Microsoft 365 Enterprise E5 Overview Presentation

Microsoft 365 Enterprise E5 Security Overview Rani Lofstrom 05/01/18

title

Microsoft Secure Ensuring security to enable your digital transformation through a comprehensive platform, unique intelligence, and broad partnerships

title

OUR UNIQUE APPROACH

PLATFORM

INTELLIGENCE

PARTNERS

Microsoft Intelligent Security Graph

Shared threat data from partners, researchers, and law enforcement worldwide

Unique insights, informed by trillions of signals OneDrive Outlook

5B

threats detected on devices every month

1.2B

400B

emails analyzed

devices scanned each month

200+

Azure

global cloud consumer and commercial services

Enterprise security for

Windows

Botnet data from Microsoft Digital Crimes Unit

Microsoft accounts

Bing

90% of

18B+

Fortune 500

750M+

Azure user accounts

Xbox Live

Bing web pages scanned

450B

monthly authentications

How Microsoft 365 Enterprise E5 Fits In

Realities of digital transformation

Microsoft Secure global security vision

Securing the enterprise with Microsoft 365

Microsoft 365 Enterprise E5 A single suite that unifies enterprise security with user productivity to meet the needs of today’s modern workplace

Microsoft 365 Enterprise E5 security products

Realities of digital transformation

REALITIES OF DIGITAL TRANSFORMATION

The intelligent, connected cloud introduces both opportunity and risk Technology has changed the way enterprises conduct business

96% of companies have embraced the cloud 2018 State of the Cloud Survey (Rightside)

Requiring a new approach to protect company assets

43% (1.88B) of the global workforce will be mobile by 2023

Global Mobile Workforce Forecast Update 2017-2023, Strategy Analytics

1/3 of successful enterprise attacks will be on Shadow IT resources by 2020

How to eliminate enterprise shadow IT, Gartner, April 11, 2017

Only

26%

of European companies say they are GDPR compliant

“The State of GDPR Readiness: GDPR Readiness Progress es, But Strategies Depend Too Heavily on IT” Forrester, J anuary, 2018

REALITIES OF DIGITAL TRANSFORMATION

Complexity is the enemy of intelligent security

$1.37M On average that an organization spends annually in time wasted responding to erroneous malware alerts

“The Cost of Insecure Endpoints” Ponemon Institute© Research Report, June 2017

1.87M Global cybersecurity workforce shortage by 2022 Global Information Security Workforce Study 2017

70

Security products

from

35

Security vendors

Is the average for companies with over 1,000 employees Nick McQuire, VP Enterprise Research CCS Insight.

REALITIES OF DIGITAL TRANSFORMATION

Balancing security capabilities with a manageable security posture

Best-of-breed point solutions

Security you can maintain with your current staff and budget

REALITIES OF DIGITAL TRANSFORMATION

Reducing complexity can eliminate many security challenges:

Lack of specific recommendations on how to improve security posture

Too much time spent managing security vendors

Too many alerts to investigate

Learning how to configure and manage disparate security solutions slows deployment

Integration is time-consuming and increases total cost of ownership

User productivity is compromised for the sake of security, resulting in users bypassing security measures

Securing the enterprise with Microsoft 365

SECURING THE ENTERPRISE WITH MICROSOFT 365 E5

title Threat Protection

Identity & Access Management

Information Protection

Data is your most important company asset

Security starts with great user authentication

Security Management

Correlate threat information and automatically respond

Optimize with security insights and configuration tools

SECURING THE ENTERPRISE WITH MICROSOFT 365 E5

Intelligent security for the modern workplace Microsoft 365 Enterprise E5 unifies enterprise security and user productivity

Identity & Access Management

Information Protection

Threat Protection

Security Management

Protect users’ identities and control access to valuable resources based on user risk level

Protect sensitive information wherever it lives or travels

Protect against advanced threats and recover quickly when attacked

Gain visibility and control over security tools

SECURING THE ENTERPRISE WITH MICROSOFT 365 E5

For enterprise customers that embrace the Microsoft productivity suite, significant gains can be realized in security

SECURING THE ENTERPRISE WITH MICROSOFT 365 E5

Microsoft 365 security suite advantages

Holistic security capabilities that can reduce the number of vendors you manage

Individual components are purpose-built to integrate, which decreases TCO

Because security is built-in, deployment and on-going management is simplified

Security capabilities extend beyond Microsoft to secure 3rd party platforms, apps and services

Standard integration capabilities connect to your other security tools (3rd party or homegrown)

Intelligent, adaptive security gives users more freedom in how they work, from anywhere on any device

Security tools are fed by trillions of signals to provide insights across the global Microsoft ecosystem

SECURING THE ENTERPRISE WITH MICROSOFT 365 E5

Security capabilities only available in Microsoft 365 Enterprise E5 Recognize users and devices and dynamically change what level of access is allowed and how users authenticate based on parameters such as location, device risk, user risk or document confidentiality level

Control access to sensitive data, even when its shared outside of your organization or accessed via a 3rd party application

Security automation detects potential threats and correlates alerts to identify a specific attack vector, investigates and remediates threats, reauthenticates high-risk users, and takes action to limit access to data

Because users log in with a single user ID to any application from any device from any location, you have the context to detect and investigate suspicious activities

Discover shadow IT so it can be secured and managed, reducing your exposure to data leakage through inappropriate sharing and unsecured storage

Identity and Access Management Protect users’ identities and control access to valuable resources based on user risk

If a user’s identity or device becomes compromised, automatically block or limit access, or require MFA

Alert me when a user's credentials are for sale on the dark web and elevate their risk level

Discover 3rd party cloud apps that are in use and assess their risk level, so you can sanction or block them

Discover, restrict, and monitor privileged identities and their access to resources

A single solution that can protect identity across on premises and cloud directories

Eliminate passwords by using biometrics or pins

Information Protection Protect sensitive information wherever it lives or travels

Automatically apply data security policies if a user's access to that data changes, the user becomes compromised or the data reaches a certain age.

Identify potentially sensitive information, like credit card numbers or bank routing numbers, and automatically apply a label and protection to the file

Scan historical on-premises data files for potentially sensitive information

Allow select partners and customers to access sensitive information

Protect sensitive data when it travels outside of your organization via email, USB, or a 3rd party SaaS app

Threat Protection Protect against advanced threats and recover quickly when attacked

Detect attacks from both on premises and cloud signals

Endpoint monitoring with the ability to quarantine the endpoint for investigation and wipe the device, if compromised

Advanced email protection against phishing attempts, and unknown (zero day) threats

Detect and remove ransomware, then recover my files

Automatically detect anomalies and suspicious behavior without needing to create and fine tune rules

Reduce false positives by contextually aggregating alerts together to identify a specific attack vector

Automatically investigate endpoint alerts and remediate threats, removing them from all impacted machines

Security Management Gain visibility and control over security tools

A quantifiable measurement of your security posture

Benchmark your security score against companies in your industry or of similar size

Recommended actions you can take to improve your security posture

Detailed reports on the latest threats, so you can answer questions, like "How well am I protected against the latest threats?"

Teach users to guard against email phishing by simulating an attack in a safe environment

Incident and event forensic reporting

title

Addressing the risks inherent in a growing shadow IT environment

“Using Cloud App Security as a magnifying glass, we gain amazing visibility into our SaaS environment. Cloud App Security works with Azure Information Protection to alert us if someone is trying to share sensitive data. Our vision is to use Cloud App Security together with the Azure conditional access policies that we have already defined, such as for our SuccessFactors app.” Muhammad Yasir Khan Head of IT Infrastructure Nakilat, Qatar Gas Transport

MICROSOFT 365 E5 SECURITY PRODUCT SUITE

Whole Food protects apps with Microsoft 365 security

“Identity is the new firewall of the future. We can’t continue to use our old way of controlling application access, because business isn’t happening exclusively in our network anymore. With Azure Active Directory Premium, we can stay in control, no matter where our users roam.” WILL LAMB Infrastructure Coordinator Whole Foods Market, United States

title

Korn Ferry authenticates and protects Office 365 apps and 60 third-party applications, including SAP and Salesforce.com. “With Azure Active Directory, we can set policies that treat employees outside the office more strictly than those inside it and that prompt for Multi-Factor Authentication on unmanaged devices or for certain applications. With Microsoft 365, we no longer have to choose between mobility and security—we have both.” Bryan Ackermann Chief Information Officer Korn Ferry, United States

title

In just a few months, Yara deployed Azure Information Protection for 14,000 users and 10,000 devices.

“We set Azure Information Protection so that when you click ‘confidential,’ the file will be encrypted automatically and access will be restricted to designated users—even if you accidentally send it to the wrong person.” Erlend Skuterud Chief Information Security Officer Yara, Norway

title “Teams across different divisions and different countries can now easily build and safely store and share documents. In the past, there was nothing comparable.” CONOR O’HALLORAN Head of Identity Management Merck KGaA, Darmstadt, Germany

title “As we see the security landscape evolving with more sophisticated attacks, we trust Microsoft to stay ahead of the latest threats to protect our network and our data.” CHRIS KREBS Chief Information Officer Fruit of the Loom

title “Today, we trust EMS and Surface devices running Windows 10 as a highly reliable platform that protects our data—such as the proprietary running shoe designs that make our name— in a mobile environment.” EDWIN IDEMA IT Manager, EMEA Asics

Microsoft 365 Enterprise E5 security products

MICROSOFT 365 E5 SECURITY PRODUCT SUITE

Security solutions in Microsoft 365 Enterprise E5

Identity & Access Management

Information Protection

Threat Protection

Security Management

Azure Active Directory

Azure Information Protection

Azure Advanced Threat Protection

Microsoft Security & Compliance Center

Microsoft Cloud App Security

Office 365 Data Loss Prevention

Windows Defender Security Center

Windows Hello

Microsoft Cloud App Security

Windows Defender Advanced Threat Protection

Windows Credential Guard

Windows Information Protection Microsoft Intune BitLocker

Office 365 Advanced Threat Protection Office 365 Threat Intelligence Microsoft Cloud App Security

Microsoft Secure Score

Identity & Access Management

Information Protection

title • • • •

Single Sign-on Multi-Factor Authentication Access Control Privileged Access Management (PAM)

• Secrets Management

• • • • • • • •

Data Loss Prevention (DLP) Data Encryption Information Protection Data Classification Data Governance Cloud Access Security Broker (CASB) Key Management Mobile Application Management

• • • •

Database Security Encrypted Cloud Storage Back Up Disaster Recovery

• Virtual Private Networks (VPN)

Security categories M365 Enterprise E5 covers Security categories other Microsoft solutions cover What Microsoft Services/ MSSPs cover What Microsoft integrates with What Microsoft doesn’t do

Threat Protection • Secure Email Gateway • Endpoint Detection and Response (EDR) • Endpoint Protection (EPP) • Anti-malware/phishing • Anti-spyware • Antivirus Software • User and Entity Behavior Analytics (UEBA) • Anomaly Detection • Threat Intelligence Feeds • Remote Browser • Intrusion Detection System (IDS) • Intrusion Prevention System (IPS) • IoT Protection • Cloud Workload Protection • DDoS Protection • Incident Response Services • Cross-platform endpoint protection • • • • • • • • •

Incident Ticket System Firewall/ Network Mobile Threat Detection tools Host intrusion prevention system (HIPS) Network traffic analysis (NTA) Container Security Anti-subversion software Anti-tamper software Deception

Security Management • Security Scoring • Reporting • Cloud-based Management Asset Discovery Pen Testing/ Risk Assessment Vulnerability Assessment Web Application Testing Managed detection and response (MDR) • SOC • Security training • • • • •

• SIEM (SIM/ SEM/ Log management)

E3 vs E5 Identity and Access Management

Microsoft 365 Enterprise E5 (includes E3 solutions)

E3

E5

Azure Active Directory P1 Windows Hello Credential Guard

Azure Active Directory P2

Information Protection

Azure Information Protection P1 Office 365 Data Loss Prevention Windows Information Protection BitLocker

Azure Information Protection P2 Microsoft Cloud App Security Office 365 Cloud App Security

Threat Protection

Microsoft Advanced Threat Analytics Windows Defender Antivirus Device Guard

Windows Defender Advanced Threat Protection Office 365 Advanced Threat Protection Office 365 Threat Intelligence Azure Advanced Threat Protection

Security Management

Secure Score Microsoft security and compliance center Windows Security Center

(additional management reports and capabilities)

Compliance

eDiscovery

Advanced eDiscovery, Customer Lockbox, Advanced Data Governance

Analytics

Delve

Power BI Pro, MyAnalytics

Productivity, Creativity and Teamwork solutions

Office Applications Outlook/ Exchange Microsoft Teams Skype for Business

Skype Audio Conferencing Phone System

MICROSOFT 365 E5 SECURITY PRODUCT SUITE

title

E5

Security

Azure Active Directory P2

Identity & Access Management that is automated across your entire digital footprint

Microsoft Cloud App Security

Discovers cloud app being used in your enterprise, identifies and combats cyberthreats and enables you to control how your data travels

Azure Information Protection P2

Protects sensitive enterprise data, even when it travels outside of your organization

Windows Defender Advanced Threat Protection

A unified endpoint security platform that protects against advanced attacks and automatically investigates and remediates evolving threats

Azure ATP

Detect and investigate advanced attacks on-premises and in the cloud

Compliance

Advanced Data Governance

Customer Lockbox

Analytics

My Analytics

Power BI Pro

Voice

Audio Conferencing, Phone System

Office 365 Advanced Threat Protection

Protects your email, files and online storage against unknown and sophisticated attacks

Office 365 Threat Intelligence

Research threats, track phishing or malware campaigns aimed at your users, and search for threat indicators from user reports and other intelligence sources

Advanced eDiscovery

MICROSOFT 365 E5 SECURITY PRODUCT SUITE

Microsoft 365 addresses real-world security challenges I need to be compliant with data protection regulations, like GDPR. How can Microsoft help me discover, classify and protect my sensitive data?

How do I find and manage shadow IT and rogue devices, and put in place policies to ensure we remain compliant and secure?

I have solutions from many vendors in my enterprise IT environment, how can Microsoft help me secure our entire digital landscape?

How can Microsoft help me understand my current security posture and get recommendations on how to improve it?

Eventually, we will experience a breach. How can Microsoft help me detect and respond to a breach fast?

If a user becomes compromised, how can I configure security policies that automatically enforce additional layers of authentication to keep my organization safe?

Thank you.

© Copyright Microsoft Corporation. All rights reserved.

Appendix

© Copyright Microsoft Corporation. All rights reserved.

Real life data breaches

Jason’s Deli

FedEx

Under Armour

Saks Fifth Avenue

As many as 2 million payment cards we re stolen and sold on the dark web .

Personal information was found on a n unsecure cloud storage server.

An unauthorized party acquired data fr om 150 million cloud app users

Hackers stole 5 million credit and debit cards and sold them on the dark web.

January 11, 2018

February 15, 2018

March 29, 2018

April 1, 2018