Closing Keynote: Addressing Data Privacy and GDPR on Microsoft Data Platform Technologies. Ronit Reger, Senior Program Manager at Microsoft

Transcription

1

2 Closing Keynote: Addressing Data Privacy and GDPR on Microsoft Data Platform Technologies Ronit Reger, Senior Program Manager at Microsoft

3 Session goals 1. Data Privacy and the GDPR - Data privacy as a growing concern - Addressing the problem: standards, regulations, and lots of investments - The role of the cloud in tackling data security 2. How Microsoft SQL technologies can help - Microsoft investments and innovation in the data security space - Focus on advanced data security technologies that can help! - Sneak peak at some imminent developments

4

5 Data Privacy in today s world 7,125,940 data records breached each day, and no industry is immune LESS THAN 4% of breaches were Secure Breaches where encryption rendered the stolen data useless 91% of adults agree that consumers have lost control of how personal information is collected and used by companies. 67% of CISOs believe their companies are likely to be targeted by a cyberattack or face a data breach in 2018 The faster a data breach can be identified and contained, the lower the costs. MTTI = 197 days and MTTC = 69 days Sources:

6 Data Privacy in today s world Elizabeth Denham, UK Information Commissioner,

7 Data protection landscape Standards of data protection: Data privacy standards and policies + information security - new standards to protect data Regulations: Legislations and regulations across the globe GDPR May 25, 2018 Game changer Industry activity: Data protection and compliance-supporting products and solutions; consultation services and specialists

8 Microsoft s commitment to GDPR Microsoft believes GDPR is an important step forward for clarifying and enabling individual privacy rights Together with our partners, Microsoft is prepared to help customers meet policy, people, process, and technology goals on the journey to GDPR

9 Microsoft commitment Innovations Investments In SQL: Protection and Intelligence:

10 Harnessing the cloud Cloud infrastructure is fundamentally designed to be resilient and secure

11 REGIONAL INDUSTRY US GOV GLOBAL More certifications than any other cloud provider ISO ISO ISO ISO SOC 1 Type 2 SOC 2 Type 2 SOC 3 CSA STAR Self-Assessment CSA STAR Certification CSA STAR Attestation Moderate JAB P-ATO High JAB P-ATO DoD DISA SRG Level 2 DoD DISA SRG Level 4 DoD DISA SRG Level 5 SP FIPS Section 508 VPAT ITAR CJIS IRS 1075 PCI DSS Level 1 CDSA MPAA FACT UK Shared Assessments FISC Japan HIPAA / HITECH Act HITRUST GxP 21 CFR Part 11 MARS-E IG Toolkit UK FERPA GLBA FFIEC Argentina PDPA EU Model Clauses UK G-Cloud China DJCP China GB China TRUCS Singapore MTCS Australia IRAP/CCSL New Zealand GCIO Japan My Number Act ENISA IAF Japan CS Mark Gold Spain ENS Spain DPA India MeitY Canada Privacy Laws Privacy Shield Germany IT Grundschutz workbook

12 Harnessing the cloud Rich set of resources and built-in services to help manage compliance requirements

13 SQL data security investments Security research, threat landscape Principles of data privacy State-of-the-art features New advanced data security package

14 Advanced Threat Protection Intelligent security Unified advanced security package Data Discovery & Classification Vulnerability Assessment Threat Detection *Costs $15/server/month, first 60 days for free.

15 SQL Data Security Lifecycle Discover Data Classification (SQL ATP) Discover sensitive data Classify sensitive data Manage labels and policies Vulnerability Assessment (SQL ATP) Discover security misconfigurations Azure Data Security posture Protect Data Encryption Encrypt data at rest (TDE) Encrypt data at transit (TLS) Encrypt data in use (AE) Access Control Configure firewall rules/vnet Authenticate access (AAD, MFA) Manage security baseline. Security recommendations Detect Threat Protection (SQL ATP) Detect suspicious activity (TD) Analyze database activities (Audit ) Remediation actions Mask sensitive data

16 SQL Data Classification Discover, classify, protect and track access to sensitive data Automatic discovery of columns with sensitive data Add persistent sensitive data labels Audit and detect access to the sensitive data Manage labels for your entire Azure tenant using Azure Security Center

17 SQL Vulnerability Assessment Discover, track, and remediate security misconfigurations Identify security misconfigurations Actionable remediation steps Security baseline tuned to your environment Manual/periodic scans Coherent reports for auditors

18 Demo Data classification and Vulnerability Assessment

19

20 SQL Threat Detection Detect unusual and harmful attempts to breach your database. Just turn it ON Detects potential vulnerabilities and SQL injection attacks (2) Possible threat to access / breach data Detects unusual behavior activities Actionable alerts to investigate & remediate Apps Audit Log Azure SQL Database Threat Detection (1) Turn on Threat Detection (3) Real-time actionable alerts View alerts for your entire Azure tenant using Azure Security Center

21 SQL Threat Detection Suite Potential SQL injection attacks SQLi attempt - An application generated a faulty SQL statement, which may indicate a potential vulnerability of the application to SQL injection. SQLi attack - Potential exploitation of application code vulnerability to SQL Injection, which may indicate a SQL Injection attack. Anomalous access patterns Someone has logged from an unusual location - change in the access pattern from an unusual geographical location An unfamiliar principal successfully logged- - change in the access pattern using an unusual SQL user. Someone is attempting to brute force SQL credentials abnormally high number of failed logins with different credentials. Someone has logged from a potentially harmful application Anomalous query patterns Data exfiltration by volume - someone has extracted anomalous amounts of data in an hour or using a single query Data exfiltration by location - someone has backup database to an unusual storage location, Unsecure commands - Someone has executed unsecure commands (e.g. xp_cmdshell )

22 Demo Threat Detection

23 SQL Auditing in Log Analytics and Event Hubs Gain insight into database audit log Configurable via audit policy Azure SQL Database Audit Log SQL audit logs can reside in Azure Storage account Azure Log Analytics Azure Event Hubs (1) Turn on SQL Auditing (2) Analyze audit log Rich set of tools for Investigating security alerts Tracking access to sensitive data

24 Summary 1. Security is a key investment 2. New capabilities help with GDPR 3. SQL Advanced Threat Protection 4. Continuous cloud speed!

25 Please complete the feedback from online: surveymonkey.com/r/redgatesummit Join us for the drinks and canapes reception in the restaurant/sugar Lounge.

26 Any questions?