Copyright © 2016 Forcepoint. All rights reserved. | 1 Copyright © 2016 Forcepoint. All rights reserved. | 1 BRIDGING THE OFFICE 365 SECURITY GAP MIKE SMART Products & Solutions Director, EMEA
Copyright © 2016 Forcepoint. All rights reserved. | 1 Copyright © 2016 Forcepoint. All rights reserved. | 1
BRIDGING THE OFFICE 365 SECURITY GAP
MIKE SMART Products & Solutions Director, EMEA
Copyright © 2016 Forcepoint. All rights reserved. | 2
Commercial Leader with
Content Security & DLP
Cloud / On-Premise / Hybrid
Pioneer on Cyber Frontlines with
Financial Resources
Deep Understanding of Threat Detection
Networking Innovator with
Advanced Evasion Prevention
Security at Scale
NEW COMPANY, UNIQUELY FORMED TO OFFER A NEW APPROACH TO SECURITY
Copyright © 2016 Forcepoint. All rights reserved. | 3
AGENDA
Market drivers and trends impacting the adoption of O365
Risks to consider when migrating services to O365
Office 365 Security Blueprint
Copyright © 2016 Forcepoint. All rights reserved. | 5
Copyright © 2016 Forcepoint. All rights reserved. | 7
Prem
AV IDS FW PROXY URL FILTER
Storage PCs People Applications People Devices Storage
Applications Internet
IPS NGFW
DLP SWG
ANTI-MALWARE
Private
Cloud
Public
Cloud
PAST
Web Server
Hybrid
Cloud
Processing
PRESENT
OU
TS
IDE
IN
SID
E
SEG
Storage
Applications
Devices
Copyright © 2016 Forcepoint. All rights reserved. | 8
Budget
Business
Enablement
Project Delivery
Lifecycle
Security
Architecture
Compliance &
Audits
Legal & Human
Resources
Threat Prevention,
Detection & Response
Identity
Management
Risk Management
Copyright © 2016 Forcepoint. All rights reserved. | 9
Public cloud, hybrid cloud, private
cloud Architecture
CIA review, Model contracts,
Legal/Finance, Insurance
Risk
evaluation
Provider, SLAs, Data
Discovery/Sovereignty/Destruction Compliance
Employee, Business custodian, IT
custodian, Provider Ownership
WHERE TO START?
Bu
sin
es
s
En
ab
lem
en
t
Copyright © 2016 Forcepoint. All rights reserved. | 11
DATA-CENTRIC CONTEXT AWARE CONTROL
WHO WHAT WHERE HOW ACTION
HUMAN RESOURCES
CUSTOMER SERVICE
CARE PROVIDERS
FINANCE
ACCOUNTING
SALES / MARKETING
LEGAL
TECHNICAL SUPPORT
ENGINEERING
SOURCE CODE
CREDIT CARD DATA
PERSONAL DATA
M&A PLANS
EMPLOYEE SALARY
FINANCIAL REPORT
PATIENT RECORDS
MANUFACTURING DESIGN
RESEARCH
INSURANCE PAYER
ONEDRIVE
BUSINESS PARTNER
CHINA
MALICIOUS SERVER
REMOVABLE MEDIA
COMPETITOR
CUSTOMER
FILE TRANSFER
WEB
INSTANT MESSAGING
PEER TO PEER
FILE COPY
PRINT SCREEN
COPY / PASTE
CONFIRM
BLOCK
NOTIFY
REMOVE
QUARANTINE
AUDIT
ENCRYPTION
BLOCK
NOTIFY
Copyright © 2016 Forcepoint. All rights reserved. | 12
SECURITY
EFFICACY
WHAT IS THE SECURITY GAP IN O365?
INFRASTRUCTURE
COVERAGE
DETECTION
CAPABILITY DATA
VISIBILITY
Copyright © 2016 Forcepoint. All rights reserved. | 13
THREAT FOCUS
DATA FOCUS
USER FOCUS
THREAT SEVERITY OVER TIME
1
2
3
4
5
6
STAGES OF A MODERN ATTACK
1 - For the last couple weeks
we noticed Joe & a few other
people in engineering were
targeted by spear phishing
attacks, which were
identified and blocked.
2- Last week Joe logged into
the VPN from China using a
new IP address we have not
seen before.
3- This week Joe
authenticated to a new
application he has not
accessed in 6 months.
4 - Today Joe accessed the
entire source code library as
opposed to a smaller
segment.
5 - Joe’s machine has
accessed bittorrent sites
6 - Joe’s computer
transmitted a large data set
externally via bittorrent
Copyright © 2016 Forcepoint. All rights reserved. | 14
DLP Light Integrated DLP Enterprise DLP
Keywords Dictionary RegEx Gateway
DLP
Endpoint
DLP Cloud DLP
Discovery Fingerprinting
COMPLIANCE IP PROTECTION DATA THEFT
PREVENTION INSIDER THREAT
MITIGATION
Behavioral
Analytics
EVOLUTION AND INNOVATION IN PROTECTING FROM DATA THEFT
Copyright © 2016 Forcepoint. All rights reserved. | 15
DATA DETECTION FOR ACCIDENTAL LOSS AND MALICIOUS THEFT
Broad Detection
Derivative
Detection Optical
Character
Recognition
Encrypted
Content
Geo-
Location ‘Drip-
DLP’
Credential
Theft
Detection
Command &
Control
Exfiltration
Copyright © 2016 Forcepoint. All rights reserved. | 16
FORCEPOINT GUIDANCE
• Identify which O365 package is right for your organisation
• Build a Risk Model with O365 at the centre. Architect which controls are needed to manage existing and new business risks
• Consider DLP controls on endpoint, gateway and cloud
• Educate employees continuously on the value of data
• Aid employee decision making
• Focus on the right controls to manage both threat from insider and external threat agents…make the strategy risk-based, data-centric
Copyright © 2016 Forcepoint. All rights reserved. | 17
FORCEPOINT SOLUTIONS TO BRIDGE THE SECURITY GAP IN O365
ENTERPRISE DLP
FOR ONLINE DATA
REPOSITORIES
DLP FOR OTHER
O365 APPLICATIONS
WEB THREAT
PROTECTION & DLP
FOR OTHER CLOUD
APPLICATIONS
INBOUND & OUTBOUND
PROTECTION FOR
EXCHANGE ONLINE
AP-Endpoint
DLP