Platform + Intelligence + Partners
This new understanding has led us to build new solutions for our customers. It informs our entire approach across three critical elements:
Building a platform that looks holistically across all the critical end-points we talked about – building security into our platform as well as providing security tools and technologies to you
Acting on the Intelligence that comes from our security-related signals and insights – helps you and us to detect threats more quickly
Fostering a vibrant ecosystem of partners who help us raise the bar across the industry – we know we’re not your only security vendor, and we want to work with the industry and take a holistic approach to technology
Microsoft 365 provides holistic security that is aligned to these four pillars of security.
By helping enterprise businesses secure corporate data and manage risk in today’s mobile-first, cloud-first world Microsoft 365 E5 enables customers to digitally transform by unifying user productivity and enterprise security tools into a single suite that enables the modern workplace.
Identity & Access Mgmt
Protect users’ identities and control access to valuable resources based on user risk level
Information Protection
Ensure documents and emails are seen only by authorized people
Threat Protection
Protect against advanced threats and recover quickly when attacked
Security Management
Gain visibility and control over security tools
Driving Behavioral Change for Information Management through Data-Driven Gree...
Microsoft 365 eEnterprise E5 Overview
1. Microsoft 365 Enterprise E5
Security Overview
David J. Rosenthal
VP & GM, Digital Business
November 1, 2018
Microsoft MTC
New York City
2.
3.
4. Microsoft Intelligent Security Graph
450B
monthly
authentications
18B+ Bing web
pages scanned
750M+ Azure
user accounts
Enterprise security
for 90% of
Fortune 500
5B
threats
detected on
devices every
month
Shared threat data
from partners,
researchers, and
law enforcement
worldwide
Botnet data
from Microsoft
Digital Crimes
Unit
1.2B
devices scanned
each month
400B
emails
analyzed
200+
global cloud consumer
and commercial
services
OneDrive
Xbox
Microsoft
accounts
Bing
Azure
Outlook
Windows
5. Microsoft Secure
global security vision
Microsoft 365 Enterprise E5
A single suite that unifies
enterprise security with user
productivity to meet the needs
of today’s modern workplace
Microsoft 365 Enterprise
E5 security products
Securing the enterprise
with Microsoft 365
Realities of digital
transformation
How Microsoft 365
Enterprise E5 Fits In
7. The intelligent, connected cloud introduces
both opportunity and risk
REALITIES OF DIGITAL TRANSFORMATION
of companies have
embraced the cloud
2018 State of the Cloud Survey (Rightside)
(1.88B) of the global
workforce will be
mobile by 2023
Global Mobile Workforce Forecast Update 2017-2023,
Strategy Analytics
Technology has changed the way
enterprises conduct business
Requiring a new approach to protect
company assets
of European companies
say they are GDPR
compliant
“The State of GDPR Readiness: GDPR Readiness
Progresses, But Strategies Depend Too Heavily on IT”
Forrester, January, 2018
of successful enterprise
attacks will be on
Shadow IT resources by
2020 How to eliminate enterprise shadow IT,
Gartner, April 11, 2017
96% 43% 1/3 Only 26%
10. Reducing complexity can eliminate
many security challenges:
REALITIES OF DIGITAL TRANSFORMATION
Lack of specific
recommendations on how to
improve security posture
Too much time spent managing
security vendors
Too many alerts to investigate
Learning how to configure and
manage disparate security
solutions slows deployment
Integration is time-consuming
and increases total cost of
ownership
User productivity is compromised
for the sake of security, resulting in
users bypassing security measures
12. Identity & Access
Management
Threat
Protection
Security starts with great
user authentication
Data is your most
important company asset
Correlate threat information
and automatically respond
Optimize with security insights
and configuration tools
Information
Protection
Security
Management
SECURING THE ENTERPRISE WITH MICROSOFT 365 E5
13. Protect users’
identities and control
access to valuable
resources based on
user risk level
Gain visibility
and control over
security tools
Protect against
advanced threats and
recover quickly when
attacked
Protect sensitive
information wherever
it lives or travels
Threat
Protection
Identity & Access
Management
Information
Protection
Security
Management
Intelligent security for the modern workplace
Microsoft 365 Enterprise E5 unifies enterprise security and user productivity
SECURING THE ENTERPRISE WITH MICROSOFT 365 E5
Holistic security across your digital landscape
14. SECURING THE ENTERPRISE WITH MICROSOFT 365 E5
For enterprise
customers that
embrace the Microsoft
productivity suite,
significant gains can be
realized in security
15. Holistic security capabilities
that can reduce the number
of vendors you manage
Microsoft 365 security suite advantages
SECURING THE ENTERPRISE WITH MICROSOFT 365 E5
Individual components are
purpose-built to integrate,
which decreases TCO
Because security is built-in,
deployment and on-going
management is simplified
Security tools are fed by
trillions of signals to
provide insights across the
global Microsoft ecosystem
Security capabilities extend
beyond Microsoft to secure
3rd party platforms, apps
and services
Standard integration
capabilities connect to
your other security tools
(3rd party or homegrown)
Intelligent, adaptive security
gives users more freedom
in how they work, from
anywhere on any device
16. Security capabilities only available in
Microsoft 365 Enterprise E5
SECURING THE ENTERPRISE WITH MICROSOFT 365 E5
Control access to sensitive
data, even when its shared
outside of your organization
or accessed via a 3rd party
application
Discover shadow IT so it can be
secured and managed, reducing
your exposure to data leakage
through inappropriate sharing
and unsecured storage
Because users log in with a single
user ID to any application from
any device from any location, you
have the context to detect and
investigate suspicious activities
Recognize users and devices and dynamically
change what level of access is allowed and
how users authenticate based on parameters
such as location, device risk, user risk or
document confidentiality level
Security automation detects potential threats
and correlates alerts to identify a specific
attack vector, investigates and remediates
threats, reauthenticates high-risk users, and
takes action to limit access to data
17. Identity and Access Management
Protect users’ identities and control access to valuable resources based on user risk
If a user’s identity or device
becomes compromised,
automatically block or limit
access, or require MFA
Alert me when a user's
credentials are for sale on the
dark web and elevate their risk
level
Discover 3rd party cloud apps
that are in use and assess their
risk level, so you can sanction or
block them
Discover, restrict, and monitor
privileged identities and their
access to resources
A single solution that can protect
identity across on premises and
cloud directories
Eliminate passwords by using
biometrics or pins
18. Information Protection
Protect sensitive information wherever it lives or travels
Automatically apply data security
policies if a user's access to that
data changes, the user becomes
compromised or the data reaches
a certain age.
Identify potentially sensitive
information, like credit card
numbers or bank routing numbers,
and automatically apply a label
and protection to the file
Protect sensitive data when it
travels outside of your
organization via email, USB, or a
3rd party SaaS app
Scan historical on-premises data
files for potentially sensitive
information
Allow select partners and
customers to access sensitive
information
19. Threat Protection
Protect against advanced threats and recover quickly when attacked
Detect attacks from both
on premises and cloud
signals
Endpoint monitoring with
the ability to quarantine
the endpoint for
investigation and wipe the
device, if compromised
Advanced email protection
against phishing attempts,
and unknown (zero day)
threats
Detect and remove
ransomware, then recover
my files
Automatically detect
anomalies and suspicious
behavior without needing
to create and fine tune
rules
Reduce false positives by
contextually aggregating
alerts together to identify
a specific attack vector
Automatically investigate
endpoint alerts and
remediate threats,
removing them from all
impacted machines
20. Security Management
Gain visibility and control over security tools
A quantifiable measurement
of your security posture
Recommended actions you can
take to improve your security
posture
Incident and event
forensic reporting
Detailed reports on the latest
threats, so you can answer
questions, like "How well am I
protected against the latest
threats?"
Teach users to guard against
email phishing by simulating an
attack in a safe environment
Benchmark your security score
against companies in your
industry or of similar size
21. “Using Cloud App Security as a magnifying
glass, we gain amazing visibility into our SaaS
environment. Cloud App Security works with
Azure Information Protection to alert us if
someone is trying to share sensitive data. Our
vision is to use Cloud App Security together
with the Azure conditional access policies
that we have already defined, such as for our
SuccessFactors app.”
Muhammad Yasir Khan
Head of IT Infrastructure
Nakilat, Qatar Gas Transport
Addressing the risks inherent in a
growing shadow IT environment
22. “Identity is the new firewall of the future.
We can’t continue to use our old way of
controlling application access, because
business isn’t happening exclusively in our
network anymore. With Azure Active
Directory Premium, we can stay in control,
no matter where our users roam.”
Whole Food protects
apps with Microsoft
365 security
MICROSOFT 365 E5 SECURITY PRODUCT SUITE
WILL LAMB
Infrastructure Coordinator
Whole Foods Market, United States
23. “With Azure Active Directory, we can
set policies that treat employees
outside the office more strictly than
those inside it and that prompt for
Multi-Factor Authentication on
unmanaged devices or for certain
applications. With Microsoft 365, we
no longer have to choose between
mobility and security—we have both.”
Bryan Ackermann
Chief Information Officer
Korn Ferry, United States
Korn Ferry authenticates and protects Office
365 apps and 60 third-party applications,
including SAP and Salesforce.com.
24. “We set Azure Information Protection so
that when you click ‘confidential,’ the
file will be encrypted automatically and
access will be restricted to designated
users—even if you accidentally send it
to the wrong person.”
Erlend Skuterud
Chief Information Security Officer
Yara, Norway
Yara
In just a few months, Yara deployed
Azure Information Protection for
14,000 users and 10,000 devices.
25. “Teams across different
divisions and different
countries can now easily build
and safely store and share
documents. In the past, there
was nothing comparable.”
CONOR O’HALLORAN
Head of Identity Management
Merck KGaA, Darmstadt,
Germany
26. “As we see the security
landscape evolving with more
sophisticated attacks, we trust
Microsoft to stay ahead of the
latest threats to protect our
network and our data.”
CHRIS KREBS
Chief Information Officer
Fruit of the Loom
27. “Today, we trust EMS and
Surface devices running
Windows 10 as a highly
reliable platform that protects
our data—such as the
proprietary running shoe
designs that make our name—
in a mobile environment.”
EDWIN IDEMA
IT Manager, EMEA
Asics
29. Security solutions in Microsoft 365 Enterprise E5
MICROSOFT 365 E5 SECURITY PRODUCT SUITE
Azure Information Protection
Office 365 Data Loss Prevention
Microsoft Cloud App Security
Windows Information Protection
Microsoft Intune
BitLocker
Azure Advanced Threat Protection
Windows Defender
Advanced Threat Protection
Office 365 Advanced Threat Protection
Office 365 Threat Intelligence
Microsoft Cloud App Security
Azure Active Directory
Microsoft Cloud App Security
Windows Hello
Windows Credential Guard
Microsoft Security & Compliance Center
Windows Defender Security Center
Microsoft Secure Score
Identity & Access
Management
Threat
Protection
Security
Management
Information
Protection
30. Identity & Access
Management
Threat
Protection
Security
Management
Information
Protection
Security categories M365 Enterprise E5 covers
Security categories other Microsoft solutions cover
What Microsoft Services/ MSSPs cover
What Microsoft integrates with
What Microsoft doesn’t do
• Single Sign-on
• Multi-Factor Authentication
• Access Control
• Privileged Access Management
(PAM)
• Data Loss Prevention (DLP)
• Data Encryption
• Information Protection
• Data Classification
• Data Governance
• Cloud Access Security Broker (CASB)
• Key Management
• Mobile Application Management
• Secure Email Gateway
• Endpoint Detection and Response
(EDR)
• Endpoint Protection (EPP)
• Anti-malware/phishing
• Anti-spyware
• Antivirus Software
• User and Entity Behavior Analytics
(UEBA)
• Anomaly Detection
• Threat Intelligence Feeds
• Remote Browser
• Intrusion Detection System (IDS)
• Intrusion Prevention System (IPS)
• Security Scoring
• Reporting
• Secrets Management
• Database Security
• Encrypted Cloud Storage
• Back Up
• Disaster Recovery
• Virtual Private Networks (VPN)
• IoT Protection
• Cloud Workload Protection
• DDoS Protection
• Incident Response Services
• Asset Discovery
• Pen Testing/ Risk Assessment
• Vulnerability Assessment
• Web Application Testing
• Managed detection and response
(MDR)
• SOC
• Security training
• SIEM (SIM/ SEM/ Log management)
• Incident Ticket System
• Firewall/ Network
• Mobile Threat Detection tools
• Host intrusion prevention system
(HIPS)
• Network traffic analysis (NTA)
• Container Security
• Anti-subversion software
• Anti-tamper software
• Deception
• Cloud-based Management
• Cross-platform endpoint protection
31. Productivity, Creativity
and Teamwork solutions
Azure Active Directory P1
Windows Hello
Credential Guard
Microsoft Advanced Threat Analytics
Windows Defender Antivirus
Device Guard
Azure Information Protection P1
Office 365 Data Loss Prevention
Windows Information Protection
BitLocker
Secure Score
Microsoft security and compliance center
Windows Security Center
Identity and
Access Management
Information
Protection
Threat
Protection
Security
Management
Analytics
eDiscoveryCompliance
Office Applications
Outlook/ Exchange
Microsoft Teams
Skype for Business
Delve
Azure Active Directory P2
Windows Defender Advanced Threat Protection
Office 365 Advanced Threat Protection
Office 365 Threat Intelligence
Azure Advanced Threat Protection
Azure Information Protection P2
Microsoft Cloud App Security
Office 365 Cloud App Security
(additional management reports and capabilities)
Advanced eDiscovery, Customer Lockbox,
Advanced Data Governance
Skype Audio Conferencing
Phone System
Power BI Pro, MyAnalytics
Microsoft 365
Enterprise
Microsoft
365
Enterprise E5
(includes E3 solutions)
E3 E5
E3 vs E5
32. Microsoft Cloud
App Security
Discovers cloud app being used in your
enterprise, identifies and combats
cyberthreats and enables you to
control how your data travels
Azure Information
Protection P2
Protects sensitive enterprise data, even
when it travels outside of your
organization
Windows Defender
Advanced Threat Protection
A unified endpoint security platform
that protects against advanced attacks
and automatically investigates and
remediates evolving threats
Azure ATP
Detect and investigate advanced
attacks on-premises and in the cloud
Azure Active
Directory P2
Identity & Access Management that is
automated across your entire digital
footprint
Office 365 Advanced
Threat Protection
Protects your email, files and online
storage against unknown and
sophisticated attacks
Security
Office 365 Threat
Intelligence
Research threats, track phishing or
malware campaigns aimed at your
users, and search for threat indicators
from user reports and other
intelligence sources
MICROSOFT 365 E5 SECURITY PRODUCT SUITE
E5
My Analytics
Customer Lockbox
Power BI Pro
Audio Conferencing, Phone
System
Advanced Data GovernanceCompliance
Analytics
Voice
Advanced eDiscovery
33. I need to be compliant with data protection
regulations, like GDPR. How can Microsoft help
me discover, classify and protect my sensitive data?
I have solutions from many vendors in my
enterprise IT environment, how can Microsoft help
me secure our entire digital landscape?
Eventually, we will experience a breach. How
can Microsoft help me detect and respond
to a breach fast?
Microsoft 365 addresses real-world
security challenges
MICROSOFT 365 E5 SECURITY PRODUCT SUITE
How do I find and manage shadow IT and
rogue devices, and put in place policies to
ensure we remain compliant and secure?
How can Microsoft help me understand my
current security posture and get
recommendations on how to improve it?
If a user becomes compromised, how can I
configure security policies that automatically
enforce additional layers of authentication to
keep my organization safe?
36. Jason’s Deli
January 11, 2018
As many as 2 million payment cards
were stolen and sold on the dark web.
FedEx
February 15, 2018
Personal information was found on
an unsecure cloud storage server.
Under Armour
March 29, 2018
An unauthorized party acquired data
from 150 million cloud app users
Saks Fifth Avenue
April 1, 2018
Hackers stole 5 million credit and debit
cards and sold them on the dark web.
Real life data breaches