Cloud Security, Mobility and Current Threats. Tristan Watkins, Head of Research and Innovation

Similar documents
Go mobile. Stay in control.

Crash course in Azure Active Directory

Censornet. CensorNet Unified Security Service (USS) FREEDOM. VISIBILITY. PROTECTION. Lars Gotlieb Regional Manager DACH

Hybrid Identity de paraplu in de cloud

Use EMS to protect your mobile data and mobile app

WORKPLACE Data Leak Prevention: Keeping your sensitive out of the public domain. Frans Oudendorp Ronny de Jong

Planning for and Managing Devices in the Enterprise: Enterprise Mobility Suite (EMS) & On- Premises Tools

Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting

Identity Management as a Service

Planning for and Managing Devices in the Enterprise: Enterprise Mobility Suite (EMS) & On-Premises Tools

News and Updates June 1, 2017

AUTHENTICATION. Do You Know Who You're Dealing With? How Authentication Affects Prevention, Detection, and Response

Managing Microsoft 365 Identity and Access

Planning for and Managing Devices in the Enterprise: Enterprise Management Suite (EMS) & On-Premises Tools

Office 365 and Azure Active Directory Identities In-depth

Next-Gen CASB. Patrick Koh Bitglass

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

[ Sean TrimarcSecurity.com ]

Secure access to your enterprise. Enforce risk-based conditional access in real time

Keep the Door Open for Users and Closed to Hackers

CONDITIONAL ACCESS FROM A TO Z

Your Guide to EMS. Applied Tech: Your Guide to EMS. Contents

MODERN DESKTOP SECURITY

MD-101: Modern Desktop Administrator Part 2

IT Security Training MS-500: Microsoft 365 Security Administration. Upcoming Dates. Course Description. Course Outline $2,

20398: Planning for and Managing Devices in the Enterprise: Enterprise Mobility Suite (EMS) and On- Premises Tools

Google Identity Services for work

Identity & Access Management

At Course Completion After completing this course, students will be able to:

Use Microsoft EMS. to Protect your Mobile Data and Mobile Apps. Chris Nackers Nackers Consulting

A tale of Modern Management Part 1

Office 365: Modern Workplace

Next Generation Authentication

Who am I? Identity Product Group, CXP Team. Premier Field Engineer. SANS STI Student GWAPT, GCIA, GCIH, GCWN, GMOB

Tech Dive: Microsoft Azure Identity Management and Office 365

Security Solutions for Mobile Users in the Workplace

Securing Office 365 with SecureCloud

CAN MICROSOFT HELP MEET THE GDPR

Using Biometric Authentication to Elevate Enterprise Security

Discover threats quickly, remediate immediately, and mitigate the impact of malware and breaches

Jay Ferron. CEHi, CISSP, CHFIi, C)PTEi, CISM, CRISC, CVEi, MCITP, MCSE, MCT, MVP, NSA-IAM blog.mir.

Identiteettien hallinta ja sovellusturvallisuus. Timo Lohenoja, CISPP Systems Engineer, F5 Networks

WHITE PAPER AIRWATCH SUPPORT FOR OFFICE 365

Make Cloud the Most Secure Environment for Business. Seth Hammerman, Systems Engineer Mvision Cloud (formerly Skyhigh Networks)

Secure Access for Microsoft Office 365 & SaaS Applications

Identity as the core of enterprise mobility

White Paper Securing and protecting enterprise data on mobile devices

Evolution of Cyber Security. Nasser Kettani Chief Technology Officer Microsoft, Middle East and Africa

WELCOME! Using Microsoft Office 365 for a Robust Mail and Conferencing System

Microsoft Intune App Protection Policies Integration. VMware Workspace ONE UEM 1811

The security challenge in a mobile world

GLOBALPROTECT. Key Usage Scenarios and Benefits. Remote Access VPN Provides secure access to internal and cloud-based business applications

Cloud Print Migration Step-by-Step Deployment Guide

EXPERTS LIVE SUMMER NIGHT. Close your datacenter and give your users-wings

Enterprise Ransomware Mitigations

PLATFORM CONVERGENCE JOURNEY

How to Apply a Zero-Trust Model to Cloud, Data and Identity

Accelerate GDPR compliance with the Microsoft Cloud Agustín Corredera

Delivering Integrated Cyber Defense for the Cloud Generation Darren Thomson

Securing Your Identities with Azure AD

HOW TO UNLOCK EMS. 3 Things You Need to Know to Capitalize on Enterprise Mobility Suite

Part 2: How to Detect Insider Threats

Six steps to control the uncontrollable

10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS

WHITE PAPER AUTHENTICATION YOUR WAY SECURING ACCESS IN A CHANGING WORLD

THE SECURITY LEADER S GUIDE TO SSO

Who am I? Identity Product Group, CXP Team. Premier Field Engineer. SANS STI Student GWAPT, GCIA, GCIH, GCWN, GMOB

Tracking changes in Hybrid Identity environments with both Active Directory and Azure Active Directory

State of Office 365 Adoption & Risk A Dive into the Data. Jim Reavis, CEO, Cloud Security Alliance Brandon Cook, VP, Marketing, Skyhigh Networks

Simplify Application Access with Azure Active Directory

Sentinet for Microsoft Azure SENTINET

Related Labs: Introduction to Universal Access and F5 SAML IDP (Self-paced)

Integrating Okta and Preempt Detecting and Preventing Threats With Greater Visibility and Proactive Enforcement

Sobering statistics. The frequency and sophistication of cybersecurity attacks are getting worse.

VMware AirWatch and Office 365 Application Data Loss Prevention Policies

ModernBiz Day. Safeguard Your Business. Sonia Blouin APAC Cloud Lead Microsoft Asia Pacific

DATACENTER MANAGEMENT Goodbye ADFS, Hello Modern Authentication! Osman Akagunduz

Overview What is Azure Multi-Factor Authentication? How it Works Get started Choose where to deploy MFA in the cloud MFA on-premises MFA for O365

Extranet Identity Management and Authentication for SharePoint On Premise, Office 365 and Beyond

Five Reasons It s Time For Secure Single Sign-On

Windows Hello for Business Windows Hello for Business Overview How Windows Hello for Business works Manage Windows Hello for Business in your

Deprecating the Password: A Progress Report. Dr. Michael B. Jones Identity Standards Architect, Microsoft May 17, 2018

NEW DATA REGULATIONS: IS YOUR BUSINESS COMPLIANT?

Chain 365 Cyber Threat Intelligence Enterprise & Cyber Security. August 2017

DIRECTIVE ON INFORMATION TECHNOLOGY SECURITY FOR BANK PERSONNEL. June 14, 2018

Securing Enterprise or User Brought mobile devices

Mobility Windows 10 Bootcamp

Intro to Niara. no compromise behavioral analytics. Tomas Muliuolis HPE Aruba Baltics Lead

Identity as the Entrée to the Microsoft Cloud

CloudSOC and Security.cloud for Microsoft Office 365

Have breaches declined since the massive Heartland Payments leak in 2008? What proportion of breaches are the result of hacking?

A Vision for Shared, Central Intelligence to Ebb a Growing Flood of Alerts

EBOOK 4 TIPS FOR STRENGTHENING THE SECURITY OF YOUR VPN ACCESS

Authlogics for Azure and Office 365

Windows Azure Question-Answer Part V- Azure Active Directory

Phishing in the Age of SaaS

Security. Risk Management. Compliance.

TAKING THE MODULAR VIEW

Enhancing cloud applications by using external authentication services. 2015, 2016 IBM Corporation

Microsoft 365 Security & Compliance For Small- and Mid-Sized Businesses

Transcription:

Cloud Security, Mobility and Current Threats Tristan Watkins, Head of Research and Innovation

Threat Landscape

Verizon Data Breach Investigations Report

Verizon DBIR: Threat actors and actions

Verizon DBIR: Threat actor motive (2016)

Verizon DBIR: Threat actor method (2016)

Verizon DBIR: Breached assets (2016)

Verizon DBIR: Time to compromise (2016)

Verizon DBIR: Time to discovery (2016)

DLP: Insider risks Why? We see individuals abusing the access they have been entrusted with by their organization in virtually every industry... with financial gain and convenience being the primary motivators (40% of incidents), whether they plan to monetize stolen data by selling it to others (such as with financial data) or by directly competing with their former employer. How?

DLP: accidental and outsider risks Unintended data leaks are very hard to protect against For every way that data can be lost, we need a specific (often unique) defence Examples of unintended data loss: Lost/stolen device Lost/stolen drives/media Credential theft: o o o Keystroke loggers Bad password practices Social engineering Wrong recipient Memory scraping Neither file-level protections nor FDE will solve for all of these risks

Phishing and social engineering "23% of recipients now open phishing messages and 11% click on attachments." "a campaign of just 10 e-mails yields a greater than 90% chance that at least one person will become the criminal s Prey." " nearly 50% of users open e-mails and click on phishing links within the first hour. the median time-to-first-click coming in at one minute, 22 seconds across all campaigns."

Signature Detection Obsolescence Much of today's malware code is modified so quickly that it will avoid detection 99% of malware hashes are seen for only 58 seconds or less. In fact, most malware was seen only once. 40 million malware samples 3.8 million malware signatures (90%+is found only once in the data) 20,000 common signatures across organisations 99.95% is organisationally-unique Signature modification can be trivially automated in PowerShell

Image Courtesy of John Lambert, General Manager of the Microsoft Threat Intelligence Center

Modernising Security

What is driving change? Life before clouds Life with clouds Storage, corp data Users On-premises Only sanctioned apps are installed Resources accessed via managed devices/networks IT had layers of defense protecting internal apps IT has a known security perimeter User chooses apps (unsanctioned, shadow IT) User can access resources from anywhere Data is shared by user and cloud apps IT has limited visibility and protection

Microsoft Enterprise Mobility Management Enterprise Mobility Suite Cloud App Security Azure RemoteApp Azure Active Directory Premium Advanced Threat Analytics Azure Rights Management Premium Intune & Configuration Manager Identity & Access Management User & Entity Behaviour Analytics Information Protection Mobile Device & App Management Cloud Access Security Broker Windows App Virtualisation Easily manage identities across on-premises and cloud. Single sign-on & self-service for any application. Identify suspicious activities and advanced threats in near real time, with simple, actionable reporting. Encryption, identity, and authorisation to secure corporate files and email across phones, tablets, and PCs. Manage and protect corporate apps and data on almost any device with MDM & MAM. Protecting customer data by providing IT visibility, control, and security over cloud applications. Share Windows applications and other resources with users on almost any device Users Identity Theft Data Devices & Apps SaaS Apps Windows Apps

Active Directory Problem Spaces User Experience Makes a user's life easier by providing a single sign-on (SSO) for computers, applications and services IT Administration Simplifies system administration by centralising management of users, computers and policies Platform services Simplifies development by providing authentication, users, groups and/or claims Security/Compliance Lots of complicated non-functional stuff

What would IT be without Active Directory? Sign-on would be a colossal mess IT administrators' lives would be incredibly repetitive and inefficient...but we would reclaim simplicity from efficiency

What is Azure AD to a user? The home of my corporate identity How I prove who I am, including additional factors of authentication Details about who I am (profiles) What I belong to (groups) The service I entrust with my personal data (privacy protections/compliance) Gateway to my apps A gateway to my apps: Access Panel A trustworthy face for cloud resources (custom branding/logos) Gateway to my internal network from the outside world Self-Service Password Reset (SSPR) Application Proxy (Reverse Proxy) Workplace Join (Device Registration Service)

What is Azure AD to IT? Directory Service The directory is built with Active Directory Lightweight Directory Services (AD LDS) Sync on-premises Active Directory Domain Services (AD DS) objects with DirSync/AAD Connect DirSync and AADSync were wrapped up with related tools in a new package called AAD Connect Security Token Service Like AD FS. Enables federated sign-on to Office 365, Azure and Software as a Service providers Also provides authentication and authorisation services to Azure Websites like SharePoint Apps Advanced stuff Multiple Factors of Authentication (MFA) AKA 2FA. Think: PIN verification for sign-on Application Proxy (Reverse Proxy): Sign-on to on-premises stuff from outside the network Device Authentication: restrict sign-on to trusted devices (enables BYOD) Reporting and Alerts: Detects unusual/sketchy sign-on patterns and alerts administrators

What is Azure AD to a developer? Common Consent (OAuth 2.0) Secures Apps for Office and SharePoint with or without user authentication Sometimes Apps will be permitted to authorize on behalf of a user Graph API Querying directory User Profile sync enhancements may originate here Directory Extensions New attributes in Azure AD, flowing through to other services eventually

{ Back to Basics: What is Windows Logon? Username/password Smart card PIN/gesture (picture password) Hello (fingerprint, face, iris)

Azure Active Directory Capabilities

Risk Ranking

Defence-in-Depth

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback