Global Azure Bootcamp 216 - Azure Rights Management

1. Tweet: #GlobalAzure | http://singapore.azurebootcamp.net/ Fighting Secrecy Challenge - Azure Rights Management Riwut Libinuko 1

2. Tweet: #GlobalAzure | http://singapore.azurebootcamp.net/ Event Sponsors 2

3. Tweet: #GlobalAzure | http://singapore.azurebootcamp.net/ Participate with us and stand a chance to win prizes! Survey: http://j.mp/abcsg-2016 Tweet Tag: #GlobalAzure #GABSG 3

4. Tweet: #GlobalAzure | http://singapore.azurebootcamp.net/ Agenda • Why we need Rights Management? • Different between traditional protection and rights management • Managing Azure RMS • Demo 4

5. Tweet: #GlobalAzure | http://singapore.azurebootcamp.net/ Connect with Me http://blog.libinuko.com @cakriwut http://www.youtube.com/user/cakriwut/ Riwut Libinuko Microsoft Office Server Service MVP, Master degree in Computer System Engineering, with more than 15 years in IT industry. Active contributors to MSDN Forum, Code Sample Gallery, Curah, Nuget, Codeplex and many more.

6. Tweet: #GlobalAzure | http://singapore.azurebootcamp.net/ Introduction 6 “The Panama Papers are a leaked set of 11.5 million confidential documents that provide detailed information about more than 214,000 offshore companies listed by the Panamanian corporate service provider Mossack Fonseca,..” (Source: Wikipedia, https://en.wikipedia.org/wiki/Panama_Papers) The Ponemon study found “..the average consolidated total cost of a data breach is $3.8 million representing a 23% increase since 2013. The study also reports that the cost incurred for each lost or stolen record containing sensitive and confidential information increased six percent from a consolidated average of $145 to $154.” (Source: IBM, Ponemon , http://www-03.ibm.com/security/data-breach/)

7. Tweet: #GlobalAzure | http://singapore.azurebootcamp.net/ Introduction 7 1. 74% report loss of customers 2. 59% faced potential litigation 3. 33% faced potential fines 4. 32% declined in share value (Source: http://www.scottandscottllp.com/main/business_impact_of_data_breach.aspx) (Source: https://en.wikipedia.org/wiki/Data_breach#2015) •In October 2015, the British telecommuncations provider TalkTalk suffered a data breach when a group of 15-years old hackers stole information on its 4 million customers. The stock price of the company fell substantially due to the issue – around 12% – owing largely to the bad publicity surrounding the leak.[11] •In July 2015, adult website Ashley Madison suffered a data breach when a hacker group stole information on its 37 million users. The hackers threatened to reveal user names and specifics if Ashley Madison and a fellow site, EstablishedMen.com, did not shut down permanently.[12] •In February 2015, Anthem suffered a data breach of nearly 80 million records, including personal information such as names, Social Security numbers, dates of birth, and other sensitive details.[13] •In June 2015, The Office of Personnel Management of the U.S. government suffered a data breach in which the records of 4 million current and former federal employees of the United States were hacked and stolen. Major incident in 2015 Business Impact

8. Tweet: #GlobalAzure | http://singapore.azurebootcamp.net/ Traditional Protection 8 Secret financial information Profit : 100 USD Loss: 10 USD Tax: 0 USD Unprotected document Encrypt 010101010100 010101010100 010101010101 Encrypted document Decrypt Secret financial information Profit : 100 USD Loss: 10 USD Tax: 0 USDSecret financial information Profit : 100 USD Loss: 10 USD Tax: 0 USD Controlled Access doc Unprotected document Access GrantedFile Permission Unprotected Protected Unprotected

9. Tweet: #GlobalAzure | http://singapore.azurebootcamp.net/ Information Rights Management • Information Protection technology – Protection is persisted with the data, content can travel anywhere (desktops, file shares, USB keys, cloud drives, network and devices) • Combines encryption and usage restrictions – Prevent accidental disclosure of sensitive data by applying usage polices (cannot forward, cannot print, read-only) • Simple to use – Authors just select a policy option, consumers just open documents – Administrators can configure policies to protect content automatically – Securely share data with individuals within organization Source: https://mva.microsoft.com/en- US/training-courses/encryption-in-office-365- 8404

10. Tweet: #GlobalAzure | http://singapore.azurebootcamp.net/ Rights Management Protection 10 Secret financial information Profit : 100 USD Loss: 10 USD Tax: 0 USD Unprotected document Protect 010101010100 010101010100 010101010101 Encrypted document Policy ContentKey& Rights Secret financial information Profit : 100 USD Loss: 10 USD Tax: 0 USD Decrypt

11. Tweet: #GlobalAzure | http://singapore.azurebootcamp.net/

12. Tweet: #GlobalAzure | http://singapore.azurebootcamp.net/ Activate Azure RMS • Using Office 365 Admin center , if you have O365 with RMS subscription (E3,E4,ES,A3,A4,AS,G3,G4) • Using Azure Classic Portal site

14. Tweet: #GlobalAzure | http://singapore.azurebootcamp.net/ Install RMS Sharing Apps

15. Tweet: #GlobalAzure | http://singapore.azurebootcamp.net/ Azure RMS Key (Default) 15 Source : https://technet.microsoft.com/en- us/library/dn440580.aspx By default, Microsoft will generate your tenant key and manage it. In this case you don’t need to do any configuration.

16. Tweet: #GlobalAzure | http://singapore.azurebootcamp.net/ Azure RMS Key (BYOK) 16 Source : https://technet.microsoft.com/en- us/library/dn440580.aspx Azure RMS also support tenant’s managed key by Thales HSM. However BYOK is not compatible with Exchange Online.

17. Tweet: #GlobalAzure | http://singapore.azurebootcamp.net/ Protect data with Rights Management Source : https://mva.microsoft.com/en- US/training-courses/azure-rights- management-services-core-skills-10500

19. Tweet: #GlobalAzure | http://singapore.azurebootcamp.net/ Protect SharePoint Online Activate IRM protection at SharePoint Admin Configure Document Library/List to use the IRM proection

21. Tweet: #GlobalAzure | http://singapore.azurebootcamp.net/ Protect Exchange Online • Use PowerShell • Tell Exchange Online where to find the Azure RMS key for your location - example: • Set-IRMConfiguration - RMSOnlineKeySharingLocation "https://sp- rms.na.aadrm.com/TenantManagement/S ervicePartner.svc" • Import the key • Import-RMSTrustedPublishingDomain - RMSOnline -name "RMS Online" • Enable IRM functionality • Set-IRMConfiguration - InternalLicensingEnabled $true • Detailed procedures at https://technet.microsoft.com/en- us/library/dn151475(v=exchg.150).aspx

23. Tweet: #GlobalAzure | http://singapore.azurebootcamp.net/ Protect File Share (OnPrem) Automated RMS in File Classification policies

25. Tweet: #GlobalAzure | http://singapore.azurebootcamp.net/ Manage RMS Template 25

26. Tweet: #GlobalAzure | http://singapore.azurebootcamp.net/ Complete Azure RMS Fabric Integration BYO Key Sync Azure RMS Connector

27. Tweet: #GlobalAzure | http://singapore.azurebootcamp.net/ Resources 27 http://channel9.msdn.com/ Microsoft Azure http://azure.microsoft.com http://msdn.microsoft.com https://mva.microsoft.com

28. Tweet: #GlobalAzure | http://singapore.azurebootcamp.net/ Thank You 28

Global Azure Bootcamp 216 - Azure Rights Management

Du liest eine Vorschau.

Hier ansehen

Global Azure Bootcamp 216 - Azure Rights Management

Weitere Verwandte Inhalte

Diashows für Sie (20)

Ähnlich wie Global Azure Bootcamp 216 - Azure Rights Management (20)

Weitere von Riwut Libinuko (8)

Aktuellste (20)