Office 365 in Focus. Security and Governance Strategies from the Experts - Webinar Slides
-
Upload
netskope -
Category
Technology
-
view
177 -
download
2
Transcript of Office 365 in Focus. Security and Governance Strategies from the Experts - Webinar Slides
© 2015 Netskope. All Rights Reserved. 2
Presenters
Insert pic of Shamiana
Adrian SanabriaSenior Analyst451 Research
Shamiana SoderbergSenior Business
Development Manager,Cloud Productivity,
Microsoft
Jamie BarnettChief Marketing Officer,
Netskope
© 2015 Netskope. All Rights Reserved. 3
Brief Introduction of Netskope
• Leader in safe cloud enablement• Founded in 2012• Architects from Palo Alto Networks,
Juniper, Cisco, McAfee, VMware
• Microsoft Premier Solutions Partner, member of OneAPI advisory board, and invite-only Microsoft O365 TAP program
+
Professional Tools & Capabilities
“Our Ability to quickly expand and open new franchises would not be possible without the turnkey capabilities enabled by office 365.”
Ted Vu -Cofounder, Tastea Learn More
Low Total Cost of Ownership
“Thanks to the high level of security and reliability of Office 365, HSS avoids the need to hire staff to manage security that would be required with using exchange server.“
Marina Johnson -Chief Information Officer, HSS Learn More
Secure Future
“We could see that the Microsoft solution was very robust and complete, and we liked their strategy for integration between on-premises systems and cloud service.“
Leandro Balbinot -Chief Information Officer, Lojas Renner Learn More
Low/No Switching Costs
“Microsoft Office 365 works with Active Directory, so we have more control in administering our environment - while delivering benefits like a single sign-on experience to employees.”
Muttia Alkhayyat -Chief Information Officer, UrbaCon Learn More
Security, Compliance & Privacy
“WITH office 365, Microsoft could meet all of our security requirements in addition to our needs for regulatory and legal compliance.”
Charles Wardrip -Vice President of Information Technology and Infrastructure Services, Kindred HealthcareLearn More
All possible with Office 365 -online, on-premises, or hybrid.
5 Things Customers Want…
© 2015 Netskope. All Rights Reserved. 6
Observed in Netskope Cloud
• Massive adoption of Office 365, monetizing Live and gaining share
• 37% and 124% QoQ growth in O365 Outlook and OneDrive, respectively
• “For business” versions in top 20 for first time
Source: Netskope Cloud Report, Summer 2015
© 2015 Netskope. All Rights Reserved. 7
Helped by CIOs’ Shadow IT Consolidation Efforts
Source: Wall Street Journal
© 2015 Netskope. All Rights Reserved. 8
Security teams aremoving more cautiously
Lines of business have big plans and are moving fast
© 2015 Netskope. All Rights Reserved. 9
Office 365 a Leader in Enterprise-Readiness and Security
© 2015 Netskope. All Rights Reserved. 10
The Cloud Requires a Shared Responsibility Model
App Vendors’ Responsibility:Make Apps Secure
Users’ Responsibility:Be Good Stewards of Policy
and Sensitive Data
© 2015 Netskope. All Rights Reserved. 11
Your Data Are in the Cloud Like Never Before(Ponemon: 30% of Business Information in the Cloud)
30%
70%
Source: Data Breach: The Cloud Multiplier Effect, Ponemon, 2014
© 2015 Netskope. All Rights Reserved. 12
Netskope Cloud Report: 17.9% of Files Violate DLP Policy
30%
70%
Source: Netskope Cloud Report, Summer 2015
© 2015 Netskope. All Rights Reserved. 13
Source: Netskope Cloud Report, Summer 2015
© 2015 Netskope. All Rights Reserved. 14
Ecosystems – The Way of the World
• Two dozen apps, on average, per “anchor tenant”
• Share data, complete workflows
• IT only aware of 10% of all apps
• Not all apps created equal
Source: Cloud App Ecosystems: Why They Should Matter to You, Netskope, 2015
Advice for Security Teams
© 2015 Netskope. All Rights Reserved. 15
Understand the LOB’s plans for deploying Office 365. Apps? Timelines? Solutions & workflows involving ecosystem apps?
Articulate your policies. Let them know how thisapplies to the cloud apps they’re using.
Put a plan in place to encourage consumptionof Office 365 through user coaching.
19
Allow is the new block (allow is new block green light slide)
Without getting in the way of business process.
Security Brass Tacks
© 2015 Netskope. All Rights Reserved. 20
© 2015 Netskope. All Rights Reserved.
Key Security Requirements for a Shared Responsibility Model
21
Policy and Access Control
Risk
Anomalies
Forensics
Data Governance
© 2015 Netskope. All Rights Reserved. 22
Policy and Access Control Across the Suite and its Ecosystem
CreateDelete
DownloadEdit
Login AttemptLogin Failed
Login SuccessfulLogout
PostShare
UploadView
View All
Office 365 users (on-campus, mobile, remote)
© 2015 Netskope. All Rights Reserved. 23
First, admins. Separate admin privileges across apps, e.g., Exchange and SharePoint privileges. “Least privilege.”
© 2015 Netskope. All Rights Reserved.
Three Must-Haves for Shared Responsibility in Office 365
24
Policy and Access Control
Risk
Anomalies
Forensics
Data Governance
for
Next, users: Grant granular access policies, e.g., web-only email for BYOD; full suite for corporate-issued.
25© 2015 Netskope. All Rights Reserved.
Don’t Forget the Ecosystem!(Azure AD can bring ecosystem apps into your identity fold)
★★
★
★
★
★
© 2015 Netskope. All Rights Reserved. 26
Then, Discover and Govern Sensitive Data
API-based DLP
In-line DLP
Find and control content already in Office 365
Monitor and control content en route
to and from Office 365and its ecosystem
27© 2015 Netskope. All Rights Reserved.
© 2014 Netskope. All Rights Reserved. 28
Finally, Detect Risks and Anomalies in O365 and its Ecosystem
• Detect non-compliant behavior and security threats
• Behaviors like excessive downloads or failed logins
• Same user logins from two separate devices or locations
© 2015 Netskope. All Rights Reserved. 29
And Keep Robust Audit Trails
• Conduct forensic analysis across all cloud apps
• Confirm and report on suspicious activity
• Don’t guess; prove it so you can take action
WHO?WHAT?WHEN?WITH WHOM?FROM WHERE?TO WHERE?ON WHAT DEVICE? OS? BROWSER?…EVERYTHING!
© 2015 Netskope. All Rights Reserved. 30
Examples from the Front Lines
© 2015 Netskope. All Rights Reserved. 31
© 2015 Netskope. All Rights Reserved. 32
GLOBAL RETAILER
Solution:• Netskope for Office 365
• Netskope Active
• Netskope Active DLP
Challenges:• New roll-out of Office 365
• Granular admin controls, user auditing, and by-device access control
• Data visibility within/en route to suite, including doc fingerprinting
Benefits:• Secure content in Office 365 by discovering content against PCI and PII profiles
• Visibility and usage control for 20,000 knowledge workers and lightweight control for Yammer for 160,000 hourly employees
+
© 2015 Netskope. All Rights Reserved. 33
Solution:• Netskope for Office 365
• Netskope Active
• Netskope Active DLP
Challenges:• Security audit revealed cloud risk
• Migration from alternative to Office 365
• Visibility into PCI and PII in cloud for 200,000+ global employees
Benefits:• Discover DLP violations (PCI and PII) in Google Apps and prioritize migration to Office 365
• Legal hold for content related to legal and regulatory investigation
• Visibility and control for all apps; identify and coach users of alternatives to Office 365
GLOBAL HOSPITALITY CO.+