nytt og hot i enterprise mobility + security › nextlevel › presentasjoner ›...
TRANSCRIPT
![Page 1: Nytt og hot i Enterprise Mobility + Security › nextlevel › presentasjoner › nextlevel...Identity Governance •Identitetsstyring kommer til Azure AD •Entitlement management](https://reader036.vdocuments.us/reader036/viewer/2022070819/5f1a670feb440a0ef85dd504/html5/thumbnails/1.jpg)
Enterprise Mobility + Security(EM+S)
![Page 2: Nytt og hot i Enterprise Mobility + Security › nextlevel › presentasjoner › nextlevel...Identity Governance •Identitetsstyring kommer til Azure AD •Entitlement management](https://reader036.vdocuments.us/reader036/viewer/2022070819/5f1a670feb440a0ef85dd504/html5/thumbnails/2.jpg)
Nytt og Hot i Enterprise Mobility + Security
Jan Vidar Elven
Arkitekt
MVP Enterprise Mobility
![Page 3: Nytt og hot i Enterprise Mobility + Security › nextlevel › presentasjoner › nextlevel...Identity Governance •Identitetsstyring kommer til Azure AD •Entitlement management](https://reader036.vdocuments.us/reader036/viewer/2022070819/5f1a670feb440a0ef85dd504/html5/thumbnails/3.jpg)
Microsoft Threat ProtectionMicrosoft Ignite, Orlando 2018
![Page 4: Nytt og hot i Enterprise Mobility + Security › nextlevel › presentasjoner › nextlevel...Identity Governance •Identitetsstyring kommer til Azure AD •Entitlement management](https://reader036.vdocuments.us/reader036/viewer/2022070819/5f1a670feb440a0ef85dd504/html5/thumbnails/4.jpg)
Sikkerhet vs. “Happy Vibes”
![Page 5: Nytt og hot i Enterprise Mobility + Security › nextlevel › presentasjoner › nextlevel...Identity Governance •Identitetsstyring kommer til Azure AD •Entitlement management](https://reader036.vdocuments.us/reader036/viewer/2022070819/5f1a670feb440a0ef85dd504/html5/thumbnails/5.jpg)
![Page 6: Nytt og hot i Enterprise Mobility + Security › nextlevel › presentasjoner › nextlevel...Identity Governance •Identitetsstyring kommer til Azure AD •Entitlement management](https://reader036.vdocuments.us/reader036/viewer/2022070819/5f1a670feb440a0ef85dd504/html5/thumbnails/6.jpg)
![Page 7: Nytt og hot i Enterprise Mobility + Security › nextlevel › presentasjoner › nextlevel...Identity Governance •Identitetsstyring kommer til Azure AD •Entitlement management](https://reader036.vdocuments.us/reader036/viewer/2022070819/5f1a670feb440a0ef85dd504/html5/thumbnails/7.jpg)
![Page 8: Nytt og hot i Enterprise Mobility + Security › nextlevel › presentasjoner › nextlevel...Identity Governance •Identitetsstyring kommer til Azure AD •Entitlement management](https://reader036.vdocuments.us/reader036/viewer/2022070819/5f1a670feb440a0ef85dd504/html5/thumbnails/8.jpg)
![Page 9: Nytt og hot i Enterprise Mobility + Security › nextlevel › presentasjoner › nextlevel...Identity Governance •Identitetsstyring kommer til Azure AD •Entitlement management](https://reader036.vdocuments.us/reader036/viewer/2022070819/5f1a670feb440a0ef85dd504/html5/thumbnails/9.jpg)
Nytt og Hot - IdentitetPassordløst | Identity Governance | Microsoft Secure Score | B2B
![Page 10: Nytt og hot i Enterprise Mobility + Security › nextlevel › presentasjoner › nextlevel...Identity Governance •Identitetsstyring kommer til Azure AD •Entitlement management](https://reader036.vdocuments.us/reader036/viewer/2022070819/5f1a670feb440a0ef85dd504/html5/thumbnails/10.jpg)
Alle hater passord…
![Page 11: Nytt og hot i Enterprise Mobility + Security › nextlevel › presentasjoner › nextlevel...Identity Governance •Identitetsstyring kommer til Azure AD •Entitlement management](https://reader036.vdocuments.us/reader036/viewer/2022070819/5f1a670feb440a0ef85dd504/html5/thumbnails/11.jpg)
Brukere hater passord
Alfanumeriske passord er vanskelige å huske
Password manager løsninger er
kompliserte og er bare mer jobb
Det er vanskelig å skrive inn passord på mobile
enheter
![Page 12: Nytt og hot i Enterprise Mobility + Security › nextlevel › presentasjoner › nextlevel...Identity Governance •Identitetsstyring kommer til Azure AD •Entitlement management](https://reader036.vdocuments.us/reader036/viewer/2022070819/5f1a670feb440a0ef85dd504/html5/thumbnails/12.jpg)
Credential reuse across multiple services increases attack surfaces
Even the strongest passwords are easily phishable
279% more enterprise securityincidents from 2016 to 2017
81% of hacking-related breaches leveraged either stolen and/or weak passwords
OTA Cyber incidents Report 2018 I Verizon Cybercrime Case Studies 2017
IT hater passord
![Page 13: Nytt og hot i Enterprise Mobility + Security › nextlevel › presentasjoner › nextlevel...Identity Governance •Identitetsstyring kommer til Azure AD •Entitlement management](https://reader036.vdocuments.us/reader036/viewer/2022070819/5f1a670feb440a0ef85dd504/html5/thumbnails/13.jpg)
Mest frekvent avslåtte passord fra siste uke før Ignite..
Hackere passord
![Page 14: Nytt og hot i Enterprise Mobility + Security › nextlevel › presentasjoner › nextlevel...Identity Governance •Identitetsstyring kommer til Azure AD •Entitlement management](https://reader036.vdocuments.us/reader036/viewer/2022070819/5f1a670feb440a0ef85dd504/html5/thumbnails/14.jpg)
Windows Hello Microsoft Authenticator FIDO2 Security Keys
Hvordan komme til en verden uten passord
Autentisering med høy styrke, høy sikkerhet og tilgjengelige metoder
![Page 15: Nytt og hot i Enterprise Mobility + Security › nextlevel › presentasjoner › nextlevel...Identity Governance •Identitetsstyring kommer til Azure AD •Entitlement management](https://reader036.vdocuments.us/reader036/viewer/2022070819/5f1a670feb440a0ef85dd504/html5/thumbnails/15.jpg)
![Page 16: Nytt og hot i Enterprise Mobility + Security › nextlevel › presentasjoner › nextlevel...Identity Governance •Identitetsstyring kommer til Azure AD •Entitlement management](https://reader036.vdocuments.us/reader036/viewer/2022070819/5f1a670feb440a0ef85dd504/html5/thumbnails/16.jpg)
Identity Governance• Identitetsstyring kommer til
Azure AD
• Entitlement management• Admins kan lage policier for
ressurser som grupper, apper, og siter.
• Automatisere prosess for gi tilgang til ansatte og partnere.
• My Access portal• Ansatte og partnere kan be om
tilgang til disse entitlements, og forretningsledere kan godkjenneforespørsler.
![Page 17: Nytt og hot i Enterprise Mobility + Security › nextlevel › presentasjoner › nextlevel...Identity Governance •Identitetsstyring kommer til Azure AD •Entitlement management](https://reader036.vdocuments.us/reader036/viewer/2022070819/5f1a670feb440a0ef85dd504/html5/thumbnails/17.jpg)
Microsoft Secure Score
![Page 18: Nytt og hot i Enterprise Mobility + Security › nextlevel › presentasjoner › nextlevel...Identity Governance •Identitetsstyring kommer til Azure AD •Entitlement management](https://reader036.vdocuments.us/reader036/viewer/2022070819/5f1a670feb440a0ef85dd504/html5/thumbnails/18.jpg)
B2B• Azure AD B2B støtter nå federering med Google
• Gjelder bare personlige Google kontoer, som @gmail.com• Foreløpig ikke GCP
![Page 19: Nytt og hot i Enterprise Mobility + Security › nextlevel › presentasjoner › nextlevel...Identity Governance •Identitetsstyring kommer til Azure AD •Entitlement management](https://reader036.vdocuments.us/reader036/viewer/2022070819/5f1a670feb440a0ef85dd504/html5/thumbnails/19.jpg)
Felles registrering for SSPR og Azure MFA
https://aka.ms/setupsecurityinfo
https://aka.ms/MFASetup
https://aka.ms/SSPRSetup
FØR NÅ
![Page 20: Nytt og hot i Enterprise Mobility + Security › nextlevel › presentasjoner › nextlevel...Identity Governance •Identitetsstyring kommer til Azure AD •Entitlement management](https://reader036.vdocuments.us/reader036/viewer/2022070819/5f1a670feb440a0ef85dd504/html5/thumbnails/20.jpg)
![Page 21: Nytt og hot i Enterprise Mobility + Security › nextlevel › presentasjoner › nextlevel...Identity Governance •Identitetsstyring kommer til Azure AD •Entitlement management](https://reader036.vdocuments.us/reader036/viewer/2022070819/5f1a670feb440a0ef85dd504/html5/thumbnails/21.jpg)
Modern ManagementManagement og Beskyttelse av Enheter og Applikasjoner
- Powered by Cloud
![Page 22: Nytt og hot i Enterprise Mobility + Security › nextlevel › presentasjoner › nextlevel...Identity Governance •Identitetsstyring kommer til Azure AD •Entitlement management](https://reader036.vdocuments.us/reader036/viewer/2022070819/5f1a670feb440a0ef85dd504/html5/thumbnails/22.jpg)
![Page 23: Nytt og hot i Enterprise Mobility + Security › nextlevel › presentasjoner › nextlevel...Identity Governance •Identitetsstyring kommer til Azure AD •Entitlement management](https://reader036.vdocuments.us/reader036/viewer/2022070819/5f1a670feb440a0ef85dd504/html5/thumbnails/23.jpg)
Apps without app protection policies
![Page 24: Nytt og hot i Enterprise Mobility + Security › nextlevel › presentasjoner › nextlevel...Identity Governance •Identitetsstyring kommer til Azure AD •Entitlement management](https://reader036.vdocuments.us/reader036/viewer/2022070819/5f1a670feb440a0ef85dd504/html5/thumbnails/24.jpg)
Data protection with app protection policies
![Page 25: Nytt og hot i Enterprise Mobility + Security › nextlevel › presentasjoner › nextlevel...Identity Governance •Identitetsstyring kommer til Azure AD •Entitlement management](https://reader036.vdocuments.us/reader036/viewer/2022070819/5f1a670feb440a0ef85dd504/html5/thumbnails/25.jpg)
Data protection with app protection policies on devices managed by a MDM solution
![Page 26: Nytt og hot i Enterprise Mobility + Security › nextlevel › presentasjoner › nextlevel...Identity Governance •Identitetsstyring kommer til Azure AD •Entitlement management](https://reader036.vdocuments.us/reader036/viewer/2022070819/5f1a670feb440a0ef85dd504/html5/thumbnails/26.jpg)
Data protection with app protection policies for devices without enrollment
![Page 27: Nytt og hot i Enterprise Mobility + Security › nextlevel › presentasjoner › nextlevel...Identity Governance •Identitetsstyring kommer til Azure AD •Entitlement management](https://reader036.vdocuments.us/reader036/viewer/2022070819/5f1a670feb440a0ef85dd504/html5/thumbnails/27.jpg)
Managed Apps Policy TargetTargeted Apps iOS Targeted Apps Android
• Outlook• OneDrive• OneNote• Skype for Business• Yammer• Word• Excel• PowerPoint• Microsoft Teams• Microsoft Planner• Microsoft Dynamics CRM on iPhone/iPad• Microsoft Connections• Managed Browser • Edge• Microsoft PowerBI• Microsoft SharePoint• Microsoft Visio Viewer• Azure Information Protection• Adobe Acrobat Reader for Intune• Microsoft Invoicing• Microsoft Kaizala• Microsoft StaffHub
• Outlook• OneDrive• OneNote• Skype for Business• Yammer• Word• Excel• PowerPoint• Microsoft Teams• Microsoft Planner• Dynamics CRM for Phones/Tablets
• Managed Browser• Edge• Microsoft Power BI• Microsoft SharePoint
• Azure Information Protection• Adobe Acrobat Reader for Intune• Microsoft Invoicing• Microsoft Kaizala• Microsoft StaffHub• Microsoft Launcher
![Page 28: Nytt og hot i Enterprise Mobility + Security › nextlevel › presentasjoner › nextlevel...Identity Governance •Identitetsstyring kommer til Azure AD •Entitlement management](https://reader036.vdocuments.us/reader036/viewer/2022070819/5f1a670feb440a0ef85dd504/html5/thumbnails/28.jpg)
Applikasjonsbeskyttelse policierEnrolled Devices (iOS, Android) Without Enrollment (iOS, Android)
Data Relocation:
• Prevent iTunes & iCloud Backup: Yes
• Allow app to transfer data to other apps: Policy managed apps
• Allow app to receive data from other apps: All
• Prevent Save As: Yes (allow OneDrive for Business, SharePoint,
Local Storage)
• Restrict cut, copy, and paste with other apps: Policy managed
apps with paste in
• Restrict web content to display in Managed Browser: No
• Encrypt app data: Yes
• Disable contacts sync: No
• Disable printing: No
Data Relocation:
• Prevent iTunes & iCloud Backup: Yes
• Allow app to transfer data to other apps: Policy managed apps
• Allow app to receive data from other apps: Policy managed apps
• Prevent Save As: Yes (allow OneDrive for Business, SharePoint)
• Restrict cut, copy, and paste with other apps: Policy managed
apps
• Restrict web content to display in Managed Browser: Yes
• Encrypt app data: Yes
• Disable contacts sync: No
• Disable printing: No
Access Actions:
• Require PIN for access: Yes, Numeric, PIN length 4. Allow
fingerprint/facial recognition.
• Disable App PIN when device PIN is managed: Yes
Access Actions:
• Require PIN for access: Yes, Numeric, PIN length 4. Allow
fingerprint/facial recognition.
• Disable App PIN when device PIN is managed: No
![Page 29: Nytt og hot i Enterprise Mobility + Security › nextlevel › presentasjoner › nextlevel...Identity Governance •Identitetsstyring kommer til Azure AD •Entitlement management](https://reader036.vdocuments.us/reader036/viewer/2022070819/5f1a670feb440a0ef85dd504/html5/thumbnails/29.jpg)
Firmaportal og Managed Apps
![Page 30: Nytt og hot i Enterprise Mobility + Security › nextlevel › presentasjoner › nextlevel...Identity Governance •Identitetsstyring kommer til Azure AD •Entitlement management](https://reader036.vdocuments.us/reader036/viewer/2022070819/5f1a670feb440a0ef85dd504/html5/thumbnails/30.jpg)
InformasjonsbeskyttelseAzure Information Protection | Unified Labels | Cloud App Security
![Page 31: Nytt og hot i Enterprise Mobility + Security › nextlevel › presentasjoner › nextlevel...Identity Governance •Identitetsstyring kommer til Azure AD •Entitlement management](https://reader036.vdocuments.us/reader036/viewer/2022070819/5f1a670feb440a0ef85dd504/html5/thumbnails/31.jpg)
Unified Labeling• Migrering av Azure Information Protection label til Office 365
Security & Compliance (Preview)
• Unified Labeling Client• Preview for Windows
• Office Insider for Mac
![Page 32: Nytt og hot i Enterprise Mobility + Security › nextlevel › presentasjoner › nextlevel...Identity Governance •Identitetsstyring kommer til Azure AD •Entitlement management](https://reader036.vdocuments.us/reader036/viewer/2022070819/5f1a670feb440a0ef85dd504/html5/thumbnails/32.jpg)
Cloud App Security• Azure AD Conditional Access integrasjon for Office 365 SaaS Apps
• Integrasjon med Windows Defender ATP for Cloud Discovery (“Shadow IT”)
• Microsoft Classification Service