spslondon - how to secure your data in office 365
TRANSCRIPT
How to secure your data in Office 365
Maarten EekelsSharePoint Saturday LondonJuly 11th, 2015
Thanks to our Sponsors
Maarten Eekels
CTO Portiva / P-TSP Microsoft
Speaker, blogger
Top 25 European SharePoint Influencers 2014
Contact
Agenda• Data encryption• Message encryption• Rights management• Data loss prevention• Mobile device management• … and more
Data encryption• Data at rest• BitLocker drive encryption• Per-file encryption (for SharePoint Online and OneDrive for Business)• Files are spread across multiple Azure Storage containers• Map with file locations is also encrypted• Encryptions keys are physically located somewhere else
• Data in transit• TLS across all workloads• TLS 1.2 support• SSL 3.0 support withdrawn
Message encryption
Encrypted message never leaves server
Recipient receives message with link and is required to login to read and reply to the message
Configuration of message encryption1. Activate Rights Management in Azure/Office 3652. Configure RMS Online key sharing location in
Exchange OnlineSet-IRMConfiguration -RMSOnlineKeySharingLocation "https://sp-
rms.eu.aadrm.com/TenantManagement/ServicePartner.svc"
3. Import the Trusted Publishing Domain (TPD) from RMS OnlineImport-RMSTrustedPublishingDomain -RMSOnline -name "RMS Online"
4. Enable IRM in Exchange OnlineSet-IRMConfiguration -InternalLicensingEnabled $true
https://technet.microsoft.com/library/dn151475(v=exchg.150).aspx
Message EncryptionDEMO
Rights management• Protect your company’s sensitive
information based on encryption, identity, and authorization policies
• Documents can only be used by the intended recipients for the intended purpose
• Coming soon: Document tracking (Currently in preview, and in North America only)
Configuration of rights management1. Active Rights Management in your Office
365 tenantOptional:2. Configure Rights Management templates3. Enable Information Rights Management in
SharePoint Online4. Download and install Rights Management
sharing application http://go.microsoft.com/fwlink/?LinkId=303970
Rights ManagementDEMO
Data loss prevention• Identify and protect content
of personal or confidential nature
• Based on policies / Use policy tips to notify users about policy matches
• Already available in Exchange Online and coming to SharePoint Online
• Supports fingerprinting
Data Loss PreventionDEMO
Mobile device management
• Protect data on end user devices
• Conditional access
• Device management
• Selective wipe
Configuration of mobile device management • Install Apple Push Notification Certificate
Mobile device managementDEMO
And there is more…• Password policies• Multi-Factor authentication• Exchange Online Advanced Threat
Protection• Protection against unknown malware and viruses• Real time, time-of-click protection against malicious URLs• Rich reporting and URL trace capabilities
Don’t forget the SharePint
Sponsored by
Imperial College Union Bar6pm - 8pm Beit Quadrangle, Prince Consort RoadOne street up from SPS London
Don’t forget to get Beer Tokens….
Thanks!
@maarteneekelswww.eekels.net