Security in a Cloud World.
One of the biggest issues with moving to the cloud is the concern for security. How do we protect our information when it leaves the control of our servers and networks? The good news is that Microsoft has been working hard to provide us with tools that allow us to secure our information no matter where it travels, even outside of our network. Find out Microsoft’s approach to security and what tools we have to ensure our information is safe and secure in a cloud first, mobile first world.
16. DELIVERY
Employee A opens infected
email on workstation2
A
Malware
EXPLOITATION
Employee B opens infected
email using mobile device2
BMalware
Infected phone disables
Antivirus; and compromised
credentials used to access
Email service
3Control Evasion
Password/Hash Dumping
3
Threat Actor gather
credentials on
compromised machine
COMMAND AND
CONTROL
Credentials harvested after
Employee attempts login
to bogus site
2
4
Threat Actors move
laterally within network
using compromised
credentials
Compromised Credential
ACTIONS ON
OBJECTIVE
5
Threat Actors use compromised
devices/accounts to exfiltrate PII
48 Hours 200+ Days
PII
Leak/Exfiltrate Data
Threat Actor targets employees
via phishing campaign1
Phishing
3
Compromised credentials
used to access service
Focused on access to data as opposed to securing the data itself
Deny malicious users from accessing data except from inside of our secure network
The cloud is seen as insecure primarily because we (IT) no longer can restrict access to the information
Or can we?
However, even the Fortress Network didn’t work completely
What about email? Didn’t we lose control of that document once we hit send?
Build high walls around our data
Firewalls
Network segments
VPNs
NTFS permissions
Build deep defense in depth
DMZs
Detonation Chambers
Pre-scan incoming requests (honey traps, URL scans)
Malware protection
Malicious link detection
Spam and virus software on desktops and servers
Interior security was much less strenuous
Virus scans
Malware
But assumption was if you had access you could do anything