defense in depth with microsoft technologies · defense in depth with microsoft technologies....
TRANSCRIPT
![Page 1: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/1.jpg)
April 2019
Defense in Depth with Microsoft Technologies
![Page 2: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/2.jpg)
![Page 3: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/3.jpg)
Agenda
X:00 am Welcome and Intro: Allen Jenkins & Josh Krodel
Defense In Depth – Leveraging Microsoft Technology Solutions
• Security Fundamentals
• Defense in Depth Strategies
• Microsoft Solutions Review
X:45 am Wrap-Up
![Page 4: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/4.jpg)
Welcome and Introduction
• Allen Jenkins• 30+ years in IT / 20+ years at SyCom
• CISA – Certified Information System Auditor
• GSLC – GIAC Security Leadership Certification
• GSEC – GIAC Security Essentials Certification
• Dual Role at SyCom as CISO & VP of Consulting • Make us more secure
• Make our customers more secure
![Page 5: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/5.jpg)
Welcome and Introduction – Microsoft Info
• Josh Krodel• 20 years in IT / 7 years at SyCom
• MCSE – Microsoft Certified Systems Engineer
![Page 6: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/6.jpg)
Security Fundamentals
Concerns over Confidentiality, Integrity and Availability of Critical Information Technology Assets
![Page 7: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/7.jpg)
ALL Important, but…which is most high priority???
Prioritization of Approach based on what is important to organization –generally speaking…
• Confidentiality = Health Care, Gov
• Integrity = Finance
• Availability = E-commerce
CIA Discussion – Prioritization & Alignment
![Page 8: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/8.jpg)
Security Fundamentals
![Page 9: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/9.jpg)
Security Story – Chapter 1
![Page 10: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/10.jpg)
Security Story – Chapter 2
![Page 11: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/11.jpg)
Security Story – Chapter 3
![Page 12: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/12.jpg)
Security Story - Chapter 4
![Page 13: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/13.jpg)
Security Story - Chapter 5
![Page 14: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/14.jpg)
Security Story - Chapter 6
![Page 15: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/15.jpg)
Security Story - Chapter 7
![Page 16: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/16.jpg)
Security Story - Notes
This was not fiction, this really has been reported and there are other stories, like the
Russian Group Energy Bear that used similar attacks to take over MUCH of the electric
grid of the US in 2018 by compromising small utility companies.
There is NO Silver Bullet, but a layered approach might have helped…like:
![Page 17: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/17.jpg)
Security Story - Notes
There is NO Silver Bullet, but a layered approach might have helped…like:
• Security Awareness Training around Phishing
![Page 18: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/18.jpg)
Security Story - Notes
There is NO Silver Bullet, but a layered approach might have helped…like:
• Security Awareness Training around Phishing
• Possible Advanced Threat Protection Tools to aid with recognizing the Phishing
attacks
![Page 19: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/19.jpg)
Security Story - Notes
There is NO Silver Bullet, but a layered approach might have helped…like:
• Security Awareness Training around Phishing
• Possible Advanced Threat Protection Tools to aid with recognizing the Phishing
attacks
• Possibly some DNS protections or application whitelisting functions to disallow the
“Password Reset” program
![Page 20: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/20.jpg)
Security Story - Notes
There is NO Silver Bullet, but a layered approach might have helped…like:
• Security Awareness Training around Phishing
• Possible Advanced Threat Protection Tools to aid with recognizing the Phishing
attacks
• Possibly some DNS protections or application whitelisting functions to disallow the
“Password Reset” program
• Some DLP tools to help find/thwart data ex-filtration
![Page 21: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/21.jpg)
Security Story - Notes
There is NO Silver Bullet, but a layered approach might have helped…like:
• Security Awareness Training around Phishing
• Possible Advanced Threat Protection Tools to aid with recognizing the Phishing
attacks
• Possibly some DNS protections or application whitelisting functions to disallow the
“Password Reset” program
• Some DLP tools to help find/thwart data ex-filtration
• Possibly some network segmentation/isolation to keep critical data assets more
protected
![Page 22: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/22.jpg)
Security Story - Notes
There is NO Silver Bullet, but a layered approach might have helped…like:
• Security Awareness Training around Phishing
• Possible Advanced Threat Protection Tools to aid with recognizing the Phishing
attacks
• Possibly some DNS protections or application whitelisting functions to disallow the
“Password Reset” program
• Some DLP tools to help find/thwart data ex-filtration
• Possibly some network segmentation/isolation to keep critical data assets more
protected
• Possibly some better vendor controls in place (in the case of breaches like Energy
Bear and the Target breach, vendor controls were weak)
![Page 23: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/23.jpg)
Agenda
X:00 am Welcome and Intro: Allen Jenkins & Josh Krodel
Defense In Depth – Leveraging Microsoft Technology Solutions
• Security Fundamentals
• Defense in Depth Strategies
• Microsoft Solutions Review
X:45 am Wrap-Up
![Page 24: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/24.jpg)
Defense in Depth Strategies
![Page 25: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/25.jpg)
Defense in Depth Strategies
![Page 26: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/26.jpg)
Defense in Depth Strategies
![Page 27: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/27.jpg)
Defense in Depth Strategies
• Most common approach
![Page 28: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/28.jpg)
Defense in Depth Strategies
• Most common approach
• Equal security for all components of network
![Page 29: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/29.jpg)
Defense in Depth Strategies
• Most common approach
• Equal security for all components of network
• Can be effective as a STARTING POINT, to deploy standard security protections as a baseline
![Page 30: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/30.jpg)
Defense in Depth Strategies
![Page 31: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/31.jpg)
Defense in Depth Strategies
![Page 32: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/32.jpg)
Defense in Depth Strategies
• Consider building secure areas within your infrastructure to protect assets
![Page 33: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/33.jpg)
Defense in Depth Strategies
• Consider building secure areas within your infrastructure to protect assets
• Applies different levels of protection based on criticality of need
![Page 34: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/34.jpg)
Defense in Depth Strategies
• Consider building secure areas within your infrastructure to protect assets
• Applies different levels of protection based on criticality of need
• Usually associated with network segmentation
![Page 35: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/35.jpg)
Defense in Depth Strategies
![Page 36: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/36.jpg)
Defense in Depth Strategies
![Page 37: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/37.jpg)
Defense in Depth Strategies
• Build an architecture that focuses on critical information
• Can come to life as• Disk encryption• Host based segmentation• Networking and access controls• Software Defined Networking• Multi-tiered applications• Logical access controls and using principle of least privilege• Network traffic encryption• Etc., etc.
![Page 38: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/38.jpg)
Defense in Depth Strategies
Data
![Page 39: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/39.jpg)
Defense in Depth Strategies
![Page 40: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/40.jpg)
Defense in Depth Strategies
Data Classification
![Page 41: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/41.jpg)
Defense in Depth Strategies
Data
![Page 42: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/42.jpg)
Defense in Depth Strategies
Data
Virtualization
Operating System
Database
Web App
![Page 43: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/43.jpg)
Defense in Depth Strategies
![Page 44: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/44.jpg)
Defense in Depth Strategies
![Page 45: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/45.jpg)
Defense in Depth Strategies
![Page 46: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/46.jpg)
Defense in Depth Strategies
![Page 47: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/47.jpg)
Defense in Depth Strategies
![Page 48: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/48.jpg)
Defense in Depth Strategies
• Build protections based on specific threat vectors
![Page 49: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/49.jpg)
Defense in Depth Strategies
• Build protections based on specific threat vectors
• Things like• USB sticks• Email attachments• Hackers• Natural Disasters, like hurricanes, all present concerns
• Each has a different set of strategies for protection
![Page 50: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/50.jpg)
Defense in Depth Strategies
• Build protections based on specific threat vectors
• Things like• USB sticks – GPO’s/Data Loss Prevention• Email attachments• Hackers• Natural Disasters, like hurricanes, all present concerns
• Each has a different set of strategies for protection
![Page 51: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/51.jpg)
Defense in Depth Strategies
• Build protections based on specific threat vectors
• Things like• USB sticks – GPO’s/Data Loss Prevention• Email attachments – Email threat protections – Office365 ATP• Hackers• Natural Disasters, like hurricanes, all present concerns
• Each has a different set of strategies for protection
![Page 52: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/52.jpg)
Defense in Depth Strategies
• Build protections based on specific threat vectors
• Things like• USB sticks – GPO’s/Data Loss Prevention• Email attachments – Email threat protections – Office365 ATP• Hackers – Logical Access Controls (accounts/passwords)• Natural Disasters, like hurricanes, all present concerns
• Each has a different set of strategies for protection
![Page 53: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/53.jpg)
Defense in Depth Strategies
• Build protections based on specific threat vectors
• Things like• USB sticks – GPO’s/Data Loss Prevention• Email attachments – Email threat protections – Office365 ATP• Hackers – Logical Access Controls (accounts/passwords)• Natural Disasters, like hurricanes, all present concerns – DR
planning/Cloud solutions
• Each has a different set of strategies for protection
![Page 54: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/54.jpg)
Defense in Depth Strategies - Summation
• Consider the specific environment and build the corresponding protections
• A combination of approaches is probably the best
• Use a Risk Based approach to assess Risks and then develop the appropriate Defense strategy to mitigate the Risks…
![Page 55: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/55.jpg)
Agenda
X:00 am Welcome and Intro: Allen Jenkins & Josh Krodel
Defense In Depth – Leveraging Microsoft Technology Solutions
• Security Fundamentals
• Defense in Depth Strategies
• Microsoft Solutions Review
X:45 am Wrap-Up
![Page 56: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/56.jpg)
Traditional security management doesn’t scale
+
*The Microsoft Intelligent Security Graph data
![Page 57: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/57.jpg)
Deliver and manage enterprise-ready devices
Windows AutoPilot
Get new devices up and running fast without re-imaging, powered by the
cloud
Automatically configure settings, security policies, and install apps like Office
365
Mobile Device Management with Microsoft Intune
Security policy enforcement for mobile devices and apps
Selective wipe of corporate data such as apps, email, management policies,
and networking profiles from user devices while leaving personal data intact
Windows Hello for Business
Get better protection when you unlock your device with a look or a touch,
even on devices you’ve never signed in to before
Microsoft Store for Business
Find, acquire, manage, and distribute apps including custom line-of-business
apps to Windows 10 devices
![Page 58: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/58.jpg)
Intelligent threat protection built-in, not bolted-on
Windows Defender Antivirus
Detect fast-changing malware variations using behavior monitoring and cloud-powered protection
Windows Defender Credential Guard
Isolate and protect credentials from a full system compromise
Configure easily with existing management tools
Windows Defender System Guard
Maintain system integrity during boot time, runtime, and remote access to avoid compromised devices
Windows Defender Advanced Threat Protection
Protect endpoints from cyber threats, detects advanced attacks and automates security incidents to improve security posture
![Page 59: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/59.jpg)
Secure and contain business information
Azure Information Protection
Persistent data classification and protection that ensures data is protected at all times,
regardless of where it’s stored or with whom it’s shared
Safe sharing with people inside and outside of your organization
Simple, intuitive controls for data classification and protection
Deep visibility and control of shared data for users and IT
BitLocker
Encrypt sensitive information and protect against unauthorized access
Microsoft BitLocker Administration & Monitoring
Use tools to provision, enforce, report compliance and recover BitLocker-protected data
Office 365 Advanced Threat Protection
Help protect against unknown malware and viruses
Provide real-time, time-of-click protection against malicious URLs
Deliver rich reporting and URL trace capabilities with Click Tracing
![Page 60: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/60.jpg)
Manage the on-going threat landscape
Azure Advanced Threat Protection
Monitor users, entity behaviour, and activities with learning-based analytics
Protect user identities and credentials stored in Active Directory
Identify and investigate suspicious user activities and advanced attacks throughout the kill
chain
Provide clear incident information on a simple timeline for fast triage
Cloud App Security
Complete visibility into employee cloud app usage and Shadow IT
Ongoing risk detection, powerful reporting, and analytics on users, upload/download
traffic, usage patterns, and transactions for discovered apps
Granular-level control and data policies for on-going data protection in cloud apps
Attack Simulator
Run realistic attack scenarios in your organization
Three kinds of attack simulations are currently available: display name spear-phishing
attack, password-spray attack, brute-force password attack
Secure Score
Analyzes your organization's security based on regular activities and security settings in
Office 365
![Page 61: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/61.jpg)
Agenda
X:00 am Welcome and Intro: Allen Jenkins & Josh Krodel
Defense In Depth – Leveraging Microsoft Technology Solutions
• Security Fundamentals
• Defense in Depth Strategies
• Microsoft Solutions Review
X:45 am Wrap-Up
![Page 62: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/62.jpg)
Wrap-Up
• Remember Security Fundamentals• Confidentiality, Integrity, and Availability
• Consider Defense In Depth Strategies• Uniform Protection, Secure Enclaves, Information Centric, Threat Vector
• Analyze and Deploy Appropriate Toolsets• AutoPilot, InTune, HELLO, Defender Suite, Azure Information Protection,
Bitlocker, Office 365 Advanced Threat Protection (ATP), Azure ATP, Cloud App Security, Attack Simulator, Secure Score
![Page 63: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/63.jpg)
Q&A
![Page 64: Defense in Depth with Microsoft Technologies · Defense in Depth with Microsoft Technologies. Agenda X:00 am Welcome and Intro: ... Security Story – Chapter 3. Security Story -](https://reader030.vdocuments.us/reader030/viewer/2022040305/5ea6a81a41b8b14f031d20cf/html5/thumbnails/64.jpg)
THANK YOU FOR JOINING US!
Connecting More Than Technology