharePlus Enterprise: Security White Paper

Windows Phone 8.1 Mobile Device Management Overview

Rights Management Services

Microsoft is either a registered trademark or trademark of Microsoft Corporation in the United States and/or other countries.

Hans Demeyer Supplier of Inspiration & v-hansd@microsoft.com

Securing sensitive data at Rest ProtectFile, ProtectDb and ProtectV. Nadav Elkabets Presale Consultant


CLOUD ACCESS SECURITY BROKERS

What is OneDrive for Business?

Agenda. Enterprise challenges. Hybrid identity. Mobile device management. Data protection. Offering details

Mobile device and application management. Speaker Name Date

License table for Competency partners. Core licenses

Alliance Key Manager Cloud HSM Frequently Asked Questions

SHARPCLOUD SECURITY STATEMENT

Kelvin Wee CISA, CISM, CISSP Principal Consultant (DLP Specialist) Asia Pacific and Japan

O, P, Q I, J, K. Nuvolex, 260, 340

Deploying iphone and ipad Security Overview

Exchange Online Protection In-Depth

Security Architecture Whitepaper

End User Devices Security Guidance: Apple OS X 10.10

Identity & Access Management in the Cloud: Fewer passwords, more productivity

Citrix Enterprise Mobility more than just device management (MDM)

Ondřej Výšek Sales Lead, Microsoft MVP.

Intelligence. Productivity. Mobility. Unified Service. Predictive analytics: Offline mobile: Self, assisted & field service

Securely. Mobilize Any Business Application. Rapidly. The Challenge KEY BENEFITS

Citrix Enterprise Mobility more than just device management (MDM)

Secure Your with Encryption as a Service

Advanced Configuration Steps

MIGRATIONWIZ SECURITY OVERVIEW

Ensuring the security of your mobile business intelligence

MCTS Guide to Microsoft Windows 7. Chapter 7 Windows 7 Security Features

Secret Server Qualys Integration Guide

ForeScout MDM Enterprise

Service Overview CloudCare Online Backup

Identity + Mobile Management + Security = Enterprise Mobility Suite

Microsoft Partner Network. Cloud Services Dashboard User Guide

Move over, TMG! Replacing TMG with Sophos UTM

A Winning Combination!!

Apps. Devices. Users. Data. Deploying and managing applications across platforms is difficult.

Centrify Cloud Connector Deployment Guide

PLATFORM ENCRYPTlON ARCHlTECTURE. How to protect sensitive data without locking up business functionality.

Websense Solutions. TRITON v7.7 Architecture

Administering a SQL Database Infrastructure

Administering a SQL Database Infrastructure 20764; 5 Days; Instructor-led

Transcription:

Cloud aber Sicher Florian van Keulen Senior Consultant Cloud & Security BASEL BERN BRUGG DÜSSELDORF FRANKFURT A.M. FREIBURG I.BR. GENEVA HAMBURG COPENHAGEN LAUSANNE MUNICH STUTTGART VIENNA ZURICH

Since 2014 at Trivadis Security Infrastructure Identity & Access Management Cloud Infrastructure & Security Office 365 & SharePoint Florian van Keulen Senior Consultant BDS Security Officer Information Security Management 2 Dec 2015

Security Opportunities 3 Dec 2015

Datacenter & Storage Location Ireland & Netherlands Azure Office 365 Dynamics CRM Online Finland & Austria NEW Office 365 Germany NEW Data Trustee Telekom http://www.microsoft.com/online/legal/v2/?docid=25 4 Dec 2015

Datacenter & Storage Location Storage Replication Locally Redundant Storage (LRS) Zone Redundant Storage (ZRS) Geo Redundant Storage (GRS) Read Access Geo Redundant Storage (RA-GRS) 5 Dec 2015

6 Dec 2015

Identity & Access Management 7 Dec 2015

Multi Factor Authentication (MFA) Extra Authentication Factor Automated Call / Token (SMS) Authenticator App For Cloud Services Also for On-Premise Rules can be Applied Administrators and Users 8 Dec 2015

Conditional Access 9 Dec 2015

Comprehensive Reports & Notifications Microsoft Threat Intelligence Credentials found in Dark web Botnet activity Authentication Context Analysis 10 Dec 2015

Unified Device Management 11 Dec 2015

Azure RMS Encrypts and protects Documents and Mails Access through Authorization by Azure AD Policies Edit Copy Print Retention Time Also with External Users 12 Dec 2015

Azure RMS uses encryption, identity, and authorization policies to secure Mails and Files protected both within and outside your organization protection remains with the data Encryption: 2048-bit RSA asymmetric key with SHA- 256 hash algorithm AES 128-bit symmetric (CBC mode with PKCS#7 padding) Azure RMS 13 Dec 2015

Azure RMS Keys are Stored in Azure Keyvault Geo-location specific Stored in HSM module Full Audit und Logging of Key usage BYOK support available Azure RMS 14 Dec 2015

Azure RMS Bring your Own Key (BYOK) 15 Dec 2015

Enterprise Mobility Suite Identity Management Authentication & Authorization MFA Conditional Access Document Level Security Encryption Policies Secure Access Microsoft Azure Active Directory Premium + Microsoft Intune + Microsoft Azure Rights Management Unified Mobile Device Management Access Management Apps Deployment Selective Wipe 16 Dec 2015

Enterprise Mobility Suite Microsoft Azure Active Directory Premium + Microsoft Intune + Microsoft Azure Rights Management 17 Dec 2015

Office 365 Security Data Retention Policies / Legal Hold Encryption Data Loss Prevention (DLP) Exchange Online Advance Threat Protection (essential RMS & MDM Features) 18 Dec 2015

Data Retention Policies / Legal Hold 19 Dec 2015

Office 365 Encryption Azure RMS Office 365 Message Encryption S/MIME 20 Dec 2015

Office 365 Message Encyption (OME) apply encryption on emails that originate from Office 365 inside or outside Office 365 External users can decrypt the received email by either: an Office 365 account (from their company) a Microsoft account a one-time passcode Azure RMS used for encryption Office 365 Message Encryption 21 Dec 2015

S/MIME standard for public key encryption digital signing of MIME data Public / Private Key Infrastructure Works with Outlook, Outlook Web App, and Exchange ActiveSync clients (mobile) S/MIME 22 Dec 2015

Encryption AES265 encryption at Rest and in Motion Two types of encryption for Data at Rest: Disk encryption (using Bitlocker) File encryption Each file is encrypted with its own key Data in Motion SSL (TLS 1.0 & 1.2) New cipher suite order Discovered vulnerabilities are taken serious: SSLv3 Support withdrawn RC4 cipher support withdrawn 23 Dec 2015

Encryption of Files in OneDrive & SharePoint Encrypted Files and File Chunks stored randomlyaccross Encrypted Storage Containers Keys of the Container & Content DB Keys of the Files and File Chunks Keys and content are stored in 3 different locations, so you need authorization in all 3 areas to reveal data 24 Dec 2015

Data Lost Prevention (DLP) Prevents Sensitive Data From Leaving Organization Provides an Alert when data such as Social Security & Credit Card Number is emailed Alerts can be customized by Admin to catch Intellectual Property from being emailed out Email, OneDrive & Office For Based On Policies File Content Patterns Built-in templates based on common regulations Import DLP policy templates from security partners or build your own 25 Dec 2015

Exchange Online Advance Threat Protection Multiple Anti Malware Engines URL Link Rich Reporting & Tracing 26 Dec 2015

Office365 Lock Box 27 Dec 2015

Does your Datacenter Support these features? High Availability & Geo Redundancy of your data Full Featured Identity and Access management Cross Premises and with 3 rd Party MFA and Conditional access Enhanced Security Reports and Notifications (Threat Intelligenz) Unified Device Management Rights Management on Document Level wherever stored E-Mail & Multi Level File Encryption Retention time, Archiving and Legal Hold Advanced Threat Protection And most of it is already in an Office365 Subscription included!!! 28 Dec 2015