Proven Practices for Office 365 Deployment, Security and Management

1

Proven Practices for Office 365 Deployment, Security and Management

June 3, 2015

2

Proven Practices for Office 365 Deployment, Security and Management

3

PERFICIENT PROFILE Founded in 1997 Public, NASDAQ: PRFT 2014 revenue ~$456 million

Major market locations:

Allentown, Atlanta, Ann Arbor, Boston, Charlotte, Chicago, Cincinnati, Columbus, Dallas, Denver, Detroit, Fairfax, Houston, Indianapolis, Lafayette, Milwaukee, Minneapolis, New York City, Northern California, Oxford (UK), Southern California, St. Louis, Toronto

Global delivery centers in China and India >2,600 colleagues Dedicated solution practices ~90% repeat business rate Alliance partnerships with major technology vendors Multiple vendor/industry technology and growth awards

4

Perficient has consistently been recognized by Microsoft as one of the software giant’s most valuable partners– and especially in regards to the cloud.

With nationally-known experts on the Office 365, Azure and Yammer platforms– as well as a deep and rich history in SharePoint, Lync (now Skype for Business), and Exchange– we are well positioned to partner with you as you transform your business.

www.perficient.com/microsoft

Perficient & Microsoft A rich relationship that has made us a Premier Cloud Partner, Nationwide

5

Why Office 365? Aging On-Premises Infrastructure • Exchange 2003 / 2007 environments • Storage constraints • Eliminate the burden of upgrades

Lack of Security / Compliance Functionality • Data Loss Prevention (DLP) • Rights Management Services (RMS) • Multi-Factor Authentication (MFA) • Encryption

Need for Mobile Enablement • Support for laptops, tablets, phones

6

35% of Exchange install base is on Office 365

Nearly 80% of the Fortune 500 have Office 365

Over 80% of Office 365 Enterprise customers have two or more workloads

7

Best Practices Get Started… Now

• Acquire licensing (trial, EA) • Identify an appropriate pilot group • Consider workloads such as OneDrive

for Business or Office 365 ProPlus

Accept Changes

• Network • Security • Provisioning

Seek Support & Experience

• Look for certified vendors • Leverage Microsoft documentation

and training • Work with a deployment partner

8

Common Mistakes To Avoid Organizational • Excluding groups such as IT Security • Lack of buy-in from the necessary parties • Insufficient resource planning / prioritization

Project Execution • Executing a pilot without a good cross-section of users • Lack of understanding of product functionality • New feature overload

User Impact • Lack of communication

9

First Step to the Cloud: Identity & Authentication IDENTITY Questions • What is our source of user identities? • How do we manage the lifecycle of these identities?

Goals • Leverage existing directories we have in place • Reduce the required IT management of directories • Don’t ask our users to manage another account for every cloud

application • Implement cloud solutions without adding additional on-premises

dependencies

10

First Step to the Cloud: Identity & Authentication AUTHENTICATION Questions • Is it secure? • How fast can I have it?

Goals • Fast deployment • Achieving “Single-Sign On Zen” • Ensure high-availability of authentication services • Implement cloud solutions with minimal additional on-premises

dependencies • Provide a consistent login experience across devices and platforms • Deploy a solution that supports all of our cloud services

Copyright © 2015 Centrify Corporation. All Rights Reserved. 11

Centrify Identity Service Reduce time, cost and risk of migrating to Office 365


First Step to the Cloud: Identity & Authentication

• Leverage existing directories • Reduce the required IT management

of directories • Don’t ask our users to manage

another account for every cloud application (No more passwords!)

• Deploy a solution that supports all of our cloud services

• Fast Deployment • Achieving Single-Sign On Zen • Ensure High-Availability • Provide a consistent login experience

across devices and platforms

Security Goals Deployment Goals

Implement cloud solutions with minimal additional on-premises dependencies


Centrify Identity Service Secure and simplify your Office 365 deployment

app app app

Secure Deployment


Secure by Design: Powered by Azure

Current and planned

• Zero-downtime architecture

• Worldwide multi-region data centers

• Localized into 15+ languages

• 24x7 support with regional sales teams and more than 250 resellers

• SSAE 16 SOC 2, TRUSTe, EU Safe Harbor

+


Secure by Design: Validated by Microsoft

Microsoft has tested and certified Centrify Identity Service as a “Works with Office 365” solution

Established protocols and premier support agreements between Centrify and Microsoft ensure quality joint customer support

Best-in-class support for Office365 deployments


Leverage Existing Directories — Reduce IT Overhead

The most flexible options for storing identity

Purely in the cloud No replication to cloud

(On-prem with class-leading AD/LDAP integration)

Combination (Subset of users in AD/LDAP +

another subset in cloud)


No New Passwords to Hack — Single Sign-On (SSO) Robust app support • Class-leading support O365 • Direct support for thousands of other apps

Add your own apps • Easy to customize generic SAML app • Add your own username/password apps

Rich mobile app support • Leading ISVs (Box, Dropbox) support SDK • Mobile Authentication Services SDK

for your custom apps (developers.centrify.com)

Centrify infinite apps • Browser plugin to discover username/password apps • Auto-detection with manual fallback

http://www.centrify.com/developers


Secure Office 365 access starts at the device

• MDM: IT needs to ensure security of underlying mobile devices

• MAM: IT needs to deploy appropriate apps to the device

• ZSO: End users hate typing in passwords, especially on mobile

• MFA: Trusted devices and wearables are simplest method for step-up authentication

Centrify uniquely combines identity + mobility management

Integrated Mobile Management

Device Management

(MDM)

Container Management

(MCM) Samsung

KNOX

Application Management

(MAM)

Authentication Services (MAS)

App Zero Sign-On

(ZSO)

Centrify Mobile

Authenticator

Mobile User Self-Service


Policy & MFA to Strengthen Security for Office 365 Per-App Authentication Policies

• Allow/deny or step-up authentication • Based on

• Time of day, work hours • Inside/outside corporate network • User role or attributes • Device attributes (type, management status) • Location • App client attributes • Custom logic

Multifactor Authentication • Centrify Authenticator soft token with unique one-button authentication • One time passcode (OTP) over SMS text, email, or push notification • Interactive phone call to user’s mobile device plus required confirmation

for authentication to proceed

Fast and Easy Deployment


Automated Lifecycle Management for Office 365

Onboard Update

Create

Enable Mobile

Monitor/ Report

Offboard

Granular Licensing With integrated counts and

role-based consumption

Single Sign-On Multifactor Authentication Integrated Windows Authentication


Centrify Identity Platform…

Centrify Cloud Connector

App Gateway AD/LDAP Proxy

Centrify Identity Platform

Cloud Directory

Authentication Engine

MFA and Policy Engine

Reporting Engine

CENTRIFY CLOUD

Mobile App

User Portal

Application Single Sign-On

Enterprise Mobility Management

User Provisioning

Mac Management

Centrify Identity Service

Admin Portal


Installs in minutes

…Supports On-prem, Cloud, and Hybrid Deployment

CENTRIFY CLOUD

Centrify Cloud Connector

App Gateway AD Proxy


SSO for On-Prem SharePoint via App Gateway

Secure on-premises access – without VPN

• Securely deliver remote access to internal SharePoint and other applications

• Reduce risk by eliminating need for VPN access to internal network

• Allow remote or mobile access for users without hassle of VPN

Built into Centrify Cloud Connector with automatic failover and load balancing


Why Centrify Identity Service? Simplify and Secure your Office 365 Deployment

Tied to AD Class-leading AD integration without replication Automated provisioning, including granular licensing for Office 365

Full mobile management Mobile device and app management MFA with granular per-app policies

Turnkey IDaaS offering SSO for O365 and thousands of other apps User portal for self-service password reset, app access, mobile enrollment, and more

Powered By Azure “Works with Office 365” Certified Localized into 15+ local languages SSAE 16 SOC 2, TRUSTe, EU Safe Harbor

Thank You!

Request a trial http://www.centrify.com/free-trial/

http://www.centrify.com/free-trial/

Proven Practices for Office 365 Deployment, Security and Management

Technology

Transcript of Proven Practices for Office 365 Deployment, Security and Management