SlideShare una empresa de Scribd logo

20180120 spsbre - we are moving to the cloud what about security

Descargar como PPTX, PDF
Arjan Cornelissen
Arjan Cornelissen

Presentation on SharePoint Saturday in Bremen on January 20, 2018

Software
1 de 27
We are moving to the cloud, what about security
THANK YOU, SPONSORS! SHAREPOINT SATURDAY NORTH GERMANY 2018
Arjan Cornelisssen SharePoint & Office 365 Architect WorkTogether.tech @arjancornelis
How did we do security?
Sobering statistics The frequency and sophistication of cybersecurity attacks are escalating $6T annual cost of cybercrime to the global economy $4M average cost of a data breach to a company 140+ median # days attackers reside within a victim’s network before detection network intrusions due to compromised user credentials 75%+
Common passwords 1. 123456 2. 123456789 3. qwerty 4. 111111 5. 12345678 6. 123123 7. password 8. 1234567 9. 12345 10. 1234567890 11. abc123 12. 123 13. 123321 14. password1 15. qwertyuiop 16. 666666 17. a123456 18. 1234 19. 654321 20. 5201314 21. 123456a 22. iloveyou 23. 11111111 24. 159753 25. 123123123
Updated NIST Guidelines Three main changes: 1. No more periodic password changes 2. No more imposed password complexity 3. Validate new passwords against commonly used passwords http://aka.ms/passwordguidance Minimum Length Requirements (to defeat brute force hash attacks) Don’t use commonly attacked passwords Use unique passwords
Cloud security
On-premises / Private cloud
Conditional Access Microsoft Cloud 3rd Party SaaS Apps On Premises Apps Microsoft Azure Prevent data leak Disable print Restrict download Enforce MFA Block sign-in Allow sign-in Access Control Session Restrictions OS Platform Is Compliant / Domain joined Is lost or stolen Device Risk Device User identity Group membership Session Risk User Mobile or Cloud app Per app policy App Location IP range Country / Region ApplicationsPolicy ControlsPolicy Conditions Windows Defender Azure AD Identity Protection Service Terms of Use Partners
IF Privileged user? Credentials found in public? Accessing sensitive app? Unmanaged device? Malware detected? IP detected in Botnet? Impossible travel? Anonymous client? High Medium Low User risk 10TB per day THEN Require MFA Allow access Deny access Force password reset****** Limit access High Medium Low Session risk Azure Bing OneDrive Microsoft Cyber Defense Operations Center Microsoft Cybercrime Center Xbox Live Microsoft Accounts Skype Risk-based conditional access
Multi Factor Authentication
Conditional Access with MFA
Demo
SharePoint Conditional Access
Windows 10 Hello
Access granted to data Microsoft Enterprise Mobility + Security Apps Risk MICROSOFT INTUNE AZURE ACTIVE DIRECTORY MICROSOFT CLOUD APP SECURITY AZURE INFORMATION PROTECTION MICROSOFT ADVANCED THREAT ANALYTICS ! Device ! CONDITIONAL ACCESS Location Classify Audit Protect Label ! !
Device and Application security
Microsoft Enterprise Mobility + Security Technology Benefit E3 E5 Azure Active Directory Premium P1 Secure single sign-on to cloud and on-premises app MFA, conditional access, and advanced security reporting ● ● Azure Active Directory Premium P2 Identity and access management with advanced protection for users and privileged identities ● Microsoft Intune Mobile device and app management to protect corporate apps and data on any device ● ● Azure Information Protection P1 Encryption for all files and storage locations Cloud-based file tracking ● ● Azure Information Protection P2 Intelligent classification and encryption for files shared inside and outside your organization ● Microsoft Cloud App Security Enterprise-grade visibility, control, and protection for your cloud applications ● Microsoft Advanced Threat Analytics Protection from advanced targeted attacks leveraging user and entity behavioral analytics ● ● Identity and access management Managed mobile productivity Information protection Threat Detection
Privileged Identity Management Enforce on-demand, just-in-time administrative access when needed Ensure policies are met with alerts, audit reports and access reviews Manage admins access in Azure AD and also in Azure RBAC User Administrator Discover, restrict, and monitor privileged identities UserAdministrator privileges expire after a specified interval
Privileged Identity
Demo
Office 365 Secure Score
Azure monitoring
Our Security mindset needs to be updated

Recomendados

20171207 we are moving to the cloud what about security
20171207 we are moving to the cloud what about security20171207 we are moving to the cloud what about security
20171207 we are moving to the cloud what about security
Arjan Cornelissen
 
Security O365 Using AI-based Advanced Threat Protection
Security O365 Using AI-based Advanced Threat ProtectionSecurity O365 Using AI-based Advanced Threat Protection
Security O365 Using AI-based Advanced Threat Protection
Bitglass
 
Microsoft Office 365 Security and Compliance
Microsoft Office 365 Security and ComplianceMicrosoft Office 365 Security and Compliance
Microsoft Office 365 Security and Compliance
David J Rosenthal
 
Sikkerhed & Compliance i en cloud-verden
Sikkerhed & Compliance i en cloud-verdenSikkerhed & Compliance i en cloud-verden
Sikkerhed & Compliance i en cloud-verden
Microsoft
 
Azure Sentinel
Azure SentinelAzure Sentinel
Azure Sentinel
Cheah Eng Soon
 
AVG 2016 business edition customer deck - 屢獲殊榮的防毒軟體保護您的企業免於最新的威脅與病毒
AVG 2016 business edition customer deck - 屢獲殊榮的防毒軟體保護您的企業免於最新的威脅與病毒AVG 2016 business edition customer deck - 屢獲殊榮的防毒軟體保護您的企業免於最新的威脅與病毒
AVG 2016 business edition customer deck - 屢獲殊榮的防毒軟體保護您的企業免於最新的威脅與病毒
Cheer Chain Enterprise Co., Ltd.
 
Modernize your Security Operations with Azure Sentinel
Modernize your Security Operations with Azure SentinelModernize your Security Operations with Azure Sentinel
Modernize your Security Operations with Azure Sentinel
Cheah Eng Soon
 
Threat Hunting on AWS using Azure Sentinel
Threat Hunting on AWS using Azure SentinelThreat Hunting on AWS using Azure Sentinel
Threat Hunting on AWS using Azure Sentinel
Ashwin Patil, GCIH, GCIA, GCFE
 

Recomendados

20171207 we are moving to the cloud what about security
20171207 we are moving to the cloud what about security20171207 we are moving to the cloud what about security
20171207 we are moving to the cloud what about security
Arjan Cornelissen
 
Security O365 Using AI-based Advanced Threat Protection
Security O365 Using AI-based Advanced Threat ProtectionSecurity O365 Using AI-based Advanced Threat Protection
Security O365 Using AI-based Advanced Threat Protection
Bitglass
 
Microsoft Office 365 Security and Compliance
Microsoft Office 365 Security and ComplianceMicrosoft Office 365 Security and Compliance
Microsoft Office 365 Security and Compliance
David J Rosenthal
 
Sikkerhed & Compliance i en cloud-verden
Sikkerhed & Compliance i en cloud-verdenSikkerhed & Compliance i en cloud-verden
Sikkerhed & Compliance i en cloud-verden
Microsoft
 
Azure Sentinel
Azure SentinelAzure Sentinel
Azure Sentinel
Cheah Eng Soon
 
AVG 2016 business edition customer deck - 屢獲殊榮的防毒軟體保護您的企業免於最新的威脅與病毒
AVG 2016 business edition customer deck - 屢獲殊榮的防毒軟體保護您的企業免於最新的威脅與病毒AVG 2016 business edition customer deck - 屢獲殊榮的防毒軟體保護您的企業免於最新的威脅與病毒
AVG 2016 business edition customer deck - 屢獲殊榮的防毒軟體保護您的企業免於最新的威脅與病毒
Cheer Chain Enterprise Co., Ltd.
 
Modernize your Security Operations with Azure Sentinel
Modernize your Security Operations with Azure SentinelModernize your Security Operations with Azure Sentinel
Modernize your Security Operations with Azure Sentinel
Cheah Eng Soon
 
Threat Hunting on AWS using Azure Sentinel
Threat Hunting on AWS using Azure SentinelThreat Hunting on AWS using Azure Sentinel
Threat Hunting on AWS using Azure Sentinel
Ashwin Patil, GCIH, GCIA, GCFE
 
Thr30117 - Securely logging to Microsoft 365
Thr30117 - Securely logging to Microsoft 365Thr30117 - Securely logging to Microsoft 365
Thr30117 - Securely logging to Microsoft 365
Robert Crane
 
Securing Your Business #3 - Role Of The Service Provider
Securing Your Business #3 - Role Of The Service ProviderSecuring Your Business #3 - Role Of The Service Provider
Securing Your Business #3 - Role Of The Service Provider
Datapipe
 
Protect Office 365 with Azure Sentinel
Protect Office 365 with Azure SentinelProtect Office 365 with Azure Sentinel
Protect Office 365 with Azure Sentinel
Nanddeep Nachan
 
RSA 2014: Skybox Security Risk Analytics Overview
RSA 2014: Skybox Security Risk Analytics OverviewRSA 2014: Skybox Security Risk Analytics Overview
RSA 2014: Skybox Security Risk Analytics Overview
Skybox Security
 
Securing Your Business #2 - Role Of The Vendor
Securing Your Business #2 - Role Of The VendorSecuring Your Business #2 - Role Of The Vendor
Securing Your Business #2 - Role Of The Vendor
Datapipe
 
7 Experts on Implementing Azure Sentinel
7 Experts on Implementing Azure Sentinel7 Experts on Implementing Azure Sentinel
7 Experts on Implementing Azure Sentinel
Mighty Guides, Inc.
 
Empowering the Cloud Through G Suite
Empowering the Cloud Through G SuiteEmpowering the Cloud Through G Suite
Empowering the Cloud Through G Suite
Bitglass
 
Azure Sentinel with Office 365
Azure Sentinel with Office 365Azure Sentinel with Office 365
Azure Sentinel with Office 365
Cheah Eng Soon
 
Stop Hackers with Integrated CASB & IDaaS Security
Stop Hackers with Integrated CASB & IDaaS SecurityStop Hackers with Integrated CASB & IDaaS Security
Stop Hackers with Integrated CASB & IDaaS Security
CloudLock
 
How to get deeper administration insights into your tenant
How to get deeper administration insights into your tenantHow to get deeper administration insights into your tenant
How to get deeper administration insights into your tenant
Robert Crane
 
1 Modern Security - Keynote
1 Modern Security - Keynote1 Modern Security - Keynote
1 Modern Security - Keynote
Andrew Bettany
 
Office 365 smb guidelines for pure bookkeeping (slideshare)
Office 365 smb guidelines for pure bookkeeping (slideshare)Office 365 smb guidelines for pure bookkeeping (slideshare)
Office 365 smb guidelines for pure bookkeeping (slideshare)
DavidNicholls52
 
cyber-security-reference-architecture
cyber-security-reference-architecturecyber-security-reference-architecture
cyber-security-reference-architecture
Birendra Negi ☁️
 
Microsoft Threat Protection
Microsoft Threat ProtectionMicrosoft Threat Protection
Microsoft Threat Protection
Thierry DEMAN
 
Cyber Security at Microsoft - Henkel Keynote Speaker Anton Neidel
Cyber Security at Microsoft - Henkel Keynote Speaker Anton NeidelCyber Security at Microsoft - Henkel Keynote Speaker Anton Neidel
Cyber Security at Microsoft - Henkel Keynote Speaker Anton Neidel
AntonNeidel
 
Microsoft Office 365 Advanced Threat Protection
Microsoft Office 365 Advanced Threat ProtectionMicrosoft Office 365 Advanced Threat Protection
Microsoft Office 365 Advanced Threat Protection
David J Rosenthal
 
Re solution - corona virus cyber security infographic
Re solution - corona virus cyber security infographicRe solution - corona virus cyber security infographic
Re solution - corona virus cyber security infographic
Jacob Tranter
 
CASBs and Office 365: The Security Menace
CASBs and Office 365: The Security MenaceCASBs and Office 365: The Security Menace
CASBs and Office 365: The Security Menace
Bitglass
 
Cloud Security Demo
Cloud Security DemoCloud Security Demo
Cloud Security Demo
Cheah Eng Soon
 
CASB Cases: How Your Peers are Securing the Cloud
CASB Cases: How Your Peers are Securing the CloudCASB Cases: How Your Peers are Securing the Cloud
CASB Cases: How Your Peers are Securing the Cloud
Bitglass
 
20181206 sps geneve we are moving to the cloud what about security
20181206 sps geneve we are moving to the cloud what about security20181206 sps geneve we are moving to the cloud what about security
20181206 sps geneve we are moving to the cloud what about security
Arjan Cornelissen
 
Softwerx Microsoft 365 Security Webinar Presentation
Softwerx Microsoft 365 Security Webinar PresentationSoftwerx Microsoft 365 Security Webinar Presentation
Softwerx Microsoft 365 Security Webinar Presentation
Patrick Leckie
 

Más contenido relacionado

La actualidad más candente

CASBs and Office 365: The Security Menace
CASBs and Office 365: The Security MenaceCASBs and Office 365: The Security Menace
CASBs and Office 365: The Security Menace
Bitglass
 

La actualidad más candente (20)

Thr30117 - Securely logging to Microsoft 365
Thr30117 - Securely logging to Microsoft 365Thr30117 - Securely logging to Microsoft 365
Thr30117 - Securely logging to Microsoft 365
 
Securing Your Business #3 - Role Of The Service Provider
Securing Your Business #3 - Role Of The Service ProviderSecuring Your Business #3 - Role Of The Service Provider
Securing Your Business #3 - Role Of The Service Provider
 
Protect Office 365 with Azure Sentinel
Protect Office 365 with Azure SentinelProtect Office 365 with Azure Sentinel
Protect Office 365 with Azure Sentinel
 
RSA 2014: Skybox Security Risk Analytics Overview
RSA 2014: Skybox Security Risk Analytics OverviewRSA 2014: Skybox Security Risk Analytics Overview
RSA 2014: Skybox Security Risk Analytics Overview
 
Securing Your Business #2 - Role Of The Vendor
Securing Your Business #2 - Role Of The VendorSecuring Your Business #2 - Role Of The Vendor
Securing Your Business #2 - Role Of The Vendor
 
7 Experts on Implementing Azure Sentinel
7 Experts on Implementing Azure Sentinel7 Experts on Implementing Azure Sentinel
7 Experts on Implementing Azure Sentinel
 
Empowering the Cloud Through G Suite
Empowering the Cloud Through G SuiteEmpowering the Cloud Through G Suite
Empowering the Cloud Through G Suite
 
Azure Sentinel with Office 365
Azure Sentinel with Office 365Azure Sentinel with Office 365
Azure Sentinel with Office 365
 
Stop Hackers with Integrated CASB & IDaaS Security
Stop Hackers with Integrated CASB & IDaaS SecurityStop Hackers with Integrated CASB & IDaaS Security
Stop Hackers with Integrated CASB & IDaaS Security
 
How to get deeper administration insights into your tenant
How to get deeper administration insights into your tenantHow to get deeper administration insights into your tenant
How to get deeper administration insights into your tenant
 
1 Modern Security - Keynote
1 Modern Security - Keynote1 Modern Security - Keynote
1 Modern Security - Keynote
 
Office 365 smb guidelines for pure bookkeeping (slideshare)
Office 365 smb guidelines for pure bookkeeping (slideshare)Office 365 smb guidelines for pure bookkeeping (slideshare)
Office 365 smb guidelines for pure bookkeeping (slideshare)
 
cyber-security-reference-architecture
cyber-security-reference-architecturecyber-security-reference-architecture
cyber-security-reference-architecture
 
Microsoft Threat Protection
Microsoft Threat ProtectionMicrosoft Threat Protection
Microsoft Threat Protection
 
Cyber Security at Microsoft - Henkel Keynote Speaker Anton Neidel
Cyber Security at Microsoft - Henkel Keynote Speaker Anton NeidelCyber Security at Microsoft - Henkel Keynote Speaker Anton Neidel
Cyber Security at Microsoft - Henkel Keynote Speaker Anton Neidel
 
Microsoft Office 365 Advanced Threat Protection
Microsoft Office 365 Advanced Threat ProtectionMicrosoft Office 365 Advanced Threat Protection
Microsoft Office 365 Advanced Threat Protection
 
Re solution - corona virus cyber security infographic
Re solution - corona virus cyber security infographicRe solution - corona virus cyber security infographic
Re solution - corona virus cyber security infographic
 
CASBs and Office 365: The Security Menace
CASBs and Office 365: The Security MenaceCASBs and Office 365: The Security Menace
CASBs and Office 365: The Security Menace
 
Cloud Security Demo
Cloud Security DemoCloud Security Demo
Cloud Security Demo
 
CASB Cases: How Your Peers are Securing the Cloud
CASB Cases: How Your Peers are Securing the CloudCASB Cases: How Your Peers are Securing the Cloud
CASB Cases: How Your Peers are Securing the Cloud
 

Similar a 20180120 spsbre - we are moving to the cloud what about security

Similar a 20180120 spsbre - we are moving to the cloud what about security (20)

20181206 sps geneve we are moving to the cloud what about security
20181206 sps geneve we are moving to the cloud what about security20181206 sps geneve we are moving to the cloud what about security
20181206 sps geneve we are moving to the cloud what about security
 
Softwerx Microsoft 365 Security Webinar Presentation
Softwerx Microsoft 365 Security Webinar PresentationSoftwerx Microsoft 365 Security Webinar Presentation
Softwerx Microsoft 365 Security Webinar Presentation
 
ASMC 2017 - Martin Vliem - Security < productivity < security: syntax ...
ASMC 2017 - Martin Vliem - Security < productivity < security: syntax ...ASMC 2017 - Martin Vliem - Security < productivity < security: syntax ...
ASMC 2017 - Martin Vliem - Security < productivity < security: syntax ...
 
Daniel Grabski | Microsofts cybersecurity story
Daniel Grabski | Microsofts cybersecurity storyDaniel Grabski | Microsofts cybersecurity story
Daniel Grabski | Microsofts cybersecurity story
 
Addressing the Cyber-Security Landscape
Addressing the Cyber-Security LandscapeAddressing the Cyber-Security Landscape
Addressing the Cyber-Security Landscape
 
Modern Workplace with Microsoft 365
Modern Workplace with Microsoft 365Modern Workplace with Microsoft 365
Modern Workplace with Microsoft 365
 
Cloud Security for Startups - From A to E(xit)
Cloud Security for Startups - From A to E(xit)Cloud Security for Startups - From A to E(xit)
Cloud Security for Startups - From A to E(xit)
 
Alessandro Monforte Cisco - SMAU Napoli 2017
Alessandro Monforte Cisco - SMAU Napoli 2017Alessandro Monforte Cisco - SMAU Napoli 2017
Alessandro Monforte Cisco - SMAU Napoli 2017
 
MID_SIEM_Boubker_EN
MID_SIEM_Boubker_ENMID_SIEM_Boubker_EN
MID_SIEM_Boubker_EN
 
"Evolving Cybersecurity Strategies" - Threat protection and incident managment
"Evolving Cybersecurity Strategies" - Threat protection and incident managment"Evolving Cybersecurity Strategies" - Threat protection and incident managment
"Evolving Cybersecurity Strategies" - Threat protection and incident managment
 
Office 365 Security And Compliance
Office 365 Security And ComplianceOffice 365 Security And Compliance
Office 365 Security And Compliance
 
Getting secure in a mobile-first world with EMS
Getting secure in a mobile-first world with EMSGetting secure in a mobile-first world with EMS
Getting secure in a mobile-first world with EMS
 
Secure Modern Workplace With Microsoft 365 Threat Protection
Secure Modern Workplace With Microsoft 365 Threat ProtectionSecure Modern Workplace With Microsoft 365 Threat Protection
Secure Modern Workplace With Microsoft 365 Threat Protection
 
Cisco Security DNA
Cisco Security DNACisco Security DNA
Cisco Security DNA
 
Security and compliance in Office 365 -Part 1
Security and compliance in Office 365 -Part 1Security and compliance in Office 365 -Part 1
Security and compliance in Office 365 -Part 1
 
Community IT - Single Sign On
Community IT - Single Sign OnCommunity IT - Single Sign On
Community IT - Single Sign On
 
O365Con18 - Deep Dive into Microsoft 365 - Jussi Roine
O365Con18 - Deep Dive into Microsoft 365 - Jussi RoineO365Con18 - Deep Dive into Microsoft 365 - Jussi Roine
O365Con18 - Deep Dive into Microsoft 365 - Jussi Roine
 
Focusing on security with Microsoft 365 Business
Focusing on security with Microsoft 365 BusinessFocusing on security with Microsoft 365 Business
Focusing on security with Microsoft 365 Business
 
Microsoft Azure Security - Customer Deck.pptx
Microsoft Azure Security - Customer Deck.pptxMicrosoft Azure Security - Customer Deck.pptx
Microsoft Azure Security - Customer Deck.pptx
 
Being more secure using Microsoft 365 Business
Being more secure using Microsoft 365 BusinessBeing more secure using Microsoft 365 Business
Being more secure using Microsoft 365 Business
 

Más de Arjan Cornelissen

Más de Arjan Cornelissen (9)

20191010 - O365 connect setting up a secure office 365 environment
20191010 - O365 connect setting up a secure office 365 environment20191010 - O365 connect setting up a secure office 365 environment
20191010 - O365 connect setting up a secure office 365 environment
 
20190622 - SPS Mardid - using automation in office 365
20190622 - SPS Mardid - using automation in office 36520190622 - SPS Mardid - using automation in office 365
20190622 - SPS Mardid - using automation in office 365
 
20181220 diwug setting up a secure office 365 environment
20181220 diwug setting up a secure office 365 environment20181220 diwug setting up a secure office 365 environment
20181220 diwug setting up a secure office 365 environment
 
20181213 - wazug protecting your data with azure ad
20181213 - wazug protecting your data with azure ad20181213 - wazug protecting your data with azure ad
20181213 - wazug protecting your data with azure ad
 
20181115 O365 connect protecting your data in office 365
20181115 O365 connect protecting your data in office 36520181115 O365 connect protecting your data in office 365
20181115 O365 connect protecting your data in office 365
 
20181110 sps leicester connect protecting your data in office 365
20181110 sps leicester connect protecting your data in office 36520181110 sps leicester connect protecting your data in office 365
20181110 sps leicester connect protecting your data in office 365
 
20180630 spsnl using office 365 for your first line workers
20180630 spsnl using office 365 for your first line workers20180630 spsnl using office 365 for your first line workers
20180630 spsnl using office 365 for your first line workers
 
20170610 spsnl how to solve azure ad connect sync issues
20170610 spsnl how to solve azure ad connect sync issues20170610 spsnl how to solve azure ad connect sync issues
20170610 spsnl how to solve azure ad connect sync issues
 
20170518 wat kan azure automation bieden voor office 365 klanten
20170518 wat kan azure automation bieden voor office 365 klanten20170518 wat kan azure automation bieden voor office 365 klanten
20170518 wat kan azure automation bieden voor office 365 klanten
 

Último

Architecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the pastArchitecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the past
Papp Krisztián
 
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
masabamasaba
 
The title is not connected to what is inside
The title is not connected to what is insideThe title is not connected to what is inside
The title is not connected to what is inside
shinachiaurasa2
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
panagenda
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Steffen Staab
 
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
masabamasaba
 
%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...
masabamasaba
 
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
masabamasaba
 

Último (20)

%in Benoni+277-882-255-28 abortion pills for sale in Benoni
%in Benoni+277-882-255-28 abortion pills for sale in Benoni%in Benoni+277-882-255-28 abortion pills for sale in Benoni
%in Benoni+277-882-255-28 abortion pills for sale in Benoni
 
Architecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the pastArchitecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the past
 
Payment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdf
Payment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdfPayment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdf
Payment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdf
 
%in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park %in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park
 
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
 
Microsoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdfMicrosoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdf
 
The title is not connected to what is inside
The title is not connected to what is insideThe title is not connected to what is inside
The title is not connected to what is inside
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
 
%in Soweto+277-882-255-28 abortion pills for sale in soweto
%in Soweto+277-882-255-28 abortion pills for sale in soweto%in Soweto+277-882-255-28 abortion pills for sale in soweto
%in Soweto+277-882-255-28 abortion pills for sale in soweto
 
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
 
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
 
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
 
%in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park %in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
 
%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa
 
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
 
%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...
 
WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?
 
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
 
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
 

20180120 spsbre - we are moving to the cloud what about security

  • 1. We are moving to the cloud, what about security
  • 2. THANK YOU, SPONSORS! SHAREPOINT SATURDAY NORTH GERMANY 2018
  • 3. Arjan Cornelisssen SharePoint & Office 365 Architect WorkTogether.tech @arjancornelis
  • 4. How did we do security?
  • 5. Sobering statistics The frequency and sophistication of cybersecurity attacks are escalating $6T annual cost of cybercrime to the global economy $4M average cost of a data breach to a company 140+ median # days attackers reside within a victim’s network before detection network intrusions due to compromised user credentials 75%+
  • 6. Common passwords 1. 123456 2. 123456789 3. qwerty 4. 111111 5. 12345678 6. 123123 7. password 8. 1234567 9. 12345 10. 1234567890 11. abc123 12. 123 13. 123321 14. password1 15. qwertyuiop 16. 666666 17. a123456 18. 1234 19. 654321 20. 5201314 21. 123456a 22. iloveyou 23. 11111111 24. 159753 25. 123123123
  • 7. Updated NIST Guidelines Three main changes: 1. No more periodic password changes 2. No more imposed password complexity 3. Validate new passwords against commonly used passwords http://aka.ms/passwordguidance Minimum Length Requirements (to defeat brute force hash attacks) Don’t use commonly attacked passwords Use unique passwords
  • 10.
  • 11. Conditional Access Microsoft Cloud 3rd Party SaaS Apps On Premises Apps Microsoft Azure Prevent data leak Disable print Restrict download Enforce MFA Block sign-in Allow sign-in Access Control Session Restrictions OS Platform Is Compliant / Domain joined Is lost or stolen Device Risk Device User identity Group membership Session Risk User Mobile or Cloud app Per app policy App Location IP range Country / Region ApplicationsPolicy ControlsPolicy Conditions Windows Defender Azure AD Identity Protection Service Terms of Use Partners
  • 12. IF Privileged user? Credentials found in public? Accessing sensitive app? Unmanaged device? Malware detected? IP detected in Botnet? Impossible travel? Anonymous client? High Medium Low User risk 10TB per day THEN Require MFA Allow access Deny access Force password reset****** Limit access High Medium Low Session risk Azure Bing OneDrive Microsoft Cyber Defense Operations Center Microsoft Cybercrime Center Xbox Live Microsoft Accounts Skype Risk-based conditional access
  • 15. Demo
  • 18. Access granted to data Microsoft Enterprise Mobility + Security Apps Risk MICROSOFT INTUNE AZURE ACTIVE DIRECTORY MICROSOFT CLOUD APP SECURITY AZURE INFORMATION PROTECTION MICROSOFT ADVANCED THREAT ANALYTICS ! Device ! CONDITIONAL ACCESS Location Classify Audit Protect Label ! !
  • 20. Microsoft Enterprise Mobility + Security Technology Benefit E3 E5 Azure Active Directory Premium P1 Secure single sign-on to cloud and on-premises app MFA, conditional access, and advanced security reporting ● ● Azure Active Directory Premium P2 Identity and access management with advanced protection for users and privileged identities ● Microsoft Intune Mobile device and app management to protect corporate apps and data on any device ● ● Azure Information Protection P1 Encryption for all files and storage locations Cloud-based file tracking ● ● Azure Information Protection P2 Intelligent classification and encryption for files shared inside and outside your organization ● Microsoft Cloud App Security Enterprise-grade visibility, control, and protection for your cloud applications ● Microsoft Advanced Threat Analytics Protection from advanced targeted attacks leveraging user and entity behavioral analytics ● ● Identity and access management Managed mobile productivity Information protection Threat Detection
  • 21. Privileged Identity Management Enforce on-demand, just-in-time administrative access when needed Ensure policies are met with alerts, audit reports and access reviews Manage admins access in Azure AD and also in Azure RBAC User Administrator Discover, restrict, and monitor privileged identities UserAdministrator privileges expire after a specified interval
  • 23. Demo
  • 24.
  • 27. Our Security mindset needs to be updated

Notas del editor

  1. Eigen datacenter welke met dikke firewalls waren afgeschermd Alles in eigen beheer of door lokale partij uitbesteed
  2. Password Spray (aka Brute Force, Hammering) Complexiteit, expiration werkt niet. Medewerkers gebruiken zaken die te onthouden zijn. Sticky notes
  3. Nu gaan we naar de cloud, hoe zit het nu met security We verlaten ons fort en nu wie kan er allemaal bij?
  4. De medewerker wordt nu het centrale punt om te beveiligen
  5. 12
  6. Custom Controls
  7. Azure Domain join
  8. 18
  9. 20