The document discusses how Microsoft secures email with Office 365. It covers built-in security features like 24/7 monitoring of physical hardware, isolated customer data, automated operations, and encrypted data. It also discusses additional security options available to customers like advanced encryption, federation and single sign-on, and two-factor authentication. Specific encryption methods used by Office 365 like BitLocker, SSL, and Rights Management are explained. The presenter demonstrates encryption and discusses compliance features and independent verification of Office 365's security.
10. www.devconnections.com
SESSION TITLE
ENCRYPTION: RIGHTS MANAGEMENT
Encrypts individual files
Supported in Office 2010 & 2013,
OWA & ActiveSync
Define who can open, modify,
print, forward, save.
Set expiry on content
Integrated with Exchange Online
& SharePoint Online
Use on-prem AD or WAAD
10
12. www.devconnections.com
SESSION TITLE
3RD PARTY ENCRYPTION COMPARISON
S/MIME
⢠Supported
in Outlook,
not OWA
PGP
⢠Desktop
client
⢠No server-
side
⢠Individual
control
⢠Not
supported
Vaultive
⢠Gateway
between
Exchange &
user
⢠Virtual
appliance
⢠Mixed
mode
CipherCloud
⢠Similar to
Vaultive
⢠Supports
other
solutions
12
15. www.devconnections.com
SESSION TITLE
SUBPOENA WORKFLOW
Subpoena /
Court Order
served
Engage your
lawyer
Respond to
subpoena after
legal
consultation
Comply with
agreed upon
terms
Serve
objections
Move to quash
subpoena
Move for
protective
order
Subpoena/Court Order
served to CSP
CSP turns over
your data
Subpoena Workflow for On-Premise Email / Data
Subpoena Workflow for Cloud Email / Data
16. www.devconnections.com
SESSION TITLE
SUBPOENA WORKFLOW REVISITED
Subpoena / Court
Order served
Engage your
lawyer
Respond to
subpoena after
legal consultation
Serve
objections
Move to quash
subpoena
Move for
protective
order
Comply with
agreed upon
terms
Subpoena
served to CSP
CSP turns over
useless
gibberish
Court resubmits
subpoena to end
user
End User
engages
their lawyer
Serve
objections
Move to quash
subpoena
Move for
protective
order
Comply with
the agreed
upon terms
Subpoena Workflow for On-Premise Email / Data
With Encryption: Subpoena Workflow for Cloud Email / Data
21. www.devconnections.com
SESSION TITLE
MORE INFORMATION
ď Office 365 Trust Center:
http://trust.office365.com
ď Security in Office 365 white paper:
http://www.microsoft.com/en-
us/download/details.aspx?id=26552
ď Global Foundation Services:
http://www.globalfoundationservices.com
21
WAADIRM: http://technet.microsoft.com/en-us/library/jj585024.aspxOn-premIRM:To enable advanced Active Directory Rights Management Services features introduced in Exchange Server 2010, administrators can import the Trusted Publishing Domain from their Active Directory Rights Management Services server to Exchange Online using Remote PowerShell. After this one-time import, the following features become available:Support for IRM in Outlook Web AppSupport for IRM in Exchange ActiveSyncIRM searchTransport protection rulesProtected voicemailJournal report decryptionOutlook protection rules
Statement: Exchange Online will transport and store messages that are encrypted using client-side, third-party encryption solutions such as PGP. Exchange Online does not host the public keys, nor does it provide key repository, key management, or key directory services.
PGP: Outlook pluginVaultive: Exchange onlyCipherCloud: Salesforce, Gmail, Box, AWS3rd party solutions are actively warned against by Microsoft
Inbound filteringRoute mail directly to servers instead of via Internet or MXVoicemail set to Do Not ForwardHybrid: keep sensitive content on-premises