2. The explosion of devices is
eroding the standards-based
approach to IT.
Devices
Deploying and managing
applications across
platforms is difficult.
Apps Data
Users need to be productive
while maintaining
compliance and reducing
risk.
Users expect to be able to
work in any location and
have access to all their
work resources.
Users
3. Devices AppsUsers
Empower users
Allow users to work on the devices
of their choice and provide
consistent access to corporate
resources.
Unify your environment
Deliver a unified application and
device management on-premises
and in the cloud.
Protect your data
Help protect Critical Information
and manage risk.Management. Access. Protection.
Data
4. Malicious software Targeted attacks
Data theft &
insider leaks
Business
Impact
Mobile
65%
of companies
are deploying at
least one social
software tool.
Social Cloud
Digital content will grow to
Over 80%
of new apps will
be distributed or
deployed on
clouds in 2012.
Big Data
70%
of organizations
are either using or
investigating cloud
computing solutions
By 2016,
smartphones and
tablets will put power in
the pockets of a billion
global consumers
The world’s mobile
worker population
will reach
80%
growth of unstructured
data is predicted over the
next five years.1.3 billionover 37%
of the total workforce by 2015
Millennials
will make up
75%of
the American
workforce by 2025
2.7ZBin 2012, up 48%
from 2011, rocketing
toward 8ZB by 2015.
average annual
spend to protect
from, detect, and
recover from
attacks
1.8
successful attacks
experienced
every week
Cumulative
Cybersecurity
spend by 2023
$8.9M $165B
5. Insulin Pump
Vulnerable to
Hacking, Johnson &
Johnson Warns
Rainbow Children's
Clinic in Texas
hacked, patient
records deleted
In 2011, cybercriminals
in China stole 2,000
patient X-rays
Credit / Debit Card details
of 100,000 Britons for sale
on internet - Feb 16
246,876 U.S. healthcare
patient records were
breached in Sep -Protenus
Massive DDoS attack
harnesses 145,000
hacked IoT devices
Vulnerability of certain
pacemakers
8. Building a Secure Critical Information Infrastructure
Digital Transformation Strategy (3 year plan)
- Risk Assessment > Vulnerability Assessment > Penetration Testing
- Info-sec policy and enforcement
- Data Classification Policy & controls
- Assume Breach strategy (Protect, Detect, Respond & Recover)
Timely upgradation of Technology
Network Security Architecture and Baselining
IT Asset Management
Domain Design, Deployment & Management
- Group policies
- Central patch management & security updates
- End Point security & hardening / server hardening
- Central IAM
- IM
- PIM
- SSO with MFA
9. Building a Secure Critical Information Infrastructure
Implement PKI
- Implement DRMS wrt Data Classification
- DLP solution ( with Effective DFA)
Secure Email
- use of Digital Signatures
- Advanced Threat Analytics
Application Whitelisting & Security
Enterprise Management
- BYOD Policy
- Mobile and Laptop devices
Change Management
Adoption of Hybrid Model for better IT Risk Management
- Web Portal
- Email services
12. Typical state of identity management today
Lots of manual process across different, decentralized systems
Create
Delete
Attribute
Sync
Active Directory
Exchange
HR (SAP)
Application
Owner
Business
Manager
Users
IT Helpdesk
Administrator
Administrator
Financials
SharePoint
Sales
13. Future state, centralized identity management
Locate the logic in one place and automate it with many systems
• Self Service Group Management
• Self Service Password Reset
• Improved Productivity
• Workflow
• Notifications
• Approvals
• Attestation and Reporting
• Automated Provisioning
• Automated De-provisioning
• Account, Group and Mailbox
Management
HR (PeopleSoft, SAP, Workday)
Administrators
Active Directory
Exchange
Application
Owners & Managers
Users
Identity
Management
On Premise
Database, Directories
& Applications
14. Over a million servers in data centers
around the world
How can adopting a Cloud Model improve our security?
Take a proactive approach against the expanding threat landscape
Incident response
team works 24/7
Centralized monitoring
and logging
Security embedded in
systems and software
(SDL)
Predictable security
controls through Operational
Security Assurance
Sophisticated intrusion
detection controls
Anti-virus and
anti-malware
Best-in-class security
professionals
Up-to-date software
& patch management
“Assume breach”
strategy
Deep understanding
of new threats and
attack vectors
The Cloud
Notes de l'éditeur
Key message: Microsoft has created and implemented industry-leading secure software development, operational management, and threat mitigation practices in over a million servers around the world, helping to deliver services that achieve higher levels of security, privacy, and compliance than most customers could achieve on their own.