BRIDGING THE OFFICE 365 SECURITY GAP - CLOUDSEC · BRIDGING THE OFFICE 365 SECURITY GAP MIKE SMART Products & Solutions Director, EMEA . ... hybrid cloud, private cloud Architecture

Copyright © 2016 Forcepoint. All rights reserved. | 1 Copyright © 2016 Forcepoint. All rights reserved. | 1

BRIDGING THE OFFICE 365 SECURITY GAP

MIKE SMART Products & Solutions Director, EMEA

Copyright © 2016 Forcepoint. All rights reserved. | 2

Commercial Leader with

Content Security & DLP

Cloud / On-Premise / Hybrid

Pioneer on Cyber Frontlines with

Financial Resources

Deep Understanding of Threat Detection

Networking Innovator with

Advanced Evasion Prevention

Security at Scale

NEW COMPANY, UNIQUELY FORMED TO OFFER A NEW APPROACH TO SECURITY


AGENDA

Market drivers and trends impacting the adoption of O365

Risks to consider when migrating services to O365

Office 365 Security Blueprint



http://www.google.co.uk/url?sa=i&rct=j&q=&esrc=s&source=images&cd=&cad=rja&uact=8&ved=0ahUKEwjPx73_6e3KAhUJWRoKHbugD2wQjRwIBw&url=http://www.extremetech.com/extreme/161772-microsoft-now-has-one-million-servers-less-than-google-but-more-than-amazon-says-ballmer&bvm=bv.113943665,d.d2s&psig=AFQjCNFG3qia2Px517ByQkENT9er6NwvKw&ust=1455215407345124


OFFICE 365 FOR ENTERPRISE


Prem

AV IDS FW PROXY URL FILTER

Storage PCs People Applications People Devices Storage

Applications Internet

IPS NGFW

DLP SWG

ANTI-MALWARE

Private

Cloud

Public

Cloud

PAST

Web Server

Hybrid

Cloud

Processing

PRESENT

OU

TS

IDE

IN

SID

E

SEG

Storage

Applications

Devices


Budget

Business

Enablement

Project Delivery

Lifecycle

Security

Architecture

Compliance &

Audits

Legal & Human

Resources

Threat Prevention,

Detection & Response

Identity

Management

Risk Management


Public cloud, hybrid cloud, private

cloud Architecture

CIA review, Model contracts,

Legal/Finance, Insurance

Risk

evaluation

Provider, SLAs, Data

Discovery/Sovereignty/Destruction Compliance

Employee, Business custodian, IT

custodian, Provider Ownership

WHERE TO START?

Bu

sin

es

s

En

ab

lem

en

t


THE LANDSCAPE

ACCORDING TO ENISA


DATA-CENTRIC CONTEXT AWARE CONTROL

WHO WHAT WHERE HOW ACTION

HUMAN RESOURCES

CUSTOMER SERVICE

CARE PROVIDERS

FINANCE

ACCOUNTING

SALES / MARKETING

LEGAL

TECHNICAL SUPPORT

ENGINEERING

SOURCE CODE

CREDIT CARD DATA

PERSONAL DATA

M&A PLANS

EMPLOYEE SALARY

FINANCIAL REPORT

PATIENT RECORDS

MANUFACTURING DESIGN

RESEARCH

INSURANCE PAYER

ONEDRIVE

BUSINESS PARTNER

FACEBOOK

CHINA

MALICIOUS SERVER

REMOVABLE MEDIA

COMPETITOR

CUSTOMER

FILE TRANSFER

WEB

INSTANT MESSAGING

PEER TO PEER

EMAIL

PRINT

FILE COPY

PRINT SCREEN

COPY / PASTE

CONFIRM

BLOCK

NOTIFY

REMOVE

QUARANTINE

AUDIT

ENCRYPTION

BLOCK

NOTIFY


SECURITY

EFFICACY

WHAT IS THE SECURITY GAP IN O365?

INFRASTRUCTURE

COVERAGE

DETECTION

CAPABILITY DATA

VISIBILITY


THREAT FOCUS

DATA FOCUS

USER FOCUS

THREAT SEVERITY OVER TIME

1

2

3

4

5

6

STAGES OF A MODERN ATTACK

1 - For the last couple weeks

we noticed Joe & a few other

people in engineering were

targeted by spear phishing

attacks, which were

identified and blocked.

2- Last week Joe logged into

the VPN from China using a

new IP address we have not

seen before.

3- This week Joe

authenticated to a new

application he has not

accessed in 6 months.

4 - Today Joe accessed the

entire source code library as

opposed to a smaller

segment.

5 - Joe’s machine has

accessed bittorrent sites

6 - Joe’s computer

transmitted a large data set

externally via bittorrent


DLP Light Integrated DLP Enterprise DLP

Keywords Dictionary RegEx Gateway

DLP

Endpoint

DLP Cloud DLP

Discovery Fingerprinting

COMPLIANCE IP PROTECTION DATA THEFT

PREVENTION INSIDER THREAT

MITIGATION

Behavioral

Analytics

EVOLUTION AND INNOVATION IN PROTECTING FROM DATA THEFT


DATA DETECTION FOR ACCIDENTAL LOSS AND MALICIOUS THEFT

Broad Detection

Derivative

Detection Optical

Character

Recognition

Encrypted

Content

Geo-

Location ‘Drip-

DLP’

Credential

Theft

Detection

Command &

Control

Exfiltration


FORCEPOINT GUIDANCE

• Identify which O365 package is right for your organisation

• Build a Risk Model with O365 at the centre. Architect which controls are needed to manage existing and new business risks

• Consider DLP controls on endpoint, gateway and cloud

• Educate employees continuously on the value of data

• Aid employee decision making

• Focus on the right controls to manage both threat from insider and external threat agents…make the strategy risk-based, data-centric


FORCEPOINT SOLUTIONS TO BRIDGE THE SECURITY GAP IN O365

ENTERPRISE DLP

FOR ONLINE DATA

REPOSITORIES

DLP FOR OTHER

O365 APPLICATIONS

WEB THREAT

PROTECTION & DLP

FOR OTHER CLOUD

APPLICATIONS

INBOUND & OUTBOUND

PROTECTION FOR

EXCHANGE ONLINE

AP-Endpoint

DLP


THANK-YOU!

QUESTIONS?

BRIDGING THE OFFICE 365 SECURITY GAP - CLOUDSEC · BRIDGING THE OFFICE 365 SECURITY GAP MIKE SMART Products & Solutions Director, EMEA . ... hybrid cloud, private cloud Architecture

Documents