how does microsoft secure my email with office 365

Loryan StrantOffice 365 MVP

Paradyne

How Does Microsoft Secure

My Email with Office 365?

www.devconnections.com

SESSION TITLE

WHO AM I? Office 365 MVP & vTSP

Business owner

Blogger

Speaker

http://thecloudmouth.com@thecloudmouth

www.devconnections.com

SESSION TITLE

WHAT AM I TALKING ABOUT?

Security of public cloud

Microsoft and security

Owning it

Peace of mind

3

www.devconnections.com

SESSION TITLE

PUBLIC CLOUD SECURITY

Drag picture to placeholder or click icon to add

It is possible!

It does exist!

4

www.devconnections.com

SESSION TITLE

5

MICROSOFT AND SECURITY

Historically questionable / laughable

Trustworthy Computing Initiative

Has come a long way

Often more secure than competitors

www.devconnections.com

SESSION TITLE

6

OFFICE 365 SECURITY

www.devconnections.com

SESSION TITLE

7

OFFICE 365 SECURITY

Built-in security

•24-hour monitored physical hardware•Isolated customer data•Automated operations•Secure network•Encrypted data

Best practices

•Security development lifecycle•Preventing DoS attacks•Breach prevention & management

Customer controls

•Advanced encryption•Federation and SSO provisions•Two-factor authentication

www.devconnections.com

SESSION TITLE

8

ENCRYPTION

Secure Data

3rd Party Solution

s

Rights Management

BitLocker & SSL

www.devconnections.com

SESSION TITLE

9

ENCRYPTION: BITLOCKER & SSL

Email data in the datacentre is encrypted at rest using BitLocker

Data in transit is encrypted using SSL/TLS

Opportunistic TLS

Forced TLS

www.devconnections.com

SESSION TITLE

10

ENCRYPTION: RIGHTS MANAGEMENT

Encrypts individual files

Supported in Office 2010 & 2013, OWA & ActiveSync

Define who can open, modify, print, forward, save.

Set expiry on content

Integrated with Exchange Online & SharePoint Online

Use on-prem AD or WAAD

www.devconnections.com

SESSION TITLE

11

ENCRYPTION: 3RD PARTY – WHY?

Loss of control

Peace of mind

Not about distrust of Microsoft

Will work, but is not supported

www.devconnections.com

SESSION TITLE

12

3RD PARTY ENCRYPTION COMPARISON

S/MIME

•Supported in Outlook, not OWA

PGP•Desktop client•No server-side•Individual control•Not supported

Vaultive•Gateway between Exchange & user•Virtual appliance•Mixed mode

CipherCloud

•Similar to Vaultive•Supports other solutions

www.devconnections.com

SESSION TITLE

13

WHAT DOES ENCRYPTION LOOK LIKE?

www.devconnections.com

SESSION TITLE

14

DEMONSTRATION

www.devconnections.com

SESSION TITLE

SUBPOENA WORKFLOW

Subpoena / Court Order

served

Engage your lawyer

Respond to subpoena after legal

consultation

Comply with agreed upon

terms

Serve objections

Move to quash

subpoena Move for protective

order

Subpoena/Court Order served to CSP CSP turns over your data

Subpoena Workflow for On-Premise Email / Data

Subpoena Workflow for Cloud Email / Data

www.devconnections.com

SESSION TITLE

SUBPOENA WORKFLOW REVISITED

Subpoena / Court Order

served

Engage your lawyer

Respond to subpoena after legal

consultation

Serve objections

Move to quash

subpoena Move for protective

order

Comply with agreed upon

terms

Subpoena served to

CSP

CSP turns over

useless gibberish

Court resubmits subpoena

to end user

End User engages

their lawyer

Serve objection

s Move to quash

subpoenaMove for

protective order

Comply with the agreed upon terms

Subpoena Workflow for On-Premise Email / Data

With Encryption: Subpoena Workflow for Cloud Email / Data

www.devconnections.com

SESSION TITLE

17

COMPLIANCE FEATURES

Data loss prevention (DLP)

Auditing and retention policies

eDiscovery

Data spillage management

www.devconnections.com

SESSION TITLE

18

WHAT ELSE?

Safe/blocked senders

BYO mail filtering service

Custom routing of outbound mail

Protected voicemail

Hybrid

www.devconnections.com

SESSION TITLE

19

INDEPENDENT VERIFICATION & COMPLIANCE

ISO 27001

FISMA

HIPAA BAA

EU Model Clauses

Cloud Security Alliance

www.devconnections.com

SESSION TITLE

20

KEEPING IT REAL

Security

Hybrid/routing

Encryption

Compliance

Rights Management

www.devconnections.com

SESSION TITLE

21

MORE INFORMATION

Office 365 Trust Center: http://trust.office365.com

Security in Office 365 white paper: http://www.microsoft.com/en-us/download/details.aspx?id=26552

Global Foundation Services: http://www.globalfoundationservices.com

www.devconnections.com

SESSION TITLE

22

THANK YOUQuestions?

http://thecloudmouth.com@thecloudmouth