how does microsoft secure my email with office 365
DESCRIPTION
Presented at IT/Dev Connections in 2013 at Las Vegas. Covers the security built into Office 365, as well as 3rd party solutions available.TRANSCRIPT
Loryan StrantOffice 365 MVP
Paradyne
How Does Microsoft Secure
My Email with Office 365?
www.devconnections.com
SESSION TITLE
WHO AM I? Office 365 MVP & vTSP
Business owner
Blogger
Speaker
http://thecloudmouth.com@thecloudmouth
www.devconnections.com
SESSION TITLE
WHAT AM I TALKING ABOUT?
Security of public cloud
Microsoft and security
Owning it
Peace of mind
3
www.devconnections.com
SESSION TITLE
PUBLIC CLOUD SECURITY
Drag picture to placeholder or click icon to add
It is possible!
It does exist!
4
www.devconnections.com
SESSION TITLE
5
MICROSOFT AND SECURITY
Historically questionable / laughable
Trustworthy Computing Initiative
Has come a long way
Often more secure than competitors
www.devconnections.com
SESSION TITLE
6
OFFICE 365 SECURITY
www.devconnections.com
SESSION TITLE
7
OFFICE 365 SECURITY
Built-in security
•24-hour monitored physical hardware•Isolated customer data•Automated operations•Secure network•Encrypted data
Best practices
•Security development lifecycle•Preventing DoS attacks•Breach prevention & management
Customer controls
•Advanced encryption•Federation and SSO provisions•Two-factor authentication
www.devconnections.com
SESSION TITLE
8
ENCRYPTION
Secure Data
3rd Party Solution
s
Rights Management
BitLocker & SSL
www.devconnections.com
SESSION TITLE
9
ENCRYPTION: BITLOCKER & SSL
Email data in the datacentre is encrypted at rest using BitLocker
Data in transit is encrypted using SSL/TLS
Opportunistic TLS
Forced TLS
www.devconnections.com
SESSION TITLE
10
ENCRYPTION: RIGHTS MANAGEMENT
Encrypts individual files
Supported in Office 2010 & 2013, OWA & ActiveSync
Define who can open, modify, print, forward, save.
Set expiry on content
Integrated with Exchange Online & SharePoint Online
Use on-prem AD or WAAD
www.devconnections.com
SESSION TITLE
11
ENCRYPTION: 3RD PARTY – WHY?
Loss of control
Peace of mind
Not about distrust of Microsoft
Will work, but is not supported
www.devconnections.com
SESSION TITLE
12
3RD PARTY ENCRYPTION COMPARISON
S/MIME
•Supported in Outlook, not OWA
PGP•Desktop client•No server-side•Individual control•Not supported
Vaultive•Gateway between Exchange & user•Virtual appliance•Mixed mode
CipherCloud
•Similar to Vaultive•Supports other solutions
www.devconnections.com
SESSION TITLE
13
WHAT DOES ENCRYPTION LOOK LIKE?
www.devconnections.com
SESSION TITLE
14
DEMONSTRATION
www.devconnections.com
SESSION TITLE
SUBPOENA WORKFLOW
Subpoena / Court Order
served
Engage your lawyer
Respond to subpoena after legal
consultation
Comply with agreed upon
terms
Serve objections
Move to quash
subpoena Move for protective
order
Subpoena/Court Order served to CSP CSP turns over your data
Subpoena Workflow for On-Premise Email / Data
Subpoena Workflow for Cloud Email / Data
www.devconnections.com
SESSION TITLE
SUBPOENA WORKFLOW REVISITED
Subpoena / Court Order
served
Engage your lawyer
Respond to subpoena after legal
consultation
Serve objections
Move to quash
subpoena Move for protective
order
Comply with agreed upon
terms
Subpoena served to
CSP
CSP turns over
useless gibberish
Court resubmits subpoena
to end user
End User engages
their lawyer
Serve objection
s Move to quash
subpoenaMove for
protective order
Comply with the agreed upon terms
Subpoena Workflow for On-Premise Email / Data
With Encryption: Subpoena Workflow for Cloud Email / Data
www.devconnections.com
SESSION TITLE
17
COMPLIANCE FEATURES
Data loss prevention (DLP)
Auditing and retention policies
eDiscovery
Data spillage management
www.devconnections.com
SESSION TITLE
18
WHAT ELSE?
Safe/blocked senders
BYO mail filtering service
Custom routing of outbound mail
Protected voicemail
Hybrid
www.devconnections.com
SESSION TITLE
19
INDEPENDENT VERIFICATION & COMPLIANCE
ISO 27001
FISMA
HIPAA BAA
EU Model Clauses
Cloud Security Alliance
www.devconnections.com
SESSION TITLE
20
KEEPING IT REAL
Security
Hybrid/routing
Encryption
Compliance
Rights Management
www.devconnections.com
SESSION TITLE
21
MORE INFORMATION
Office 365 Trust Center: http://trust.office365.com
Security in Office 365 white paper: http://www.microsoft.com/en-us/download/details.aspx?id=26552
Global Foundation Services: http://www.globalfoundationservices.com
www.devconnections.com
SESSION TITLE
22
THANK YOUQuestions?
http://thecloudmouth.com@thecloudmouth