SlideShare ist ein Scribd-Unternehmen logo

Office 365 Security: Everything You Need to Know

SecureAuth
SecureAuth

Whether you are already deployed or still considering upgrading to Microsoft Office 365, get the “need to know” about basic and advanced Office 365 security. Featuring presentations from Microsoft Office 365 Product Managers and Office 365 Deployment Experts at Avanade. Tips and Tricks for a Secure Deployment In-depth Look into Office 365’s Out-of-the-box Features Advanced Security Options: Multi-factor Authentication and Single Sign-on

Technologie
1 von 27
© 2014 SecureAuth All Rights Reserved Office 365 Security Everything You Need to Know July 10, 2014 www.secureauth.com www.avanade.com www.microsoft.com
Welcome to the Webinar • All attendee audio lines are muted • Questions will be answered at the end of the session • Submit brief questions on the Q&A panel • Send longer questions or off-line topics via email to webinar@secureauth.com © 2014 SecureAuth All Rights Reserved Presented by Microsoft, Avanade, and SecureAuth Corporation David Brandt, Microsoft Principal Program Manager, Office 365 Tim Arvanites, SecureAuth Corporation Director of Technical Sales Jimmy Soto, Avanade Infrastructure Solutions Architect
AGENDA © 2014 SecureAuth All Rights Reserved Microsoft Office 365 Identity Management SecureAuth IdP “Advanced” Security Options for Office 365 2-Factor Authentication and SSO Deployment Tips and Tricks The Avanade Experience Q & A Trends / Issues of Modern Mobile Enterprise
© 2014 SecureAuth All Rights Reserved Issues Facing the Modern Mobile Enterprise Rapid Movement to the Cloud and High Usage of Cloud Applications Pressures of Mobility – BYOD and Secured Mobile Devices for Convenient User Experience Line of Business Driving Organizations to the Cloud, but without Proper Security Measures No one wants to be that headline
User Microsoft Account Ex: alice@outlook.com User Organizational Account Ex: alice@contoso.com Microsoft Account Microsoft Azure Active Directory
WS-Federation WS-Trust SAML 2.0 Metadata Shibboleth Graph API
http://aka.ms/ssoproviders *For representative purposes only.
Pilot complete Deploy Complete Adopt new features Deploy EnhancePilot
© 2014 SecureAuth All Rights Reserved SecureAuth IdP for Microsoft Office 365 Advanced Security Options
© 2014 SecureAuth All Rights Reserved What is an IdP? An IdP (Identity Provider) establishes a circle of trust between the User and the Service Provider (applications like Office 365). Definition • A system that creates, maintains, and manages identity information • Provides principal authentication to other service providers (applications) within a federation or distributed network • Sends an attribute assertion containing trusted information about the user to the Service Provider (SP) 1. User Directed to IdP 2. IdP Authenticates User 3. User Redirected to SP with Token
© 2014 SecureAuth All Rights Reserved Benefits of an Identity Provider Improved User Experience Increased Security Complex Environments Simplified Flexible Access Control Workflows
© 2014 SecureAuth All Rights Reserved IdP - Improved User Experience Single Sign-on (SSO): • Users access their applications with a single authentication • Flexible authentication workflows based on user, device, and location • Custom and third-party enterprise web applications (SharePoint) • Cloud applications, like Office 365, Google Apps, Salesforce, and more Users access their applications with a single authentication
© 2014 SecureAuth All Rights Reserved IdP – Increased Security • Avoid Password Sync / Sprawl • Single Access Control Point for ALL User’s Applications • Immediate Disable of Access • Auditing of All Application Access Compiled in Single Location • Enforce Client Sign-in Restrictions by Device, Login History, Network Location, Work Hours, and more • Utilize Enterprise Multi-factor Authentication Web Apps Network Apps Cloud Apps Mobile Apps
© 2014 SecureAuth All Rights Reserved IdP – Complex Environments Solved Combine Multiple, Disparate Directory Stores Active Directory, SQL, Novell eDirectory, Sun One, etc. Create Unified Access Policies Limiting Access to Resources based on: Defined Authentication Workflows, User Access State (enabled/disabled), Network Location, Group Membership, Devices, etc. On-premises, Cloud-based, or Hybrid Scenario
© 2014 SecureAuth All Rights Reserved IdP – Flexible Access Control Workflows Define Virtually any Authentication Workflow for Users Integrated Windows Authentication (no password) for Internal Users Username/Password + Second Factor (optional) for External Users Enforce Client Sign-in Restrictions by Device, Login History, Network Location, Work Hours, and more Utilize Enterprise Multi-factor Authentication
© 2014 SecureAuth All Rights Reserved SecureAuth IdP – Office 365 Use Case Enterprise customer with 24 AD domains utilizing browser access to Office 365 and Office applications Word, Excel, Outlook, Lync, and PowerPoint External users – 2-Factor Authentication with SMS / Telephony / E-mail registration and 90 day device credential used for subsequent multi-factor authentications Internal users – Windows Integrated Authentication for true Desktop SSO to Office 365 Single Sign-on experience for user to reach their other enterprise applications Office 365 Client Access Controls limiting Outlook access to only internal network devices
Avanade’s Notes From The Field Transformation to Office 365 Avanade Confidential – Do Not Copy, Forward or Circulate © Copyright 2014 Avanade Inc. All Rights Reserved.
Messaging Transformation Credentials – • Innovative toolset • Strategic Alliance with Global Delivery Network Our Assets, Tools & Methods Our Expertise Our Experience
Avanade Confidential – Do Not Copy, Forward or Circulate © Copyright 2014 Avanade Inc. All Rights Reserved. Why take the journey with Avanade • Our Health and Value Assessment offering efficiently guides customers to achieving their goals • Monthly meetings with Microsoft Office 365 Engineering teams as part of High Touch Partner initiative • • • • • • •
Avanade Confidential – Do Not Copy, Forward or Circulate © Copyright 2014 Avanade Inc. All Rights Reserved. Consideration Description Know Requirements Ahead of Time Know What Is Provided, And What Is Not Remember, It Is A Shared Environment, Not A Dedicated Hosted Environment Evaluate Customer Readiness Documentation May Be Dynamic And Is Improving Considerations Prior To Office 365 Decision 23
Avanade Confidential – Do Not Copy, Forward or Circulate © Copyright 2014 Avanade Inc. All Rights Reserved. Consideration Description It Is Still A Transformational Event Plan For Realistic Timeline and Milestones Keep The End User Experience In Mind Stay On Course, Don’t Deviate Plan for Operational Excellence Implementation Planning Considerations 24
Avanade Confidential – Do Not Copy, Forward or Circulate © Copyright 2014 Avanade Inc. All Rights Reserved. Conclusion • Implementation and migration to Office 365 is often simplified with an emphasis of quick onboarding rather than averting risk • Customers must realize that they need to adapt to Office 365; it does not adapt to the customer • Consideration must be given for safeguarding the end user experience • Operational excellence and support must be planned prior to migrating production resources to Office 365 • Customers benefit from the experience Avanade can provide when planning and executing an Office 365 implementation and migration 25
© 2014 SecureAuth All Rights Reserved Questions & Answers Avanade, Microsoft, and SecureAuth Corporation
© 2014 SecureAuth All Rights Reserved Thank you www.secureauth.com Contacts www.avanade.com www.microsoft.com David Brandt Tim Arvanites Jimmy Soto SecureAuth Sales Principal Program Manager Director of Technical Sales Infrastructure Solutions Architect Sales david.brandt@microsoft.com tarvanites@secureauth.com jimmy.soto@avanade.com sales@secureauth.com +1-425-705-1352 +1-312-985-1997 +1-732-277-4960 +1-949-777-6959 Introduction to Microsoft Office 365 Identity Management http://channel9.msdn.com/Events/TechEd/NorthAmerica/2014/OFC- B222#fbid=

Empfohlen

Security and Compliance for Exchange Online in Office 365
Security and Compliance for Exchange Online in Office 365Security and Compliance for Exchange Online in Office 365
Security and Compliance for Exchange Online in Office 365
Quentin Christensen
 
Office 365 Security: How to Safeguard Your Data
Office 365 Security: How to Safeguard Your DataOffice 365 Security: How to Safeguard Your Data
Office 365 Security: How to Safeguard Your Data
Bitglass
 
Security and Compliance In Microsoft Office 365 Whitepaper
Security and Compliance In Microsoft Office 365 WhitepaperSecurity and Compliance In Microsoft Office 365 Whitepaper
Security and Compliance In Microsoft Office 365 Whitepaper
David J Rosenthal
 
Office365 security in depth
Office365 security in depthOffice365 security in depth
Office365 security in depth
Alberto Pascual
 
Office 365 security concerns, EU General Data Protection Regulation (GDPR)
Office 365 security concerns, EU General Data Protection Regulation (GDPR) Office 365 security concerns, EU General Data Protection Regulation (GDPR)
Office 365 security concerns, EU General Data Protection Regulation (GDPR)
Sonja Madsen
 
Information security in office 365 a shared responsibility - antonio maio
Information security in office 365 a shared responsibility - antonio maioInformation security in office 365 a shared responsibility - antonio maio
Information security in office 365 a shared responsibility - antonio maio
AntonioMaio2
 
Webinar: Goodbye RSA. Hello Modern Authentication.
Webinar: Goodbye RSA. Hello Modern Authentication.Webinar: Goodbye RSA. Hello Modern Authentication.
Webinar: Goodbye RSA. Hello Modern Authentication.
SecureAuth
 
The Death of 2FA and the Birth of Modern Authentication
The Death of 2FA and the Birth of Modern AuthenticationThe Death of 2FA and the Birth of Modern Authentication
The Death of 2FA and the Birth of Modern Authentication
SecureAuth
 

Empfohlen

Security and Compliance for Exchange Online in Office 365
Security and Compliance for Exchange Online in Office 365Security and Compliance for Exchange Online in Office 365
Security and Compliance for Exchange Online in Office 365
Quentin Christensen
 
Office 365 Security: How to Safeguard Your Data
Office 365 Security: How to Safeguard Your DataOffice 365 Security: How to Safeguard Your Data
Office 365 Security: How to Safeguard Your Data
Bitglass
 
Security and Compliance In Microsoft Office 365 Whitepaper
Security and Compliance In Microsoft Office 365 WhitepaperSecurity and Compliance In Microsoft Office 365 Whitepaper
Security and Compliance In Microsoft Office 365 Whitepaper
David J Rosenthal
 
Office365 security in depth
Office365 security in depthOffice365 security in depth
Office365 security in depth
Alberto Pascual
 
Office 365 security concerns, EU General Data Protection Regulation (GDPR)
Office 365 security concerns, EU General Data Protection Regulation (GDPR) Office 365 security concerns, EU General Data Protection Regulation (GDPR)
Office 365 security concerns, EU General Data Protection Regulation (GDPR)
Sonja Madsen
 
Information security in office 365 a shared responsibility - antonio maio
Information security in office 365 a shared responsibility - antonio maioInformation security in office 365 a shared responsibility - antonio maio
Information security in office 365 a shared responsibility - antonio maio
AntonioMaio2
 
Webinar: Goodbye RSA. Hello Modern Authentication.
Webinar: Goodbye RSA. Hello Modern Authentication.Webinar: Goodbye RSA. Hello Modern Authentication.
Webinar: Goodbye RSA. Hello Modern Authentication.
SecureAuth
 
The Death of 2FA and the Birth of Modern Authentication
The Death of 2FA and the Birth of Modern AuthenticationThe Death of 2FA and the Birth of Modern Authentication
The Death of 2FA and the Birth of Modern Authentication
SecureAuth
 
Portal Protection Using Adaptive Authentication
Portal Protection Using Adaptive AuthenticationPortal Protection Using Adaptive Authentication
Portal Protection Using Adaptive Authentication
SecureAuth
 
SecureAuth Solution Enhancements in 2017
SecureAuth Solution Enhancements in 2017SecureAuth Solution Enhancements in 2017
SecureAuth Solution Enhancements in 2017
SecureAuth
 
Passwordless is Possible - How to Remove Passwords and Improve Security
Passwordless is Possible - How to Remove Passwords and Improve Security Passwordless is Possible - How to Remove Passwords and Improve Security
Passwordless is Possible - How to Remove Passwords and Improve Security
SecureAuth
 
Top 5 Reasons to Choose Adaptive SSO
Top 5 Reasons to Choose Adaptive SSOTop 5 Reasons to Choose Adaptive SSO
Top 5 Reasons to Choose Adaptive SSO
SecureAuth
 
Webinar: Beyond Two-Factor: Secure Access Control for Office 365
Webinar: Beyond Two-Factor: Secure Access Control for Office 365 Webinar: Beyond Two-Factor: Secure Access Control for Office 365
Webinar: Beyond Two-Factor: Secure Access Control for Office 365
SecureAuth
 
What's New in SecureAuth IdP in 2017
What's New in SecureAuth IdP in 2017What's New in SecureAuth IdP in 2017
What's New in SecureAuth IdP in 2017
SecureAuth
 
2017 Predictions: Identity and Security
2017 Predictions: Identity and Security 2017 Predictions: Identity and Security
2017 Predictions: Identity and Security
SecureAuth
 
Why Two-Factor Isn't Enough
Why Two-Factor Isn't EnoughWhy Two-Factor Isn't Enough
Why Two-Factor Isn't Enough
SecureAuth
 
SecureAuth & 451 Research Webinar: Connected Security - A Holistic Approach t...
SecureAuth & 451 Research Webinar: Connected Security - A Holistic Approach t...SecureAuth & 451 Research Webinar: Connected Security - A Holistic Approach t...
SecureAuth & 451 Research Webinar: Connected Security - A Holistic Approach t...
SecureAuth
 
A CISO's Guide to Cyber Liability Insurance
A CISO's Guide to Cyber Liability InsuranceA CISO's Guide to Cyber Liability Insurance
A CISO's Guide to Cyber Liability Insurance
SecureAuth
 
The Rise of California Cybercrime
The Rise of California Cybercrime The Rise of California Cybercrime
The Rise of California Cybercrime
SecureAuth
 
Unmask anonymous attackers with advanced threat intelligence webinar 6.29 fin...
Unmask anonymous attackers with advanced threat intelligence webinar 6.29 fin...Unmask anonymous attackers with advanced threat intelligence webinar 6.29 fin...
Unmask anonymous attackers with advanced threat intelligence webinar 6.29 fin...
SecureAuth
 
What's New in IdP 9.0 Behavioral Biometrics and more…
What's New in IdP 9.0 Behavioral Biometrics and more…What's New in IdP 9.0 Behavioral Biometrics and more…
What's New in IdP 9.0 Behavioral Biometrics and more…
SecureAuth
 
Stopping Breaches at the Perimeter: Strategies for Secure Access Control
Stopping Breaches at the Perimeter: Strategies for Secure Access ControlStopping Breaches at the Perimeter: Strategies for Secure Access Control
Stopping Breaches at the Perimeter: Strategies for Secure Access Control
SecureAuth
 
What’s New In SecureAuth™ IdP, 8.2
What’s New In SecureAuth™ IdP, 8.2What’s New In SecureAuth™ IdP, 8.2
What’s New In SecureAuth™ IdP, 8.2
SecureAuth
 
What to Expect in 2016: Top 5 Predictions for Security and Access Control
What to Expect in 2016: Top 5 Predictions for Security and Access ControlWhat to Expect in 2016: Top 5 Predictions for Security and Access Control
What to Expect in 2016: Top 5 Predictions for Security and Access Control
SecureAuth
 
How to Stop Cyber Attacks Using Adaptive Authentication
How to Stop Cyber Attacks Using Adaptive AuthenticationHow to Stop Cyber Attacks Using Adaptive Authentication
How to Stop Cyber Attacks Using Adaptive Authentication
SecureAuth
 
Balancing User Experience with Secure Access Control in Healthcare
Balancing User Experience with Secure Access Control in HealthcareBalancing User Experience with Secure Access Control in Healthcare
Balancing User Experience with Secure Access Control in Healthcare
SecureAuth
 
Protecting the Keys to the Kingdom - The Case for Adaptive Authentication for...
Protecting the Keys to the Kingdom - The Case for Adaptive Authentication for...Protecting the Keys to the Kingdom - The Case for Adaptive Authentication for...
Protecting the Keys to the Kingdom - The Case for Adaptive Authentication for...
SecureAuth
 
Advanced Authentication: Past, Present, and Future
Advanced Authentication: Past, Present, and FutureAdvanced Authentication: Past, Present, and Future
Advanced Authentication: Past, Present, and Future
SecureAuth
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
The Digital Insurer
 

Weitere ähnliche Inhalte

Mehr von SecureAuth

A CISO's Guide to Cyber Liability Insurance
A CISO's Guide to Cyber Liability InsuranceA CISO's Guide to Cyber Liability Insurance
A CISO's Guide to Cyber Liability Insurance
SecureAuth
 
The Rise of California Cybercrime
The Rise of California Cybercrime The Rise of California Cybercrime
The Rise of California Cybercrime
SecureAuth
 
What's New in IdP 9.0 Behavioral Biometrics and more…
What's New in IdP 9.0 Behavioral Biometrics and more…What's New in IdP 9.0 Behavioral Biometrics and more…
What's New in IdP 9.0 Behavioral Biometrics and more…
SecureAuth
 
Stopping Breaches at the Perimeter: Strategies for Secure Access Control
Stopping Breaches at the Perimeter: Strategies for Secure Access ControlStopping Breaches at the Perimeter: Strategies for Secure Access Control
Stopping Breaches at the Perimeter: Strategies for Secure Access Control
SecureAuth
 

Mehr von SecureAuth (20)

Portal Protection Using Adaptive Authentication
Portal Protection Using Adaptive AuthenticationPortal Protection Using Adaptive Authentication
Portal Protection Using Adaptive Authentication
 
SecureAuth Solution Enhancements in 2017
SecureAuth Solution Enhancements in 2017SecureAuth Solution Enhancements in 2017
SecureAuth Solution Enhancements in 2017
 
Passwordless is Possible - How to Remove Passwords and Improve Security
Passwordless is Possible - How to Remove Passwords and Improve Security Passwordless is Possible - How to Remove Passwords and Improve Security
Passwordless is Possible - How to Remove Passwords and Improve Security
 
Top 5 Reasons to Choose Adaptive SSO
Top 5 Reasons to Choose Adaptive SSOTop 5 Reasons to Choose Adaptive SSO
Top 5 Reasons to Choose Adaptive SSO
 
Webinar: Beyond Two-Factor: Secure Access Control for Office 365
Webinar: Beyond Two-Factor: Secure Access Control for Office 365 Webinar: Beyond Two-Factor: Secure Access Control for Office 365
Webinar: Beyond Two-Factor: Secure Access Control for Office 365
 
What's New in SecureAuth IdP in 2017
What's New in SecureAuth IdP in 2017What's New in SecureAuth IdP in 2017
What's New in SecureAuth IdP in 2017
 
2017 Predictions: Identity and Security
2017 Predictions: Identity and Security 2017 Predictions: Identity and Security
2017 Predictions: Identity and Security
 
Why Two-Factor Isn't Enough
Why Two-Factor Isn't EnoughWhy Two-Factor Isn't Enough
Why Two-Factor Isn't Enough
 
SecureAuth & 451 Research Webinar: Connected Security - A Holistic Approach t...
SecureAuth & 451 Research Webinar: Connected Security - A Holistic Approach t...SecureAuth & 451 Research Webinar: Connected Security - A Holistic Approach t...
SecureAuth & 451 Research Webinar: Connected Security - A Holistic Approach t...
 
A CISO's Guide to Cyber Liability Insurance
A CISO's Guide to Cyber Liability InsuranceA CISO's Guide to Cyber Liability Insurance
A CISO's Guide to Cyber Liability Insurance
 
The Rise of California Cybercrime
The Rise of California Cybercrime The Rise of California Cybercrime
The Rise of California Cybercrime
 
Unmask anonymous attackers with advanced threat intelligence webinar 6.29 fin...
Unmask anonymous attackers with advanced threat intelligence webinar 6.29 fin...Unmask anonymous attackers with advanced threat intelligence webinar 6.29 fin...
Unmask anonymous attackers with advanced threat intelligence webinar 6.29 fin...
 
What's New in IdP 9.0 Behavioral Biometrics and more…
What's New in IdP 9.0 Behavioral Biometrics and more…What's New in IdP 9.0 Behavioral Biometrics and more…
What's New in IdP 9.0 Behavioral Biometrics and more…
 
Stopping Breaches at the Perimeter: Strategies for Secure Access Control
Stopping Breaches at the Perimeter: Strategies for Secure Access ControlStopping Breaches at the Perimeter: Strategies for Secure Access Control
Stopping Breaches at the Perimeter: Strategies for Secure Access Control
 
What’s New In SecureAuth™ IdP, 8.2
What’s New In SecureAuth™ IdP, 8.2What’s New In SecureAuth™ IdP, 8.2
What’s New In SecureAuth™ IdP, 8.2
 
What to Expect in 2016: Top 5 Predictions for Security and Access Control
What to Expect in 2016: Top 5 Predictions for Security and Access ControlWhat to Expect in 2016: Top 5 Predictions for Security and Access Control
What to Expect in 2016: Top 5 Predictions for Security and Access Control
 
How to Stop Cyber Attacks Using Adaptive Authentication
How to Stop Cyber Attacks Using Adaptive AuthenticationHow to Stop Cyber Attacks Using Adaptive Authentication
How to Stop Cyber Attacks Using Adaptive Authentication
 
Balancing User Experience with Secure Access Control in Healthcare
Balancing User Experience with Secure Access Control in HealthcareBalancing User Experience with Secure Access Control in Healthcare
Balancing User Experience with Secure Access Control in Healthcare
 
Protecting the Keys to the Kingdom - The Case for Adaptive Authentication for...
Protecting the Keys to the Kingdom - The Case for Adaptive Authentication for...Protecting the Keys to the Kingdom - The Case for Adaptive Authentication for...
Protecting the Keys to the Kingdom - The Case for Adaptive Authentication for...
 
Advanced Authentication: Past, Present, and Future
Advanced Authentication: Past, Present, and FutureAdvanced Authentication: Past, Present, and Future
Advanced Authentication: Past, Present, and Future
 

Kürzlich hochgeladen

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Principled Technologies
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 

Kürzlich hochgeladen (20)

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 

Office 365 Security: Everything You Need to Know

  • 1. © 2014 SecureAuth All Rights Reserved Office 365 Security Everything You Need to Know July 10, 2014 www.secureauth.com www.avanade.com www.microsoft.com
  • 2. Welcome to the Webinar • All attendee audio lines are muted • Questions will be answered at the end of the session • Submit brief questions on the Q&A panel • Send longer questions or off-line topics via email to webinar@secureauth.com © 2014 SecureAuth All Rights Reserved Presented by Microsoft, Avanade, and SecureAuth Corporation David Brandt, Microsoft Principal Program Manager, Office 365 Tim Arvanites, SecureAuth Corporation Director of Technical Sales Jimmy Soto, Avanade Infrastructure Solutions Architect
  • 3. AGENDA © 2014 SecureAuth All Rights Reserved Microsoft Office 365 Identity Management SecureAuth IdP “Advanced” Security Options for Office 365 2-Factor Authentication and SSO Deployment Tips and Tricks The Avanade Experience Q & A Trends / Issues of Modern Mobile Enterprise
  • 4. © 2014 SecureAuth All Rights Reserved Issues Facing the Modern Mobile Enterprise Rapid Movement to the Cloud and High Usage of Cloud Applications Pressures of Mobility – BYOD and Secured Mobile Devices for Convenient User Experience Line of Business Driving Organizations to the Cloud, but without Proper Security Measures No one wants to be that headline
  • 5.
  • 6. User Microsoft Account Ex: alice@outlook.com User Organizational Account Ex: alice@contoso.com Microsoft Account Microsoft Azure Active Directory
  • 7.
  • 9.
  • 11. Pilot complete Deploy Complete Adopt new features Deploy EnhancePilot
  • 12. © 2014 SecureAuth All Rights Reserved SecureAuth IdP for Microsoft Office 365 Advanced Security Options
  • 13. © 2014 SecureAuth All Rights Reserved What is an IdP? An IdP (Identity Provider) establishes a circle of trust between the User and the Service Provider (applications like Office 365). Definition • A system that creates, maintains, and manages identity information • Provides principal authentication to other service providers (applications) within a federation or distributed network • Sends an attribute assertion containing trusted information about the user to the Service Provider (SP) 1. User Directed to IdP 2. IdP Authenticates User 3. User Redirected to SP with Token
  • 14. © 2014 SecureAuth All Rights Reserved Benefits of an Identity Provider Improved User Experience Increased Security Complex Environments Simplified Flexible Access Control Workflows
  • 15. © 2014 SecureAuth All Rights Reserved IdP - Improved User Experience Single Sign-on (SSO): • Users access their applications with a single authentication • Flexible authentication workflows based on user, device, and location • Custom and third-party enterprise web applications (SharePoint) • Cloud applications, like Office 365, Google Apps, Salesforce, and more Users access their applications with a single authentication
  • 16. © 2014 SecureAuth All Rights Reserved IdP – Increased Security • Avoid Password Sync / Sprawl • Single Access Control Point for ALL User’s Applications • Immediate Disable of Access • Auditing of All Application Access Compiled in Single Location • Enforce Client Sign-in Restrictions by Device, Login History, Network Location, Work Hours, and more • Utilize Enterprise Multi-factor Authentication Web Apps Network Apps Cloud Apps Mobile Apps
  • 17. © 2014 SecureAuth All Rights Reserved IdP – Complex Environments Solved Combine Multiple, Disparate Directory Stores Active Directory, SQL, Novell eDirectory, Sun One, etc. Create Unified Access Policies Limiting Access to Resources based on: Defined Authentication Workflows, User Access State (enabled/disabled), Network Location, Group Membership, Devices, etc. On-premises, Cloud-based, or Hybrid Scenario
  • 18. © 2014 SecureAuth All Rights Reserved IdP – Flexible Access Control Workflows Define Virtually any Authentication Workflow for Users Integrated Windows Authentication (no password) for Internal Users Username/Password + Second Factor (optional) for External Users Enforce Client Sign-in Restrictions by Device, Login History, Network Location, Work Hours, and more Utilize Enterprise Multi-factor Authentication
  • 19. © 2014 SecureAuth All Rights Reserved SecureAuth IdP – Office 365 Use Case Enterprise customer with 24 AD domains utilizing browser access to Office 365 and Office applications Word, Excel, Outlook, Lync, and PowerPoint External users – 2-Factor Authentication with SMS / Telephony / E-mail registration and 90 day device credential used for subsequent multi-factor authentications Internal users – Windows Integrated Authentication for true Desktop SSO to Office 365 Single Sign-on experience for user to reach their other enterprise applications Office 365 Client Access Controls limiting Outlook access to only internal network devices
  • 20. Avanade’s Notes From The Field Transformation to Office 365 Avanade Confidential – Do Not Copy, Forward or Circulate © Copyright 2014 Avanade Inc. All Rights Reserved.
  • 21. Messaging Transformation Credentials – • Innovative toolset • Strategic Alliance with Global Delivery Network Our Assets, Tools & Methods Our Expertise Our Experience
  • 22. Avanade Confidential – Do Not Copy, Forward or Circulate © Copyright 2014 Avanade Inc. All Rights Reserved. Why take the journey with Avanade • Our Health and Value Assessment offering efficiently guides customers to achieving their goals • Monthly meetings with Microsoft Office 365 Engineering teams as part of High Touch Partner initiative • • • • • • •
  • 23. Avanade Confidential – Do Not Copy, Forward or Circulate © Copyright 2014 Avanade Inc. All Rights Reserved. Consideration Description Know Requirements Ahead of Time Know What Is Provided, And What Is Not Remember, It Is A Shared Environment, Not A Dedicated Hosted Environment Evaluate Customer Readiness Documentation May Be Dynamic And Is Improving Considerations Prior To Office 365 Decision 23
  • 24. Avanade Confidential – Do Not Copy, Forward or Circulate © Copyright 2014 Avanade Inc. All Rights Reserved. Consideration Description It Is Still A Transformational Event Plan For Realistic Timeline and Milestones Keep The End User Experience In Mind Stay On Course, Don’t Deviate Plan for Operational Excellence Implementation Planning Considerations 24
  • 25. Avanade Confidential – Do Not Copy, Forward or Circulate © Copyright 2014 Avanade Inc. All Rights Reserved. Conclusion • Implementation and migration to Office 365 is often simplified with an emphasis of quick onboarding rather than averting risk • Customers must realize that they need to adapt to Office 365; it does not adapt to the customer • Consideration must be given for safeguarding the end user experience • Operational excellence and support must be planned prior to migrating production resources to Office 365 • Customers benefit from the experience Avanade can provide when planning and executing an Office 365 implementation and migration 25
  • 26. © 2014 SecureAuth All Rights Reserved Questions & Answers Avanade, Microsoft, and SecureAuth Corporation
  • 27. © 2014 SecureAuth All Rights Reserved Thank you www.secureauth.com Contacts www.avanade.com www.microsoft.com David Brandt Tim Arvanites Jimmy Soto SecureAuth Sales Principal Program Manager Director of Technical Sales Infrastructure Solutions Architect Sales david.brandt@microsoft.com tarvanites@secureauth.com jimmy.soto@avanade.com sales@secureauth.com +1-425-705-1352 +1-312-985-1997 +1-732-277-4960 +1-949-777-6959 Introduction to Microsoft Office 365 Identity Management http://channel9.msdn.com/Events/TechEd/NorthAmerica/2014/OFC- B222#fbid=

Hinweis der Redaktion

  1. Title “Why take the journey with Avanade” Slide purpose: Further messaging to show Avanade experience and specialty