office 365 security: everything you need to know

Download Office 365 Security: Everything You Need to Know

Post on 30-Apr-2015

376 views

Category:

Technology

2 download

Embed Size (px)

DESCRIPTION

Whether you are already deployed or still considering upgrading to Microsoft Office 365, get the need to know about basic and advanced Office 365 security. Featuring presentations from Microsoft Office 365 Product Managers and Office 365 Deployment Experts at Avanade. Tips and Tricks for a Secure Deployment In-depth Look into Office 365s Out-of-the-box Features Advanced Security Options: Multi-factor Authentication and Single Sign-on

TRANSCRIPT

  • 1. 2014 SecureAuth All Rights Reserved Office 365 Security Everything You Need to Know July 10, 2014 www.secureauth.com www.avanade.com www.microsoft.com
  • 2. Welcome to the Webinar All attendee audio lines are muted Questions will be answered at the end of the session Submit brief questions on the Q&A panel Send longer questions or off-line topics via email to webinar@secureauth.com 2014 SecureAuth All Rights Reserved Presented by Microsoft, Avanade, and SecureAuth Corporation David Brandt, Microsoft Principal Program Manager, Office 365 Tim Arvanites, SecureAuth Corporation Director of Technical Sales Jimmy Soto, Avanade Infrastructure Solutions Architect
  • 3. AGENDA 2014 SecureAuth All Rights Reserved Microsoft Office 365 Identity Management SecureAuth IdP Advanced Security Options for Office 365 2-Factor Authentication and SSO Deployment Tips and Tricks The Avanade Experience Q & A Trends / Issues of Modern Mobile Enterprise
  • 4. 2014 SecureAuth All Rights Reserved Issues Facing the Modern Mobile Enterprise Rapid Movement to the Cloud and High Usage of Cloud Applications Pressures of Mobility BYOD and Secured Mobile Devices for Convenient User Experience Line of Business Driving Organizations to the Cloud, but without Proper Security Measures No one wants to be that headline
  • 5. User Microsoft Account Ex: alice@outlook.com User Organizational Account Ex: alice@contoso.com Microsoft Account Microsoft Azure Active Directory
  • 6. WS-Federation WS-Trust SAML 2.0 Metadata Shibboleth Graph API
  • 7. http://aka.ms/ssoproviders *For representative purposes only.
  • 8. Pilot complete Deploy Complete Adopt new features Deploy EnhancePilot
  • 9. 2014 SecureAuth All Rights Reserved SecureAuth IdP for Microsoft Office 365 Advanced Security Options
  • 10. 2014 SecureAuth All Rights Reserved What is an IdP? An IdP (Identity Provider) establishes a circle of trust between the User and the Service Provider (applications like Office 365). Definition A system that creates, maintains, and manages identity information Provides principal authentication to other service providers (applications) within a federation or distributed network Sends an attribute assertion containing trusted information about the user to the Service Provider (SP) 1. User Directed to IdP 2. IdP Authenticates User 3. User Redirected to SP with Token
  • 11. 2014 SecureAuth All Rights Reserved Benefits of an Identity Provider Improved User Experience Increased Security Complex Environments Simplified Flexible Access Control Workflows
  • 12. 2014 SecureAuth All Rights Reserved IdP - Improved User Experience Single Sign-on (SSO): Users access their applications with a single authentication Flexible authentication workflows based on user, device, and location Custom and third-party enterprise web applications (SharePoint) Cloud applications, like Office 365, Google Apps, Salesforce, and more Users access their applications with a single authentication
  • 13. 2014 SecureAuth All Rights Reserved IdP Increased Security Avoid Password Sync / Sprawl Single Access Control Point for ALL Users Applications Immediate Disable of Access Auditing of All Application Access Compiled in Single Location Enforce Client Sign-in Restrictions by Device, Login History, Network Location, Work Hours, and more Utilize Enterprise Multi-factor Authentication Web Apps Network Apps Cloud Apps Mobile Apps
  • 14. 2014 SecureAuth All Rights Reserved IdP Complex Environments Solved Combine Multiple, Disparate Directory Stores Active Directory, SQL, Novell eDirectory, Sun One, etc. Create Unified Access Policies Limiting Access to Resources based on: Defined Authentication Workflows, User Access State (enabled/disabled), Network Location, Group Membership, Devices, etc. On-premises, Cloud-based, or Hybrid Scenario
  • 15. 2014 SecureAuth All Rights Reserved IdP Flexible Access Control Workflows Define Virtually any Authentication Workflow for Users Integrated Windows Authentication (no password) for Internal Users Username/Password + Second Factor (optional) for External Users Enforce Client Sign-in Restrictions by Device, Login History, Network Location, Work Hours, and more Utilize Enterprise Multi-factor Authentication
  • 16. 2014 SecureAuth All Rights Reserved SecureAuth IdP Office 365 Use Case Enterprise customer with 24 AD domains utilizing browser access to Office 365 and Office applications Word, Excel, Outlook, Lync, and PowerPoint External users 2-Factor Authentication with SMS / Telephony / E-mail registration and 90 day device credential used for subsequent multi-factor authentications Internal users Windows Integrated Authentication for true Desktop SSO to Office 365 Single Sign-on experience for user to reach their other enterprise applications Office 365 Client Access Controls limiting Outlook access to only internal network devices
  • 17. Avanades Notes From The Field Transformation to Office 365 Avanade Confidential Do Not Copy, Forward or Circulate Copyright 2014 Avanade Inc. All Rights Reserved.
  • 18. Messaging Transformation Credentials Innovative toolset Strategic Alliance with Global Delivery Network Our Assets, Tools & Methods Our Expertise Our Experience
  • 19. Avanade Confidential Do Not Copy, Forward or Circulate Copyright 2014 Avanade Inc. All Rights Reserved. Why take the journey with Avanade Our Health and Value Assessment offering efficiently guides customers to achieving their goals Monthly meetings with Microsoft Office 365 Engineering teams as part of High Touch Partner initiative
  • 20. Avanade Confidential Do Not Copy, Forward or Circulate Copyright 2014 Avanade Inc. All Rights Reserved. Consideration Description Know Requirements Ahead of Time Know What Is Provided, And What Is Not Remember, It Is A Shared Environment, Not A Dedicated Hosted Environment Evaluate Customer Readiness Documentation May Be Dynamic And Is Improving Considerations Prior To Office 365 Decision 23
  • 21. Avanade Confidential Do Not Copy, Forward or Circulate Copyright 2014 Avanade Inc. All Rights Reserved. Consideration Description It Is Still A Transformational Event Plan For Realistic Timeline and Milestones Keep The End User Experience In Mind Stay On Course, Dont Deviate Plan for Operational Excellence Implementation Planning Considerations 24
  • 22. Avanade Confidential Do Not Copy, Forward or Circulate Copyright 2014 Avanade Inc. All Rights Reserved. Conclusion Implementation and migration to Office 365 is often simplified with an emphasis of quick onboarding rather than averting risk Customers must realize that they need to adapt to Office 365; it does not adapt to the customer Consideration must be given for safeguarding the end user experience Operational excellence and support must be planned prior to migrating p

Recommended

View more >