Office 365 security concerns, EU General Data Protection Regulation (GDPR)
-
Upload
sonja-madsen -
Category
Internet
-
view
1.248 -
download
1
Transcript of Office 365 security concerns, EU General Data Protection Regulation (GDPR)
![Page 1: Office 365 security concerns, EU General Data Protection Regulation (GDPR)](https://reader036.fdocuments.in/reader036/viewer/2022070518/58e8cdca1a28abb3398b50d7/html5/thumbnails/1.jpg)
Office 365 Security ConcernsSonja Madsen
![Page 2: Office 365 security concerns, EU General Data Protection Regulation (GDPR)](https://reader036.fdocuments.in/reader036/viewer/2022070518/58e8cdca1a28abb3398b50d7/html5/thumbnails/2.jpg)
SONJA MADSEN
SONJASAPPS2015 Office App Awards Best International Developer
Microsoft Most Valuable Professional
[email protected]@sonjamadsenwww.sonjasapps.com
![Page 3: Office 365 security concerns, EU General Data Protection Regulation (GDPR)](https://reader036.fdocuments.in/reader036/viewer/2022070518/58e8cdca1a28abb3398b50d7/html5/thumbnails/3.jpg)
Office 365
SharePointOfficeSkypeAzure AD
![Page 4: Office 365 security concerns, EU General Data Protection Regulation (GDPR)](https://reader036.fdocuments.in/reader036/viewer/2022070518/58e8cdca1a28abb3398b50d7/html5/thumbnails/4.jpg)
Anywhere, Anytime
![Page 5: Office 365 security concerns, EU General Data Protection Regulation (GDPR)](https://reader036.fdocuments.in/reader036/viewer/2022070518/58e8cdca1a28abb3398b50d7/html5/thumbnails/5.jpg)
Data security, governance and compliance
![Page 6: Office 365 security concerns, EU General Data Protection Regulation (GDPR)](https://reader036.fdocuments.in/reader036/viewer/2022070518/58e8cdca1a28abb3398b50d7/html5/thumbnails/6.jpg)
Office 365 Security
Physical, Logical, Data, Customer Controlled
![Page 7: Office 365 security concerns, EU General Data Protection Regulation (GDPR)](https://reader036.fdocuments.in/reader036/viewer/2022070518/58e8cdca1a28abb3398b50d7/html5/thumbnails/7.jpg)
Physical Security• Secret location• Badges• Smart cards • Biometric scanners• Motion sensors• Security officers• Video surveillance • Two-factor authentication
![Page 8: Office 365 security concerns, EU General Data Protection Regulation (GDPR)](https://reader036.fdocuments.in/reader036/viewer/2022070518/58e8cdca1a28abb3398b50d7/html5/thumbnails/8.jpg)
Logical Security• Automated operations• Customer Lock Box
![Page 9: Office 365 security concerns, EU General Data Protection Regulation (GDPR)](https://reader036.fdocuments.in/reader036/viewer/2022070518/58e8cdca1a28abb3398b50d7/html5/thumbnails/9.jpg)
Data Security• Multi-tenant service• SSL/TLS• BitLocker
![Page 10: Office 365 security concerns, EU General Data Protection Regulation (GDPR)](https://reader036.fdocuments.in/reader036/viewer/2022070518/58e8cdca1a28abb3398b50d7/html5/thumbnails/10.jpg)
Data Loss Prevention (DLP)Mobile device management (MDM)Password and multi-factor authenticationMessage encryption and S/MIME IP filtering EU General Data Protection Regulation and Rights
Customer Controlled Security
![Page 11: Office 365 security concerns, EU General Data Protection Regulation (GDPR)](https://reader036.fdocuments.in/reader036/viewer/2022070518/58e8cdca1a28abb3398b50d7/html5/thumbnails/11.jpg)
Data Loss Prevention (DLP)• Sensitive data such as social security or
credit card numbers
![Page 12: Office 365 security concerns, EU General Data Protection Regulation (GDPR)](https://reader036.fdocuments.in/reader036/viewer/2022070518/58e8cdca1a28abb3398b50d7/html5/thumbnails/12.jpg)
• Office 365 Compliance• SAS 70 / SSAE16 Assessments• ISO 27001• HIPAA-Business Associate Agreement• FISMA/FedRAMP Authority to Operate• PCI DSS Level One
Regulatory standards
![Page 13: Office 365 security concerns, EU General Data Protection Regulation (GDPR)](https://reader036.fdocuments.in/reader036/viewer/2022070518/58e8cdca1a28abb3398b50d7/html5/thumbnails/13.jpg)
• Sensitive data in emails• Data management• Content search• Service assurance
Security & Compliance
![Page 14: Office 365 security concerns, EU General Data Protection Regulation (GDPR)](https://reader036.fdocuments.in/reader036/viewer/2022070518/58e8cdca1a28abb3398b50d7/html5/thumbnails/14.jpg)
Mobile device management (MDM)• Windows Phone 8.1• iOS 7.1 or later versions• Android 4 or later versions• Windows 8.1*• Windows 8.1 RT*
![Page 15: Office 365 security concerns, EU General Data Protection Regulation (GDPR)](https://reader036.fdocuments.in/reader036/viewer/2022070518/58e8cdca1a28abb3398b50d7/html5/thumbnails/15.jpg)
MDM
• Require a 4-digit password and block Bluetooth• Control mobile access• Wipe only corporate data
![Page 16: Office 365 security concerns, EU General Data Protection Regulation (GDPR)](https://reader036.fdocuments.in/reader036/viewer/2022070518/58e8cdca1a28abb3398b50d7/html5/thumbnails/16.jpg)
Password and multi-factor authentication
• "Hard" passwords• Expiration• A phone call, text message, or an
app notification
![Page 17: Office 365 security concerns, EU General Data Protection Regulation (GDPR)](https://reader036.fdocuments.in/reader036/viewer/2022070518/58e8cdca1a28abb3398b50d7/html5/thumbnails/17.jpg)
Message encryption and S/MIME
• Send a message with a link to a page • Authenticate with login and one-time passcode• Anti-malware/spam controls • Company-wide blacklists and whitelists
• S/MIME uses certificates to digitally sign and encrypt the email content• Sender's email client encrypts message with recipient's public key • Recipient's private key is used to validate sender's certificate
![Page 18: Office 365 security concerns, EU General Data Protection Regulation (GDPR)](https://reader036.fdocuments.in/reader036/viewer/2022070518/58e8cdca1a28abb3398b50d7/html5/thumbnails/18.jpg)
IP Filtering
![Page 19: Office 365 security concerns, EU General Data Protection Regulation (GDPR)](https://reader036.fdocuments.in/reader036/viewer/2022070518/58e8cdca1a28abb3398b50d7/html5/thumbnails/19.jpg)
RMS
• Azure RMS for rights management on OneDrive, Exchange Online and SharePoint Online• Uses encryption, identity, and authorization policies• Encryption keys used to enforce RMS policies are stored in the cloud
![Page 20: Office 365 security concerns, EU General Data Protection Regulation (GDPR)](https://reader036.fdocuments.in/reader036/viewer/2022070518/58e8cdca1a28abb3398b50d7/html5/thumbnails/20.jpg)
EU General Data Protection Regulation and Rights
• One low for all EU states• One-stop-shop• Ensure companies outside of the EU
comply with new rules• The same rules for all companies
![Page 21: Office 365 security concerns, EU General Data Protection Regulation (GDPR)](https://reader036.fdocuments.in/reader036/viewer/2022070518/58e8cdca1a28abb3398b50d7/html5/thumbnails/21.jpg)
GDPR• Right to be forgotten• Explicit consent when processing data• Easier access to one’s own data• Data protection by design and by default• Notified in case of data breach• “Services for data” at risk
![Page 22: Office 365 security concerns, EU General Data Protection Regulation (GDPR)](https://reader036.fdocuments.in/reader036/viewer/2022070518/58e8cdca1a28abb3398b50d7/html5/thumbnails/22.jpg)
Denmark
• Stricter laws• Cross-border data transfers• Data Protection Officer or DPO
![Page 23: Office 365 security concerns, EU General Data Protection Regulation (GDPR)](https://reader036.fdocuments.in/reader036/viewer/2022070518/58e8cdca1a28abb3398b50d7/html5/thumbnails/23.jpg)
How Can You Prepare• 2018• Data protection Officer• Systems and data strategy
![Page 24: Office 365 security concerns, EU General Data Protection Regulation (GDPR)](https://reader036.fdocuments.in/reader036/viewer/2022070518/58e8cdca1a28abb3398b50d7/html5/thumbnails/24.jpg)
Metalogix• ControlPoint• Sensitive Content Manager
![Page 25: Office 365 security concerns, EU General Data Protection Regulation (GDPR)](https://reader036.fdocuments.in/reader036/viewer/2022070518/58e8cdca1a28abb3398b50d7/html5/thumbnails/25.jpg)
Thank You