Windows 10 Security Overview (BDM) (Field and Thru Partner)download.microsoft.com/download/3/8/9/38924887-3BA0-49BF... · 2018. 10. 13. · Security from the inside out ... “A look

REVOLUTION

TODAY, YOU ARE EXPERIENCING A

OF CYBER-THREATS

Wall Street Journal, JP Morgan, White House, Bushehr nuclear reactor, RSA, Microsoft, Google, Apple, Facebook, Sony, Target, Heartland ,EBay Heartland ICANN Home Depot

struggling

THE EVOLUTION OF ATTACKS

Volume and Impact

Script Kiddies

BLASTER, SLAMMER

Motive: Mischief

2003-2004

THE EVOLUTION OF ATTACKS

2005-PRESENT

Organized Crime

RANSOMWARE, CLICK-FRAUD,

IDENTITY THEFT

Motive: Profit

Script Kiddies

BLASTER, SLAMMER

Motive: Mischief

2003-2004

THE EVOLUTION OF ATTACKS

2005-PRESENT

Organized Crime

RANSOMWARE, CLICK-FRAUD,

IDENTITY THEFT

Motive: Profit

Script Kiddies

BLASTER, SLAMMER

Motive: Mischief

2012 - Beyond

Nation States, Activists,

Terror Groups

BRAZEN, COMPLEX,

PERSISTENT

Motives:IP Theft,Damage,

Disruption

2003-2004

“The [malware] sample with the Sony computer names in it was designed to systematically connect to each server on the list. ‘It contains a user name and password and a list of internal systems and it connects to each of them and wipes the hard drives.”

Sony Got Hacked

Hard: What We

Know and Don’t

Know So Far

KIM ZETTER

Wired

December 2, 2014

Source: Sony Got Hacked Hard: What We Know and Don’t Know So Far, Kim Zetter, Wired Magazine, December 3, 2014

SONY BREACH – EXTRAORDINARY DAMAGE

Source: Hackers Threaten Sony Employees in New Email: ‘Your Family Will Be in Danger’, Dave McNary, MSN, December 5, 2014. Image: G. Hodan

Sony Hackers

Threaten 9/11 Attack

on Movie Theaters

BRENT LANG

Variety

December 5, 2014

“The world will be full of fear, remember the 11th of September 2001. We recommend you to keep yourself distant from the places at that time.”

SONY BREACH – ADDING TERROR TO PLAYBOOK

ADDRESSING THE THREATS REQUIRES A NEW APPROACH:

Security from the inside out – beyond bigger walls

RUIN THE ATTACKERS ECONOMIC MODEL

BREAK THE ATTACK PLAYBOOK

ELIMINATE THE VECTORS OF ATTACK

Require

Data protection

Identity protection

Threat resistance

Device security

Protection against modern security threats

Secure hardware

Secure your identities

Secure yourdata

Device integrity maintained using UEFI Secure Boot

Trusted Platform Module (TPM) protects critical secrets

Biometrics sensors going mainstream on Windows

Virtualization base security (VBS) isolates sensitive Windows processes and data using

Secure Hardware

Virtualization based security powered by hardware

OS

CPU

Virtualization based security powered by hardware

OS VBS

Hyper-V

CPU with Virtualization Extensions

Protection against modern security threats

Secure hardware

Secure your identities

Secure your data

Shared secrets

shhh!

Easily mishandled or lost

(Hint: The user is the problem)

Easy to deploy two-factor password alternative

Breach, theft, and phish resistant credentials

Single sign-on experience

Convenient enterprise grade security for both enterprises and consumers

Supports PIN and biometric sign-in using Windows Hello

Microsoft Passport and Windows Hello

WINDOWS HELLO

Facial

Hello Chris

Fingerprint Iris

FIDO ALLIANCE

Example Board level members

Windows Hello Demo

Pass the Hash (PtH) attacks are the #1 go-to tool for hackers

Used in nearly every major breach and APT type of attack

Credential Guard uses VBS to isolate Windows authentication services and derived credentials

Fundamentally breaks delivered credential theft using MimiKatz, etc

Credential Guard

Cred Guard powered by Virtualization based security

Protection against modern security threats

Secure hardware

Secure your identities

Secure your data

2HIPPA Secure Now, “A look at the cost of healthcare data breaches,” Art Gross, March 30, 2012

Have accidentally sent sensitive information to the wrong person1

58%

…of senior managers admit to regularly uploading work files to a personal email or cloud account1

87%

Average per record cost of a data breach across all industries2

$240PER

RECORD

1Stroz Friedberg, “On The Pulse: Information Security In American Business,” 2013

DEVICE PROTECTION

DATA SEPARATION

LEAK PROTECTION

SHARING PROTECTION

DEVICE PROTECTION

BitLocker enhancements in Windows 8.1

InstantGo

3rd party adoption

Protect system and data when device is lost or stolen

Containment

Data separation

DATA SEPARATION

Prevent unauthorized users and apps from accessing and leaking data

LEAK PROTECTION

Protect data when shared with others, or shared outside of organizational devices and control

SHARING PROTECTION

DEVICE PROTECTION

DATA SEPARATION

LEAK PROTECTION

SHARING PROTECTION

DEVICE PROTECTION

BitLocker enhancements in Windows 8.1

InstantGo

3rd party adoption

DATA SEPARATION

LEAK PROTECTION

SHARING PROTECTION

BitLocker Enterprise data protection Rights Management Services

Protects data when a device is lost or stolen using full disk encryption

Provides single sign on and protection from cold boot attacks

Easy to deploy and manageable (via MBAM) at scale

Excellent integration, performance, and reliability

Submitted for Common Criteria and FIPS 140-2 certification. Will be supported for HIPPA, PCI DSS, etc scenarios

BitLocker data protection

Delivers user friendly corporate/personal data separation and containment

Ensures only trusted apps can access business data

Helps prevent accidental data leakage through copy and paste scenarios

Integrates with Microsoft Azure Right Management for secure roaming and sharing

Available on mobile and the desktop

Enterprise data protection

Protect information from unauthorized access—internal and external (Do Not Forward and Company Confidential, Office 365 Message Encryption)

Easy for users and easy for IT to enforce policies to improve data security

Protects SharePoint, Exchange, and Office document and can work cross platform

Microsoft Azure Rights Management

Bitlocker Demo

TODAYS CHALLENGE

APPS

Your security depends on a platform where:

APPS MUST EARN TRUST BEFORE USE

NEW APPROACHES WITH WINDOWS 10

Active Threat DetectionDevice State based

Condition Access

Next Generation

App Control

Next Generation App ControlSecure your devices with Device Guard

Provides next generation app control and

kernel mode protection

Uses signed policies to help prevent users and

malware with elevated privilege from

changing IT’s app control policies

Protects kernel mode processes and

drivers from zero days and vulnerabilities

using hardware enforced vulnerability

mitigations

Device Guard

Device Guard powered by Virtualization based security

OS VBS

Hyper-V

CPU with Virtualization Extensions

Cre

den

tial

Gu

ard

Devic

e

G

uard

Device Guard Code Integrity Demo

Windows 10 webinar series

Q&A Guidance

To facilitate discussion, please use this

format when posting questions:

“<First Name initials><Last

Name>_<number>: <question>”

Example:LJChiu_1: Who is Cortana?

QWang_1: Why is it Blue instead of Red?

LJ_Chiu_2: Who is Contoso?

Questions may not be answered in the

sequence by which it came in.

Click on the LOG IN button and sign in or

register through the pop-up Windows before

Q&A

Type the questions in the Chat Box

Please Sign in to Livestream to access Q&A function

A technical team will be helping with your questions

during the 1 hour webinar and for 30 minutes after.

1 2

3

Thank you!

These slides are provided for educational purposes only.

You are required to check on latest resources on what’s available and up to date information