Security, Privacy and Compliance in SharePoint Online and OneDrive for Business
-
Upload
muditha-chathuranga -
Category
Technology
-
view
53 -
download
0
Transcript of Security, Privacy and Compliance in SharePoint Online and OneDrive for Business
Security, Privacy and Compliance with SharePoint Online and OneDrive for BusinessMuditha Jayath ChathurangaMCT | MCSE
• Muditha Jayath Chathuranga• 5+ years in the industry• Systems Engineer – Infront Consulting Group• Office 365, Exchange Server, Skype for Business
Server, Microsoft Azure• MCSE : Productivity (Charter) | MCSA : Office 365 |
MS: Designing and Deploying Exchange Server 2016 (Charter) | MS: Implementing Microsoft Azure Infrastructure Solutions
• Microsoft Certified Trainer• https://www.thecloudjournal.net
Speaker Profile
• Introduction• Concepts• Demo• Roadmap• Q&A
Agenda
Introduction
“Microsoft understands that enterprise security is critical. Trust is not a product—it’s a value that must be earned. Our approach to SharePoint and OneDrive security, privacy and compliance is simple: It’s your data. You own it. You control it. We’re just caretakers. We give you controls to manage the data, paired with our own controls for securing and running our services. Policy governs every stage of a file’s journey, from conception to deletion.”– Microsoft
Five Core PillarsPl
atfo
rm S
ecur
ity
Secu
re A
cces
s &
Shar
ing
Awar
enes
s & In
sight
s
Info
rmat
ion
Gove
rnan
ce
Com
plia
nce
& Tr
ust
• Platform security—Protect information at rest and in transit with layered encryption, Microsoft datacenter procedures and customer controls for access and key management.
• Secure access and sharing—Ensure sensitive data remains secure with managed access and sharing settings.
• Awareness and insights—Track account and file activity with full transparency using reports and alerts.
• Information governance—Govern your data retention, discovery and deletion policies.
• Compliance and trust—Leverage Microsoft’s continuous compliance, ongoing certification and transparent operations.
Five Core Pillars
Security, Usability and Data Sensitivity
Data Sensitivity
Secu
rity
Data Sensitivity
Usab
ility
Concepts
• Differentiated Access• Data Loss Prevention• Activity Monitoring• Service Assurance
Concepts
• User Role• HR• R&D• Finance• Etc.
• Device• Managed• Unmanaged
• Location• Expected• Unexpected
• Sensitivity
Differentiated Access
• Pre defined DLP templates and the ability to create custom policies.
• Policy tips in OneDrive for Business.• Restrict sharing sensitive data with external
parties.
Data Loss Prevention
• Content Search• eDiscovery• Audit Log Search• Reports
Activity Monitoring
• Compliance Reports• Trust Documents• Audited Controls
Service Assurance
Demo
Roadmap
• Conditional access policies that govern access to files based on endpoint location (rolling out).
• Granular conditional access policies based on the managed state of a device (available by end of year).
• New Office 365 datacenter locations in Germany and Canada, extending our industry leadership in the number of distinct global regions to meet your compliance needs (available now in Canada and by end of year in Germany).
• Customer-controlled SharePoint and OneDrive encryption keys (available by end of year).
• Site classification that guides users to understand the value and sensitivity of information and can be extended to apply classification-specific security configuration (available by end of year).
• Unified auditing across site collections in Office 365 and on-premises SharePoint Server 2016 with Feature Pack 1 (available in November 2016).
Roadmap
Conditional Access
SharePoint Site Classification
Unified Auditing
Unified Auditing – Audit Log Search
Q&A
• Email – [email protected]• Twitter – twitter.com/@MudithaC• Facebook – fb.com/TheCloudJournal• LinkedIn – linkedin.com/in/mudithac
Q&A
Thank you!
© 2016 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.