Professional Documents
Culture Documents
Microsoft 365 Security: Bourseaud Laurent Architecte Microsoft 365
Microsoft 365 Security: Bourseaud Laurent Architecte Microsoft 365
Bourseaud Laurent
Architecte Microsoft 365
Secure data through its lifecycle
Standard
StandardData
DataProtection
Protection Protect
Protectdata
datain
inuse
use
Encrypt inactive data Encrypt data that is flowing Protect/Encrypt data that is in
when stored in blob between untrusted public use during computation
storage, database, etc. or private networks
Intelligent security for the modern workplace
Microsoft 365 unifies enterprise security and user productivity
Security
Management
Information
Protection
24-48 101+
Hours Days
Hello
Text/SMS
Voice call
Conditional
access
Azure AD
Conditional Access
ADFS
MSA
Conditions Controls
Google ID
40TB
Allow/block
Employee & Partner
Android Users and Roles Session
access Microsoft Cloud
Risk
iOS Machine
learning 3 Limited Microsoft
MacOS Trusted & Cloud App Security
Compliant Devices access
Windows
Windows
Defender ATP
Require
Real time MFA
Evaluation
Engine Cloud SaaS apps
Geo-location Physical & Force
Virtual Location password
******
Corporate reset
Network Policies Effective
Client apps & policy
Auth Method
Browser apps
Block legacy
authentication
Client apps
On-premises apps
Threat
protection
Microsoft
Advance Threat Protection ( ATP )
MICROSOFT'S ADVANCED THREAT PROTECTION
L’utilisateur Il ouvre la
reçoit un mail pièce jointe Attaque
Brute force
+
Prise de
Exploitation Installation contrôle Déplacements Privilèges
Il clique sur Reconnaissance latéraux administrateur
une url !
http://
L’utilisateur va
sur un site web
C:\
L’utisateur lance
un programme
Information
protection
Azure Information
Protection ( AIP )
MICROSOFT INFORMATION PROTECTION SOLUTIONS
Comprehensive protection of sensitive data throughout its lifecycle—across devices,
apps, cloud services, and on-premises
Across
PUBLIC
Across
Malicious
Malicious emails
emails
found
found
Threat
Threat signal
signal
shared
shared with
with
WDATP
WDATP forfor auto
auto
remediation
remediation
User
User anomalies
anomalies
suggest
suggest identity
identity
compromise
compromise
Automatic
Automatic
remediation
remediation
actions
actions complete
complete
Control : Centralized security management
Microsoft 365 Security Center
Integrates with your SIEM, Identity and Access Management, DLP and Information Protection solutions
Enterprise Mobility & Suite
Microsoft Enterprise Mobility + Security
MICROSOFT INTUNE MICROSOFT CLOUD
APP SECURITY
Make sure your devices are
compliant and secure, while Gain deep visibility, strong
protecting data at the controls and enhanced
application level threat protection for data
stored in cloud apps
Classify
CONDITIONAL
ACCESS AZURE INFORMATION
PROTECTION
Location Classify, label, protect and
audit data for persistent
Access
granted security throughout the
Apps
to data complete data lifecycle
! Risk
Audit !
Label
Device
!
Protect
!
AZURE ACTIVE
MICROSOFT ADVANCED
DIRECTORY
THREAT ANALYTICS
Ensure only authorized
users are granted access Detect breaches before they
to personal data using cause damage by identifying
risk-based conditional abnormal behavior, known
access malicious attacks and security
issues
Enterprise Mobility + Security
Azure Active Directory Microsoft Advanced Threat Microsoft Azure Information Protection
Premium P1 Analytics Intune Premium P1
Single sign-on to cloud and on- Identify suspicious activities & Mobile device and app management Encryption for all files and storage
premises applications. Basic advanced attacks on premises. to protect corporate apps and data on locations. Cloud based file tracking
EMS E3
38
Microsoft 365
Protection et conformité des informations
GDPR challenges Personal data
Any information related to an identified or identifiable
natural person including direct and indirect identification.
Examples include:
• Name
• Identification number (e.g., SSN)
Informations exploitables
Actions recommandées pour améliorer vos
capacités de protection des données
Conformité simplifiée
Flux de travail rationalisé entre les équipes et
rapports richement détaillés de préparation à l'audit
Gestionnaire de conformité est un tableau de bord procurant votre score de conformité ainsi
qu'un résumé de votre niveau en matière de protection de données et de conformité et des
recommandations pour les améliorer. Il s'agit bien de recommandations. Il est de votre rôle
d'évaluer et de valider l'efficacité des contrôles de clients selon votre environnement
réglementaire. Les recommandations du Gestionnaire de conformité et du Score de
conformité ne doivent pas être interprétées comme une garantie de conformité.
Microsoft Service de gestion de la confidentialité Portal (STP)
https://aka.ms/stp
Large couverture de plusieurs Appareils Applications Services cloud Sur site ISV, Tierce
emplacements et applications partie
Chiffrement OME/AIP
Connexion et audit
Répondre
Gestionnaire de conformité
Données non-Office 365
Vérifiez et annotez avant exportation
Solutions suite à des litiges, notamment Partage de fichiers, sites et autres applications
des DSR, des enquêtes et autres
Journal d'audit et alertes
Un audit complet à long terme entretient
une conformité continue
Couverture complète
des services Office 365