60% cited concerns around data security as a barrier to adoption 45% concerned that the cloud would...
TRANSCRIPT
Data Privacy and Protection in the CloudJules CohenSarah FenderA.J. Schwab
OFC-B233
Changing Data Protection Concerns to Opportunities
Pre-adoption concern
60% cited concerns around data security as a barrier to adoption
45% concerned that the cloud would result in a lack of data control
Security
Privacy
94% experienced security benefits they
didn’t previously have on-premise
62% said privacy protection increased as a result of moving to the cloud
Benefit realized
Barriers to Cloud Adoption study, ComScore, September 2013
Microsoft’s approach to data protection
Design for privacy
1
Built-in features
2
Protect data in operations
3
Provide transparency and choice
4
Privacy governance
Program
Design for Privacy1
Commitments
People
Privacy governance
Program
Design for Privacy1
CommitmentsProces
sPeople
Privacy governance
Program
Design for Privacy1
CommitmentsTechnolog
yProcessPeople
Privacy governance
Program
Design for Privacy1
Commitments
Built-in features
Sarah FenderDirector, Azure Product Marketing
Data protections in Azure
Built-in features2
Redundancy & Backup Data EncryptionIdentity – Azure ADData Location
Customer Control Azu
re
Note: Microsoft Azure data centers, Australia – Q2 FY15
GEO REGION
Asia PacificAsia Pacific East (Hong Kong)Asia Pacific Southeast (Singapore)
EuropeEurope North (Ireland)Europe West (Netherlands)
United States
US North Central (Illinois)US South Central (Texas)US East (Virginia)US West (California)
JapanJapan East (Saitama Prefecture)Japan West (Osaka Prefecture)
Brazil South (Preview)
Sao Paulo State
Data location
Data redundancy
Locally redundant storage
US East
US West
> 400 miles
Geo-redundant storage
Replication
Data redundancy
Configuring data location and redundancy
Locations
East Asia
Southeast Asia
North Europe
West Europe
East US
North Central US
South Central US
West US
Japan East
Japan West
Brazil South (Preview)
South Central US
Enable single sign on across Microsoft online services and a world of other cloud applications
Extend and synchronize on-premises directories to the cloud
Centrally manage user accounts in the cloud
Manage identities and access to cloud applications
Your cloud apps ready when you are.
SaaS apps
SaaS apps
Manage identities and access to cloud applications
Your cloud apps ready when you are.
IT professional
SaaS apps
Enable single sign on across Microsoft online services and a world of other cloud applications
Extend and synchronize on-premises directories to the cloud
Centrally manage user accounts in the cloud
Security reporting that tracks inconsistent access patterns
Built-in security features
Monitor and protect access to enterprise apps
Ensure secure access and visibility on usage patterns for SaaS and cloud-hosted LOB applications.
Step up to Multi-Factor Authentication
Monitor and protect access to enterprise apps
Ensure secure access and visibility on usage patterns for SaaS and cloud-hosted LOB applications.
X X X X X
X X X X X
X X X X X
Security reporting that tracks inconsistent access patterns
Built-in security features
Step up to Multi-Factor Authentication
Data encryption
Virtual Machines
SQL TDE Bitlocker
Partners EFS
Applications RMS SDK
Storage .NET Crypto Bitlocker StorSimple
Data protections in Office 365
Built-in features2
Data protection at rest
Data Protection in motion Data Protection in motion
Data protection at rest
Data protection at rest Data protection at restOffi
ce 3
65
Protect data in operations
A.J. SchwabSenior Privacy Architect, Office 365
Defense in depth strategy
Protect data in operations3
DataApplicationNetwork Host Security
Identity & Access ManagementPhysical
24x7x365 Incident Response
Key operational protections
Protect data in operations3
Data isolation Limited access
MFA for service access
Auditing of all operator access and actions
Zero standing permissions in the service
Automatic Microsoft staff account deletion
Staff background checks, training
Approach to compliance
Protect data in operations3
Certification and Attestations
Controls Framework Predictable Audit Schedule
Industry Standards and Regulations
&
Customer storiesKindred Healthcare
Background Solution Benefits
• With 76,000 employees, one of the U.S.’s largest diversified healthcare providers.
• Acquired a provider with 22,000 employees, and a disparate email system
• Aggressive timeline for technology standardization
• Needed a single collaboration platform, geared for mobile, that ensures privacy of patient data
• Selected Office 365 Exchange, SharePoint, and Lync Online
• Flexible licenses and costs based on employee role and need
• Met security and privacy needs for regulatory compliance
• Implemented out-of-the-box retention, legal holds, eDiscovery, and encryption features
• Gained access to improved collaboration tools
• Single platform that met all group needs, with a single identity management solution
• Greater control of data through privacy and protection features
• Facilitates regulatory compliance
http://www.microsoft.com/casestudies/Microsoft-Office-365/Kindred-Healthcare/Healthcare-Provider-Chooses-Office-365-to-Meet-Compliance-Needs-Boost-Communications/710000003096
Customer storiesAl Murjan Holdings
Background Solution Benefits
• Major investment firm with an international presence
• Need to provide employees with access to applications anywhere in the world
• Solution must been stringent privacy and security laws and regulations
• Limited IT resources to support on-prem IT solutions
• Selected Office 365 Exchange, SharePoint, and Lync Online
• Leveraged a Microsoft partner to help implement the solution in a streamlined, compliant manner
• Improved availability, reducing downtime
• Lower total cost of ownership through reduced support, license costs
• Improved privacy and security through greater physical data security, logical controls
• Encryptions features further enhance privacy
http://www.microsoft.com/casestudies/Microsoft-Office-365-Plan-E1/Al-Murjan-Holding/Holding-Company-Increases-Productivity-and-Cuts-Costs-by-Implementing-a-Cloud-Solution/710000003923
Customer storiesstrategy&
Background Solution Benefits
• Consulting firm with more than 3,000 staff in 57 offices across 40 countries
• Contact information stored in personal Outlook address books, four different CRM systems
• Inefficient processes for identifying clients and targeting outreach
• Developed new Client Connect solution built on Dynamics CRM Online
• Migrated data from disparate platforms
• Leveraged functionality to control privacy and usage of contacts contributed to the system
• 95% adoption rate by executives
• More comprehensive view of clients, efficient targeting for marketing efforts
• Gained trust of end users by assuring data privacy, thus increasing adoption
http://www.microsoft.com/casestudies/Microsoft-Dynamics-CRM-2013/Strategy/Leading-Consulting-Firm-Improves-Marketing-and-Encourages-Teamwork-with-CRM-Solution/710000003810
Provide transparency and choice
Provide transparency and choice4
Shared protection responsibility
Data classification
Client and end point protection
Identity and access
Application level controls
Network controls
Host security
Physical security
IaaS PaaS SaaS
Cloud Customer
Cloud Provider
Microsoft Trust Centers
Provide transparency and choice4
Protection configuration documentation
Provide transparency and choice3
Summary
Design for privacy
1
Built-in features
2
Protect data in operations
3
Provide transparency and choice
4
Breakout Sessions (session codes and titles)
DCIM-B221 Microsoft Azure Security and Compliance Overview (available on demand from msteched.com) DCIM-B387 Data Protection in Microsoft Azure Wednesday, May 14 8:30 AM - 9:45 AM
Related content
Find Me Later At. . . Visit the Security & Compliance station in the Azure booth
ResourcesTrustworthy Computing Cloud Serviceshttp://www.microsoft.com/trustedcloudhttp://www.microsoft.com/en-us/twc/privacy/cloud-privacy.aspx
Trust CentersOffice 365 - http://www.microsoft.com/en-us/office365/trust-center.aspxWindows Azure - http://www.windowsazure.com/en-us/support/trust-center/ Dynamics - http://crm.dynamics.com/en-us/trust-center
Resources
Learning
Microsoft Certification & Training Resources
www.microsoft.com/learning
msdn
Resources for Developers
http://microsoft.com/msdn
TechNet
Resources for IT Professionals
http://microsoft.com/technet
Sessions on Demand
http://channel9.msdn.com/Events/TechEd
Complete an evaluation and enter to win!
Evaluate this session
Scan this QR code to evaluate this session.
© 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.