Learn. Connect. Explore. - Teched2013.blob.core.windows
Learn. Connect. Explore.
Microsoft Office 365Security, Privacy & ComplianceGurmeet SinghTechnology SpecialistRandhir Kumar DhawanTechnology Specialist
Office 365 SecurityBuilt-in SecurityCustomer ControlsIndependent VerificationMicrosoftsecurity bestpracticesAutomatedoperationsEncrypted Data24 HourMonitoredPhysicalHardwareIsolatedCustomer DataSecureNetwork
Office 365 Built-in SecurityMicrosoftsecurity bestpracticesAutomatedoperationsEncrypted Data24 HourMonitoredPhysicalHardwareIsolatedCustomer DataSecureNetwork
24 hour monitored physical hardwareSeismic bracing24x7 onsitesecurity staffPerimetersecurityDays of hentication monitoringTens of thousandsof servers
Isolated Customer DataMulti-tenant environment is designed to supportlogical isolation of data that multiple customers storein same physical hardware.Intended or unintended access of data belonging toa different customer/tenant is prevented by dataisolation.DATA in ServerActive Directory’s organizational unitskeep Customer A’s data isolated from Customer B’sdata
Automated operationsO365 AdminRequests AccessOffice 365 DatacenterNetworkGrants temporaryPrivilegeMicrosoft CorporateNetworkGrants least privilege requiredto complete task.Verify eligibility by checking if1.Background CheckCompleted2.Fingerprinting Completed3.Security Training Completed
Secure networkNetworkSeparatedInternal NetworkDataEncryptedExternal NetworkNetworks within the Office 365 data centers are segmented.Physical separation of critical, back-end servers & storage devices from public-facing interfaces.Edge router security allows ability to detect intrusions and signs of vulnerability.
Office 365 allows encryption of data both at rest & during transitData unreadable to unauthorized partiesBitLocker 256bit AES Encryption on all messaging content Data Striping Includes mailbox database files, mailbox transaction log files, search content index files,transport database files, transport transaction log files, and page file OS system disktracing/message tracking logsMalicious access to a single physical hard drive will not yield any meaningful dataMailbox messages are striped, which means that the content of customer’s mailmessages are distributed across drivesTransport Layer Security (TLS)/ Secure Sockets Layer (SSL)Exchange Online supports S/MIME and third-party technology suchas PGP
Microsoft Security Best PracticesSecurity Development LifecycleThrottling to Prevent DoS AttacksMicrosoftsecurity bestAutomatedpracticesoperations24 HourMonitoredPhysicalHardwarePrevent BreachMitigate BreachEncryptedDataIsolatedCustomer DataSecure Network
Reduce vulnerabilities, limit exploit severityEducationProcessAdminister and tracksecurity trainingTrainingRequirementsEst. SecurityRequirementsCore SecurityTrainingCreate QualityGates / Bug BarsSecurity & PrivacyRisk Assess.AccountabilityGuide product teams to meet SDL requirementsDesignEstablish DesignRequirementsAnalyze AttackSurfaceThreatModelingImplementationUse ApprovedToolsDeprecateUnsafeFunctionsStatic AnalysisVerificationDynamicAnalysisFuzz TestingAttack SurfaceReviewOngoing Process ImprovementsEstablishreleasecriteria &sign-off aspart of sponse ntResponsePlan
Baseline normal traffic & usageAbility to recognize DoS traffic patternsAutomatic traffic shaping kicks in when spikes exceed normalMitigates: Non-malicious excessive use Buggy clients (BYOD) Admin actions DoS attacks
Office 365 Customer ControlBuilt-in SecurityCustomer ControlsIndependent VerificationMicrosoftsecurity bestpracticesAutomatedoperationsEncrypted Data24 HourMonitoredPhysicalHardwareIsolatedCustomer DataSecureNetwork
Office 365 Customer ControlBuilt-in SecurityCustomer ControlsIndependent Verification
Data Protection in motionData Protection in motionInformation canbe protectedwith RMS at restor in motionData protection at restData protection at restData protection at restData protection at rest
RMS inOffice 365S/MIMEData is encrypted in the cloud Encryption persists with content Protection tied to user identity Protection tied to Policy Secure collaboration with teams and individuals Native integration with my services Functionality(edit, print, do not forward, expire after 30 days)(Content Indexing, eDiscovery, BI, Virus/Malware scanning)Lost or stolen hard diskACLs(Access ControlLists)BitLockerCloudEncryptionGateways (CEGs)
User AccessIntegrated with Active Directory, Azure ActiveDirectory and Active Directory FederationServices Federation: Secure SAML token based authenticationPassword Synchronization: Only a one way hash of the password will besynchronized to WAAD such that the original password cannot bereconstructed from it.Enables additional authentication mechanisms: Two-Factor Authentication – including phone-based 2FAClient-Based Access Control based on devices/locationsRole-Based Access Control
Anti Spam/ Anti VirusComprehensive protection Multi-engine antimalware protects against 100% of known viruses Continuously updated anti-spam protection captures 98% of all inbound spam Advanced fingerprinting technologies that identify and stop new spam andphishing vectors in real timeEasy to use Preconfigured for ease of use Integrated administration consoleGranular control Mark all bulk messages as spam Block unwanted email based on language or geographic origin
Commitment to industry standards and organizational compliance Enable customers to meet global compliancestandards in ISO 27001, EUMC, HIPAA, FISMAContractually commit to privacy, security andhandling of customer data through DataProcessing Agreements Admin Controls like Data Loss Prevention,Archiving, E-Discovery to enable organizationalcompliance
Office 365 Independent VerificationBuilt-in SecurityCustomer ControlsIndependent VerificationMicrosoftsecurity bestpracticesAutomatedoperationsEncrypted Data24 HourMonitoredPhysicalHardwareIsolatedCustomer DataSecureNetwork
Office 365 Customer ControlBuilt-in SecurityCustomer ControlsIndependent Verification
Standards & ITARHMG ataHealthcareHealthcareDefenseGovernmentLaw .U.S.UKU.S.
No advertisingWe don’t buildadvertising productsout of customer dataNo data miningWe don’t scan thecontents of customeremail or documents foranalyticsor data miningNo co-minglingBusiness data andconsumer data arestored separatelyData is portableCustomers own thedata and can removetheir data wheneverthey chooseData MapsCustomers know wheretheir data is storedRole based AccessCustomers know whocan access their dataand whyComplianceNotificationsCustomers can stay inthe know by choosingto receive updatesregarding changes tosecurity, privacy, andaudit informationIndependentlyVerifiedISO 27001EU Model ClausesHIPAA-HITECHFERPAFISMAU.K. G-Cloud IL2CJISRelentless on SecurityService Continuity24 hour monitoredphysical datacenters99.9% uptimeLogical isolation of databetween tenantsSegregation of internaldatacenter networkfrom the externalnetworksEncryption at rest andin transit (AD-RMS)Securing access toservices via identityData loss preventionAnti-virus/anti spamFinancial guaranteeson uptimeRedundancy in bothfunctionality as well asdataAutomated monitoringand recovery systems24x7 on-callengineering teamavailable to handleissues
Office 365 Trust Center (http://trust.office365.com)
Demo1.2.3.4.Data Loss Prevention (DLP)Two Factor AuthenticationInformation Rights Management (IRM)Legal Hold & eDiscovery
ReferencesRelated references for you to expand your knowledge on the subject Quote related references here t.com/
Your Feedback is ImportantFill out evaluation of this session and help shape future events.OPTION 1OPTION 2Replace this space with theactual QR CodeOPTION 3: Feedback stations outside the hall
Follow us onlineTwitter: speaker’s handle Email: optional ertwitter.com/msdevindia
BitLocker 256bit AES Encryption on all messaging content Includes mailbox database files, mailbox transaction log files, search content index files, transport database files, transport transaction log files, and page file OS system disk tracing/message tracking logs Data Striping
Oct 18, 2017 · Silver: Cigna Connect 2500, Cigna US-TN Connect 3500, Cigna Connect 3000 Tri-Cities: Bronze: Cigna Connect 7000, Cigna Connect 5250 Silver: Cigna Connect 4750, Cigna Connect 4500 Bronze: Cigna US-TN Connect 6650, Cigna Connect HSA 5000, Cigna Connect 6400 Silver: Cign
A lot of words use the bluh sound say after me: (If you need more words, try: block, blink, blow, blood, blank, blend and blond.) 4 bl 5 My name is the. I am a of gum. Someone spat me on the ground, and I m the your shoe has found. Bob Blob blob blob b b b bl
are Azure Event Hub , Azure IoT Hub and Azure Blob Storage.Multiple input Data Streams are supported. Advanced options lets you configure how the Job will read data from the input blob (which folders to read from, when a blob is ready to be read, etc). Reference data is usually static or changes very slowly over time.
Implementing an async blob copy 256 Configuring the Content Delivery Network 257 Designing blob hierarchies 258 Configuring custom domains 258 Scaling Blob storage 259 Working with Azure File storage 259 Objective summary 260 Objective review 260 Objective 4.2: Implement Azure Storage tables. 261 Using basic CRUD operations 261
Perform Endpoint Analysis Using AMP for Endpoints Console - Explore File Ransomware Protection by Explore Cisco Stealthwatch Enterprise v7.0 - Explore the Cisco Cloudlock Dashboard and User Security - Explore Cisco Cloudlock Application and Data Security - Explore Cisco Stealthwatch Cloud - Explore Stealthwatch Cloud Alert Settings,
K-2 Water Unit Table of Contents Lesson 1 : Water Introduction Explore: Water Detectives Lesson 2: Water and the Human Body . Lesson 5: Water and the Seasons Explore: Weather Calendar Explore: Precipitation Meter Explore: The Weight of Snow Lesson 6: Riparian Life Explore: The Riparian Web Explore: Riparian Field Day Glossary Resources .
User Guide Taleo Connect Client 7.5 1-1 Introduction Taleo Connect Taleo Connect Taleo Connect Server The Taleo Connect Server is the server-side portion of the Taleo Connect Platform embedded within the Taleo products. It enables the products to expose their integration offering through a secure gateway using system-to-system type messages.
A Course on Rough Paths With an introduction to regularity structures June 2014 Errata (last update: April 2015) Springer. To Waltraud and Rudolf Friz and To Xue-Mei. Preface Since its original development in the mid-nineties by Terry Lyons, culminating in the landmark paper [Lyo98], the theory of rough paths has grown into a mature and widely applicable mathematical theory, and there are by .
