SlideShare ist ein Scribd-Unternehmen logo

A deep dive into Azure Security: Is Azure really secure?

Brian Culver
Brian Culver

The cloud isn’t really new, but it is growing and becoming more complex. It has improved significantly compared to five years ago when we only saw the cloud as a collocation site. Companies are looking to save money and become more efficient. Several arguments make the cloud more compelling than ever before. Companies are great at what they do, but not so much at IT, it’s a different business. The cloud is more secure than companies can provide themselves. Technology is changing quicker than ever before which makes IT more difficult to keep up with, and maintaining high security standards. As hacking, malware and cyber crime incident continue to escalate, there is a huge pressure for companies to protect customers, partners, employees and all their data. Businesses really need to focus on building more secure solutions that deliver value to their customers, partners, and shareholders. Microsoft claims “decades-long experience building enterprise software and running some of the largest online services in the world. We use this experience to implement and continuously improve security-aware software development, operational management, and threat-mitigation practices that are essential to the strong protection of services and data.” This sounds great and compelling. So now my questions is “How secure is the cloud?” In this session, we will look at Azure in depth to identify what Microsoft is doing to make Azure more secure. Are they really more secure than traditional company data centers? Lets get past the marketing and really understand what makes Azure secure and how we can leverage that security in solutions. How can we collaborate and know that our data is secure. And much more.

Technologie
1 von 43
Downloaden Sie, um offline zu lesen
www.expertpointsolutions.com A Deep Dive into Azure Security: Is Azure really secure? Brian Culver & Alvin Vaughn ● #HSPUG ● March 15, 2017
About Brian Culver  SharePoint Solutions Architect for Expert Point Solutions in Houston, Texas.  Microsoft Certified Master (MCM) in SharePoint  Brian has worked in the Information Technology industry for since 1998 and he has been working with SharePoint since 2005. His deep expertise includes Azure, Office365, SharePoint, ASP.Net, SQL Server and Project Server. He has been involved in many large SharePoint implementations including Internet and Intranet sites, Partner Portals, Enterprise Content Management and Governance, and much custom application integration and development.  Author, Speaker and Blogger Email : brian.culver(at)expertpointsolutions.com Twitter : @spbrianculver LinkedIn : https://www.linkedin.com/in/bculver Blog : http://blog.expertpointsolutions.com
About Alvin Vaughn  Cloud Solutions Architect for Expert Point Solutions in Houston, Texas.  CISSP, CCENT, MCITP Enterprise Server.  Alvin has worked in Information Technology industry since 2005, where he begin initially has a system admin and progressing to server administrator while in college. Alvin became a commissioned officer into the military after college where assigned as the lead IT project manager during the successful implementation the DoD’s Field Health IT system in Iraq and later in Afghanistan. Alvin has served as a technical consultant traveling around the world to provide expertise in enterprise Window’s server administration, open source interoperability, data analytics and has certified in Linux Administration and Oracle SQL. Alvin has led many multi-regional and global IT projects leveraging enterprise platforms such as SharePoint, Oracle DB, Windows RDS while leveraging cloud IaaS such as Azure to securely deliver resources, business intelligence, and other services to clients and their customers. Email : alvin.vaughn(at)expertpointsolutions.com
Session Agenda  Cloud Growth  Digital Security Threat Today  Security Roadmap  “The Trusted Cloud”  Security & Compliance Tools and Resources  Other considerations
Cloud Growth  “Companies continued their adoption of cloud computing services at a rapid clip in 2016, with overall growth expected to rise 25% year over year for that period, according to new numbers from Synergy Research Group. The forecaster estimated aggregate annual revenue from all those cloud segments at nearly $150 billion. Synergy lumps two key cloud categories, known by techies as infrastructure as a service and platform as a service, into one big bucket, which together showed the most dramatic growth rate of 53%. Infrastructure as a service (aka IaaS) is typically exemplified by offerings from Amazon Web Services (AWS),Microsoft and Google (GOOGL, +0.37%).”  “Torrid Cloud Growth Continues”, Barb Darrow, Jan 04, 2017, http://fortune.com/2017/01/04/robust-cloud-growth/  Operator and vendor revenue for six segments of cloud computing reached $148 billion during that period, with spending on private clouds accounting for over half the total but spending on the public cloud growing much more rapidly.  “Cloud computing revenues jumped 25% in 2016, with strong growth ahead, researcher says”, Dan Richman, January 4, 2017, http://www.geekwire.com/2017/cloud-computing-revenues-jumped-25-2016-strong-growth-ahead-researcher-says/
Azure Cloud Growth Microsoft’s cloud infrastructure by the numbers  1989: The year Microsoft opened its first datacenter on its Redmond, Washington campus.  90-plus: The number of marketplaces that our cloud services are available in today.  200-plus: The number of online services delivered by Microsoft’s datacenters 24x7x365.  $15 billion-plus: Microsoft’s investment in building our huge cloud infrastructure.  1 million-plus: The number of servers hosted in our datacenters.  100-plus: The number of datacenters Microsoft has in its global cloud infrastructure portfolio.  30 trillion-plus: The number of data objects we store in our datacenters.  1.5 million-plus: The average number of requests our networks process per second.  3: The number of times Microsoft’s fiber optic network, one of North America’s largest, could stretch to the moon and back.  1.125: Microsoft’s average PUE for its new datacenters. Power usage effectiveness (PUE) is a metric of datacenter energy efficiency and is the ratio of the power and cooling overhead required to support our server load. The industry average is 1.8. http://download.microsoft.com/download/8/2/9/8297F7C7-AE81-4E99-B1DB- D65A01F7A8EF/Microsoft_Cloud_Infrastructure_Datacenter_and_Network_Fact_Sheet.pdf
Azure Cloud Growth Microsoft’s cloud infrastructure by the numbers (Continued)  2.3 billion kWh: The amount of green power purchased by Microsoft as part of our carbon-neutral goal - ranking as the third most purchased by any U.S. company, according to the U.S. Environmental Protection Agency.  16: The number of carbon offset projects Microsoft has invested in, including projects in Brazil, Cambodia, China, Guatemala, India, Kenya, Mongolia, Peru, Turkey and the United States. (including Keechi Wind Power investment announced November 4, 2013)  100 percent: The percentage of our servers and electronic equipment that we send to a third-party vendor for recycling and/or reselling after it has been securely decommissioned.  2007: The year Microsoft began sharing its best practices for cloud infrastructure with the industry. Download our latest Top Ten Best Business Practices for Environmentally Sustainable Datacenters white paper. http://download.microsoft.com/download/8/2/9/8297F7C7-AE81-4E99-B1DB- D65A01F7A8EF/Microsoft_Cloud_Infrastructure_Datacenter_and_Network_Fact_Sheet.pdf
Azure Cloud Growth  “[Microsoft] last week said its Azure revenue grew 93% year over year as it reported results for the quarter ended Dec. 31, 2016. The annualized revenue run rate for Microsoft's commercial cloud business, a segment that includes Azure, now surpasses $14 billion, according to the company.”  “Azure partners benefit from Microsoft cloud growth”, John Moore and Spencer Smith, Jan 27, 2017, http://searchitchannel.techtarget.com/news/450411909/Azure-partners-benefit-from-Microsoft-cloud-growth
Read Microsoft’s marketing about the cloud carefully Microsoft purposely skews cloud statistics to drive adoption. Move when it is the right time for your organization. Microsoft enterprise customers has Office 365 – Microsoft There’s a rush at every major tech vendor to sign up customers for their own cloud offerings before their competitors nab them. They are trying to nab their share of a market that will grow — conservatively — from $56.6 billion in 2014 to more than $127 billion in 2018, according to market research. – ICD 1 in 480% of the Fortune 500 are on the Microsoft Cloud – Microsoft
By 2018, Microsoft expects commercial cloud revenues to exceed Microsoft’s cloud-first, mobile-first strategy is paying off and is now on an annualized revenue run rate of $14 billion $20B driven by Office 365, Azure, and Dynamic CRM Online Commercial cloud growth of 80% Azure cloud growth of 93% Cloud customer base has doubled over the past 12 months Source: Taft, Darryl K. “Microsoft Continues to See Impact of Transition to Cloud.” eWeek. Source: Todd, Deborah M. “Cloud business boosts Microsoft’s quarterly revenue, shares rise.” Reuters.
There are benefits to the cloud; examine common criteria when evaluating a move • Once a year you will have the ability to true up or true down your licenses. Historically, only an annual true-up was possible, adding to cumulative SA costs. • Corporations can lose millions or hundreds of millions of dollars in the event of downtime. • Microsoft has a 99.9% uptime guarantee. True Up or Down 99.9% Uptime • Microsoft has increased the number of devices that can be used with O365 licenses enabling shared devices. 15 Devices • Historically, licensing has been device based, as BYOD and multiple devices weren’t prominent. • User licensing allows for multiple devices and is approximately 30% more expensive than licensing one device. User-Based Licensing • Microsoft has invested hundreds of millions of dollars into security for its cloud. It knows that with a single breach, many organizations will be searching for an alternative. Excellent Cloud Security • If you want to reduce time spent on providing patches and updates, Microsoft wants to automate tasks leaving you more time to work on other areas of your business. Automatic Updates • Microsoft is continuously increasing integration and collaboration capabilities within its products. Exchange, SharePoint, Skype, and Office have all seen changes in recent years. Enabled Collaboration • Instead of having to replace hardware every 3- 4 years, moving to Microsoft’s cloud can move you out of the hardware management space and help you focus on performance. Reduce Infra Costs Fifty-six percent of enterprises consider cloud to be a strategic differentiator, and approximately fifty-eight percent of enterprises spend more than 10 percent of their annual budgets on cloud services. – ICD
Organizations are delaying a move to the cloud for the following reasons • Certain organizations have bylaws in place because of proprietary information or government limitations on where data can reside. • Bandwidth and network connectivity in remote locations are large concerns for organizations who rely on the Microsoft productivity suite as their primary communication tools. Data Sovereignty Performance • The cost of moving to a subscription-based model is undoubtedly higher, and in the long run when your data is in the cloud, software vendors know switching to another vendor will be difficult. Cost • While having updates completed automatically by Microsoft, organizations with aforementioned legacy systems could face unexpected issues. Adaptability to Change • Organizations that have legacy systems or integrations with current software know that a move to cloud will be possible when similar functionality is possible in the cloud. Legacy Systems • If on-premise licenses or storage were recently purchased, moving to the cloud would decrease the planned usage life. Historical Purchases …the single biggest obstacle to cloud adoption in general continues to be the fear of security breaches, closely followed by issues with data sovereignty. – Capgemini Consulting Many organizations maintain hybrid environments when moving to the cloud. Microsoft has granted users who are licensed with Office 365 Enterprise User Subscription Licenses (USLs) equivalent rights to on-premise workloads. On-premise server licenses still need to be purchased. Small/mid-sized business and kiosk Office 365 plans do not contain the same rights.
Digital Security Threat Today Security remains a concern  News of security breaches continues to dominate headlines, and the scale and scope of intrusions are growing. In 2014 alone, data breaches were up by 49% over the previous year, and cyber criminals compromised more than a billion data records in more than 1500 breaches. In a 2014 report for the World Economic Forum, McKinsey & Company estimated the risk of cyberattacks“ could materially slow the pace of technology and business innovation with as much as $3 trillion in aggregate impact.” In any security attack, target organizations are only as safe as their weakest link; ifany component is not secured then the entire system is at risk. While acknowledging that the cloud can provide increased data security and administrative control, IT leaders are still concerned that migrating to the cloud will leave them more vulnerable to hackers than their current in-house Solutions http://download.microsoft.com/download/5/C/7/5C770A50-4FE4-4052-98E1- 562EBFE4F35A/Trusted_Cloud_White_paper_EN_US.pdf
Digital Security Threat Today  Russian Spies, Two Others, Indicted in Yahoo Hack Internet-Connected Sex Toy Maker Settles Privacy Lawsuit 7 Facts: 'Vault 7' CIA Hacking Tool Dump by WikiLeaks Breach Tally: Hacking Incidents Still on the Rise Yahoo CEO Loses Bonus Over Security Lapses SHA-1 Has Fallen Mobile Devices: What Could Go Wrong? Yahoo Takes $350 Million Hit in Verizon Deal
Digital Security Threat Today The top reported breaches by state are:  California with 39 breaches  Florida with 28 breaches  Texas with 23 breaches  New York with 15 breaches  Illinois, Indiana and Washington with 12 breaches  Ohio and Pennsylvania with 11 breaches  Michigan with 10 breaches  Arizona and Arkansas with 9 breaches  Georgia and Minnesota with 8 breaches and  Colorado and Missouri with 7 breaches. The report lists the worst data breaches per record compromised as:  Arizona with 4,524,278 records  New York with 3,588,554 records  Florida with 2,872,912 records  California with 1,436,701 records and  Georgia with 782,956 records. Report Lists Health Care Data Breaches by State
Digital Security Threat Today Ransonware
Digital Security Threat Today  Nearly 50 percent of organizations have been hit with ransomware  56,000 ransomware infections in March 2016, alone  $209 million was paid to ransomware criminals in Q1 2016  The average ransom demand is now $679  Email is the #1 delivery vehicle for ransomware  600% growth in new ransomware families since December 2015  4x jump in Android ransomware  230 percent jump in JavaScript ransomware payloads https://blog.barkly.com/ransomwar e-statistics-2016 http://www.symantec.com/content/en/us/enterprise/media/securi
Digital Security Threat Today  As of March 9, 50 major breaches impacting 424,286 individuals have been added to the Department of Health and Human Services' Office for Civil Rights' "wall of shame" website of major breaches affecting 500 or more individuals.  Of those 2017 incidents, 20 are listed as unauthorized access/disclosure breaches; 14 are hacking incidents; and 14 are breaches involving loss/theft of protected health information. Of the incidents involving loss or theft, eight involved paper/film records, and six involved unencrypted desktop or laptop computers, or other portable devices.  As of March 9, more than 171.66 million individuals in total have been impacted by the 1,852 major breaches that have been reported to HHS since September 2009.  In total so far in 2017, 14 hacking incidents affected nearly 262,000 individuals, or about 60 percent of all individuals impacted by major HIPAA breaches.  The six breaches so far posted in 2017 involving lost or stolen unencrypted computing devices impacted a total of about 15,000 individuals.  http://www.databreachtoday.com/breach-tally-hacking-incidents-still-on-rise-a-9762
Digital Security Threat Today Cybercrime is getting worse, far worse. Three and a Half Crimeware Trends to Watch in 2017  New malware configurations and trends seen in 2016;  Trends from the mobile malware arena;  A look into the most prominent threats expected in 2017. http://www.databreachtoday.com/webinars/three-half-crimeware-trends-to-watch-in-2017-w-1178?rf=promotional_webinar
Azure Security Roadmap  Microsoft is Transparent about security  Constantly Adapting and Making Changes as Trends Arise  Cloud Platform roadmap  https://www.microsoft.com/en-us/cloud-platform/roadmap-public-preview  White papers  Securing the Microsoft Cloud white paper  Azure Security, Privacy, and Compliance white paper  Security Management in Microsoft Azure white paper  Cloud Operations Excellence and Reliability strategy paper  Leveraging Stored Energy for Handling Power Emergencies white paper  Resilience by Design for Cloud Services white paper  Information Security Management white paper
Security Roadmap  Microsoft Cyber Defense Operations Center (CDOC) is a 24x7x365 state-of-the-art cybersecurity and defense facility. The CDOC is part of the company’s initiative to continuously advance its efforts on cybersecurity, risk management, and data protection. The CDOC is the physical hub for the company’s real-time security-focused experts, leveraging technology and analytics that protect, detect, and respond to threats to Microsoft’s cloud infrastructure and customer-facing resources and the services hosted within them, our products, devices, and the company’s internal resources. The teams that come together in the CDOC manage intelligence collection and correlation from our global threat landscape, real-time analysis and incident response, and provide ground zero security crisis management when needed.  Security Development Lifecycle (SDL) f
“The Trusted Cloud”  Most comprehensive compliance coverage of any cloud provider  More certifications than any other cloud provider  Industry leader for customer advocacy and privacy protection  Unique data residency guarantees  https://azure.microsoft.com/en-us/support/trust-center/  Commitment to compliance: “There are more compliance certifications with Azure than any other vendor out there”  Scott Guthrie, Exec VP Cloud + Enterprise Group, Microsoft Corp, AZGroups Conference 2017 (March 2017) https://youtu.be/_uW0N1Re_wk  Whether you are targeting government scenerios, healthcare, ecommerce, or a unique regulations in Australia, Ireland, or the UK its services can be depended on and you can take advantage of them  ISO/IEC, CSA/CCM, ITAR, CJIS, HIPAA, IRS 1075 Microsoft understands that for you—our enterprise customer—to realize the benefits of the cloud, you must be willing to entrust your cloud provider with one of your most
Microsoft has invested hundreds of millions of dollars into security, and has the most certifications of any cloud provider Microsoft’s servers are the second most attacked datacenter in the world with 30,000–40,000 threats per day. It has the experience and a proven track record in keeping data safe, knowing it only takes one hacker to get through for trust to be lost. Microsoft has the following certifications:
“The Trusted Cloud”  Whose using Azure in 2017  90% of the fortune 500 Use Microsoft Cloud:  BMW 2016  Concept to Production in less than a year to develop Azure connected vehicle dashboard sold in every vehicle today  Mobile companion app that allows you see stats of car and unlock the vehicle which is all running through Azure backend  Ford, Toyota, and others have integrated vehicles into Azure  AccuWeather (6 billion API weather calls per day from apps all over the weather)  GEICO, in very heavily regulated industry, has moved all of its customer facing and business processing systems to the cloud.  Walmart has Ecommerce and mobile based solutions are in the Azure cloud  Infrastructure  38 Regions and growing as of March 13 2017. Open a new region about every other month.  Datacenters implement multi-layer physical security
“The Trusted Cloud”  Security: We keep your customer data safe (https://azure.microsoft.com/en-us/support/trust-center/)  Managing and controlling identity and user access to your environments, data, and applications by federating user identities to Azure Active Directory and enabling multi-factor authentication for more secure sign-in.  Encrypting communications and operation processes. For data in transit, Azure uses industry-standard transport protocols between user devices and Microsoft datacenters, and within datacenters themselves. For data at rest, Azure offers a wide range of encryption capabilities up to AES-256, giving you the flexibility to choose the solution that best meets your needs.  Securing networks. Azure provides the infrastructure necessary to securely connect virtual machines to one another and to connect on-premises datacenters with Azure VMs. Azure blocks unauthorized traffic to and within Microsoft datacenters, using a variety of technologies. Azure Virtual Network extends your on-premises network to the cloud through site-to-site VPN.  Managing threats. To protect against online threats, Azure offers Microsoft Antimalware for cloud services and virtual machines. Microsoft also employs intrusion detection, denial-of-service (DDoS) attack prevention, regular penetration testing, and data analytics and machine learning tools to help mitigate threats to the Azure platform.
Trustworthy foundation BUILT ON MICROSOFT EXPERIENCE AND INNOVATION 20+ Data Centers Trustworthy Computing Initiative Security Development LifecycleGlobal Data Center Services Malware Protection Center Microsoft Security Response Center Windows Update 1st Microsoft Data Center Active Directory SOC 1 CSA Cloud Controls Matrix PCI DSS Level 1 FedRAMP/ FISMAUK G-Cloud Level 2 ISO/IEC 27001:2005 HIPAA/ HITECH Digital Crimes Unit SOC 2 E.U. Data Protection Directive Operations Security Assurance
Trustworthy foundation BUILT ON MICROSOFT EXPERIENCE AND INNOVATION Trustworthy Computing Initiative Security Development LifecycleGlobal Data Center Services Malware Protection Center Microsoft Security Response Center Microsoft Update Active Directory SOC 1 CSA Cloud Controls Matrix PCI DSS Level 1 FedRAMP/ FISMAUK G-Cloud Level 2 ISO/IEC 27001:2005 HIPAA/ HITECH Digital Crimes Unit SOC 2 E.U. Data Protection Directive Operations Security Assurance 1st Microsoft Data Center 20+ Data Centers: Operating Microsoft Azure in 8 data centers around the world 20+ Data Centers
Microsoft Azure 27 UNIFIED PLATFORM FOR MODERN BUSINESS
20+ Data Centers Trustworthy foundation BUILT ON MICROSOFT EXPERIENCE AND INNOVATION Trustworthy Computing Initiative Security Development LifecycleGlobal Data Center Services Windows Update 1st Microsoft Data Center Active Directory SOC 1 CSA Cloud Controls Matrix PCI DSS Level 1 FedRAMP/ FISMAUK G-Cloud Level 2 ISO/IEC 27001:2005 HIPAA/ HITECH Digital Crimes Unit SOC 2 E.U. Data Protection Directive Operations Security Assurance Malware Protection Center Microsoft Security Response Center Security Centers of Excellence: Protecting Microsoft customers by combatting evolving threats
20+ Data Centers Trustworthy foundation BUILT ON MICROSOFT EXPERIENCE AND INNOVATION Trustworthy Computing Initiative Security Development LifecycleGlobal Data Center Services Malware Protection Center Microsoft Security Response Center Windows Update 1st Microsoft Data Center Active Directory SOC 1 CSA Cloud Controls Matrix PCI DSS Level 1 FedRAMP/ FISMAUK G-Cloud Level 2 ISO/IEC 27001:2005 HIPAA/ HITECH SOC 2 E.U. Data Protection Directive Operations Security Assurance Digital Crimes Unit Digital Crimes Unit: Using legal and technical expertise to disrupt the way cybercriminals operate
20+ Data Centers Trustworthy foundation BUILT ON MICROSOFT EXPERIENCE AND INNOVATION Trustworthy Computing Initiative Security Development LifecycleGlobal Data Center Services Malware Protection Center Microsoft Security Response Center Windows Update 1st Microsoft Data Center Active Directory Digital Crimes Unit SOC 1 CSA Cloud Controls Matrix PCI DSS Level 1 FedRAMP/ FISMAUK G-Cloud Level 2 ISO/IEC 27001:2005 HIPAA/ HITECH SOC 2 E.U. Data Protection Directive Compliance Standards: Investing heavily in robust compliance processes, including ISO 27001, FedRAMP, and HIPAA Operations Security Assurance
Microsoft Azure 31 Automated Managed Resources Elastic Usage Based UNIFIED PLATFORM FOR MODERN BUSINESS
Unified platform for modern business Microsoft commitment
ISO 27001:5 NIST 800-53 SOC 1 Type 2 SOC 2 Type 2 FedRAMP/FISMA PCI DSS Level 1 UK G-Cloud US-EU Safe Harbor Information security standards Effective controls Government & industry certifications Simplified compliance
34 Security compliance strategy Security analytics Risk management best practices Security benchmark analysis Test and audit Security Compliance Framework • Security goals set in context of business and industry requirements • Security analytics & best practices deployed to detect and respond to threats • Benchmarked to a high bar of certifications and accreditations to ensure compliance • Continual monitoring, test and audit
35 Program Description ISO/IEC 27001 Internationally recognized information security standard, broadly accepted outside U.S. PCI DSS Level 1 Information security standard designed to prevent fraud through controls around credit card data UK G-Cloud IL2 ‘Protect' level of security for data processing, storage and transmission by UK public sector organization including local and regional government SSAE 16 / ISAE 3402 Accounting standard relied upon as the authoritative guidance for reporting on service organizations (SOC 1, SOC 2, SOC 3) FedRAMP/FISMA U.S. Federal law enacted in 2002, based on NIST 800 series, 18 control domains, with in-depth audit, and applies to all U.S. Federal agencies Certifications & programs
Contractual commitments EU Data Privacy Approval • Microsoft makes strong contractual commitments to safeguard customer data covered by HIPAA BAA, Data Processing Agreement, & E.U. Model Clauses • Enterprise cloud-service specific privacy protections benefit every industry & region • Microsoft meets high bar for protecting privacy of EU customer data • EU Data Privacy approval allows Microsoft to transfer personal data across international borders • Only Microsoft is jointly approved from EU Article 29 Broad contractual scope
Security & Compliance Tools and Resources  Microsoft has taken on the responsibility to provide tools and information that will enable our customers to deploy our cloud services with the highest confidence that they are safe and compliant. Dervish Tayyip, General Counsel, Microsoft Corp https://blogs.microsoft.com/eupolicy/2016/11/10/microsoft-cloud-assurance-legal- regulatory-compliance-for-cloud-computing/#pmD5xEGu7XcQCa15.99  Cloud Computing Compliance Tools Central Repo: Microsoft Trust Center  Cloud Service Due Diligence Checklist: In anticipation for your organization’s move to the cloud, please review ISO/IEC 19086-1 and the Cloud Services Due Diligence Checklist.  Auditing Logging tools  Built into the cloud from the ground up. Wasn’t an after thought  Auditing and logging Overview  Examples:  How to: Monitor Apps in Azure App Service  Storage Analytics Logging  Creating alerts in Azure Monitor for Azure services  Azure AD Privileged Identity Management
Security & Compliance Tools and Resources  Well-Defined System Configuration Models  Azure’s recent transition from Service Manager to Resource Manager model  Security and Data Encryption Services  Azure Key Vault: Azure Key Vault helps safeguard cryptographic keys and secrets used by cloud applications and services.  Client-Side Encryption and Azure Key Vault for Microsoft Azure Storage: Supports encrypting data within client applications before uploading to Azure Storage, and decrypting data while downloading to the client. The library also supports integration with Azure Key Vault for storage account key management  Tutorials: Encrypt and decrypt blobs in Microsoft Azure Storage using Azure Key Vault
Closing Comments  Azure is more secure than your data center  The bigger the IT spend, the more Azure makes sense  Conduct an accurate and thorough risk analysis that incorporates all information technology equipment, applications and data systems storing PII, PCI;  Create and maintain a risk management plan;  Implement policies and procedures and retain for six years;  Reasonably safeguard the electronic PII and PCI using prevailing practices;  Encrypt computing devices and storage media;  Obtain satisfactory assurances in the form of a written business associate agreement;  Monitor and maintain user provisioning, such as not removing user access in a timely manner.  Top 12 Recommendations for Your Security Strategy
Questions ?? ? ?
Constructive Feedback Is Appreciated Great information, but would like to have learned more about [Insert Topic]Brian – Your presentation was … Good Demos! Thanks!
Thank you! Brian Culver, MCM Twitter: @spbrianculver E-mail: brian.culver(at)expertpointsolutions.com Blog: http://blog.expertpointsolutions.com/ Slides: http://www.slideshare.net/bculver Alvin Vaughn, CISSP E-mail: Alvin.Vaughn(at)expertpointsolutions.com

Empfohlen

Windows Azure Security & Compliance
Windows Azure Security & ComplianceWindows Azure Security & Compliance
Windows Azure Security & ComplianceNuno Godinho
 
Windows Azure Security Features And Functionality
Windows Azure Security Features And FunctionalityWindows Azure Security Features And Functionality
Windows Azure Security Features And Functionalityvivekbhat
 
Matt Chung (Independent) - Serverless application with AWS Lambda
Matt Chung (Independent) - Serverless application with AWS Lambda Matt Chung (Independent) - Serverless application with AWS Lambda
Matt Chung (Independent) - Serverless application with AWS Lambda Outlyer
 
Security in windows azure
Security in windows azureSecurity in windows azure
Security in windows azureFlavius-Radu Demian
 
Azure 101: Shared responsibility in the Azure Cloud
Azure 101: Shared responsibility in the Azure CloudAzure 101: Shared responsibility in the Azure Cloud
Azure 101: Shared responsibility in the Azure CloudPaulo Renato
 
Internet Sites in Microsoft Azure Logical Architecture
Internet Sites in Microsoft Azure Logical ArchitectureInternet Sites in Microsoft Azure Logical Architecture
Internet Sites in Microsoft Azure Logical ArchitectureDavid J Rosenthal
 
Lotus Notes Transition To Office 365
Lotus Notes Transition To Office 365Lotus Notes Transition To Office 365
Lotus Notes Transition To Office 365Thuan Ng
 
Hybrid IT
Hybrid ITHybrid IT
Hybrid ITWindows Azure
 

Empfohlen

Windows Azure Security & Compliance
Windows Azure Security & ComplianceWindows Azure Security & Compliance
Windows Azure Security & ComplianceNuno Godinho
 
Windows Azure Security Features And Functionality
Windows Azure Security Features And FunctionalityWindows Azure Security Features And Functionality
Windows Azure Security Features And Functionalityvivekbhat
 
Matt Chung (Independent) - Serverless application with AWS Lambda
Matt Chung (Independent) - Serverless application with AWS Lambda Matt Chung (Independent) - Serverless application with AWS Lambda
Matt Chung (Independent) - Serverless application with AWS Lambda Outlyer
 
Security in windows azure
Security in windows azureSecurity in windows azure
Security in windows azureFlavius-Radu Demian
 
Azure 101: Shared responsibility in the Azure Cloud
Azure 101: Shared responsibility in the Azure CloudAzure 101: Shared responsibility in the Azure Cloud
Azure 101: Shared responsibility in the Azure CloudPaulo Renato
 
Internet Sites in Microsoft Azure Logical Architecture
Internet Sites in Microsoft Azure Logical ArchitectureInternet Sites in Microsoft Azure Logical Architecture
Internet Sites in Microsoft Azure Logical ArchitectureDavid J Rosenthal
 
Lotus Notes Transition To Office 365
Lotus Notes Transition To Office 365Lotus Notes Transition To Office 365
Lotus Notes Transition To Office 365Thuan Ng
 
Hybrid IT
Hybrid ITHybrid IT
Hybrid ITWindows Azure
 
Stor simple presentation customers
Stor simple presentation customers Stor simple presentation customers
Stor simple presentation customersJarek Sokolnicki
 
Real World Azure - IT Pros
Real World Azure - IT ProsReal World Azure - IT Pros
Real World Azure - IT ProsClint Edmonson
 
Super cluster oracleday cl 7
Super cluster oracleday cl 7Super cluster oracleday cl 7
Super cluster oracleday cl 7Claudio Osvaldo Vargas Farfan
 
Improving Application Security With Azure
Improving Application Security With AzureImproving Application Security With Azure
Improving Application Security With AzureSoftchoice Corporation
 
Simplify IT: Oracle SuperCluster
Simplify IT: Oracle SuperCluster Simplify IT: Oracle SuperCluster
Simplify IT: Oracle SuperCluster Fran Navarro
 
Oracle super cluster m7
Oracle super cluster m7Oracle super cluster m7
Oracle super cluster m7OTN Systems Hub
 
Azure - Data Platform
Azure - Data PlatformAzure - Data Platform
Azure - Data Platformgiventocode
 
Sun Oracle Exadata Technical Overview V1
Sun Oracle Exadata Technical Overview V1Sun Oracle Exadata Technical Overview V1
Sun Oracle Exadata Technical Overview V1jenkin
 
What are the Business Benefits of Microsoft Azure
What are the Business Benefits of Microsoft AzureWhat are the Business Benefits of Microsoft Azure
What are the Business Benefits of Microsoft AzureChris Roche
 
Serverless architecture with AWS Lambda (June 2016)
Serverless architecture with AWS Lambda (June 2016)Serverless architecture with AWS Lambda (June 2016)
Serverless architecture with AWS Lambda (June 2016)Julien SIMON
 
Microsoft Azure 概觀 (2014-4-2 雲端達人班)
Microsoft Azure 概觀 (2014-4-2 雲端達人班)Microsoft Azure 概觀 (2014-4-2 雲端達人班)
Microsoft Azure 概觀 (2014-4-2 雲端達人班)Jeff Chu
 
Sparc SuperCluster
Sparc SuperClusterSparc SuperCluster
Sparc SuperClusterFran Navarro
 
ExpertsLive Asia Pacific 2017 - Planning and Deploying SharePoint Server 2016...
ExpertsLive Asia Pacific 2017 - Planning and Deploying SharePoint Server 2016...ExpertsLive Asia Pacific 2017 - Planning and Deploying SharePoint Server 2016...
ExpertsLive Asia Pacific 2017 - Planning and Deploying SharePoint Server 2016...Thuan Ng
 
Real World Add-in Development for Office365
Real World Add-in Development for Office365Real World Add-in Development for Office365
Real World Add-in Development for Office365Brian Culver
 
Benchmarking Aerospike on the Google Cloud - NoSQL Speed with Ease
Benchmarking Aerospike on the Google Cloud - NoSQL Speed with EaseBenchmarking Aerospike on the Google Cloud - NoSQL Speed with Ease
Benchmarking Aerospike on the Google Cloud - NoSQL Speed with EaseLynn Langit
 
Nutanix Fundamentals The Enterprise Cloud Company
Nutanix Fundamentals The Enterprise Cloud CompanyNutanix Fundamentals The Enterprise Cloud Company
Nutanix Fundamentals The Enterprise Cloud CompanyNEXTtour
 
Sun Oracle Exadata V2 For OLTP And DWH
Sun Oracle Exadata V2 For OLTP And DWHSun Oracle Exadata V2 For OLTP And DWH
Sun Oracle Exadata V2 For OLTP And DWHMark Rabne
 
Real World SharePoint Framework and Azure Services
Real World SharePoint Framework and Azure ServicesReal World SharePoint Framework and Azure Services
Real World SharePoint Framework and Azure ServicesBrian Culver
 
Real World SharePoint Framework and Azure Services
Real World SharePoint Framework and Azure ServicesReal World SharePoint Framework and Azure Services
Real World SharePoint Framework and Azure ServicesBrian Culver
 
How to convert your Full Trust Solutions to the SharePoint Framework (SPFx)
How to convert your Full Trust Solutions to the SharePoint Framework (SPFx)How to convert your Full Trust Solutions to the SharePoint Framework (SPFx)
How to convert your Full Trust Solutions to the SharePoint Framework (SPFx)Brian Culver
 
Convert your Full Trust Solutions to the SharePoint Framework (SPFx)
Convert your Full Trust Solutions to the SharePoint Framework (SPFx)Convert your Full Trust Solutions to the SharePoint Framework (SPFx)
Convert your Full Trust Solutions to the SharePoint Framework (SPFx)Brian Culver
 
Share Upgrading and Migrating to SharePoint 2016 Like a Pro
Share Upgrading and Migrating to SharePoint 2016 Like a ProShare Upgrading and Migrating to SharePoint 2016 Like a Pro
Share Upgrading and Migrating to SharePoint 2016 Like a ProBrian Culver
 

Weitere ähnliche Inhalte

Andere mochten auch

Stor simple presentation customers
Stor simple presentation customers Stor simple presentation customers
Stor simple presentation customersJarek Sokolnicki
 
Real World Azure - IT Pros
Real World Azure - IT ProsReal World Azure - IT Pros
Real World Azure - IT ProsClint Edmonson
 
Improving Application Security With Azure
Improving Application Security With AzureImproving Application Security With Azure
Improving Application Security With AzureSoftchoice Corporation
 
Simplify IT: Oracle SuperCluster
Simplify IT: Oracle SuperCluster Simplify IT: Oracle SuperCluster
Simplify IT: Oracle SuperCluster Fran Navarro
 
Azure - Data Platform
Azure - Data PlatformAzure - Data Platform
Azure - Data Platformgiventocode
 
Sun Oracle Exadata Technical Overview V1
Sun Oracle Exadata Technical Overview V1Sun Oracle Exadata Technical Overview V1
Sun Oracle Exadata Technical Overview V1jenkin
 
What are the Business Benefits of Microsoft Azure
What are the Business Benefits of Microsoft AzureWhat are the Business Benefits of Microsoft Azure
What are the Business Benefits of Microsoft AzureChris Roche
 
Serverless architecture with AWS Lambda (June 2016)
Serverless architecture with AWS Lambda (June 2016)Serverless architecture with AWS Lambda (June 2016)
Serverless architecture with AWS Lambda (June 2016)Julien SIMON
 
Microsoft Azure 概觀 (2014-4-2 雲端達人班)
Microsoft Azure 概觀 (2014-4-2 雲端達人班)Microsoft Azure 概觀 (2014-4-2 雲端達人班)
Microsoft Azure 概觀 (2014-4-2 雲端達人班)Jeff Chu
 
Sparc SuperCluster
Sparc SuperClusterSparc SuperCluster
Sparc SuperClusterFran Navarro
 
ExpertsLive Asia Pacific 2017 - Planning and Deploying SharePoint Server 2016...
ExpertsLive Asia Pacific 2017 - Planning and Deploying SharePoint Server 2016...ExpertsLive Asia Pacific 2017 - Planning and Deploying SharePoint Server 2016...
ExpertsLive Asia Pacific 2017 - Planning and Deploying SharePoint Server 2016...Thuan Ng
 
Real World Add-in Development for Office365
Real World Add-in Development for Office365Real World Add-in Development for Office365
Real World Add-in Development for Office365Brian Culver
 
Benchmarking Aerospike on the Google Cloud - NoSQL Speed with Ease
Benchmarking Aerospike on the Google Cloud - NoSQL Speed with EaseBenchmarking Aerospike on the Google Cloud - NoSQL Speed with Ease
Benchmarking Aerospike on the Google Cloud - NoSQL Speed with EaseLynn Langit
 
Nutanix Fundamentals The Enterprise Cloud Company
Nutanix Fundamentals The Enterprise Cloud CompanyNutanix Fundamentals The Enterprise Cloud Company
Nutanix Fundamentals The Enterprise Cloud CompanyNEXTtour
 
Sun Oracle Exadata V2 For OLTP And DWH
Sun Oracle Exadata V2 For OLTP And DWHSun Oracle Exadata V2 For OLTP And DWH
Sun Oracle Exadata V2 For OLTP And DWHMark Rabne
 

Andere mochten auch (17)

Stor simple presentation customers
Stor simple presentation customers Stor simple presentation customers
Stor simple presentation customers
 
Real World Azure - IT Pros
Real World Azure - IT ProsReal World Azure - IT Pros
Real World Azure - IT Pros
 
Super cluster oracleday cl 7
Super cluster oracleday cl 7Super cluster oracleday cl 7
Super cluster oracleday cl 7
 
Improving Application Security With Azure
Improving Application Security With AzureImproving Application Security With Azure
Improving Application Security With Azure
 
Simplify IT: Oracle SuperCluster
Simplify IT: Oracle SuperCluster Simplify IT: Oracle SuperCluster
Simplify IT: Oracle SuperCluster
 
Oracle super cluster m7
Oracle super cluster m7Oracle super cluster m7
Oracle super cluster m7
 
Azure - Data Platform
Azure - Data PlatformAzure - Data Platform
Azure - Data Platform
 
Sun Oracle Exadata Technical Overview V1
Sun Oracle Exadata Technical Overview V1Sun Oracle Exadata Technical Overview V1
Sun Oracle Exadata Technical Overview V1
 
What are the Business Benefits of Microsoft Azure
What are the Business Benefits of Microsoft AzureWhat are the Business Benefits of Microsoft Azure
What are the Business Benefits of Microsoft Azure
 
Serverless architecture with AWS Lambda (June 2016)
Serverless architecture with AWS Lambda (June 2016)Serverless architecture with AWS Lambda (June 2016)
Serverless architecture with AWS Lambda (June 2016)
 
Microsoft Azure 概觀 (2014-4-2 雲端達人班)
Microsoft Azure 概觀 (2014-4-2 雲端達人班)Microsoft Azure 概觀 (2014-4-2 雲端達人班)
Microsoft Azure 概觀 (2014-4-2 雲端達人班)
 
Sparc SuperCluster
Sparc SuperClusterSparc SuperCluster
Sparc SuperCluster
 
ExpertsLive Asia Pacific 2017 - Planning and Deploying SharePoint Server 2016...
ExpertsLive Asia Pacific 2017 - Planning and Deploying SharePoint Server 2016...ExpertsLive Asia Pacific 2017 - Planning and Deploying SharePoint Server 2016...
ExpertsLive Asia Pacific 2017 - Planning and Deploying SharePoint Server 2016...
 
Real World Add-in Development for Office365
Real World Add-in Development for Office365Real World Add-in Development for Office365
Real World Add-in Development for Office365
 
Benchmarking Aerospike on the Google Cloud - NoSQL Speed with Ease
Benchmarking Aerospike on the Google Cloud - NoSQL Speed with EaseBenchmarking Aerospike on the Google Cloud - NoSQL Speed with Ease
Benchmarking Aerospike on the Google Cloud - NoSQL Speed with Ease
 
Nutanix Fundamentals The Enterprise Cloud Company
Nutanix Fundamentals The Enterprise Cloud CompanyNutanix Fundamentals The Enterprise Cloud Company
Nutanix Fundamentals The Enterprise Cloud Company
 
Sun Oracle Exadata V2 For OLTP And DWH
Sun Oracle Exadata V2 For OLTP And DWHSun Oracle Exadata V2 For OLTP And DWH
Sun Oracle Exadata V2 For OLTP And DWH
 

Mehr von Brian Culver

Real World SharePoint Framework and Azure Services
Real World SharePoint Framework and Azure ServicesReal World SharePoint Framework and Azure Services
Real World SharePoint Framework and Azure ServicesBrian Culver
 
Real World SharePoint Framework and Azure Services
Real World SharePoint Framework and Azure ServicesReal World SharePoint Framework and Azure Services
Real World SharePoint Framework and Azure ServicesBrian Culver
 
How to convert your Full Trust Solutions to the SharePoint Framework (SPFx)
How to convert your Full Trust Solutions to the SharePoint Framework (SPFx)How to convert your Full Trust Solutions to the SharePoint Framework (SPFx)
How to convert your Full Trust Solutions to the SharePoint Framework (SPFx)Brian Culver
 
Convert your Full Trust Solutions to the SharePoint Framework (SPFx)
Convert your Full Trust Solutions to the SharePoint Framework (SPFx)Convert your Full Trust Solutions to the SharePoint Framework (SPFx)
Convert your Full Trust Solutions to the SharePoint Framework (SPFx)Brian Culver
 
Share Upgrading and Migrating to SharePoint 2016 Like a Pro
Share Upgrading and Migrating to SharePoint 2016 Like a ProShare Upgrading and Migrating to SharePoint 2016 Like a Pro
Share Upgrading and Migrating to SharePoint 2016 Like a ProBrian Culver
 
How to convert your Full Trust Solutions to the SharePoint Framework (SPFx)
How to convert your Full Trust Solutions to the SharePoint Framework (SPFx)How to convert your Full Trust Solutions to the SharePoint Framework (SPFx)
How to convert your Full Trust Solutions to the SharePoint Framework (SPFx)Brian Culver
 
Convert your Full Trust Solutions to the SharePoint Framework (SPFx)
Convert your Full Trust Solutions to the SharePoint Framework (SPFx)Convert your Full Trust Solutions to the SharePoint Framework (SPFx)
Convert your Full Trust Solutions to the SharePoint Framework (SPFx)Brian Culver
 
Convert your Full Trust Solutions to the SharePoint Framework (SPFx) in 1 hour
Convert your Full Trust Solutions to the SharePoint Framework (SPFx) in 1 hourConvert your Full Trust Solutions to the SharePoint Framework (SPFx) in 1 hour
Convert your Full Trust Solutions to the SharePoint Framework (SPFx) in 1 hourBrian Culver
 
Houston TechFest 2017- Migrate and Upgrade to 2016 Succesfully
Houston TechFest 2017- Migrate and Upgrade to 2016 SuccesfullyHouston TechFest 2017- Migrate and Upgrade to 2016 Succesfully
Houston TechFest 2017- Migrate and Upgrade to 2016 SuccesfullyBrian Culver
 
Building SharePoint 2016 Hybrid the right way
Building SharePoint 2016 Hybrid the right wayBuilding SharePoint 2016 Hybrid the right way
Building SharePoint 2016 Hybrid the right wayBrian Culver
 
SPSHOU - Upgrading and Migrating to SharePoint 2016 like a Pro
SPSHOU - Upgrading and Migrating to SharePoint 2016 like a ProSPSHOU - Upgrading and Migrating to SharePoint 2016 like a Pro
SPSHOU - Upgrading and Migrating to SharePoint 2016 like a ProBrian Culver
 
HSPUG Loving one drive for business as a productivity tool
HSPUG Loving one drive for business as a productivity toolHSPUG Loving one drive for business as a productivity tool
HSPUG Loving one drive for business as a productivity toolBrian Culver
 
SPT 104 Unlock your big data with analytics and BI on Office 365
SPT 104 Unlock your big data with analytics and BI on Office 365SPT 104 Unlock your big data with analytics and BI on Office 365
SPT 104 Unlock your big data with analytics and BI on Office 365Brian Culver
 
Spt 101 Loving Onedrive for business as a productivity tool
Spt 101 Loving Onedrive for business as a productivity toolSpt 101 Loving Onedrive for business as a productivity tool
Spt 101 Loving Onedrive for business as a productivity toolBrian Culver
 
SPS Utah 2016 - Unlock your big data with analytics and BI on Office 365
SPS Utah 2016 - Unlock your big data with analytics and BI on Office 365SPS Utah 2016 - Unlock your big data with analytics and BI on Office 365
SPS Utah 2016 - Unlock your big data with analytics and BI on Office 365Brian Culver
 
Loving OneDrive for Business as a Productivity Tool
Loving OneDrive for Business as a Productivity ToolLoving OneDrive for Business as a Productivity Tool
Loving OneDrive for Business as a Productivity ToolBrian Culver
 
Unlock your Big Data with Analytics and BI on Office 365
Unlock your Big Data with Analytics and BI on Office 365Unlock your Big Data with Analytics and BI on Office 365
Unlock your Big Data with Analytics and BI on Office 365Brian Culver
 
SharePoint 2013 Search Driven Sites - SPSHOU
SharePoint 2013 Search Driven Sites - SPSHOUSharePoint 2013 Search Driven Sites - SPSHOU
SharePoint 2013 Search Driven Sites - SPSHOUBrian Culver
 
Unlock your Big Data with Analytics and BI on Office 365 - OFF103
Unlock your Big Data with Analytics and BI on Office 365 - OFF103Unlock your Big Data with Analytics and BI on Office 365 - OFF103
Unlock your Big Data with Analytics and BI on Office 365 - OFF103Brian Culver
 
Building Scalable SharePoint 2013 Workflows - WF101 - SPFestDC
Building Scalable SharePoint 2013 Workflows - WF101 - SPFestDCBuilding Scalable SharePoint 2013 Workflows - WF101 - SPFestDC
Building Scalable SharePoint 2013 Workflows - WF101 - SPFestDCBrian Culver
 

Mehr von Brian Culver (20)

Real World SharePoint Framework and Azure Services
Real World SharePoint Framework and Azure ServicesReal World SharePoint Framework and Azure Services
Real World SharePoint Framework and Azure Services
 
Real World SharePoint Framework and Azure Services
Real World SharePoint Framework and Azure ServicesReal World SharePoint Framework and Azure Services
Real World SharePoint Framework and Azure Services
 
How to convert your Full Trust Solutions to the SharePoint Framework (SPFx)
How to convert your Full Trust Solutions to the SharePoint Framework (SPFx)How to convert your Full Trust Solutions to the SharePoint Framework (SPFx)
How to convert your Full Trust Solutions to the SharePoint Framework (SPFx)
 
Convert your Full Trust Solutions to the SharePoint Framework (SPFx)
Convert your Full Trust Solutions to the SharePoint Framework (SPFx)Convert your Full Trust Solutions to the SharePoint Framework (SPFx)
Convert your Full Trust Solutions to the SharePoint Framework (SPFx)
 
Share Upgrading and Migrating to SharePoint 2016 Like a Pro
Share Upgrading and Migrating to SharePoint 2016 Like a ProShare Upgrading and Migrating to SharePoint 2016 Like a Pro
Share Upgrading and Migrating to SharePoint 2016 Like a Pro
 
How to convert your Full Trust Solutions to the SharePoint Framework (SPFx)
How to convert your Full Trust Solutions to the SharePoint Framework (SPFx)How to convert your Full Trust Solutions to the SharePoint Framework (SPFx)
How to convert your Full Trust Solutions to the SharePoint Framework (SPFx)
 
Convert your Full Trust Solutions to the SharePoint Framework (SPFx)
Convert your Full Trust Solutions to the SharePoint Framework (SPFx)Convert your Full Trust Solutions to the SharePoint Framework (SPFx)
Convert your Full Trust Solutions to the SharePoint Framework (SPFx)
 
Convert your Full Trust Solutions to the SharePoint Framework (SPFx) in 1 hour
Convert your Full Trust Solutions to the SharePoint Framework (SPFx) in 1 hourConvert your Full Trust Solutions to the SharePoint Framework (SPFx) in 1 hour
Convert your Full Trust Solutions to the SharePoint Framework (SPFx) in 1 hour
 
Houston TechFest 2017- Migrate and Upgrade to 2016 Succesfully
Houston TechFest 2017- Migrate and Upgrade to 2016 SuccesfullyHouston TechFest 2017- Migrate and Upgrade to 2016 Succesfully
Houston TechFest 2017- Migrate and Upgrade to 2016 Succesfully
 
Building SharePoint 2016 Hybrid the right way
Building SharePoint 2016 Hybrid the right wayBuilding SharePoint 2016 Hybrid the right way
Building SharePoint 2016 Hybrid the right way
 
SPSHOU - Upgrading and Migrating to SharePoint 2016 like a Pro
SPSHOU - Upgrading and Migrating to SharePoint 2016 like a ProSPSHOU - Upgrading and Migrating to SharePoint 2016 like a Pro
SPSHOU - Upgrading and Migrating to SharePoint 2016 like a Pro
 
HSPUG Loving one drive for business as a productivity tool
HSPUG Loving one drive for business as a productivity toolHSPUG Loving one drive for business as a productivity tool
HSPUG Loving one drive for business as a productivity tool
 
SPT 104 Unlock your big data with analytics and BI on Office 365
SPT 104 Unlock your big data with analytics and BI on Office 365SPT 104 Unlock your big data with analytics and BI on Office 365
SPT 104 Unlock your big data with analytics and BI on Office 365
 
Spt 101 Loving Onedrive for business as a productivity tool
Spt 101 Loving Onedrive for business as a productivity toolSpt 101 Loving Onedrive for business as a productivity tool
Spt 101 Loving Onedrive for business as a productivity tool
 
SPS Utah 2016 - Unlock your big data with analytics and BI on Office 365
SPS Utah 2016 - Unlock your big data with analytics and BI on Office 365SPS Utah 2016 - Unlock your big data with analytics and BI on Office 365
SPS Utah 2016 - Unlock your big data with analytics and BI on Office 365
 
Loving OneDrive for Business as a Productivity Tool
Loving OneDrive for Business as a Productivity ToolLoving OneDrive for Business as a Productivity Tool
Loving OneDrive for Business as a Productivity Tool
 
Unlock your Big Data with Analytics and BI on Office 365
Unlock your Big Data with Analytics and BI on Office 365Unlock your Big Data with Analytics and BI on Office 365
Unlock your Big Data with Analytics and BI on Office 365
 
SharePoint 2013 Search Driven Sites - SPSHOU
SharePoint 2013 Search Driven Sites - SPSHOUSharePoint 2013 Search Driven Sites - SPSHOU
SharePoint 2013 Search Driven Sites - SPSHOU
 
Unlock your Big Data with Analytics and BI on Office 365 - OFF103
Unlock your Big Data with Analytics and BI on Office 365 - OFF103Unlock your Big Data with Analytics and BI on Office 365 - OFF103
Unlock your Big Data with Analytics and BI on Office 365 - OFF103
 
Building Scalable SharePoint 2013 Workflows - WF101 - SPFestDC
Building Scalable SharePoint 2013 Workflows - WF101 - SPFestDCBuilding Scalable SharePoint 2013 Workflows - WF101 - SPFestDC
Building Scalable SharePoint 2013 Workflows - WF101 - SPFestDC
 

Kürzlich hochgeladen

Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embeddingZilliz
 
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesZilliz
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 

Kürzlich hochgeladen (20)

Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embedding
 
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector Databases
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 

A deep dive into Azure Security: Is Azure really secure?

  • 1. www.expertpointsolutions.com A Deep Dive into Azure Security: Is Azure really secure? Brian Culver & Alvin Vaughn ● #HSPUG ● March 15, 2017
  • 2. About Brian Culver  SharePoint Solutions Architect for Expert Point Solutions in Houston, Texas.  Microsoft Certified Master (MCM) in SharePoint  Brian has worked in the Information Technology industry for since 1998 and he has been working with SharePoint since 2005. His deep expertise includes Azure, Office365, SharePoint, ASP.Net, SQL Server and Project Server. He has been involved in many large SharePoint implementations including Internet and Intranet sites, Partner Portals, Enterprise Content Management and Governance, and much custom application integration and development.  Author, Speaker and Blogger Email : brian.culver(at)expertpointsolutions.com Twitter : @spbrianculver LinkedIn : https://www.linkedin.com/in/bculver Blog : http://blog.expertpointsolutions.com
  • 3. About Alvin Vaughn  Cloud Solutions Architect for Expert Point Solutions in Houston, Texas.  CISSP, CCENT, MCITP Enterprise Server.  Alvin has worked in Information Technology industry since 2005, where he begin initially has a system admin and progressing to server administrator while in college. Alvin became a commissioned officer into the military after college where assigned as the lead IT project manager during the successful implementation the DoD’s Field Health IT system in Iraq and later in Afghanistan. Alvin has served as a technical consultant traveling around the world to provide expertise in enterprise Window’s server administration, open source interoperability, data analytics and has certified in Linux Administration and Oracle SQL. Alvin has led many multi-regional and global IT projects leveraging enterprise platforms such as SharePoint, Oracle DB, Windows RDS while leveraging cloud IaaS such as Azure to securely deliver resources, business intelligence, and other services to clients and their customers. Email : alvin.vaughn(at)expertpointsolutions.com
  • 4. Session Agenda  Cloud Growth  Digital Security Threat Today  Security Roadmap  “The Trusted Cloud”  Security & Compliance Tools and Resources  Other considerations
  • 5. Cloud Growth  “Companies continued their adoption of cloud computing services at a rapid clip in 2016, with overall growth expected to rise 25% year over year for that period, according to new numbers from Synergy Research Group. The forecaster estimated aggregate annual revenue from all those cloud segments at nearly $150 billion. Synergy lumps two key cloud categories, known by techies as infrastructure as a service and platform as a service, into one big bucket, which together showed the most dramatic growth rate of 53%. Infrastructure as a service (aka IaaS) is typically exemplified by offerings from Amazon Web Services (AWS),Microsoft and Google (GOOGL, +0.37%).”  “Torrid Cloud Growth Continues”, Barb Darrow, Jan 04, 2017, http://fortune.com/2017/01/04/robust-cloud-growth/  Operator and vendor revenue for six segments of cloud computing reached $148 billion during that period, with spending on private clouds accounting for over half the total but spending on the public cloud growing much more rapidly.  “Cloud computing revenues jumped 25% in 2016, with strong growth ahead, researcher says”, Dan Richman, January 4, 2017, http://www.geekwire.com/2017/cloud-computing-revenues-jumped-25-2016-strong-growth-ahead-researcher-says/
  • 6. Azure Cloud Growth Microsoft’s cloud infrastructure by the numbers  1989: The year Microsoft opened its first datacenter on its Redmond, Washington campus.  90-plus: The number of marketplaces that our cloud services are available in today.  200-plus: The number of online services delivered by Microsoft’s datacenters 24x7x365.  $15 billion-plus: Microsoft’s investment in building our huge cloud infrastructure.  1 million-plus: The number of servers hosted in our datacenters.  100-plus: The number of datacenters Microsoft has in its global cloud infrastructure portfolio.  30 trillion-plus: The number of data objects we store in our datacenters.  1.5 million-plus: The average number of requests our networks process per second.  3: The number of times Microsoft’s fiber optic network, one of North America’s largest, could stretch to the moon and back.  1.125: Microsoft’s average PUE for its new datacenters. Power usage effectiveness (PUE) is a metric of datacenter energy efficiency and is the ratio of the power and cooling overhead required to support our server load. The industry average is 1.8. http://download.microsoft.com/download/8/2/9/8297F7C7-AE81-4E99-B1DB- D65A01F7A8EF/Microsoft_Cloud_Infrastructure_Datacenter_and_Network_Fact_Sheet.pdf
  • 7. Azure Cloud Growth Microsoft’s cloud infrastructure by the numbers (Continued)  2.3 billion kWh: The amount of green power purchased by Microsoft as part of our carbon-neutral goal - ranking as the third most purchased by any U.S. company, according to the U.S. Environmental Protection Agency.  16: The number of carbon offset projects Microsoft has invested in, including projects in Brazil, Cambodia, China, Guatemala, India, Kenya, Mongolia, Peru, Turkey and the United States. (including Keechi Wind Power investment announced November 4, 2013)  100 percent: The percentage of our servers and electronic equipment that we send to a third-party vendor for recycling and/or reselling after it has been securely decommissioned.  2007: The year Microsoft began sharing its best practices for cloud infrastructure with the industry. Download our latest Top Ten Best Business Practices for Environmentally Sustainable Datacenters white paper. http://download.microsoft.com/download/8/2/9/8297F7C7-AE81-4E99-B1DB- D65A01F7A8EF/Microsoft_Cloud_Infrastructure_Datacenter_and_Network_Fact_Sheet.pdf
  • 8. Azure Cloud Growth  “[Microsoft] last week said its Azure revenue grew 93% year over year as it reported results for the quarter ended Dec. 31, 2016. The annualized revenue run rate for Microsoft's commercial cloud business, a segment that includes Azure, now surpasses $14 billion, according to the company.”  “Azure partners benefit from Microsoft cloud growth”, John Moore and Spencer Smith, Jan 27, 2017, http://searchitchannel.techtarget.com/news/450411909/Azure-partners-benefit-from-Microsoft-cloud-growth
  • 9. Read Microsoft’s marketing about the cloud carefully Microsoft purposely skews cloud statistics to drive adoption. Move when it is the right time for your organization. Microsoft enterprise customers has Office 365 – Microsoft There’s a rush at every major tech vendor to sign up customers for their own cloud offerings before their competitors nab them. They are trying to nab their share of a market that will grow — conservatively — from $56.6 billion in 2014 to more than $127 billion in 2018, according to market research. – ICD 1 in 480% of the Fortune 500 are on the Microsoft Cloud – Microsoft
  • 10. By 2018, Microsoft expects commercial cloud revenues to exceed Microsoft’s cloud-first, mobile-first strategy is paying off and is now on an annualized revenue run rate of $14 billion $20B driven by Office 365, Azure, and Dynamic CRM Online Commercial cloud growth of 80% Azure cloud growth of 93% Cloud customer base has doubled over the past 12 months Source: Taft, Darryl K. “Microsoft Continues to See Impact of Transition to Cloud.” eWeek. Source: Todd, Deborah M. “Cloud business boosts Microsoft’s quarterly revenue, shares rise.” Reuters.
  • 11. There are benefits to the cloud; examine common criteria when evaluating a move • Once a year you will have the ability to true up or true down your licenses. Historically, only an annual true-up was possible, adding to cumulative SA costs. • Corporations can lose millions or hundreds of millions of dollars in the event of downtime. • Microsoft has a 99.9% uptime guarantee. True Up or Down 99.9% Uptime • Microsoft has increased the number of devices that can be used with O365 licenses enabling shared devices. 15 Devices • Historically, licensing has been device based, as BYOD and multiple devices weren’t prominent. • User licensing allows for multiple devices and is approximately 30% more expensive than licensing one device. User-Based Licensing • Microsoft has invested hundreds of millions of dollars into security for its cloud. It knows that with a single breach, many organizations will be searching for an alternative. Excellent Cloud Security • If you want to reduce time spent on providing patches and updates, Microsoft wants to automate tasks leaving you more time to work on other areas of your business. Automatic Updates • Microsoft is continuously increasing integration and collaboration capabilities within its products. Exchange, SharePoint, Skype, and Office have all seen changes in recent years. Enabled Collaboration • Instead of having to replace hardware every 3- 4 years, moving to Microsoft’s cloud can move you out of the hardware management space and help you focus on performance. Reduce Infra Costs Fifty-six percent of enterprises consider cloud to be a strategic differentiator, and approximately fifty-eight percent of enterprises spend more than 10 percent of their annual budgets on cloud services. – ICD
  • 12. Organizations are delaying a move to the cloud for the following reasons • Certain organizations have bylaws in place because of proprietary information or government limitations on where data can reside. • Bandwidth and network connectivity in remote locations are large concerns for organizations who rely on the Microsoft productivity suite as their primary communication tools. Data Sovereignty Performance • The cost of moving to a subscription-based model is undoubtedly higher, and in the long run when your data is in the cloud, software vendors know switching to another vendor will be difficult. Cost • While having updates completed automatically by Microsoft, organizations with aforementioned legacy systems could face unexpected issues. Adaptability to Change • Organizations that have legacy systems or integrations with current software know that a move to cloud will be possible when similar functionality is possible in the cloud. Legacy Systems • If on-premise licenses or storage were recently purchased, moving to the cloud would decrease the planned usage life. Historical Purchases …the single biggest obstacle to cloud adoption in general continues to be the fear of security breaches, closely followed by issues with data sovereignty. – Capgemini Consulting Many organizations maintain hybrid environments when moving to the cloud. Microsoft has granted users who are licensed with Office 365 Enterprise User Subscription Licenses (USLs) equivalent rights to on-premise workloads. On-premise server licenses still need to be purchased. Small/mid-sized business and kiosk Office 365 plans do not contain the same rights.
  • 13. Digital Security Threat Today Security remains a concern  News of security breaches continues to dominate headlines, and the scale and scope of intrusions are growing. In 2014 alone, data breaches were up by 49% over the previous year, and cyber criminals compromised more than a billion data records in more than 1500 breaches. In a 2014 report for the World Economic Forum, McKinsey & Company estimated the risk of cyberattacks“ could materially slow the pace of technology and business innovation with as much as $3 trillion in aggregate impact.” In any security attack, target organizations are only as safe as their weakest link; ifany component is not secured then the entire system is at risk. While acknowledging that the cloud can provide increased data security and administrative control, IT leaders are still concerned that migrating to the cloud will leave them more vulnerable to hackers than their current in-house Solutions http://download.microsoft.com/download/5/C/7/5C770A50-4FE4-4052-98E1- 562EBFE4F35A/Trusted_Cloud_White_paper_EN_US.pdf
  • 14. Digital Security Threat Today  Russian Spies, Two Others, Indicted in Yahoo Hack Internet-Connected Sex Toy Maker Settles Privacy Lawsuit 7 Facts: 'Vault 7' CIA Hacking Tool Dump by WikiLeaks Breach Tally: Hacking Incidents Still on the Rise Yahoo CEO Loses Bonus Over Security Lapses SHA-1 Has Fallen Mobile Devices: What Could Go Wrong? Yahoo Takes $350 Million Hit in Verizon Deal
  • 15. Digital Security Threat Today The top reported breaches by state are:  California with 39 breaches  Florida with 28 breaches  Texas with 23 breaches  New York with 15 breaches  Illinois, Indiana and Washington with 12 breaches  Ohio and Pennsylvania with 11 breaches  Michigan with 10 breaches  Arizona and Arkansas with 9 breaches  Georgia and Minnesota with 8 breaches and  Colorado and Missouri with 7 breaches. The report lists the worst data breaches per record compromised as:  Arizona with 4,524,278 records  New York with 3,588,554 records  Florida with 2,872,912 records  California with 1,436,701 records and  Georgia with 782,956 records. Report Lists Health Care Data Breaches by State
  • 16. Digital Security Threat Today Ransonware
  • 17. Digital Security Threat Today  Nearly 50 percent of organizations have been hit with ransomware  56,000 ransomware infections in March 2016, alone  $209 million was paid to ransomware criminals in Q1 2016  The average ransom demand is now $679  Email is the #1 delivery vehicle for ransomware  600% growth in new ransomware families since December 2015  4x jump in Android ransomware  230 percent jump in JavaScript ransomware payloads https://blog.barkly.com/ransomwar e-statistics-2016 http://www.symantec.com/content/en/us/enterprise/media/securi
  • 18. Digital Security Threat Today  As of March 9, 50 major breaches impacting 424,286 individuals have been added to the Department of Health and Human Services' Office for Civil Rights' "wall of shame" website of major breaches affecting 500 or more individuals.  Of those 2017 incidents, 20 are listed as unauthorized access/disclosure breaches; 14 are hacking incidents; and 14 are breaches involving loss/theft of protected health information. Of the incidents involving loss or theft, eight involved paper/film records, and six involved unencrypted desktop or laptop computers, or other portable devices.  As of March 9, more than 171.66 million individuals in total have been impacted by the 1,852 major breaches that have been reported to HHS since September 2009.  In total so far in 2017, 14 hacking incidents affected nearly 262,000 individuals, or about 60 percent of all individuals impacted by major HIPAA breaches.  The six breaches so far posted in 2017 involving lost or stolen unencrypted computing devices impacted a total of about 15,000 individuals.  http://www.databreachtoday.com/breach-tally-hacking-incidents-still-on-rise-a-9762
  • 19. Digital Security Threat Today Cybercrime is getting worse, far worse. Three and a Half Crimeware Trends to Watch in 2017  New malware configurations and trends seen in 2016;  Trends from the mobile malware arena;  A look into the most prominent threats expected in 2017. http://www.databreachtoday.com/webinars/three-half-crimeware-trends-to-watch-in-2017-w-1178?rf=promotional_webinar
  • 20. Azure Security Roadmap  Microsoft is Transparent about security  Constantly Adapting and Making Changes as Trends Arise  Cloud Platform roadmap  https://www.microsoft.com/en-us/cloud-platform/roadmap-public-preview  White papers  Securing the Microsoft Cloud white paper  Azure Security, Privacy, and Compliance white paper  Security Management in Microsoft Azure white paper  Cloud Operations Excellence and Reliability strategy paper  Leveraging Stored Energy for Handling Power Emergencies white paper  Resilience by Design for Cloud Services white paper  Information Security Management white paper
  • 21. Security Roadmap  Microsoft Cyber Defense Operations Center (CDOC) is a 24x7x365 state-of-the-art cybersecurity and defense facility. The CDOC is part of the company’s initiative to continuously advance its efforts on cybersecurity, risk management, and data protection. The CDOC is the physical hub for the company’s real-time security-focused experts, leveraging technology and analytics that protect, detect, and respond to threats to Microsoft’s cloud infrastructure and customer-facing resources and the services hosted within them, our products, devices, and the company’s internal resources. The teams that come together in the CDOC manage intelligence collection and correlation from our global threat landscape, real-time analysis and incident response, and provide ground zero security crisis management when needed.  Security Development Lifecycle (SDL) f
  • 22. “The Trusted Cloud”  Most comprehensive compliance coverage of any cloud provider  More certifications than any other cloud provider  Industry leader for customer advocacy and privacy protection  Unique data residency guarantees  https://azure.microsoft.com/en-us/support/trust-center/  Commitment to compliance: “There are more compliance certifications with Azure than any other vendor out there”  Scott Guthrie, Exec VP Cloud + Enterprise Group, Microsoft Corp, AZGroups Conference 2017 (March 2017) https://youtu.be/_uW0N1Re_wk  Whether you are targeting government scenerios, healthcare, ecommerce, or a unique regulations in Australia, Ireland, or the UK its services can be depended on and you can take advantage of them  ISO/IEC, CSA/CCM, ITAR, CJIS, HIPAA, IRS 1075 Microsoft understands that for you—our enterprise customer—to realize the benefits of the cloud, you must be willing to entrust your cloud provider with one of your most
  • 23. Microsoft has invested hundreds of millions of dollars into security, and has the most certifications of any cloud provider Microsoft’s servers are the second most attacked datacenter in the world with 30,000–40,000 threats per day. It has the experience and a proven track record in keeping data safe, knowing it only takes one hacker to get through for trust to be lost. Microsoft has the following certifications:
  • 24. “The Trusted Cloud”  Whose using Azure in 2017  90% of the fortune 500 Use Microsoft Cloud:  BMW 2016  Concept to Production in less than a year to develop Azure connected vehicle dashboard sold in every vehicle today  Mobile companion app that allows you see stats of car and unlock the vehicle which is all running through Azure backend  Ford, Toyota, and others have integrated vehicles into Azure  AccuWeather (6 billion API weather calls per day from apps all over the weather)  GEICO, in very heavily regulated industry, has moved all of its customer facing and business processing systems to the cloud.  Walmart has Ecommerce and mobile based solutions are in the Azure cloud  Infrastructure  38 Regions and growing as of March 13 2017. Open a new region about every other month.  Datacenters implement multi-layer physical security
  • 25. “The Trusted Cloud”  Security: We keep your customer data safe (https://azure.microsoft.com/en-us/support/trust-center/)  Managing and controlling identity and user access to your environments, data, and applications by federating user identities to Azure Active Directory and enabling multi-factor authentication for more secure sign-in.  Encrypting communications and operation processes. For data in transit, Azure uses industry-standard transport protocols between user devices and Microsoft datacenters, and within datacenters themselves. For data at rest, Azure offers a wide range of encryption capabilities up to AES-256, giving you the flexibility to choose the solution that best meets your needs.  Securing networks. Azure provides the infrastructure necessary to securely connect virtual machines to one another and to connect on-premises datacenters with Azure VMs. Azure blocks unauthorized traffic to and within Microsoft datacenters, using a variety of technologies. Azure Virtual Network extends your on-premises network to the cloud through site-to-site VPN.  Managing threats. To protect against online threats, Azure offers Microsoft Antimalware for cloud services and virtual machines. Microsoft also employs intrusion detection, denial-of-service (DDoS) attack prevention, regular penetration testing, and data analytics and machine learning tools to help mitigate threats to the Azure platform.
  • 26. Trustworthy foundation BUILT ON MICROSOFT EXPERIENCE AND INNOVATION 20+ Data Centers Trustworthy Computing Initiative Security Development LifecycleGlobal Data Center Services Malware Protection Center Microsoft Security Response Center Windows Update 1st Microsoft Data Center Active Directory SOC 1 CSA Cloud Controls Matrix PCI DSS Level 1 FedRAMP/ FISMAUK G-Cloud Level 2 ISO/IEC 27001:2005 HIPAA/ HITECH Digital Crimes Unit SOC 2 E.U. Data Protection Directive Operations Security Assurance
  • 27. Trustworthy foundation BUILT ON MICROSOFT EXPERIENCE AND INNOVATION Trustworthy Computing Initiative Security Development LifecycleGlobal Data Center Services Malware Protection Center Microsoft Security Response Center Microsoft Update Active Directory SOC 1 CSA Cloud Controls Matrix PCI DSS Level 1 FedRAMP/ FISMAUK G-Cloud Level 2 ISO/IEC 27001:2005 HIPAA/ HITECH Digital Crimes Unit SOC 2 E.U. Data Protection Directive Operations Security Assurance 1st Microsoft Data Center 20+ Data Centers: Operating Microsoft Azure in 8 data centers around the world 20+ Data Centers
  • 28. Microsoft Azure 27 UNIFIED PLATFORM FOR MODERN BUSINESS
  • 29. 20+ Data Centers Trustworthy foundation BUILT ON MICROSOFT EXPERIENCE AND INNOVATION Trustworthy Computing Initiative Security Development LifecycleGlobal Data Center Services Windows Update 1st Microsoft Data Center Active Directory SOC 1 CSA Cloud Controls Matrix PCI DSS Level 1 FedRAMP/ FISMAUK G-Cloud Level 2 ISO/IEC 27001:2005 HIPAA/ HITECH Digital Crimes Unit SOC 2 E.U. Data Protection Directive Operations Security Assurance Malware Protection Center Microsoft Security Response Center Security Centers of Excellence: Protecting Microsoft customers by combatting evolving threats
  • 30. 20+ Data Centers Trustworthy foundation BUILT ON MICROSOFT EXPERIENCE AND INNOVATION Trustworthy Computing Initiative Security Development LifecycleGlobal Data Center Services Malware Protection Center Microsoft Security Response Center Windows Update 1st Microsoft Data Center Active Directory SOC 1 CSA Cloud Controls Matrix PCI DSS Level 1 FedRAMP/ FISMAUK G-Cloud Level 2 ISO/IEC 27001:2005 HIPAA/ HITECH SOC 2 E.U. Data Protection Directive Operations Security Assurance Digital Crimes Unit Digital Crimes Unit: Using legal and technical expertise to disrupt the way cybercriminals operate
  • 31. 20+ Data Centers Trustworthy foundation BUILT ON MICROSOFT EXPERIENCE AND INNOVATION Trustworthy Computing Initiative Security Development LifecycleGlobal Data Center Services Malware Protection Center Microsoft Security Response Center Windows Update 1st Microsoft Data Center Active Directory Digital Crimes Unit SOC 1 CSA Cloud Controls Matrix PCI DSS Level 1 FedRAMP/ FISMAUK G-Cloud Level 2 ISO/IEC 27001:2005 HIPAA/ HITECH SOC 2 E.U. Data Protection Directive Compliance Standards: Investing heavily in robust compliance processes, including ISO 27001, FedRAMP, and HIPAA Operations Security Assurance
  • 33. Unified platform for modern business Microsoft commitment
  • 34. ISO 27001:5 NIST 800-53 SOC 1 Type 2 SOC 2 Type 2 FedRAMP/FISMA PCI DSS Level 1 UK G-Cloud US-EU Safe Harbor Information security standards Effective controls Government & industry certifications Simplified compliance
  • 35. 34 Security compliance strategy Security analytics Risk management best practices Security benchmark analysis Test and audit Security Compliance Framework • Security goals set in context of business and industry requirements • Security analytics & best practices deployed to detect and respond to threats • Benchmarked to a high bar of certifications and accreditations to ensure compliance • Continual monitoring, test and audit
  • 36. 35 Program Description ISO/IEC 27001 Internationally recognized information security standard, broadly accepted outside U.S. PCI DSS Level 1 Information security standard designed to prevent fraud through controls around credit card data UK G-Cloud IL2 ‘Protect' level of security for data processing, storage and transmission by UK public sector organization including local and regional government SSAE 16 / ISAE 3402 Accounting standard relied upon as the authoritative guidance for reporting on service organizations (SOC 1, SOC 2, SOC 3) FedRAMP/FISMA U.S. Federal law enacted in 2002, based on NIST 800 series, 18 control domains, with in-depth audit, and applies to all U.S. Federal agencies Certifications & programs
  • 37. Contractual commitments EU Data Privacy Approval • Microsoft makes strong contractual commitments to safeguard customer data covered by HIPAA BAA, Data Processing Agreement, & E.U. Model Clauses • Enterprise cloud-service specific privacy protections benefit every industry & region • Microsoft meets high bar for protecting privacy of EU customer data • EU Data Privacy approval allows Microsoft to transfer personal data across international borders • Only Microsoft is jointly approved from EU Article 29 Broad contractual scope
  • 38. Security & Compliance Tools and Resources  Microsoft has taken on the responsibility to provide tools and information that will enable our customers to deploy our cloud services with the highest confidence that they are safe and compliant. Dervish Tayyip, General Counsel, Microsoft Corp https://blogs.microsoft.com/eupolicy/2016/11/10/microsoft-cloud-assurance-legal- regulatory-compliance-for-cloud-computing/#pmD5xEGu7XcQCa15.99  Cloud Computing Compliance Tools Central Repo: Microsoft Trust Center  Cloud Service Due Diligence Checklist: In anticipation for your organization’s move to the cloud, please review ISO/IEC 19086-1 and the Cloud Services Due Diligence Checklist.  Auditing Logging tools  Built into the cloud from the ground up. Wasn’t an after thought  Auditing and logging Overview  Examples:  How to: Monitor Apps in Azure App Service  Storage Analytics Logging  Creating alerts in Azure Monitor for Azure services  Azure AD Privileged Identity Management
  • 39. Security & Compliance Tools and Resources  Well-Defined System Configuration Models  Azure’s recent transition from Service Manager to Resource Manager model  Security and Data Encryption Services  Azure Key Vault: Azure Key Vault helps safeguard cryptographic keys and secrets used by cloud applications and services.  Client-Side Encryption and Azure Key Vault for Microsoft Azure Storage: Supports encrypting data within client applications before uploading to Azure Storage, and decrypting data while downloading to the client. The library also supports integration with Azure Key Vault for storage account key management  Tutorials: Encrypt and decrypt blobs in Microsoft Azure Storage using Azure Key Vault
  • 40. Closing Comments  Azure is more secure than your data center  The bigger the IT spend, the more Azure makes sense  Conduct an accurate and thorough risk analysis that incorporates all information technology equipment, applications and data systems storing PII, PCI;  Create and maintain a risk management plan;  Implement policies and procedures and retain for six years;  Reasonably safeguard the electronic PII and PCI using prevailing practices;  Encrypt computing devices and storage media;  Obtain satisfactory assurances in the form of a written business associate agreement;  Monitor and maintain user provisioning, such as not removing user access in a timely manner.  Top 12 Recommendations for Your Security Strategy
  • 42. Constructive Feedback Is Appreciated Great information, but would like to have learned more about [Insert Topic]Brian – Your presentation was … Good Demos! Thanks!
  • 43. Thank you! Brian Culver, MCM Twitter: @spbrianculver E-mail: brian.culver(at)expertpointsolutions.com Blog: http://blog.expertpointsolutions.com/ Slides: http://www.slideshare.net/bculver Alvin Vaughn, CISSP E-mail: Alvin.Vaughn(at)expertpointsolutions.com