Weitere ähnliche Inhalte Kürzlich hochgeladen (20) Office 365 Security: Everything You Need to Know1. © 2014 SecureAuth All Rights Reserved
Office 365 Security
Everything You Need to Know
July 10, 2014
www.secureauth.com www.avanade.com www.microsoft.com
2. Welcome to the Webinar
• All attendee audio lines are muted
• Questions will be answered at the end of the session
• Submit brief questions on the Q&A panel
• Send longer questions or off-line topics via email to
webinar@secureauth.com
© 2014 SecureAuth All Rights Reserved
Presented by Microsoft, Avanade, and SecureAuth Corporation
David Brandt, Microsoft
Principal Program Manager, Office 365
Tim Arvanites, SecureAuth Corporation
Director of Technical Sales
Jimmy Soto, Avanade
Infrastructure Solutions Architect
3. AGENDA
© 2014 SecureAuth All Rights Reserved
Microsoft Office 365
Identity Management
SecureAuth IdP “Advanced” Security Options for Office 365
2-Factor Authentication and SSO
Deployment Tips and Tricks
The Avanade Experience
Q & A
Trends / Issues of Modern Mobile Enterprise
4. © 2014 SecureAuth All Rights Reserved
Issues Facing the
Modern Mobile Enterprise
Rapid Movement to the Cloud and High Usage of Cloud
Applications
Pressures of Mobility – BYOD and Secured Mobile Devices
for Convenient User Experience
Line of Business Driving Organizations to the Cloud, but
without Proper Security Measures
No one wants to be that headline
12. © 2014 SecureAuth All Rights Reserved
SecureAuth IdP
for Microsoft Office 365
Advanced Security Options
13. © 2014 SecureAuth All Rights Reserved
What is an IdP?
An IdP (Identity Provider) establishes a circle of trust between
the User and the Service Provider (applications like Office 365).
Definition
• A system that creates, maintains, and manages
identity information
• Provides principal authentication to other service
providers (applications) within a federation or
distributed network
• Sends an attribute assertion containing trusted
information about the user to the Service
Provider (SP)
1. User Directed to IdP
2. IdP Authenticates User
3. User Redirected to SP with Token
14. © 2014 SecureAuth All Rights Reserved
Benefits of an Identity Provider
Improved User Experience
Increased Security
Complex Environments Simplified
Flexible Access Control Workflows
15. © 2014 SecureAuth All Rights Reserved
IdP - Improved User Experience
Single Sign-on (SSO):
• Users access their applications with a
single authentication
• Flexible authentication workflows based
on user, device, and location
• Custom and third-party enterprise web
applications (SharePoint)
• Cloud applications, like Office 365,
Google Apps, Salesforce, and more
Users access their applications with a single authentication
16. © 2014 SecureAuth All Rights Reserved
IdP – Increased Security
• Avoid Password Sync / Sprawl
• Single Access Control Point for ALL
User’s Applications
• Immediate Disable of Access
• Auditing of All Application Access
Compiled in Single Location
• Enforce Client Sign-in Restrictions by
Device, Login History, Network Location,
Work Hours, and more
• Utilize Enterprise Multi-factor
Authentication
Web Apps Network
Apps
Cloud
Apps
Mobile Apps
17. © 2014 SecureAuth All Rights Reserved
IdP – Complex Environments Solved
Combine Multiple, Disparate Directory Stores
Active Directory, SQL, Novell eDirectory, Sun One, etc.
Create Unified Access Policies Limiting Access to Resources
based on:
Defined Authentication Workflows, User Access State (enabled/disabled),
Network Location, Group Membership, Devices, etc.
On-premises, Cloud-based, or Hybrid Scenario
18. © 2014 SecureAuth All Rights Reserved
IdP – Flexible Access Control Workflows
Define Virtually any Authentication
Workflow for Users
Integrated Windows Authentication (no
password) for Internal Users
Username/Password + Second Factor
(optional) for External Users
Enforce Client Sign-in Restrictions by
Device, Login History, Network
Location, Work Hours, and more
Utilize Enterprise Multi-factor
Authentication
19. © 2014 SecureAuth All Rights Reserved
SecureAuth IdP – Office 365
Use Case
Enterprise customer with 24 AD domains utilizing browser access to Office 365 and Office
applications Word, Excel, Outlook, Lync, and PowerPoint
External users – 2-Factor Authentication with SMS / Telephony / E-mail registration and 90
day device credential used for subsequent multi-factor authentications
Internal users – Windows Integrated Authentication for true Desktop SSO to Office 365
Single Sign-on experience for user to reach their other enterprise applications
Office 365 Client Access Controls limiting Outlook access to only internal network devices
20. Avanade’s Notes From The Field
Transformation to Office 365
Avanade Confidential – Do Not Copy, Forward or Circulate
© Copyright 2014 Avanade Inc. All Rights Reserved.
22. Avanade Confidential – Do Not Copy, Forward or Circulate
© Copyright 2014 Avanade Inc. All Rights Reserved.
Why take the journey with Avanade
• Our Health and Value Assessment offering efficiently
guides customers to achieving their goals
• Monthly meetings with Microsoft Office 365
Engineering teams as part of High Touch Partner
initiative
•
•
•
•
•
•
•
23. Avanade Confidential – Do Not Copy, Forward or Circulate
© Copyright 2014 Avanade Inc. All Rights Reserved.
Consideration Description
Know Requirements Ahead of Time
Know What Is Provided, And What Is Not
Remember, It Is A Shared Environment, Not A
Dedicated Hosted Environment
Evaluate Customer Readiness
Documentation May Be Dynamic And Is Improving
Considerations Prior To Office 365 Decision
23
24. Avanade Confidential – Do Not Copy, Forward or Circulate
© Copyright 2014 Avanade Inc. All Rights Reserved.
Consideration Description
It Is Still A Transformational Event
Plan For Realistic Timeline and Milestones
Keep The End User Experience In Mind
Stay On Course, Don’t Deviate
Plan for Operational Excellence
Implementation Planning Considerations
24
25. Avanade Confidential – Do Not Copy, Forward or Circulate
© Copyright 2014 Avanade Inc. All Rights Reserved.
Conclusion
• Implementation and migration to Office 365 is often simplified with an
emphasis of quick onboarding rather than averting risk
• Customers must realize that they need to adapt to Office 365; it does
not adapt to the customer
• Consideration must be given for safeguarding the end user experience
• Operational excellence and support must be planned prior to migrating
production resources to Office 365
• Customers benefit from the experience Avanade can provide when
planning and executing an Office 365 implementation and migration
25
26. © 2014 SecureAuth All Rights Reserved
Questions & Answers
Avanade, Microsoft, and
SecureAuth Corporation
27. © 2014 SecureAuth All Rights Reserved
Thank you
www.secureauth.com
Contacts
www.avanade.com
www.microsoft.com
David Brandt
Tim Arvanites
Jimmy Soto
SecureAuth Sales
Principal Program
Manager
Director of Technical
Sales
Infrastructure
Solutions Architect
Sales
david.brandt@microsoft.com
tarvanites@secureauth.com
jimmy.soto@avanade.com
sales@secureauth.com
+1-425-705-1352
+1-312-985-1997
+1-732-277-4960
+1-949-777-6959
Introduction to Microsoft Office 365 Identity Management
http://channel9.msdn.com/Events/TechEd/NorthAmerica/2014/OFC-
B222#fbid=
Hinweis der Redaktion Title “Why take the journey with Avanade”
Slide purpose:
Further messaging to show Avanade experience and specialty