Closing Keynote: Addressing Data Privacy and GDPR on Microsoft Data Platform Technologies Ronit Reger, Senior Program Manager at Microsoft
Session goals 1. Data Privacy and the GDPR - Data privacy as a growing concern - Addressing the problem: standards, regulations, and lots of investments - The role of the cloud in tackling data security 2. How Microsoft SQL technologies can help - Microsoft investments and innovation in the data security space - Focus on advanced data security technologies that can help! - Sneak peak at some imminent developments
Data Privacy in today s world 7,125,940 data records breached each day, and no industry is immune LESS THAN 4% of breaches were Secure Breaches where encryption rendered the stolen data useless 91% of adults agree that consumers have lost control of how personal information is collected and used by companies. 67% of CISOs believe their companies are likely to be targeted by a cyberattack or face a data breach in 2018 The faster a data breach can be identified and contained, the lower the costs. MTTI = 197 days and MTTC = 69 days Sources: http://breachlevelindex.com/, http://www.pewresearch.org/fact-tank/2016/09/21/the-state-of-privacy-in-america/, http://www.pewinternet.org/2017/01/26/americans-and-cybersecurity/, http://src.bna.com/vau, https://securityintelligence.com/series/ponemon-institute-cost-of-a-data-breach-2018/
Data Privacy in today s world Elizabeth Denham, UK Information Commissioner,
Data protection landscape Standards of data protection: Data privacy standards and policies + information security - new standards to protect data Regulations: Legislations and regulations across the globe GDPR May 25, 2018 Game changer Industry activity: Data protection and compliance-supporting products and solutions; consultation services and specialists
Microsoft s commitment to GDPR Microsoft believes GDPR is an important step forward for clarifying and enabling individual privacy rights Together with our partners, Microsoft is prepared to help customers meet policy, people, process, and technology goals on the journey to GDPR
Microsoft commitment Innovations Investments In SQL: Protection and Intelligence:
Harnessing the cloud Cloud infrastructure is fundamentally designed to be resilient and secure
REGIONAL INDUSTRY US GOV GLOBAL More certifications than any other cloud provider ISO 27001 ISO 27018 ISO 27017 ISO 22301 SOC 1 Type 2 SOC 2 Type 2 SOC 3 CSA STAR Self-Assessment CSA STAR Certification CSA STAR Attestation Moderate JAB P-ATO High JAB P-ATO DoD DISA SRG Level 2 DoD DISA SRG Level 4 DoD DISA SRG Level 5 SP 800-171 FIPS 140-2 Section 508 VPAT ITAR CJIS IRS 1075 PCI DSS Level 1 CDSA MPAA FACT UK Shared Assessments FISC Japan HIPAA / HITECH Act HITRUST GxP 21 CFR Part 11 MARS-E IG Toolkit UK FERPA GLBA FFIEC Argentina PDPA EU Model Clauses UK G-Cloud China DJCP China GB 18030 China TRUCS Singapore MTCS Australia IRAP/CCSL New Zealand GCIO Japan My Number Act ENISA IAF Japan CS Mark Gold Spain ENS Spain DPA India MeitY Canada Privacy Laws Privacy Shield Germany IT Grundschutz workbook
Harnessing the cloud Rich set of resources and built-in services to help manage compliance requirements
SQL data security investments Security research, threat landscape Principles of data privacy State-of-the-art features New advanced data security package
Advanced Threat Protection Intelligent security Unified advanced security package Data Discovery & Classification Vulnerability Assessment Threat Detection *Costs $15/server/month, first 60 days for free.
SQL Data Security Lifecycle Discover Data Classification (SQL ATP) Discover sensitive data Classify sensitive data Manage labels and policies Vulnerability Assessment (SQL ATP) Discover security misconfigurations Azure Data Security posture Protect Data Encryption Encrypt data at rest (TDE) Encrypt data at transit (TLS) Encrypt data in use (AE) Access Control Configure firewall rules/vnet Authenticate access (AAD, MFA) Manage security baseline. Security recommendations Detect Threat Protection (SQL ATP) Detect suspicious activity (TD) Analyze database activities (Audit ) Remediation actions Mask sensitive data
SQL Data Classification Discover, classify, protect and track access to sensitive data Automatic discovery of columns with sensitive data Add persistent sensitive data labels Audit and detect access to the sensitive data Manage labels for your entire Azure tenant using Azure Security Center
SQL Vulnerability Assessment Discover, track, and remediate security misconfigurations Identify security misconfigurations Actionable remediation steps Security baseline tuned to your environment Manual/periodic scans Coherent reports for auditors
Demo Data classification and Vulnerability Assessment
SQL Threat Detection Detect unusual and harmful attempts to breach your database. Just turn it ON Detects potential vulnerabilities and SQL injection attacks (2) Possible threat to access / breach data Detects unusual behavior activities Actionable alerts to investigate & remediate Apps Audit Log Azure SQL Database Threat Detection (1) Turn on Threat Detection (3) Real-time actionable alerts View alerts for your entire Azure tenant using Azure Security Center
SQL Threat Detection Suite Potential SQL injection attacks SQLi attempt - An application generated a faulty SQL statement, which may indicate a potential vulnerability of the application to SQL injection. SQLi attack - Potential exploitation of application code vulnerability to SQL Injection, which may indicate a SQL Injection attack. Anomalous access patterns Someone has logged from an unusual location - change in the access pattern from an unusual geographical location An unfamiliar principal successfully logged- - change in the access pattern using an unusual SQL user. Someone is attempting to brute force SQL credentials abnormally high number of failed logins with different credentials. Someone has logged from a potentially harmful application Anomalous query patterns Data exfiltration by volume - someone has extracted anomalous amounts of data in an hour or using a single query Data exfiltration by location - someone has backup database to an unusual storage location, Unsecure commands - Someone has executed unsecure commands (e.g. xp_cmdshell )
Demo Threat Detection
SQL Auditing in Log Analytics and Event Hubs Gain insight into database audit log Configurable via audit policy Azure SQL Database Audit Log SQL audit logs can reside in Azure Storage account Azure Log Analytics Azure Event Hubs (1) Turn on SQL Auditing (2) Analyze audit log Rich set of tools for Investigating security alerts Tracking access to sensitive data
Summary 1. Security is a key investment 2. New capabilities help with GDPR 3. SQL Advanced Threat Protection 4. Continuous innovation @ cloud speed!
Please complete the feedback from online: surveymonkey.com/r/redgatesummit Join us for the drinks and canapes reception in the restaurant/sugar Lounge.
Any questions?