SlideShare une entreprise Scribd logo

Securing the new remote workforce

Télécharger en tant que PPTX, PDF
Empired
Empired

As organisations around the world face a pandemic, businesses are quickly focusing on how to overcome serious challenges. One of these is how to enable a significant portion, if not all, of our workforce to work securely from home. Keeping people safe is at the forefront of this process. Organisations also want to keep their business and sensitive data secure at the same time. We are here to help you get a better understanding of all the security risks and learn the steps to prevent unnecessary risk. While every organisation is different and every journey will be unique, there are a couple of approaches that allow businesses to operate in a risk-appropriate manner by enabling better access to security decisions. On this webinar recording we share some of our insights, experience and customer stories, addressing some of your queries and concerns. To watch the recording visit https://www.empired.com/ReimagineWork

Technologie
1  sur  29
Securing the new remote workforce
Introducing your speaker… Gavin van Nierkerk Practice Lead Modern Workplace Lead Cybersecurity Team
LESS THAN 3%
GREATER THAN 98%
3%Your security designs are all focused on this being the assumption 98%98% - Your security designs need to shift focus
Media
THE COVID-19 PANDEMIC HAS UNLEASHED A WAVE OF CYBER ATTACKS – HERE’S HOW TO PROTECT YOURSELF
On-premise/ private cloud
Approach
Zero Trust/Lean Trust isn’t… <what?> “Strong identity + device health + least privilege user access and verified with telemetry” LITERAL You can’t build a practical strategy around absolutes AN ADJECTIVE You aren’t going to ‘be’ Zero Trust FOR SALE There’s no such thing as ‘Zero Trust’ tech INSTANT You can’t boil the ocean A REVOLUTION Build on what you’ve got
Making Zero Trust a reality Do you know what <Zero Trust> is? Have you established a v-team with your stakeholders? Do you know where you are at today with your <Zero Trust> journey? Do you have buy-in from C-level? An approach to security which assumes pervasive risk How do we behave in an environment of pervasive risk? TRADITIONAL OPTIMAL ADVANCED MATURITY MODELStrong Authentication! Enrolled & Managed Devices Risk based management – Identity, Device, Session
Every company is at a different stage of their journey to the cloud. Maybe identity and device management are your top priorities, or you are digging into multi-factor authentication (MFA) or desktop virtualisation. Every IT leader needs to define the priorities to enable productivity from anywhere across their organisation’s workforce. We get that, and we want to help. The Journey
Assumptions vs. Reality Users are employees Corporate managed devices On-premises apps Corp network and firewall Local packet tracking and logs Employees, contractors, partners & customers Bring your own device Explosion of cloud apps Expanding perimeter Overwhelming source of available signal
Customer Questions Customer 1: How can Employees enrol their devices into device management to gain access to company resources? Risk Mitigation: Trusted devices (only). Potentially Intune Scenario 2: How can Security Teams enforce device health checks per application or service? Risk Mitigation: Trusted devices + health (Intune + Defender ATP) + secure app access (Cloud Application Security). Scenario 3: How can Employees and business guests have a secure way to access corporate resources when not using a managed device? Risk Mitigation: Non-trusted devices (Conditional Access Application Control e.g. secure email). One of the biggest benefits of Zero Trust is a change in mindset. An approach to security which treats every access attempt as if it’s originating from an untrusted network.
Plan
Major Phases Verify identity Verify device Verify access Verify services All user accounts set up for strong identity enforcement Strong identity enforced for O365 Least privilege user rights Eliminate passwords – biometric based model Device health required for SharePoint, Exchange, Teams on iOS, Android, Mac, and Windows Usage data for Application and Services Device Management required to tiered network access Internet Only for users Establish solutions for unmanaged devices Least privilege access model Device health required for wired/wireless corporate network Grow coverage in Device health requirement Service health concept Device management not required Single factor authentication to resources Capability to enforce strong identity exists Pre-Zero Trust U S E R & A C C E S S T E L E M E T RY
1. Connect all apps for Single Sign On 2. Strong Authentication using Multi-Factor Auth and Risk Detection 3. Enforce Policy Based Access for breach containment Identity teams – here is your to-do list:
1. Register devices with your Identity Provider 2. Implement MDM based security baselines and compliance reporting 3. Use endpoint threat detection to monitor device risk Device teams – here is your to-do list:
Network & Infra Security Teams – here is your to-do list: 1. Enable a Cloud Workload Protection solution across your estate 2. Reduce attack surface by enabling just-in-time 3. Use cloud-native controls to create micro-perimeters with real-time threat protection
1. Agree on a label taxonomy and classify all documents and emails with the default label 2. Apply real-time protection to high risk scenarios: sensitive data and unmanaged access in apps 3. Perform Shadow IT discovery and a cloud control program Apps & Data Security Teams – here is your to-do list:
Next Steps
We have run a number assessments for customers to understand how their security models and architecture may need to change in our remote working world. We are concerned at the decreased control businesses have over their overall security posture. …and we want to help.
Next Steps… Take the self assessment: https://info.microsoft.com/ww-landing-Zero-Trust- Assessment.html Feel free to share the results if you want and we can provide insights and guidance.
Next Steps… Visit our page https://www.empired.com/reimaginework https://www.intergen.co.nz/reimaginework Contact us contact@empired.com info@intergen.co.nz
Questions?
Sample Architecture
Corporate Network Geo-location Microsoft Cloud App SecurityMacOS Android iOS Windows Windows Defender ATP Client apps Browser apps Google ID MSA Azure AD ADFS Require MFA Allow/block access Block legacy authentication Force password reset****** Limited access Controls Employee & Partner Users and Roles Trusted & Compliant Devices Physical & Virtual Location Client apps & Auth Method Conditions Machine learning Policies Real time Evaluation Engine Session Risk 3 40TB Effective policy Azure AD Conditional Access
Thank you! For more information please follow contact us here: Linkedin.com/company/empired-ltd Facebook.com/empiredltd Twitter.com/empiredltd Linkedin.com/company/intergen Facebook.com/teamintergen Twitter.com/teamintergen Australia Gavin van Nierkerk Practice Lead Gavin.vanNiekerk@empired.com New Zealand Victor Philp Solutions Manager victor.philp@intergen.co.nz

Recommandé

Creating intelligent content: How to automate personalised, one-to-one market...
Creating intelligent content: How to automate personalised, one-to-one market...Creating intelligent content: How to automate personalised, one-to-one market...
Creating intelligent content: How to automate personalised, one-to-one market...
Empired
 
Taming the feral Teams
Taming the feral TeamsTaming the feral Teams
Taming the feral Teams
Empired
 
Customer Insights: It's time to get personal
Customer Insights: It's time to get personalCustomer Insights: It's time to get personal
Customer Insights: It's time to get personal
Empired
 
Working Remotely with Microsoft Technologies
Working Remotely with Microsoft TechnologiesWorking Remotely with Microsoft Technologies
Working Remotely with Microsoft Technologies
Empired
 
Empired Convergence 2017 - Transforming you customer experience
Empired Convergence 2017 - Transforming you customer experienceEmpired Convergence 2017 - Transforming you customer experience
Empired Convergence 2017 - Transforming you customer experience
Empired
 
Empired convergence 2017 - Data as your Most Strategic Asset
Empired convergence 2017 - Data as your Most Strategic AssetEmpired convergence 2017 - Data as your Most Strategic Asset
Empired convergence 2017 - Data as your Most Strategic Asset
Empired
 
Empired Convergence 2017 - Business Transformation Across the Enterprise
Empired Convergence 2017 - Business Transformation Across the EnterpriseEmpired Convergence 2017 - Business Transformation Across the Enterprise
Empired Convergence 2017 - Business Transformation Across the Enterprise
Empired
 
Empired Convergence 2017 - Bringing your People on the Change Journey
Empired Convergence 2017 - Bringing your People on the Change JourneyEmpired Convergence 2017 - Bringing your People on the Change Journey
Empired Convergence 2017 - Bringing your People on the Change Journey
Empired
 

Recommandé

Creating intelligent content: How to automate personalised, one-to-one market...
Creating intelligent content: How to automate personalised, one-to-one market...Creating intelligent content: How to automate personalised, one-to-one market...
Creating intelligent content: How to automate personalised, one-to-one market...
Empired
 
Taming the feral Teams
Taming the feral TeamsTaming the feral Teams
Taming the feral Teams
Empired
 
Customer Insights: It's time to get personal
Customer Insights: It's time to get personalCustomer Insights: It's time to get personal
Customer Insights: It's time to get personal
Empired
 
Working Remotely with Microsoft Technologies
Working Remotely with Microsoft TechnologiesWorking Remotely with Microsoft Technologies
Working Remotely with Microsoft Technologies
Empired
 
Empired Convergence 2017 - Transforming you customer experience
Empired Convergence 2017 - Transforming you customer experienceEmpired Convergence 2017 - Transforming you customer experience
Empired Convergence 2017 - Transforming you customer experience
Empired
 
Empired convergence 2017 - Data as your Most Strategic Asset
Empired convergence 2017 - Data as your Most Strategic AssetEmpired convergence 2017 - Data as your Most Strategic Asset
Empired convergence 2017 - Data as your Most Strategic Asset
Empired
 
Empired Convergence 2017 - Business Transformation Across the Enterprise
Empired Convergence 2017 - Business Transformation Across the EnterpriseEmpired Convergence 2017 - Business Transformation Across the Enterprise
Empired Convergence 2017 - Business Transformation Across the Enterprise
Empired
 
Empired Convergence 2017 - Bringing your People on the Change Journey
Empired Convergence 2017 - Bringing your People on the Change JourneyEmpired Convergence 2017 - Bringing your People on the Change Journey
Empired Convergence 2017 - Bringing your People on the Change Journey
Empired
 
Empired Convergence 2017 - Why Convergence
Empired Convergence 2017 - Why ConvergenceEmpired Convergence 2017 - Why Convergence
Empired Convergence 2017 - Why Convergence
Empired
 
Empired Convergence 2017 - Unleashing the Power of the Platform
Empired Convergence 2017 - Unleashing the Power of the PlatformEmpired Convergence 2017 - Unleashing the Power of the Platform
Empired Convergence 2017 - Unleashing the Power of the Platform
Empired
 
Empired Convergence 2017 - The Modern Digital Workplace
Empired Convergence 2017 - The Modern Digital WorkplaceEmpired Convergence 2017 - The Modern Digital Workplace
Empired Convergence 2017 - The Modern Digital Workplace
Empired
 
Empired Convergence 2017 - Keeping Pace, Staying Safe in the Digital World
Empired Convergence 2017 - Keeping Pace, Staying Safe in the Digital WorldEmpired Convergence 2017 - Keeping Pace, Staying Safe in the Digital World
Empired Convergence 2017 - Keeping Pace, Staying Safe in the Digital World
Empired
 
Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinar
Empired
 
Dynamics Day 2017 Adelaide - Customer Experience Design
Dynamics Day 2017 Adelaide - Customer Experience Design Dynamics Day 2017 Adelaide - Customer Experience Design
Dynamics Day 2017 Adelaide - Customer Experience Design
Empired
 
Dynamics Day 2017 Adelaide - Dynamics 365 making it real
Dynamics Day 2017 Adelaide - Dynamics 365 making it realDynamics Day 2017 Adelaide - Dynamics 365 making it real
Dynamics Day 2017 Adelaide - Dynamics 365 making it real
Empired
 
Dynamics Day 2017 Adelaide - Dynamics 365 Enterprise Operations
Dynamics Day 2017 Adelaide - Dynamics 365 Enterprise OperationsDynamics Day 2017 Adelaide - Dynamics 365 Enterprise Operations
Dynamics Day 2017 Adelaide - Dynamics 365 Enterprise Operations
Empired
 
Dynamics Day 2017 Adelaide - IoT, Machine Learning and Big Data actionable in...
Dynamics Day 2017 Adelaide - IoT, Machine Learning and Big Data actionable in...Dynamics Day 2017 Adelaide - IoT, Machine Learning and Big Data actionable in...
Dynamics Day 2017 Adelaide - IoT, Machine Learning and Big Data actionable in...
Empired
 
Disaster Recovery: the Main Roads story
Disaster Recovery: the Main Roads storyDisaster Recovery: the Main Roads story
Disaster Recovery: the Main Roads story
Empired
 
Dynamics Day 2017 Melbourne - transform you decision making
Dynamics Day 2017 Melbourne - transform you decision makingDynamics Day 2017 Melbourne - transform you decision making
Dynamics Day 2017 Melbourne - transform you decision making
Empired
 
Dynamics Day 2017 Melbourne - Melbourne Racing Club Digital Transformation
Dynamics Day 2017 Melbourne - Melbourne Racing Club Digital TransformationDynamics Day 2017 Melbourne - Melbourne Racing Club Digital Transformation
Dynamics Day 2017 Melbourne - Melbourne Racing Club Digital Transformation
Empired
 
Dynamics Day 2017 Melbourne: Dynamics 365 Enterprise operations
Dynamics Day 2017 Melbourne: Dynamics 365 Enterprise operationsDynamics Day 2017 Melbourne: Dynamics 365 Enterprise operations
Dynamics Day 2017 Melbourne: Dynamics 365 Enterprise operations
Empired
 
Dynamics Day 2017 Melbourne: Becoming customer centric
Dynamics Day 2017 Melbourne: Becoming customer centricDynamics Day 2017 Melbourne: Becoming customer centric
Dynamics Day 2017 Melbourne: Becoming customer centric
Empired
 
Dynamics Day 2017 Melbourne: Digital Transformation with Dynamics 365 keynote
Dynamics Day 2017 Melbourne: Digital Transformation with Dynamics 365 keynoteDynamics Day 2017 Melbourne: Digital Transformation with Dynamics 365 keynote
Dynamics Day 2017 Melbourne: Digital Transformation with Dynamics 365 keynote
Empired
 
Dynamics Day 2017 Brisbane: Data Insights
Dynamics Day 2017 Brisbane: Data InsightsDynamics Day 2017 Brisbane: Data Insights
Dynamics Day 2017 Brisbane: Data Insights
Empired
 
Dynamics Day 2017 Brisbane: Dynamics 365 Field and Project Services
Dynamics Day 2017 Brisbane: Dynamics 365 Field and Project ServicesDynamics Day 2017 Brisbane: Dynamics 365 Field and Project Services
Dynamics Day 2017 Brisbane: Dynamics 365 Field and Project Services
Empired
 
Dynamics Day 2017 Brisbane: Dynamics 365 Enterprise Operations
Dynamics Day 2017 Brisbane: Dynamics 365 Enterprise OperationsDynamics Day 2017 Brisbane: Dynamics 365 Enterprise Operations
Dynamics Day 2017 Brisbane: Dynamics 365 Enterprise Operations
Empired
 
Dynamics Day 2017 Brisbane: Dynamics 365 making it real
Dynamics Day 2017 Brisbane: Dynamics 365 making it realDynamics Day 2017 Brisbane: Dynamics 365 making it real
Dynamics Day 2017 Brisbane: Dynamics 365 making it real
Empired
 
Dynamics Day 2017 Perth: Bringing it All Together with Office 365
Dynamics Day 2017 Perth: Bringing it All Together with Office 365Dynamics Day 2017 Perth: Bringing it All Together with Office 365
Dynamics Day 2017 Perth: Bringing it All Together with Office 365
Empired
 
JohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard37
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
WSO2
 

Contenu connexe

Plus de Empired

Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinar
Empired
 

Plus de Empired (20)

Empired Convergence 2017 - Why Convergence
Empired Convergence 2017 - Why ConvergenceEmpired Convergence 2017 - Why Convergence
Empired Convergence 2017 - Why Convergence
 
Empired Convergence 2017 - Unleashing the Power of the Platform
Empired Convergence 2017 - Unleashing the Power of the PlatformEmpired Convergence 2017 - Unleashing the Power of the Platform
Empired Convergence 2017 - Unleashing the Power of the Platform
 
Empired Convergence 2017 - The Modern Digital Workplace
Empired Convergence 2017 - The Modern Digital WorkplaceEmpired Convergence 2017 - The Modern Digital Workplace
Empired Convergence 2017 - The Modern Digital Workplace
 
Empired Convergence 2017 - Keeping Pace, Staying Safe in the Digital World
Empired Convergence 2017 - Keeping Pace, Staying Safe in the Digital WorldEmpired Convergence 2017 - Keeping Pace, Staying Safe in the Digital World
Empired Convergence 2017 - Keeping Pace, Staying Safe in the Digital World
 
Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinar
 
Dynamics Day 2017 Adelaide - Customer Experience Design
Dynamics Day 2017 Adelaide - Customer Experience Design Dynamics Day 2017 Adelaide - Customer Experience Design
Dynamics Day 2017 Adelaide - Customer Experience Design
 
Dynamics Day 2017 Adelaide - Dynamics 365 making it real
Dynamics Day 2017 Adelaide - Dynamics 365 making it realDynamics Day 2017 Adelaide - Dynamics 365 making it real
Dynamics Day 2017 Adelaide - Dynamics 365 making it real
 
Dynamics Day 2017 Adelaide - Dynamics 365 Enterprise Operations
Dynamics Day 2017 Adelaide - Dynamics 365 Enterprise OperationsDynamics Day 2017 Adelaide - Dynamics 365 Enterprise Operations
Dynamics Day 2017 Adelaide - Dynamics 365 Enterprise Operations
 
Dynamics Day 2017 Adelaide - IoT, Machine Learning and Big Data actionable in...
Dynamics Day 2017 Adelaide - IoT, Machine Learning and Big Data actionable in...Dynamics Day 2017 Adelaide - IoT, Machine Learning and Big Data actionable in...
Dynamics Day 2017 Adelaide - IoT, Machine Learning and Big Data actionable in...
 
Disaster Recovery: the Main Roads story
Disaster Recovery: the Main Roads storyDisaster Recovery: the Main Roads story
Disaster Recovery: the Main Roads story
 
Dynamics Day 2017 Melbourne - transform you decision making
Dynamics Day 2017 Melbourne - transform you decision makingDynamics Day 2017 Melbourne - transform you decision making
Dynamics Day 2017 Melbourne - transform you decision making
 
Dynamics Day 2017 Melbourne - Melbourne Racing Club Digital Transformation
Dynamics Day 2017 Melbourne - Melbourne Racing Club Digital TransformationDynamics Day 2017 Melbourne - Melbourne Racing Club Digital Transformation
Dynamics Day 2017 Melbourne - Melbourne Racing Club Digital Transformation
 
Dynamics Day 2017 Melbourne: Dynamics 365 Enterprise operations
Dynamics Day 2017 Melbourne: Dynamics 365 Enterprise operationsDynamics Day 2017 Melbourne: Dynamics 365 Enterprise operations
Dynamics Day 2017 Melbourne: Dynamics 365 Enterprise operations
 
Dynamics Day 2017 Melbourne: Becoming customer centric
Dynamics Day 2017 Melbourne: Becoming customer centricDynamics Day 2017 Melbourne: Becoming customer centric
Dynamics Day 2017 Melbourne: Becoming customer centric
 
Dynamics Day 2017 Melbourne: Digital Transformation with Dynamics 365 keynote
Dynamics Day 2017 Melbourne: Digital Transformation with Dynamics 365 keynoteDynamics Day 2017 Melbourne: Digital Transformation with Dynamics 365 keynote
Dynamics Day 2017 Melbourne: Digital Transformation with Dynamics 365 keynote
 
Dynamics Day 2017 Brisbane: Data Insights
Dynamics Day 2017 Brisbane: Data InsightsDynamics Day 2017 Brisbane: Data Insights
Dynamics Day 2017 Brisbane: Data Insights
 
Dynamics Day 2017 Brisbane: Dynamics 365 Field and Project Services
Dynamics Day 2017 Brisbane: Dynamics 365 Field and Project ServicesDynamics Day 2017 Brisbane: Dynamics 365 Field and Project Services
Dynamics Day 2017 Brisbane: Dynamics 365 Field and Project Services
 
Dynamics Day 2017 Brisbane: Dynamics 365 Enterprise Operations
Dynamics Day 2017 Brisbane: Dynamics 365 Enterprise OperationsDynamics Day 2017 Brisbane: Dynamics 365 Enterprise Operations
Dynamics Day 2017 Brisbane: Dynamics 365 Enterprise Operations
 
Dynamics Day 2017 Brisbane: Dynamics 365 making it real
Dynamics Day 2017 Brisbane: Dynamics 365 making it realDynamics Day 2017 Brisbane: Dynamics 365 making it real
Dynamics Day 2017 Brisbane: Dynamics 365 making it real
 
Dynamics Day 2017 Perth: Bringing it All Together with Office 365
Dynamics Day 2017 Perth: Bringing it All Together with Office 365Dynamics Day 2017 Perth: Bringing it All Together with Office 365
Dynamics Day 2017 Perth: Bringing it All Together with Office 365
 

Dernier

Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
UiPathCommunity
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Orbitshub
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 

Dernier (20)

JohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptx
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 

Securing the new remote workforce

  • 1. Securing the new remote workforce
  • 2. Introducing your speaker… Gavin van Nierkerk Practice Lead Modern Workplace Lead Cybersecurity Team
  • 5. 3%Your security designs are all focused on this being the assumption 98%98% - Your security designs need to shift focus
  • 7. THE COVID-19 PANDEMIC HAS UNLEASHED A WAVE OF CYBER ATTACKS – HERE’S HOW TO PROTECT YOURSELF
  • 10. Zero Trust/Lean Trust isn’t… <what?> “Strong identity + device health + least privilege user access and verified with telemetry” LITERAL You can’t build a practical strategy around absolutes AN ADJECTIVE You aren’t going to ‘be’ Zero Trust FOR SALE There’s no such thing as ‘Zero Trust’ tech INSTANT You can’t boil the ocean A REVOLUTION Build on what you’ve got
  • 11. Making Zero Trust a reality Do you know what <Zero Trust> is? Have you established a v-team with your stakeholders? Do you know where you are at today with your <Zero Trust> journey? Do you have buy-in from C-level? An approach to security which assumes pervasive risk How do we behave in an environment of pervasive risk? TRADITIONAL OPTIMAL ADVANCED MATURITY MODELStrong Authentication! Enrolled & Managed Devices Risk based management – Identity, Device, Session
  • 12. Every company is at a different stage of their journey to the cloud. Maybe identity and device management are your top priorities, or you are digging into multi-factor authentication (MFA) or desktop virtualisation. Every IT leader needs to define the priorities to enable productivity from anywhere across their organisation’s workforce. We get that, and we want to help. The Journey
  • 13. Assumptions vs. Reality Users are employees Corporate managed devices On-premises apps Corp network and firewall Local packet tracking and logs Employees, contractors, partners & customers Bring your own device Explosion of cloud apps Expanding perimeter Overwhelming source of available signal
  • 14. Customer Questions Customer 1: How can Employees enrol their devices into device management to gain access to company resources? Risk Mitigation: Trusted devices (only). Potentially Intune Scenario 2: How can Security Teams enforce device health checks per application or service? Risk Mitigation: Trusted devices + health (Intune + Defender ATP) + secure app access (Cloud Application Security). Scenario 3: How can Employees and business guests have a secure way to access corporate resources when not using a managed device? Risk Mitigation: Non-trusted devices (Conditional Access Application Control e.g. secure email). One of the biggest benefits of Zero Trust is a change in mindset. An approach to security which treats every access attempt as if it’s originating from an untrusted network.
  • 15. Plan
  • 16. Major Phases Verify identity Verify device Verify access Verify services All user accounts set up for strong identity enforcement Strong identity enforced for O365 Least privilege user rights Eliminate passwords – biometric based model Device health required for SharePoint, Exchange, Teams on iOS, Android, Mac, and Windows Usage data for Application and Services Device Management required to tiered network access Internet Only for users Establish solutions for unmanaged devices Least privilege access model Device health required for wired/wireless corporate network Grow coverage in Device health requirement Service health concept Device management not required Single factor authentication to resources Capability to enforce strong identity exists Pre-Zero Trust U S E R & A C C E S S T E L E M E T RY
  • 17. 1. Connect all apps for Single Sign On 2. Strong Authentication using Multi-Factor Auth and Risk Detection 3. Enforce Policy Based Access for breach containment Identity teams – here is your to-do list:
  • 18. 1. Register devices with your Identity Provider 2. Implement MDM based security baselines and compliance reporting 3. Use endpoint threat detection to monitor device risk Device teams – here is your to-do list:
  • 19. Network & Infra Security Teams – here is your to-do list: 1. Enable a Cloud Workload Protection solution across your estate 2. Reduce attack surface by enabling just-in-time 3. Use cloud-native controls to create micro-perimeters with real-time threat protection
  • 20. 1. Agree on a label taxonomy and classify all documents and emails with the default label 2. Apply real-time protection to high risk scenarios: sensitive data and unmanaged access in apps 3. Perform Shadow IT discovery and a cloud control program Apps & Data Security Teams – here is your to-do list:
  • 22. We have run a number assessments for customers to understand how their security models and architecture may need to change in our remote working world. We are concerned at the decreased control businesses have over their overall security posture. …and we want to help.
  • 23. Next Steps… Take the self assessment: https://info.microsoft.com/ww-landing-Zero-Trust- Assessment.html Feel free to share the results if you want and we can provide insights and guidance.
  • 24. Next Steps… Visit our page https://www.empired.com/reimaginework https://www.intergen.co.nz/reimaginework Contact us contact@empired.com info@intergen.co.nz
  • 26.
  • 28. Corporate Network Geo-location Microsoft Cloud App SecurityMacOS Android iOS Windows Windows Defender ATP Client apps Browser apps Google ID MSA Azure AD ADFS Require MFA Allow/block access Block legacy authentication Force password reset****** Limited access Controls Employee & Partner Users and Roles Trusted & Compliant Devices Physical & Virtual Location Client apps & Auth Method Conditions Machine learning Policies Real time Evaluation Engine Session Risk 3 40TB Effective policy Azure AD Conditional Access
  • 29. Thank you! For more information please follow contact us here: Linkedin.com/company/empired-ltd Facebook.com/empiredltd Twitter.com/empiredltd Linkedin.com/company/intergen Facebook.com/teamintergen Twitter.com/teamintergen Australia Gavin van Nierkerk Practice Lead Gavin.vanNiekerk@empired.com New Zealand Victor Philp Solutions Manager victor.philp@intergen.co.nz