SlideShare ist ein Scribd-Unternehmen logo

Information protection & classification

David De Vos
David De Vos

An introduction to information protection. How to protect your documents and classify them according to sensitivity and confidentiality.

Technologie
1 von 39
Microsoft Security Azure Information protection Shadow IT for cloud apps
About me .. @vrykodee MCSE1 MCPS MCSA1 MCNPS MCTS MCSA MCSE MCSD MS BVT MCTEM David De Vos Cybersecurity Solutions Architect Synergics David.DeVos@synergics.be
Azure regions Trusted Intelligent Hybrid Productive
Modern Datacenters
Industry and regional compliance HIPAA / HITECH Act FERPA GxP 21 CFR Part 11 ISO 27001 SOC 1 Type 2ISO 27018 CSA STAR Self-Assessment Singapore MTCS UK G-Cloud Australia IRAP/CCSL FISC Japan New Zealand GCIO China GB 18030 EU Model Clauses ENISA IAF Argentina PDPA Japan CS Mark Gold CDSA Shared Assessments Japan My Number Act FACT UK GLBA Spain ENS PCI DSS Level 1 MARS-E FFIEC China TRUCS SOC 2 Type 2 SOC 3 Canada Privacy Laws MPAA Privacy Shield ISO 22301 India MeitY Germany IT Grundschutz workbook Spain DPA CSA STAR Certification CSA STAR Attestation HITRUST IG Toolkit UK China DJCP ITAR Section 508 VPAT SP 800-171 FIPS 140-2 High JAB P-ATO CJIS DoD DISA SRG Level 2 DoD DISA SRG Level 4 IRS 1075DoD DISA SRG Level 5 Moderate JAB P-ATO ISO 27017 GLOBALUSGOVINDUSTRYREGIONAL
Microsoft Trust Center www.microsoft.com/TrustCenter
THE PROBLEM: HOW DO WE ENABLE PRODUCTIVITY WITHOUT COMPROMISING SECURITY? PRO DU CTI VI TY OR SE CURITY On-premises
THE PROBLEM: HOW DO WE ENABLE PRODUCTIVITY WITHOUT COMPROMISING SECURITY? PRO DU CTI VI TY SE CURE On-premises
A UNIQUE APPROACH Identity & Access Management Protect users’ identities and control access to valuable resources based on user risk level Security Management Gain visibility and control over security tools Platform
Putting the building blocks together Apps Risk MICROSOFT INTUNE Make sure your devices are compliant and secure, while protecting data at the application level AZURE ACTIVE DIRECTORY Ensure only authorized users are granted access to personal data using risk-based conditional access MICROSOFT CLOUD APP SECURITY Gain deep visibility, strong controls and enhanced threat protection for data stored in cloud apps AZURE INFORMATION PROTECTION Classify, label, protect and audit data for persistent security throughout the complete data lifecycle MICROSOFT ADVANCED THREAT ANALYTICS Detect breaches before they cause damage by identifying abnormal behavior, known malicious attacks and security issues ! Device ! Access granted to data CONDITIONAL ACCESS Classify LabelAudit Protect ! ! Location
Microsoft Enterprise Mobility + Security Technology Benefit E3 E5 Azure Active Directory Premium P1 Secure single sign-on to cloud and on-premises app MFA, conditional access, and advanced security reporting ● ● Azure Active Directory Premium P2 Identity and access management with advanced protection for users and privileged identities ● Microsoft Intune Mobile device and app management to protect corporate apps and data on any device ● ● Azure Information Protection P1 Encryption for all files and storage locations Cloud-based file tracking ● ● Azure Information Protection P2 Intelligent classification and encryption for files shared inside and outside your organization ● Microsoft Cloud App Security Enterprise-grade visibility, control, and protection for your cloud applications ● Microsoft Advanced Threat Analytics Protection from advanced targeted attacks leveraging user and entity behavioral analytics ● ● Identity management Managed mobile productivity Information protection Threat protection
Azure Information Protection
Azure Information Protection SECRET CONFIDENTIAL INTERNAL NOT RESTRICTED IT admin can set policies, templates, and rules. Classifications, labels and encryption can be applied automatically based on file source, context, and content EMS extends Office 365 manual protection of files with automatic protection to ensure policy compliance Encryption stays with the file wherever it goes, internally and externally Files can be tracked by sender and access revoked if needed Classification and labeling Classify data based on sensitivity and add labels—manually or automatically Protection Encrypt sensitive data & define usage rights, add visual markings when needed Monitoring Detailed tracking and reporting to maintain control over shared data
Classify Data – Begin the Journey SECRET CONFIDENTIAL INTERNAL NOT RESTRICTED IT admin sets policies, templates, and rules PERSONAL Classify data based on sensitivity Start with the data that is most sensitive IT can set automatic rules; users can complement it Associate actions such as visual markings and protection
Classification and labeling PERSONAL HIGHLY CONFIDENTIAL CONFIDENTIAL GENERAL PUBLIC You can override a classification and optionally be required to provide a justification. Manual reclassification Policies can be set by IT Admins for automatically applying classification and protection to data. Automatic classification Based on the content you’re working on, you can be prompted with suggested classification. Recommended classification Users can choose to apply a sensitivity label to the email or file they are working on with a single click. User-specified classification
Authentication & collaboration RMS connector Authorization requests via federation (optional) Data protection for organizations at different stages of cloud adoption Ensures security because sensitive data is never sent to the RMS server Integration with on-premises assets with minimal effort Hold your key on premises AAD Connect ADFS HYOK Service supplied Key BYOK Topology for Regulated Environments
Protection Discover personal data with auto-classification Data is auto-classified based on content Sensitive data is automatically detected
Protection IT Admins can set policies to automatically control, protect, and watermark data. Protection policies Azure Information Protection encrypts files containing personal data according to policies. File encryption
Monitor distribution Elevate your privacy practices with our cloud Track and control data anywhere Log access Bob accessed from S. America Jane accessed from India Joe blocked in N. America Jane blocked in Africa 11 2 8 8 8 8 2 11 Jane Competitors Revoke access Jane’s access is revoked Bob JaneSue
Monitoring Analyze the flow of personal and sensitive data and detect risky behaviors. Distribution visibility Track who is accessing documents and from where. Access logging Prevent data leakage or misuse by changing or revoking document access remotely. Access revocation
How do we get there?
Manual (right-click) labeling and protection for non-Office files Label and protect any file through the windows shell-explorer Select either one file, multiple files or a folder and apply a label
Azure Information Protection Client Installation of the AIP client helps a lot ! Native Unified Anywhere • https://www.microsoft.com/en-us/download/details.aspx?id=53018
Azure Information Protection Scanner Crawls files stored in CIFS based storage locations and SharePoint Server sites Provide scan locations and rules to apply based on conditions Uses AIP policies configured to determine classification Can be run in report or “Label and protect” mode Results can help identify data that meets specific regulations and compliances Native Unified Anywhere •
Bulk classification for data at rest using PowerShell Query for file labels and protection attributes Set a label and/or protection for documents stored locally or on file shares
SPO columns based on labels
Visibility and control in cloud environments with MCAS integration Cloud App Security can read labels set by AIP giving admins visibility into sharing of sensitive files Cloud App Security admins can set policies for controlling sharing of sensitive files and also get alerted if the policies are violated
O365 Message Encryption Anyone, on any Device in any Email client Inside your organization Between your business partners With any of your customers
Flexible policies Consistent workflow Easy to configure Compatibility across devices, apps, platforms Office Message Encryption Office Message Encryption Secure organization
Demo Time
Microsoft Cloud App Security
On-premises abnormal behavior and advanced threat detection Advanced Threat Analytics Identity-based attack and threat detection Azure Active Directory Behavioral analytics helps detect & prevent data breaches Anomaly detection for cloud apps Cloud App Security ! ! !
Cloud discovery Get anomalous usage alerts, new app and trending apps alerts. On-going analytics Discover 15K+ cloud apps in use across your networks and sensitive data they store. Discovery of cloud apps and data Assess risk cloud apps based on ~60 security and compliance risk factors. Cloud app risk assessment Protect your employees’ privacy while discovering cloud apps in your environment. Log anonymization
Cloud App Security threat detection Gain useful insights from user, file, activity, and location logs. Advanced investigation Assess risk in each transaction and identify anomalies in your cloud environment that may indicate a breach. Behavioral analytics Enhance behavioral analytics with insights from the Microsoft Intelligent Security Graph to identify anomalies and attacks. Threat intelligence
Architecture and how it works Discovery • Manually or automatically upload traffic logs files from your firewalls and proxies to discover and analyze which cloud apps are in use • Sanction or block apps in your organization using the cloud app catalog App connectors • Leverage APIs provided by various cloud app providers to extend protection to Cloud App Security Proxy apps • Azure AD redirects risky sessions to the reverse proxy to apply app restrictions
O365 Cloud App Security vs. Microsoft Cloud App Security Microsoft Cloud App Security Office 365 Cloud App Security Cloud Discovery Discovered apps 15,000 + cloud apps 750+ cloud apps with similar functionality to Office 365 Deployment for discovery analysis Manual and automatic log upload Manual log upload Log anonymization for user privacy Yes Yes Access to full Cloud App Catalog Yes Cloud app risk assessment Yes Cloud usage analytics per app, user, IP address Yes Ongoing analytics & reporting Yes Anomaly detection for discovered apps Yes Information Protection Data Loss Prevention (DLP) support Cross-SaaS DLP and data sharing control Uses existing Office DLP (available in Office E3 and above) App permissions and ability to revoke access Yes Yes Policy setting and enforcement Yes Integration with Azure Information Protection Yes Integration with third party DLP solutions Yes Threat Detection Anomaly detection and behavioral analytics For Cross-SaaS apps including Office 365 For Office 365 apps Manual and automatic alert remediation Yes Yes SIEM connector Yes. Alerts and activity logs for cross-SaaS apps. Yes. Office 365 alerts only. Integration to Microsoft Intelligent Security Graph Yes Yes Activity policies Yes Yes https://docs.microsoft.com/en-us/cloud-app-security/editions-cloud-app-security
Demo Time
Thank you @vrykodee For more information https://security.synergics.be https://aka.ms/security David.DeVos@synergics.be

Empfohlen

Communication Compliance in Microsoft 365
Communication Compliance in Microsoft 365Communication Compliance in Microsoft 365
Communication Compliance in Microsoft 365Joanne Klein
 
Azure Information Protection
Azure Information ProtectionAzure Information Protection
Azure Information ProtectionRobert Crane
 
Azure information protection
Azure information protectionAzure information protection
Azure information protectionKjetil Lund-Paulsen
 
Azure Information Protection - Taking a Team Approach
Azure Information Protection - Taking a Team ApproachAzure Information Protection - Taking a Team Approach
Azure Information Protection - Taking a Team ApproachJoanne Klein
 
Intro to Office 365 Security & Compliance Center
Intro to Office 365 Security & Compliance CenterIntro to Office 365 Security & Compliance Center
Intro to Office 365 Security & Compliance CenterCraig Jahnke
 
One name unify them all
One name unify them allOne name unify them all
One name unify them allBizTalk360
 
Protecting your Teams Work across Microsoft 365
Protecting your Teams Work across Microsoft 365Protecting your Teams Work across Microsoft 365
Protecting your Teams Work across Microsoft 365Joanne Klein
 
M365 Virtual Marathon: Retention in Office 365 - the Where What and How
M365 Virtual Marathon: Retention in Office 365 - the Where What and HowM365 Virtual Marathon: Retention in Office 365 - the Where What and How
M365 Virtual Marathon: Retention in Office 365 - the Where What and HowJoanne Klein
 

Empfohlen

Communication Compliance in Microsoft 365
Communication Compliance in Microsoft 365Communication Compliance in Microsoft 365
Communication Compliance in Microsoft 365Joanne Klein
 
Azure Information Protection
Azure Information ProtectionAzure Information Protection
Azure Information ProtectionRobert Crane
 
Azure information protection
Azure information protectionAzure information protection
Azure information protectionKjetil Lund-Paulsen
 
Azure Information Protection - Taking a Team Approach
Azure Information Protection - Taking a Team ApproachAzure Information Protection - Taking a Team Approach
Azure Information Protection - Taking a Team ApproachJoanne Klein
 
Intro to Office 365 Security & Compliance Center
Intro to Office 365 Security & Compliance CenterIntro to Office 365 Security & Compliance Center
Intro to Office 365 Security & Compliance CenterCraig Jahnke
 
One name unify them all
One name unify them allOne name unify them all
One name unify them allBizTalk360
 
Protecting your Teams Work across Microsoft 365
Protecting your Teams Work across Microsoft 365Protecting your Teams Work across Microsoft 365
Protecting your Teams Work across Microsoft 365Joanne Klein
 
M365 Virtual Marathon: Retention in Office 365 - the Where What and How
M365 Virtual Marathon: Retention in Office 365 - the Where What and HowM365 Virtual Marathon: Retention in Office 365 - the Where What and How
M365 Virtual Marathon: Retention in Office 365 - the Where What and HowJoanne Klein
 
Microsoft 365 Compliance
Microsoft 365 ComplianceMicrosoft 365 Compliance
Microsoft 365 ComplianceDavid J Rosenthal
 
Microsoft 365 Security and Compliance
Microsoft 365 Security and ComplianceMicrosoft 365 Security and Compliance
Microsoft 365 Security and ComplianceDavid J Rosenthal
 
Global Azure Bootcamp 216 - Azure Rights Management
Global Azure Bootcamp 216 - Azure Rights ManagementGlobal Azure Bootcamp 216 - Azure Rights Management
Global Azure Bootcamp 216 - Azure Rights ManagementRiwut Libinuko
 
Microsoft Azure Rights Management
Microsoft Azure Rights ManagementMicrosoft Azure Rights Management
Microsoft Azure Rights ManagementDavid J Rosenthal
 
File Security in Microsoft SharePoint and OneDrive
File Security in Microsoft SharePoint and OneDriveFile Security in Microsoft SharePoint and OneDrive
File Security in Microsoft SharePoint and OneDriveDavid J Rosenthal
 
Universal Search for Legal Enterprises
Universal Search for Legal EnterprisesUniversal Search for Legal Enterprises
Universal Search for Legal EnterprisesAdhereSolutions
 
Protect your data in / with the Cloud
Protect your data in / with the CloudProtect your data in / with the Cloud
Protect your data in / with the CloudGWAVA
 
Office 365 Security, Privacy and Compliance - SMB Nation 2015
Office 365 Security, Privacy and Compliance - SMB Nation 2015Office 365 Security, Privacy and Compliance - SMB Nation 2015
Office 365 Security, Privacy and Compliance - SMB Nation 2015Robert Crane
 
aMS SouthEast Asia 2021 - Microsoft 365 Data Loss Prevention
aMS SouthEast Asia 2021 - Microsoft 365 Data Loss PreventionaMS SouthEast Asia 2021 - Microsoft 365 Data Loss Prevention
aMS SouthEast Asia 2021 - Microsoft 365 Data Loss PreventionAlbert Hoitingh
 
Overview of Microsoft Teams and Data Loss Prevention(DLP)
Overview of Microsoft Teams and Data Loss Prevention(DLP)Overview of Microsoft Teams and Data Loss Prevention(DLP)
Overview of Microsoft Teams and Data Loss Prevention(DLP)Radhakrishnan Govindan
 
Azure information protection_datasheet_en-us
Azure information protection_datasheet_en-usAzure information protection_datasheet_en-us
Azure information protection_datasheet_en-usKjetil Lund-Paulsen
 
2 Modern Security - Microsoft Information Protection
2 Modern Security - Microsoft Information Protection2 Modern Security - Microsoft Information Protection
2 Modern Security - Microsoft Information ProtectionAndrew Bettany
 
Microsoft 365 Security & Compliance User Group - Microsoft Teams compliance
Microsoft 365 Security & Compliance User Group - Microsoft Teams compliance Microsoft 365 Security & Compliance User Group - Microsoft Teams compliance
Microsoft 365 Security & Compliance User Group - Microsoft Teams compliance Albert Hoitingh
 
SPFest Chicago - Information Management and Data Governance in Office 365
SPFest Chicago - Information Management and Data Governance in Office 365SPFest Chicago - Information Management and Data Governance in Office 365
SPFest Chicago - Information Management and Data Governance in Office 365Joanne Klein
 
Microsoft Azure Information Protection
Microsoft Azure Information Protection Microsoft Azure Information Protection
Microsoft Azure Information Protection Syed Sabhi Haider
 
[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...
[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...
[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...☁️ Gustavo Magella
 
SharePoint Saturday Cambridge: Security & compliance
SharePoint Saturday Cambridge: Security & complianceSharePoint Saturday Cambridge: Security & compliance
SharePoint Saturday Cambridge: Security & complianceAlbert Hoitingh
 
Secure Productive Enterprise from Microsoft and Atidan
Secure Productive Enterprise from Microsoft and AtidanSecure Productive Enterprise from Microsoft and Atidan
Secure Productive Enterprise from Microsoft and AtidanDavid J Rosenthal
 
M365 Virtual Marthon: Protecting your Teamwork across Microsoft 365
M365 Virtual Marthon: Protecting your Teamwork across Microsoft 365M365 Virtual Marthon: Protecting your Teamwork across Microsoft 365
M365 Virtual Marthon: Protecting your Teamwork across Microsoft 365Joanne Klein
 
Get ahead of cybersecurity with MS Enterprise Mobility + Security
Get ahead of cybersecurity with MS Enterprise Mobility + Security Get ahead of cybersecurity with MS Enterprise Mobility + Security
Get ahead of cybersecurity with MS Enterprise Mobility + Security Kjetil Lund-Paulsen
 
Techorama - Shadow IT with Cloud Apps
Techorama - Shadow IT with Cloud AppsTechorama - Shadow IT with Cloud Apps
Techorama - Shadow IT with Cloud AppsDavid De Vos
 
B2 - The History of Content Security: Part 2 - Adam Levithan
B2 - The History of Content Security: Part 2 - Adam LevithanB2 - The History of Content Security: Part 2 - Adam Levithan
B2 - The History of Content Security: Part 2 - Adam LevithanSPS Paris
 

Weitere ähnliche Inhalte

Was ist angesagt?

Microsoft 365 Security and Compliance
Microsoft 365 Security and ComplianceMicrosoft 365 Security and Compliance
Microsoft 365 Security and ComplianceDavid J Rosenthal
 
Global Azure Bootcamp 216 - Azure Rights Management
Global Azure Bootcamp 216 - Azure Rights ManagementGlobal Azure Bootcamp 216 - Azure Rights Management
Global Azure Bootcamp 216 - Azure Rights ManagementRiwut Libinuko
 
Microsoft Azure Rights Management
Microsoft Azure Rights ManagementMicrosoft Azure Rights Management
Microsoft Azure Rights ManagementDavid J Rosenthal
 
File Security in Microsoft SharePoint and OneDrive
File Security in Microsoft SharePoint and OneDriveFile Security in Microsoft SharePoint and OneDrive
File Security in Microsoft SharePoint and OneDriveDavid J Rosenthal
 
Universal Search for Legal Enterprises
Universal Search for Legal EnterprisesUniversal Search for Legal Enterprises
Universal Search for Legal EnterprisesAdhereSolutions
 
Protect your data in / with the Cloud
Protect your data in / with the CloudProtect your data in / with the Cloud
Protect your data in / with the CloudGWAVA
 
Office 365 Security, Privacy and Compliance - SMB Nation 2015
Office 365 Security, Privacy and Compliance - SMB Nation 2015Office 365 Security, Privacy and Compliance - SMB Nation 2015
Office 365 Security, Privacy and Compliance - SMB Nation 2015Robert Crane
 
aMS SouthEast Asia 2021 - Microsoft 365 Data Loss Prevention
aMS SouthEast Asia 2021 - Microsoft 365 Data Loss PreventionaMS SouthEast Asia 2021 - Microsoft 365 Data Loss Prevention
aMS SouthEast Asia 2021 - Microsoft 365 Data Loss PreventionAlbert Hoitingh
 
Overview of Microsoft Teams and Data Loss Prevention(DLP)
Overview of Microsoft Teams and Data Loss Prevention(DLP)Overview of Microsoft Teams and Data Loss Prevention(DLP)
Overview of Microsoft Teams and Data Loss Prevention(DLP)Radhakrishnan Govindan
 
Azure information protection_datasheet_en-us
Azure information protection_datasheet_en-usAzure information protection_datasheet_en-us
Azure information protection_datasheet_en-usKjetil Lund-Paulsen
 
2 Modern Security - Microsoft Information Protection
2 Modern Security - Microsoft Information Protection2 Modern Security - Microsoft Information Protection
2 Modern Security - Microsoft Information ProtectionAndrew Bettany
 
Microsoft 365 Security & Compliance User Group - Microsoft Teams compliance
Microsoft 365 Security & Compliance User Group - Microsoft Teams compliance Microsoft 365 Security & Compliance User Group - Microsoft Teams compliance
Microsoft 365 Security & Compliance User Group - Microsoft Teams compliance Albert Hoitingh
 
SPFest Chicago - Information Management and Data Governance in Office 365
SPFest Chicago - Information Management and Data Governance in Office 365SPFest Chicago - Information Management and Data Governance in Office 365
SPFest Chicago - Information Management and Data Governance in Office 365Joanne Klein
 
Microsoft Azure Information Protection
Microsoft Azure Information Protection Microsoft Azure Information Protection
Microsoft Azure Information Protection Syed Sabhi Haider
 
[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...
[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...
[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...☁️ Gustavo Magella
 
SharePoint Saturday Cambridge: Security & compliance
SharePoint Saturday Cambridge: Security & complianceSharePoint Saturday Cambridge: Security & compliance
SharePoint Saturday Cambridge: Security & complianceAlbert Hoitingh
 
Secure Productive Enterprise from Microsoft and Atidan
Secure Productive Enterprise from Microsoft and AtidanSecure Productive Enterprise from Microsoft and Atidan
Secure Productive Enterprise from Microsoft and AtidanDavid J Rosenthal
 
M365 Virtual Marthon: Protecting your Teamwork across Microsoft 365
M365 Virtual Marthon: Protecting your Teamwork across Microsoft 365M365 Virtual Marthon: Protecting your Teamwork across Microsoft 365
M365 Virtual Marthon: Protecting your Teamwork across Microsoft 365Joanne Klein
 
Get ahead of cybersecurity with MS Enterprise Mobility + Security
Get ahead of cybersecurity with MS Enterprise Mobility + Security Get ahead of cybersecurity with MS Enterprise Mobility + Security
Get ahead of cybersecurity with MS Enterprise Mobility + Security Kjetil Lund-Paulsen
 

Was ist angesagt? (20)

Microsoft 365 Compliance
Microsoft 365 ComplianceMicrosoft 365 Compliance
Microsoft 365 Compliance
 
Microsoft 365 Security and Compliance
Microsoft 365 Security and ComplianceMicrosoft 365 Security and Compliance
Microsoft 365 Security and Compliance
 
Global Azure Bootcamp 216 - Azure Rights Management
Global Azure Bootcamp 216 - Azure Rights ManagementGlobal Azure Bootcamp 216 - Azure Rights Management
Global Azure Bootcamp 216 - Azure Rights Management
 
Microsoft Azure Rights Management
Microsoft Azure Rights ManagementMicrosoft Azure Rights Management
Microsoft Azure Rights Management
 
File Security in Microsoft SharePoint and OneDrive
File Security in Microsoft SharePoint and OneDriveFile Security in Microsoft SharePoint and OneDrive
File Security in Microsoft SharePoint and OneDrive
 
Universal Search for Legal Enterprises
Universal Search for Legal EnterprisesUniversal Search for Legal Enterprises
Universal Search for Legal Enterprises
 
Protect your data in / with the Cloud
Protect your data in / with the CloudProtect your data in / with the Cloud
Protect your data in / with the Cloud
 
Office 365 Security, Privacy and Compliance - SMB Nation 2015
Office 365 Security, Privacy and Compliance - SMB Nation 2015Office 365 Security, Privacy and Compliance - SMB Nation 2015
Office 365 Security, Privacy and Compliance - SMB Nation 2015
 
aMS SouthEast Asia 2021 - Microsoft 365 Data Loss Prevention
aMS SouthEast Asia 2021 - Microsoft 365 Data Loss PreventionaMS SouthEast Asia 2021 - Microsoft 365 Data Loss Prevention
aMS SouthEast Asia 2021 - Microsoft 365 Data Loss Prevention
 
Overview of Microsoft Teams and Data Loss Prevention(DLP)
Overview of Microsoft Teams and Data Loss Prevention(DLP)Overview of Microsoft Teams and Data Loss Prevention(DLP)
Overview of Microsoft Teams and Data Loss Prevention(DLP)
 
Azure information protection_datasheet_en-us
Azure information protection_datasheet_en-usAzure information protection_datasheet_en-us
Azure information protection_datasheet_en-us
 
2 Modern Security - Microsoft Information Protection
2 Modern Security - Microsoft Information Protection2 Modern Security - Microsoft Information Protection
2 Modern Security - Microsoft Information Protection
 
Microsoft 365 Security & Compliance User Group - Microsoft Teams compliance
Microsoft 365 Security & Compliance User Group - Microsoft Teams compliance Microsoft 365 Security & Compliance User Group - Microsoft Teams compliance
Microsoft 365 Security & Compliance User Group - Microsoft Teams compliance
 
SPFest Chicago - Information Management and Data Governance in Office 365
SPFest Chicago - Information Management and Data Governance in Office 365SPFest Chicago - Information Management and Data Governance in Office 365
SPFest Chicago - Information Management and Data Governance in Office 365
 
Microsoft Azure Information Protection
Microsoft Azure Information Protection Microsoft Azure Information Protection
Microsoft Azure Information Protection
 
[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...
[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...
[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...
 
SharePoint Saturday Cambridge: Security & compliance
SharePoint Saturday Cambridge: Security & complianceSharePoint Saturday Cambridge: Security & compliance
SharePoint Saturday Cambridge: Security & compliance
 
Secure Productive Enterprise from Microsoft and Atidan
Secure Productive Enterprise from Microsoft and AtidanSecure Productive Enterprise from Microsoft and Atidan
Secure Productive Enterprise from Microsoft and Atidan
 
M365 Virtual Marthon: Protecting your Teamwork across Microsoft 365
M365 Virtual Marthon: Protecting your Teamwork across Microsoft 365M365 Virtual Marthon: Protecting your Teamwork across Microsoft 365
M365 Virtual Marthon: Protecting your Teamwork across Microsoft 365
 
Get ahead of cybersecurity with MS Enterprise Mobility + Security
Get ahead of cybersecurity with MS Enterprise Mobility + Security Get ahead of cybersecurity with MS Enterprise Mobility + Security
Get ahead of cybersecurity with MS Enterprise Mobility + Security
 

Ähnlich wie Information protection & classification

Techorama - Shadow IT with Cloud Apps
Techorama - Shadow IT with Cloud AppsTechorama - Shadow IT with Cloud Apps
Techorama - Shadow IT with Cloud AppsDavid De Vos
 
B2 - The History of Content Security: Part 2 - Adam Levithan
B2 - The History of Content Security: Part 2 - Adam LevithanB2 - The History of Content Security: Part 2 - Adam Levithan
B2 - The History of Content Security: Part 2 - Adam LevithanSPS Paris
 
Get Ahead of Cyber Attacks with Microsoft Enterprise Mobility + Security
Get Ahead of Cyber Attacks with Microsoft Enterprise Mobility + SecurityGet Ahead of Cyber Attacks with Microsoft Enterprise Mobility + Security
Get Ahead of Cyber Attacks with Microsoft Enterprise Mobility + SecurityDavid J Rosenthal
 
Microsoft Cloud Application Security Overview
Microsoft Cloud Application Security Overview Microsoft Cloud Application Security Overview
Microsoft Cloud Application Security Overview Syed Sabhi Haider
 
Securing your Organization with Microsoft 365
Securing your Organization with Microsoft 365Securing your Organization with Microsoft 365
Securing your Organization with Microsoft 365Ravikumar Sathyamurthy
 
Importance of Identity Management in Security - Microsoft Tech Tour @Towson
Importance of Identity Management in Security - Microsoft Tech Tour @TowsonImportance of Identity Management in Security - Microsoft Tech Tour @Towson
Importance of Identity Management in Security - Microsoft Tech Tour @TowsonAdam Levithan
 
Microsoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewMicrosoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewDavid J Rosenthal
 
Enterprise Mobility+Security Overview
Enterprise Mobility+Security Overview Enterprise Mobility+Security Overview
Enterprise Mobility+Security Overview Chris Genazzio
 
Microsoft 365 eEnterprise E5 Overview
Microsoft 365 eEnterprise E5 OverviewMicrosoft 365 eEnterprise E5 Overview
Microsoft 365 eEnterprise E5 OverviewDavid J Rosenthal
 
Primend praktiline konverents - Office 365 turvalisus
Primend praktiline konverents - Office 365 turvalisusPrimend praktiline konverents - Office 365 turvalisus
Primend praktiline konverents - Office 365 turvalisusPrimend
 
Stay Productive, Collaborative, and Secure with Microsoft 365
Stay Productive, Collaborative, and Secure with Microsoft 365Stay Productive, Collaborative, and Secure with Microsoft 365
Stay Productive, Collaborative, and Secure with Microsoft 365Chris Bortlik
 
Value Microsoft 365 E5 English
Value Microsoft 365 E5 EnglishValue Microsoft 365 E5 English
Value Microsoft 365 E5 EnglishGuillaume Lagache
 
Xylos Clients Day - Public cloud and security go hand in hand, if you approac...
Xylos Clients Day - Public cloud and security go hand in hand, if you approac...Xylos Clients Day - Public cloud and security go hand in hand, if you approac...
Xylos Clients Day - Public cloud and security go hand in hand, if you approac...Karim Vaes
 
Power Saturday 2019 E1 - Office 365 security
Power Saturday 2019 E1 - Office 365 securityPower Saturday 2019 E1 - Office 365 security
Power Saturday 2019 E1 - Office 365 securityPowerSaturdayParis
 
Emma Aubert | Information Protection
Emma Aubert | Information ProtectionEmma Aubert | Information Protection
Emma Aubert | Information ProtectionMicrosoft Österreich
 
Information protection and compliance
Information protection and complianceInformation protection and compliance
Information protection and complianceDean Iacovelli
 
Being more secure using Microsoft 365 Business
Being more secure using Microsoft 365 BusinessBeing more secure using Microsoft 365 Business
Being more secure using Microsoft 365 BusinessRobert Crane
 
Microsoft Enterprise Mobility and Security EMS
Microsoft Enterprise Mobility and Security EMSMicrosoft Enterprise Mobility and Security EMS
Microsoft Enterprise Mobility and Security EMSDavid J Rosenthal
 

Ähnlich wie Information protection & classification (20)

Techorama - Shadow IT with Cloud Apps
Techorama - Shadow IT with Cloud AppsTechorama - Shadow IT with Cloud Apps
Techorama - Shadow IT with Cloud Apps
 
B2 - The History of Content Security: Part 2 - Adam Levithan
B2 - The History of Content Security: Part 2 - Adam LevithanB2 - The History of Content Security: Part 2 - Adam Levithan
B2 - The History of Content Security: Part 2 - Adam Levithan
 
Get Ahead of Cyber Attacks with Microsoft Enterprise Mobility + Security
Get Ahead of Cyber Attacks with Microsoft Enterprise Mobility + SecurityGet Ahead of Cyber Attacks with Microsoft Enterprise Mobility + Security
Get Ahead of Cyber Attacks with Microsoft Enterprise Mobility + Security
 
Microsoft Cloud Application Security Overview
Microsoft Cloud Application Security Overview Microsoft Cloud Application Security Overview
Microsoft Cloud Application Security Overview
 
Securing your Organization with Microsoft 365
Securing your Organization with Microsoft 365Securing your Organization with Microsoft 365
Securing your Organization with Microsoft 365
 
Importance of Identity Management in Security - Microsoft Tech Tour @Towson
Importance of Identity Management in Security - Microsoft Tech Tour @TowsonImportance of Identity Management in Security - Microsoft Tech Tour @Towson
Importance of Identity Management in Security - Microsoft Tech Tour @Towson
 
CIO Forum June Microsoft.pdf
CIO Forum June Microsoft.pdfCIO Forum June Microsoft.pdf
CIO Forum June Microsoft.pdf
 
Microsoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewMicrosoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 Overview
 
Enterprise Mobility+Security Overview
Enterprise Mobility+Security Overview Enterprise Mobility+Security Overview
Enterprise Mobility+Security Overview
 
Microsoft 365 eEnterprise E5 Overview
Microsoft 365 eEnterprise E5 OverviewMicrosoft 365 eEnterprise E5 Overview
Microsoft 365 eEnterprise E5 Overview
 
Primend praktiline konverents - Office 365 turvalisus
Primend praktiline konverents - Office 365 turvalisusPrimend praktiline konverents - Office 365 turvalisus
Primend praktiline konverents - Office 365 turvalisus
 
Gestión de identidad
Gestión de identidadGestión de identidad
Gestión de identidad
 
Stay Productive, Collaborative, and Secure with Microsoft 365
Stay Productive, Collaborative, and Secure with Microsoft 365Stay Productive, Collaborative, and Secure with Microsoft 365
Stay Productive, Collaborative, and Secure with Microsoft 365
 
Value Microsoft 365 E5 English
Value Microsoft 365 E5 EnglishValue Microsoft 365 E5 English
Value Microsoft 365 E5 English
 
Xylos Clients Day - Public cloud and security go hand in hand, if you approac...
Xylos Clients Day - Public cloud and security go hand in hand, if you approac...Xylos Clients Day - Public cloud and security go hand in hand, if you approac...
Xylos Clients Day - Public cloud and security go hand in hand, if you approac...
 
Power Saturday 2019 E1 - Office 365 security
Power Saturday 2019 E1 - Office 365 securityPower Saturday 2019 E1 - Office 365 security
Power Saturday 2019 E1 - Office 365 security
 
Emma Aubert | Information Protection
Emma Aubert | Information ProtectionEmma Aubert | Information Protection
Emma Aubert | Information Protection
 
Information protection and compliance
Information protection and complianceInformation protection and compliance
Information protection and compliance
 
Being more secure using Microsoft 365 Business
Being more secure using Microsoft 365 BusinessBeing more secure using Microsoft 365 Business
Being more secure using Microsoft 365 Business
 
Microsoft Enterprise Mobility and Security EMS
Microsoft Enterprise Mobility and Security EMSMicrosoft Enterprise Mobility and Security EMS
Microsoft Enterprise Mobility and Security EMS
 

Kürzlich hochgeladen

Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfhans926745
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 

Kürzlich hochgeladen (20)

Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 

Information protection & classification

  • 1. Microsoft Security Azure Information protection Shadow IT for cloud apps
  • 2. About me .. @vrykodee MCSE1 MCPS MCSA1 MCNPS MCTS MCSA MCSE MCSD MS BVT MCTEM David De Vos Cybersecurity Solutions Architect Synergics David.DeVos@synergics.be
  • 5.
  • 6. Industry and regional compliance HIPAA / HITECH Act FERPA GxP 21 CFR Part 11 ISO 27001 SOC 1 Type 2ISO 27018 CSA STAR Self-Assessment Singapore MTCS UK G-Cloud Australia IRAP/CCSL FISC Japan New Zealand GCIO China GB 18030 EU Model Clauses ENISA IAF Argentina PDPA Japan CS Mark Gold CDSA Shared Assessments Japan My Number Act FACT UK GLBA Spain ENS PCI DSS Level 1 MARS-E FFIEC China TRUCS SOC 2 Type 2 SOC 3 Canada Privacy Laws MPAA Privacy Shield ISO 22301 India MeitY Germany IT Grundschutz workbook Spain DPA CSA STAR Certification CSA STAR Attestation HITRUST IG Toolkit UK China DJCP ITAR Section 508 VPAT SP 800-171 FIPS 140-2 High JAB P-ATO CJIS DoD DISA SRG Level 2 DoD DISA SRG Level 4 IRS 1075DoD DISA SRG Level 5 Moderate JAB P-ATO ISO 27017 GLOBALUSGOVINDUSTRYREGIONAL
  • 8. THE PROBLEM: HOW DO WE ENABLE PRODUCTIVITY WITHOUT COMPROMISING SECURITY? PRO DU CTI VI TY OR SE CURITY On-premises
  • 9. THE PROBLEM: HOW DO WE ENABLE PRODUCTIVITY WITHOUT COMPROMISING SECURITY? PRO DU CTI VI TY SE CURE On-premises
  • 10. A UNIQUE APPROACH Identity & Access Management Protect users’ identities and control access to valuable resources based on user risk level Security Management Gain visibility and control over security tools Platform
  • 11. Putting the building blocks together Apps Risk MICROSOFT INTUNE Make sure your devices are compliant and secure, while protecting data at the application level AZURE ACTIVE DIRECTORY Ensure only authorized users are granted access to personal data using risk-based conditional access MICROSOFT CLOUD APP SECURITY Gain deep visibility, strong controls and enhanced threat protection for data stored in cloud apps AZURE INFORMATION PROTECTION Classify, label, protect and audit data for persistent security throughout the complete data lifecycle MICROSOFT ADVANCED THREAT ANALYTICS Detect breaches before they cause damage by identifying abnormal behavior, known malicious attacks and security issues ! Device ! Access granted to data CONDITIONAL ACCESS Classify LabelAudit Protect ! ! Location
  • 12. Microsoft Enterprise Mobility + Security Technology Benefit E3 E5 Azure Active Directory Premium P1 Secure single sign-on to cloud and on-premises app MFA, conditional access, and advanced security reporting ● ● Azure Active Directory Premium P2 Identity and access management with advanced protection for users and privileged identities ● Microsoft Intune Mobile device and app management to protect corporate apps and data on any device ● ● Azure Information Protection P1 Encryption for all files and storage locations Cloud-based file tracking ● ● Azure Information Protection P2 Intelligent classification and encryption for files shared inside and outside your organization ● Microsoft Cloud App Security Enterprise-grade visibility, control, and protection for your cloud applications ● Microsoft Advanced Threat Analytics Protection from advanced targeted attacks leveraging user and entity behavioral analytics ● ● Identity management Managed mobile productivity Information protection Threat protection
  • 14. Azure Information Protection SECRET CONFIDENTIAL INTERNAL NOT RESTRICTED IT admin can set policies, templates, and rules. Classifications, labels and encryption can be applied automatically based on file source, context, and content EMS extends Office 365 manual protection of files with automatic protection to ensure policy compliance Encryption stays with the file wherever it goes, internally and externally Files can be tracked by sender and access revoked if needed Classification and labeling Classify data based on sensitivity and add labels—manually or automatically Protection Encrypt sensitive data & define usage rights, add visual markings when needed Monitoring Detailed tracking and reporting to maintain control over shared data
  • 15. Classify Data – Begin the Journey SECRET CONFIDENTIAL INTERNAL NOT RESTRICTED IT admin sets policies, templates, and rules PERSONAL Classify data based on sensitivity Start with the data that is most sensitive IT can set automatic rules; users can complement it Associate actions such as visual markings and protection
  • 16. Classification and labeling PERSONAL HIGHLY CONFIDENTIAL CONFIDENTIAL GENERAL PUBLIC You can override a classification and optionally be required to provide a justification. Manual reclassification Policies can be set by IT Admins for automatically applying classification and protection to data. Automatic classification Based on the content you’re working on, you can be prompted with suggested classification. Recommended classification Users can choose to apply a sensitivity label to the email or file they are working on with a single click. User-specified classification
  • 17. Authentication & collaboration RMS connector Authorization requests via federation (optional) Data protection for organizations at different stages of cloud adoption Ensures security because sensitive data is never sent to the RMS server Integration with on-premises assets with minimal effort Hold your key on premises AAD Connect ADFS HYOK Service supplied Key BYOK Topology for Regulated Environments
  • 18. Protection Discover personal data with auto-classification Data is auto-classified based on content Sensitive data is automatically detected
  • 19. Protection IT Admins can set policies to automatically control, protect, and watermark data. Protection policies Azure Information Protection encrypts files containing personal data according to policies. File encryption
  • 20. Monitor distribution Elevate your privacy practices with our cloud Track and control data anywhere Log access Bob accessed from S. America Jane accessed from India Joe blocked in N. America Jane blocked in Africa 11 2 8 8 8 8 2 11 Jane Competitors Revoke access Jane’s access is revoked Bob JaneSue
  • 21. Monitoring Analyze the flow of personal and sensitive data and detect risky behaviors. Distribution visibility Track who is accessing documents and from where. Access logging Prevent data leakage or misuse by changing or revoking document access remotely. Access revocation
  • 22. How do we get there?
  • 23. Manual (right-click) labeling and protection for non-Office files Label and protect any file through the windows shell-explorer Select either one file, multiple files or a folder and apply a label
  • 24. Azure Information Protection Client Installation of the AIP client helps a lot ! Native Unified Anywhere • https://www.microsoft.com/en-us/download/details.aspx?id=53018
  • 25. Azure Information Protection Scanner Crawls files stored in CIFS based storage locations and SharePoint Server sites Provide scan locations and rules to apply based on conditions Uses AIP policies configured to determine classification Can be run in report or “Label and protect” mode Results can help identify data that meets specific regulations and compliances Native Unified Anywhere •
  • 26. Bulk classification for data at rest using PowerShell Query for file labels and protection attributes Set a label and/or protection for documents stored locally or on file shares
  • 27. SPO columns based on labels
  • 28. Visibility and control in cloud environments with MCAS integration Cloud App Security can read labels set by AIP giving admins visibility into sharing of sensitive files Cloud App Security admins can set policies for controlling sharing of sensitive files and also get alerted if the policies are violated
  • 29. O365 Message Encryption Anyone, on any Device in any Email client Inside your organization Between your business partners With any of your customers
  • 30. Flexible policies Consistent workflow Easy to configure Compatibility across devices, apps, platforms Office Message Encryption Office Message Encryption Secure organization
  • 33. On-premises abnormal behavior and advanced threat detection Advanced Threat Analytics Identity-based attack and threat detection Azure Active Directory Behavioral analytics helps detect & prevent data breaches Anomaly detection for cloud apps Cloud App Security ! ! !
  • 34. Cloud discovery Get anomalous usage alerts, new app and trending apps alerts. On-going analytics Discover 15K+ cloud apps in use across your networks and sensitive data they store. Discovery of cloud apps and data Assess risk cloud apps based on ~60 security and compliance risk factors. Cloud app risk assessment Protect your employees’ privacy while discovering cloud apps in your environment. Log anonymization
  • 35. Cloud App Security threat detection Gain useful insights from user, file, activity, and location logs. Advanced investigation Assess risk in each transaction and identify anomalies in your cloud environment that may indicate a breach. Behavioral analytics Enhance behavioral analytics with insights from the Microsoft Intelligent Security Graph to identify anomalies and attacks. Threat intelligence
  • 36. Architecture and how it works Discovery • Manually or automatically upload traffic logs files from your firewalls and proxies to discover and analyze which cloud apps are in use • Sanction or block apps in your organization using the cloud app catalog App connectors • Leverage APIs provided by various cloud app providers to extend protection to Cloud App Security Proxy apps • Azure AD redirects risky sessions to the reverse proxy to apply app restrictions
  • 37. O365 Cloud App Security vs. Microsoft Cloud App Security Microsoft Cloud App Security Office 365 Cloud App Security Cloud Discovery Discovered apps 15,000 + cloud apps 750+ cloud apps with similar functionality to Office 365 Deployment for discovery analysis Manual and automatic log upload Manual log upload Log anonymization for user privacy Yes Yes Access to full Cloud App Catalog Yes Cloud app risk assessment Yes Cloud usage analytics per app, user, IP address Yes Ongoing analytics & reporting Yes Anomaly detection for discovered apps Yes Information Protection Data Loss Prevention (DLP) support Cross-SaaS DLP and data sharing control Uses existing Office DLP (available in Office E3 and above) App permissions and ability to revoke access Yes Yes Policy setting and enforcement Yes Integration with Azure Information Protection Yes Integration with third party DLP solutions Yes Threat Detection Anomaly detection and behavioral analytics For Cross-SaaS apps including Office 365 For Office 365 apps Manual and automatic alert remediation Yes Yes SIEM connector Yes. Alerts and activity logs for cross-SaaS apps. Yes. Office 365 alerts only. Integration to Microsoft Intelligent Security Graph Yes Yes Activity policies Yes Yes https://docs.microsoft.com/en-us/cloud-app-security/editions-cloud-app-security
  • 39. Thank you @vrykodee For more information https://security.synergics.be https://aka.ms/security David.DeVos@synergics.be