SlideShare uma empresa Scribd logo
1 de 35
Baixar para ler offline
Technical Evangelist
DaveVoyles.com
@DaveVoyles
Microsoft + Open Source
Momentum
Dead and buried:
Microsoft's holy war on
open-source software
“Years ago, Microsoft's CEO
described open source as a cancer.
Times have changed. Just ask 22-
year Redmond veteran and open-
source proponent Mark Hill.”
Charles Cooper
Redmond top man Satya
Nadella: 'Microsoft
LOVES Linux‘
Neil McAllister
Microsoft: the Open
Source Company
“This is not your dad’s
Microsoft”
Steven J. Vaughan-Nichols
Tweet
“Azure Container Service is different
and offers the broadest hint yet that
Microsoft wants to build real products
with open source, not merely leverage
it where it's convenient”
Serdar Yegulalp
10+ Years of Open Source
Involvement
Docker on
Microsoft
Azure
O365+Moodle
Integration
We’re Reimagining Microsoft
We will empower
every person and
every organization
on the planet
to achieve more
Build the best-in-class platforms
and productivity services for the
mobile-first, cloud-first world
Create more personal computing
Reinvent productivity & business processes
Build the intelligent cloud platform
Your Infrastructure is a Function of Time
How do you plot your journey to the cloud?
The
Landscape
of Now!
The Microsoft Open Approach
For your journey to the cloud
Empowering
Customers
By Enabling
Choice
To Provide a
Trusted Cloud
Freedom to Choose
Freedom to Change
Optimal Value
Vibrant Local
IT Economy
X-Platform
Open Standards
Interoperability
Open Source Ecosystem
Engagement
Secure
Privacy & Control
Compliance
Transparent
+Hundreds of community
supported images on
VM Depot
SQL Server
Microsoft Azure is an Open Cloud
We’ve delivered an open, broad, and flexible cloud across the stack
Web App Gallery
Dozens of .NET & PHP
CMS and Web apps
Microsoft Azure
One in Four VMs on Azure
Runs Linux Today!
Open Source on Azure: Addressing Industry
Trends
Azure Open Source Customers
Facing increasing malware threats
and a growing trend of BYOD
with
11
12
“The Target hackers broke into the
network using a stolen user name
and password that had been created
for the company servicing their air
conditioning systems.”
BRAIN KREBS (SECURITY BLOGGER)
Target - Exploiting Weak Identities
Source: “Cards Stolen in Target Breach Flood Underground Markets,” KrebsOnSecurity.com, December 20, 2013 13
14
THREAT
RESISTANCE
Increasing password theft
Poor password practices
Support infrastructure and costs
Cumbersome and costly MFA
deployment
Disk encryption optional
Lacking integrated DLP
Varying experience in
mobile and desktops
Platform security built
of software alone
Bootkit and rootkit
Pass-the-hash
Trusted until detected as a threat,
Not realistic facing
numerous new threats per day
15@yungchou
Internet username and password
16
Business username and password
17
18
Shared secrets
shhh!
Weak authentication
19
WINDOWS
HELLO
Hello Chris
20
Multi-factor authentication (MFA)
On-premises
• Physical smartcard
• Reader
• User-and-smartcard specific
• Virtual smartcard
• Company issued device
• Hardware-specific pin
• User-and-device specific
Cloud-centric
• Azure Active Directory
• Identity as a Service
• 2FA as a Service
• User-specific with designated phone
Windows 10 MDM device enrollment
• Microsoft Passport
• Windows Hello biometrics as
primary
• BYOD MDM enrollment
• Device Guard and Credential Guard
21@yungchou
87%
Source: Stroz Friedberg, “On The Pulse: Information Security In American Business,” 2013
22
58%
?
Source: Stroz Friedberg, “On The Pulse: Information Security In American Business,” 2013
23
The Fappening
On August 31, 2014, a collection of almost 500 private pictures of various celebrities, mostly women,
and with many containing nudity, were posted on the imageboard 4chan, via Apple’s iCloud.
24
Protecting data with Enterprise Data Protection (EDP)
• Specifying “privileged apps” that can access enterprise data
• Blocking selected apps from accessing enterprise data
• Offering consistent UX while switching between personal &
enterprise apps w/ enterprise policies in place without the need
to switch environments or sign in again
https://technet.microsoft.com/en-us/library/dn985838%28v=vs.85%29.aspx 25
Protecting data with Enterprise Data Protection (EDP)
• Requiring Intune, Configuration Manager or an MDM solution
• Encrypting enterprise data on employee-owned & corporate-
owned devices
• Remotely wiping enterprise data off corporate devices and
employee-owned computers, without affecting the personal
data
https://technet.microsoft.com/en-us/library/dn985838%28v=vs.85%29.aspx 26
27
Windows 10 Enterprise Device Guard
• Restricts OS to run only code signed by trusted signers
• Defined by your code integrity policy through specific hardware & security configurations
• OS trusts only apps authorized by your enterprise
How it works:
1. Universal Extensible Firmware Interface (UEFI) 2.3.1 (or later) Secure Boot
• Bootkits and rootkis
• Loading/starting Windows 10 Enterprise before anything else
2. Virtualization-based security services including the core (Kernel), while preventing malware from
running early in the boot process
3. User Mode Code Integrity to ensure only trusted apps/binaries to run
4. TPM to provide an isolated hardware to helps protect user credentials, certificates and secure
information
https://technet.microsoft.com/en-us/library/dn986865(v=vs.85).aspx 28
Dangers - - Rootkits, Bootkits
29
• Firmware/kernel/driver rootkits
• Overwrite the system’s basic I/O system
• Bootkits
• System’s OS, infects MBR
• Allows the malicious program to be executed before the OS boots
Counter Measures
30
• Secure Boot
• PCs with UEFI firmware and a Trusted Platform Module (TPM) can be configured to load only
trusted OS bootloaders
• Trusted Boot
• Windows checks the integrity of every component of the startup process before loading it.
• Early Launch Anti-Malware (ELAM)
• Tests all drivers before they load and prevents unapproved drivers from loading
• Measured Boot
• PC’s firmware logs the boot process, & Windows can send it to a trusted server that can
objectively assess the PC’s health.
Prove to me you are healthy
IMPORTANT RESOURCES
WINDOWS
PPCH & INTUNE
Measured Boot Integrity Data (PPCH)
Client policies (AV, Firewall, Patch state (Intune)
Here is my proof
Access please
Provable PC Health (PPCH)
Approved
31
THREAT
RESISTANCE
Biometrics and
strong MFA with
Windows Hello
Microsoft Passport
Enterprise Data Protection (EDP)
Bitlocker auto-drive encryption
Device Guard
Credential Guard
Windows Defender
Provable PC Health
Boot integrity and
platform integrity
with Device Guard,
UEFI Secure Boot,
Trusted Boot,
Measured Boot, and
TPM 32
Call to action
33
• Learn Windows 10 security and “Windows as a Service”
• Microsoft Virtual Academy: http://aka.ms/MVA1
• Inventory hardware and software of your IT environment
• Microsoft Deployment Tool Kit (MDT)
• Assess your business needs for
• Windows Hello and Microsoft Passport
• Device Guard and Credential Guard
Call to action
34
• Roll out UEFI and Secure Boot sooner than later
• Plan your next hardware/software refresh accordingly
• X64, UEFI 2.3.1, TPM 2.0, Intel VT-x/AMD-V, Windows 10 Enterprise
• Evaluate Windows 10, Office 365, Enterprise Management Suits, and Azure AD
Reach out to me!
35
@DaveVoyles
DaveVoyles.com

Mais conteúdo relacionado

Mais procurados

New Horizons for End-User Computing Event - Trend
New Horizons for End-User Computing Event - TrendNew Horizons for End-User Computing Event - Trend
New Horizons for End-User Computing Event - TrendArrow ECS UK
 
Picking the right Single Sign On Tool to protect your network
Picking the right Single Sign On Tool to protect your networkPicking the right Single Sign On Tool to protect your network
Picking the right Single Sign On Tool to protect your networkDavid Strom
 
Business Mobility - otevřete svou mysl k tomu, co je možné
Business Mobility - otevřete svou mysl k tomu, co je možnéBusiness Mobility - otevřete svou mysl k tomu, co je možné
Business Mobility - otevřete svou mysl k tomu, co je možnéMarketingArrowECS_CZ
 
Cisco web ex cloud security
Cisco web ex cloud securityCisco web ex cloud security
Cisco web ex cloud securityebingeorge2010
 
CSF18 - GDPR - Sami Laiho
CSF18 - GDPR - Sami LaihoCSF18 - GDPR - Sami Laiho
CSF18 - GDPR - Sami LaihoNCCOMMS
 
Brian Desmond - Quickly and easily protect your applications and services wit...
Brian Desmond - Quickly and easily protect your applications and services wit...Brian Desmond - Quickly and easily protect your applications and services wit...
Brian Desmond - Quickly and easily protect your applications and services wit...Nordic Infrastructure Conference
 
Trend Micro VForum Agentless Scanning Presentation
Trend Micro VForum Agentless Scanning PresentationTrend Micro VForum Agentless Scanning Presentation
Trend Micro VForum Agentless Scanning PresentationGraeme Wood
 
How to make the move towards hybrid cloud computing
How to make the move towards hybrid cloud computingHow to make the move towards hybrid cloud computing
How to make the move towards hybrid cloud computingDavid Strom
 
CNIT 128 6. Analyzing Android Applications (Part 3 of 3)
CNIT 128 6. Analyzing Android Applications (Part 3 of 3)CNIT 128 6. Analyzing Android Applications (Part 3 of 3)
CNIT 128 6. Analyzing Android Applications (Part 3 of 3)Sam Bowne
 
SCUGBE_Lowlands_Unite_2017_Protecting cloud identities
SCUGBE_Lowlands_Unite_2017_Protecting cloud identitiesSCUGBE_Lowlands_Unite_2017_Protecting cloud identities
SCUGBE_Lowlands_Unite_2017_Protecting cloud identitiesKenny Buntinx
 
Azure Security Fundamentals
Azure Security FundamentalsAzure Security Fundamentals
Azure Security FundamentalsLorenzo Barbieri
 
2 modern desktop - windows deployment & servicing
2   modern desktop - windows deployment & servicing2   modern desktop - windows deployment & servicing
2 modern desktop - windows deployment & servicingAndrew Bettany
 
Virtualization: Security and IT Audit Perspectives
Virtualization: Security and IT Audit PerspectivesVirtualization: Security and IT Audit Perspectives
Virtualization: Security and IT Audit PerspectivesJason Chan
 
Resin.io contribution to the AGILE-IoT project
Resin.io contribution to the AGILE-IoT projectResin.io contribution to the AGILE-IoT project
Resin.io contribution to the AGILE-IoT projectAGILE IoT
 
Do you Know Where Your Data Is? - Accellion InfoSec World 2013 Conference pre...
Do you Know Where Your Data Is? - Accellion InfoSec World 2013 Conference pre...Do you Know Where Your Data Is? - Accellion InfoSec World 2013 Conference pre...
Do you Know Where Your Data Is? - Accellion InfoSec World 2013 Conference pre...Proofpoint
 
1.3. (In)security Software
1.3. (In)security Software1.3. (In)security Software
1.3. (In)security Softwaredefconmoscow
 

Mais procurados (20)

Sami laiho - What's new in windows 8.1
Sami laiho - What's new in windows 8.1Sami laiho - What's new in windows 8.1
Sami laiho - What's new in windows 8.1
 
New Horizons for End-User Computing Event - Trend
New Horizons for End-User Computing Event - TrendNew Horizons for End-User Computing Event - Trend
New Horizons for End-User Computing Event - Trend
 
Picking the right Single Sign On Tool to protect your network
Picking the right Single Sign On Tool to protect your networkPicking the right Single Sign On Tool to protect your network
Picking the right Single Sign On Tool to protect your network
 
Business Mobility - otevřete svou mysl k tomu, co je možné
Business Mobility - otevřete svou mysl k tomu, co je možnéBusiness Mobility - otevřete svou mysl k tomu, co je možné
Business Mobility - otevřete svou mysl k tomu, co je možné
 
Cisco web ex cloud security
Cisco web ex cloud securityCisco web ex cloud security
Cisco web ex cloud security
 
CSF18 - GDPR - Sami Laiho
CSF18 - GDPR - Sami LaihoCSF18 - GDPR - Sami Laiho
CSF18 - GDPR - Sami Laiho
 
Modern Devices Management
Modern Devices ManagementModern Devices Management
Modern Devices Management
 
Brian Desmond - Quickly and easily protect your applications and services wit...
Brian Desmond - Quickly and easily protect your applications and services wit...Brian Desmond - Quickly and easily protect your applications and services wit...
Brian Desmond - Quickly and easily protect your applications and services wit...
 
Trend Micro VForum Agentless Scanning Presentation
Trend Micro VForum Agentless Scanning PresentationTrend Micro VForum Agentless Scanning Presentation
Trend Micro VForum Agentless Scanning Presentation
 
How to make the move towards hybrid cloud computing
How to make the move towards hybrid cloud computingHow to make the move towards hybrid cloud computing
How to make the move towards hybrid cloud computing
 
CNIT 128 6. Analyzing Android Applications (Part 3 of 3)
CNIT 128 6. Analyzing Android Applications (Part 3 of 3)CNIT 128 6. Analyzing Android Applications (Part 3 of 3)
CNIT 128 6. Analyzing Android Applications (Part 3 of 3)
 
SCUGBE_Lowlands_Unite_2017_Protecting cloud identities
SCUGBE_Lowlands_Unite_2017_Protecting cloud identitiesSCUGBE_Lowlands_Unite_2017_Protecting cloud identities
SCUGBE_Lowlands_Unite_2017_Protecting cloud identities
 
Azure Security Fundamentals
Azure Security FundamentalsAzure Security Fundamentals
Azure Security Fundamentals
 
2 modern desktop - windows deployment & servicing
2   modern desktop - windows deployment & servicing2   modern desktop - windows deployment & servicing
2 modern desktop - windows deployment & servicing
 
Virtualization: Security and IT Audit Perspectives
Virtualization: Security and IT Audit PerspectivesVirtualization: Security and IT Audit Perspectives
Virtualization: Security and IT Audit Perspectives
 
Resin.io contribution to the AGILE-IoT project
Resin.io contribution to the AGILE-IoT projectResin.io contribution to the AGILE-IoT project
Resin.io contribution to the AGILE-IoT project
 
Azure security basics
Azure security basicsAzure security basics
Azure security basics
 
Do you Know Where Your Data Is? - Accellion InfoSec World 2013 Conference pre...
Do you Know Where Your Data Is? - Accellion InfoSec World 2013 Conference pre...Do you Know Where Your Data Is? - Accellion InfoSec World 2013 Conference pre...
Do you Know Where Your Data Is? - Accellion InfoSec World 2013 Conference pre...
 
1.3. (In)security Software
1.3. (In)security Software1.3. (In)security Software
1.3. (In)security Software
 
Android system security
Android system securityAndroid system security
Android system security
 

Semelhante a Microsoft on open source and security

Trusted _Computing _security mobile .ppt
Trusted _Computing _security mobile .pptTrusted _Computing _security mobile .ppt
Trusted _Computing _security mobile .pptnaghamallella
 
Trusted Computing _plate form_ model.ppt
Trusted Computing _plate form_ model.pptTrusted Computing _plate form_ model.ppt
Trusted Computing _plate form_ model.pptnaghamallella
 
IT Pros and The Cloud
IT Pros and The CloudIT Pros and The Cloud
IT Pros and The CloudStephen Rose
 
Are you ready for Microsoft Azure Sphere?
Are you ready for Microsoft Azure Sphere?Are you ready for Microsoft Azure Sphere?
Are you ready for Microsoft Azure Sphere?Mirco Vanini
 
Webinar: Securing Remote Workforce on the Microsoft Cloud
Webinar: Securing Remote Workforce on the Microsoft CloudWebinar: Securing Remote Workforce on the Microsoft Cloud
Webinar: Securing Remote Workforce on the Microsoft CloudWithum
 
Azure Sphere - GAB 2019
Azure Sphere - GAB 2019Azure Sphere - GAB 2019
Azure Sphere - GAB 2019Mirco Vanini
 
ITPROCEED_WorkplaceMobility_Windows 10 in the enterprise
ITPROCEED_WorkplaceMobility_Windows 10 in the enterpriseITPROCEED_WorkplaceMobility_Windows 10 in the enterprise
ITPROCEED_WorkplaceMobility_Windows 10 in the enterpriseITProceed
 
Modern Workplace Summit 2015 - Management
Modern Workplace Summit 2015 - ManagementModern Workplace Summit 2015 - Management
Modern Workplace Summit 2015 - ManagementOlav Tvedt
 
Security @ Windows 10 Partner Technical Bootcamp Microsoft Norway October 2015
Security @ Windows 10 Partner Technical Bootcamp Microsoft Norway October 2015Security @ Windows 10 Partner Technical Bootcamp Microsoft Norway October 2015
Security @ Windows 10 Partner Technical Bootcamp Microsoft Norway October 2015Jan Ketil Skanke
 
Microsoft Azure Security Infographic
Microsoft Azure Security InfographicMicrosoft Azure Security Infographic
Microsoft Azure Security InfographicMicrosoft Azure
 
CSS17: Houston - Azure Shared Security Model Overview
CSS17: Houston - Azure Shared Security Model OverviewCSS17: Houston - Azure Shared Security Model Overview
CSS17: Houston - Azure Shared Security Model OverviewAlert Logic
 
Best practices to secure Windows10 with already included features
Best practices to secure Windows10 with already included featuresBest practices to secure Windows10 with already included features
Best practices to secure Windows10 with already included featuresAlexander Benoit
 
Azure security and Compliance
Azure security and ComplianceAzure security and Compliance
Azure security and ComplianceKarina Matos
 
IoT Day - Introducing Azure Sphere
IoT Day -  Introducing Azure SphereIoT Day -  Introducing Azure Sphere
IoT Day - Introducing Azure SphereMirco Vanini
 
How Endpoint Security works ?
How Endpoint Security works ?How Endpoint Security works ?
How Endpoint Security works ?William hendric
 
Daniel Grabski | Microsofts cybersecurity story
Daniel Grabski | Microsofts cybersecurity storyDaniel Grabski | Microsofts cybersecurity story
Daniel Grabski | Microsofts cybersecurity storyMicrosoft Österreich
 
Cloud Security Fundamentals - St. Louis O365 Users Group
Cloud Security Fundamentals - St. Louis O365 Users GroupCloud Security Fundamentals - St. Louis O365 Users Group
Cloud Security Fundamentals - St. Louis O365 Users GroupJ.D. Wade
 

Semelhante a Microsoft on open source and security (20)

Trusted _Computing _security mobile .ppt
Trusted _Computing _security mobile .pptTrusted _Computing _security mobile .ppt
Trusted _Computing _security mobile .ppt
 
Trusted Computing _plate form_ model.ppt
Trusted Computing _plate form_ model.pptTrusted Computing _plate form_ model.ppt
Trusted Computing _plate form_ model.ppt
 
Secure the modern Enterprise
Secure the modern EnterpriseSecure the modern Enterprise
Secure the modern Enterprise
 
IT Pros and The Cloud
IT Pros and The CloudIT Pros and The Cloud
IT Pros and The Cloud
 
Are you ready for Microsoft Azure Sphere?
Are you ready for Microsoft Azure Sphere?Are you ready for Microsoft Azure Sphere?
Are you ready for Microsoft Azure Sphere?
 
Webinar: Securing Remote Workforce on the Microsoft Cloud
Webinar: Securing Remote Workforce on the Microsoft CloudWebinar: Securing Remote Workforce on the Microsoft Cloud
Webinar: Securing Remote Workforce on the Microsoft Cloud
 
Azure Sphere - GAB 2019
Azure Sphere - GAB 2019Azure Sphere - GAB 2019
Azure Sphere - GAB 2019
 
ITPROCEED_WorkplaceMobility_Windows 10 in the enterprise
ITPROCEED_WorkplaceMobility_Windows 10 in the enterpriseITPROCEED_WorkplaceMobility_Windows 10 in the enterprise
ITPROCEED_WorkplaceMobility_Windows 10 in the enterprise
 
Checkpoint Overview
Checkpoint OverviewCheckpoint Overview
Checkpoint Overview
 
Modern Workplace Summit 2015 - Management
Modern Workplace Summit 2015 - ManagementModern Workplace Summit 2015 - Management
Modern Workplace Summit 2015 - Management
 
Security @ Windows 10 Partner Technical Bootcamp Microsoft Norway October 2015
Security @ Windows 10 Partner Technical Bootcamp Microsoft Norway October 2015Security @ Windows 10 Partner Technical Bootcamp Microsoft Norway October 2015
Security @ Windows 10 Partner Technical Bootcamp Microsoft Norway October 2015
 
Microsoft Azure Security Infographic
Microsoft Azure Security InfographicMicrosoft Azure Security Infographic
Microsoft Azure Security Infographic
 
CSS17: Houston - Azure Shared Security Model Overview
CSS17: Houston - Azure Shared Security Model OverviewCSS17: Houston - Azure Shared Security Model Overview
CSS17: Houston - Azure Shared Security Model Overview
 
Building Secure IoT Solutions using Azure Sphere
Building Secure IoT Solutions using Azure SphereBuilding Secure IoT Solutions using Azure Sphere
Building Secure IoT Solutions using Azure Sphere
 
Best practices to secure Windows10 with already included features
Best practices to secure Windows10 with already included featuresBest practices to secure Windows10 with already included features
Best practices to secure Windows10 with already included features
 
Azure security and Compliance
Azure security and ComplianceAzure security and Compliance
Azure security and Compliance
 
IoT Day - Introducing Azure Sphere
IoT Day -  Introducing Azure SphereIoT Day -  Introducing Azure Sphere
IoT Day - Introducing Azure Sphere
 
How Endpoint Security works ?
How Endpoint Security works ?How Endpoint Security works ?
How Endpoint Security works ?
 
Daniel Grabski | Microsofts cybersecurity story
Daniel Grabski | Microsofts cybersecurity storyDaniel Grabski | Microsofts cybersecurity story
Daniel Grabski | Microsofts cybersecurity story
 
Cloud Security Fundamentals - St. Louis O365 Users Group
Cloud Security Fundamentals - St. Louis O365 Users GroupCloud Security Fundamentals - St. Louis O365 Users Group
Cloud Security Fundamentals - St. Louis O365 Users Group
 

Mais de David Voyles

Developing games for consoles as an indie in 2019
Developing games for consoles as an indie in 2019Developing games for consoles as an indie in 2019
Developing games for consoles as an indie in 2019David Voyles
 
Developing for consoles as an indie in 2019
Developing for consoles as an indie in 2019Developing for consoles as an indie in 2019
Developing for consoles as an indie in 2019David Voyles
 
Overview Microsoft's ML & AI tools
Overview Microsoft's ML & AI toolsOverview Microsoft's ML & AI tools
Overview Microsoft's ML & AI toolsDavid Voyles
 
Intro to deep learning
Intro to deep learning Intro to deep learning
Intro to deep learning David Voyles
 
What is a Tech Evangelist?
What is a Tech Evangelist?What is a Tech Evangelist?
What is a Tech Evangelist?David Voyles
 
Students: How to get started in the tech world
Students: How to get started in the tech worldStudents: How to get started in the tech world
Students: How to get started in the tech worldDavid Voyles
 
Students -- How to get started in the tech world
Students -- How to get started in the tech worldStudents -- How to get started in the tech world
Students -- How to get started in the tech worldDavid Voyles
 
Getting started with Emscripten – Transpiling C / C++ to JavaScript / HTML5
Getting started with Emscripten – Transpiling C / C++ to JavaScript / HTML5Getting started with Emscripten – Transpiling C / C++ to JavaScript / HTML5
Getting started with Emscripten – Transpiling C / C++ to JavaScript / HTML5David Voyles
 
How to win a hackathon - Penn APps 2015
How to win a hackathon - Penn APps 2015How to win a hackathon - Penn APps 2015
How to win a hackathon - Penn APps 2015David Voyles
 
Running, improving & maintaining a site in the real world
Running, improving & maintaining a site in the real worldRunning, improving & maintaining a site in the real world
Running, improving & maintaining a site in the real worldDavid Voyles
 
Building web front ends using single page applications
Building web front ends using single page applicationsBuilding web front ends using single page applications
Building web front ends using single page applicationsDavid Voyles
 
Web standards and Visual Studio web tools
Web standards and Visual Studio web toolsWeb standards and Visual Studio web tools
Web standards and Visual Studio web toolsDavid Voyles
 
Build and deploy an ASP.NET applicaton
Build and deploy an ASP.NET applicatonBuild and deploy an ASP.NET applicaton
Build and deploy an ASP.NET applicatonDavid Voyles
 
Cluster puck99 postmortem
Cluster puck99 postmortemCluster puck99 postmortem
Cluster puck99 postmortemDavid Voyles
 
Joe Healy - How to set up your DreamSpark account
Joe Healy - How to set up your DreamSpark accountJoe Healy - How to set up your DreamSpark account
Joe Healy - How to set up your DreamSpark accountDavid Voyles
 
Joe Healy - Students as App Publishers
Joe Healy - Students as App PublishersJoe Healy - Students as App Publishers
Joe Healy - Students as App PublishersDavid Voyles
 
Using prime[31] to connect your unity game to azure mobile services
Using prime[31] to connect your unity game to azure mobile servicesUsing prime[31] to connect your unity game to azure mobile services
Using prime[31] to connect your unity game to azure mobile servicesDavid Voyles
 
An Introdouction to Venture Capital and Microsoft Ventures
An Introdouction to Venture Capital and Microsoft VenturesAn Introdouction to Venture Capital and Microsoft Ventures
An Introdouction to Venture Capital and Microsoft VenturesDavid Voyles
 
Intro to WebGL and BabylonJS
Intro to WebGL and BabylonJSIntro to WebGL and BabylonJS
Intro to WebGL and BabylonJSDavid Voyles
 

Mais de David Voyles (20)

Developing games for consoles as an indie in 2019
Developing games for consoles as an indie in 2019Developing games for consoles as an indie in 2019
Developing games for consoles as an indie in 2019
 
Developing for consoles as an indie in 2019
Developing for consoles as an indie in 2019Developing for consoles as an indie in 2019
Developing for consoles as an indie in 2019
 
Overview Microsoft's ML & AI tools
Overview Microsoft's ML & AI toolsOverview Microsoft's ML & AI tools
Overview Microsoft's ML & AI tools
 
Intro to deep learning
Intro to deep learning Intro to deep learning
Intro to deep learning
 
What is a Tech Evangelist?
What is a Tech Evangelist?What is a Tech Evangelist?
What is a Tech Evangelist?
 
Students: How to get started in the tech world
Students: How to get started in the tech worldStudents: How to get started in the tech world
Students: How to get started in the tech world
 
Students -- How to get started in the tech world
Students -- How to get started in the tech worldStudents -- How to get started in the tech world
Students -- How to get started in the tech world
 
Getting started with Emscripten – Transpiling C / C++ to JavaScript / HTML5
Getting started with Emscripten – Transpiling C / C++ to JavaScript / HTML5Getting started with Emscripten – Transpiling C / C++ to JavaScript / HTML5
Getting started with Emscripten – Transpiling C / C++ to JavaScript / HTML5
 
How to win a hackathon - Penn APps 2015
How to win a hackathon - Penn APps 2015How to win a hackathon - Penn APps 2015
How to win a hackathon - Penn APps 2015
 
ASP.NET 5
ASP.NET 5ASP.NET 5
ASP.NET 5
 
Running, improving & maintaining a site in the real world
Running, improving & maintaining a site in the real worldRunning, improving & maintaining a site in the real world
Running, improving & maintaining a site in the real world
 
Building web front ends using single page applications
Building web front ends using single page applicationsBuilding web front ends using single page applications
Building web front ends using single page applications
 
Web standards and Visual Studio web tools
Web standards and Visual Studio web toolsWeb standards and Visual Studio web tools
Web standards and Visual Studio web tools
 
Build and deploy an ASP.NET applicaton
Build and deploy an ASP.NET applicatonBuild and deploy an ASP.NET applicaton
Build and deploy an ASP.NET applicaton
 
Cluster puck99 postmortem
Cluster puck99 postmortemCluster puck99 postmortem
Cluster puck99 postmortem
 
Joe Healy - How to set up your DreamSpark account
Joe Healy - How to set up your DreamSpark accountJoe Healy - How to set up your DreamSpark account
Joe Healy - How to set up your DreamSpark account
 
Joe Healy - Students as App Publishers
Joe Healy - Students as App PublishersJoe Healy - Students as App Publishers
Joe Healy - Students as App Publishers
 
Using prime[31] to connect your unity game to azure mobile services
Using prime[31] to connect your unity game to azure mobile servicesUsing prime[31] to connect your unity game to azure mobile services
Using prime[31] to connect your unity game to azure mobile services
 
An Introdouction to Venture Capital and Microsoft Ventures
An Introdouction to Venture Capital and Microsoft VenturesAn Introdouction to Venture Capital and Microsoft Ventures
An Introdouction to Venture Capital and Microsoft Ventures
 
Intro to WebGL and BabylonJS
Intro to WebGL and BabylonJSIntro to WebGL and BabylonJS
Intro to WebGL and BabylonJS
 

Último

.NET 8 ChatBot with Azure OpenAI Services.pptx
.NET 8 ChatBot with Azure OpenAI Services.pptx.NET 8 ChatBot with Azure OpenAI Services.pptx
.NET 8 ChatBot with Azure OpenAI Services.pptxHansamali Gamage
 
Graphene Quantum Dots-Based Composites for Biomedical Applications
Graphene Quantum Dots-Based Composites for  Biomedical ApplicationsGraphene Quantum Dots-Based Composites for  Biomedical Applications
Graphene Quantum Dots-Based Composites for Biomedical Applicationsnooralam814309
 
The Importance of Indoor Air Quality (English)
The Importance of Indoor Air Quality (English)The Importance of Indoor Air Quality (English)
The Importance of Indoor Air Quality (English)IES VE
 
Where developers are challenged, what developers want and where DevEx is going
Where developers are challenged, what developers want and where DevEx is goingWhere developers are challenged, what developers want and where DevEx is going
Where developers are challenged, what developers want and where DevEx is goingFrancesco Corti
 
Webinar: The Art of Prioritizing Your Product Roadmap by AWS Sr PM - Tech
Webinar: The Art of Prioritizing Your Product Roadmap by AWS Sr PM - TechWebinar: The Art of Prioritizing Your Product Roadmap by AWS Sr PM - Tech
Webinar: The Art of Prioritizing Your Product Roadmap by AWS Sr PM - TechProduct School
 
20140402 - Smart house demo kit
20140402 - Smart house demo kit20140402 - Smart house demo kit
20140402 - Smart house demo kitJamie (Taka) Wang
 
Flow Control | Block Size | ST Min | First Frame
Flow Control | Block Size | ST Min | First FrameFlow Control | Block Size | ST Min | First Frame
Flow Control | Block Size | ST Min | First FrameKapil Thakar
 
Introduction to RAG (Retrieval Augmented Generation) and its application
Introduction to RAG (Retrieval Augmented Generation) and its applicationIntroduction to RAG (Retrieval Augmented Generation) and its application
Introduction to RAG (Retrieval Augmented Generation) and its applicationKnoldus Inc.
 
Planetek Italia Srl - Corporate Profile Brochure
Planetek Italia Srl - Corporate Profile BrochurePlanetek Italia Srl - Corporate Profile Brochure
Planetek Italia Srl - Corporate Profile BrochurePlanetek Italia Srl
 
UiPath Studio Web workshop Series - Day 3
UiPath Studio Web workshop Series - Day 3UiPath Studio Web workshop Series - Day 3
UiPath Studio Web workshop Series - Day 3DianaGray10
 
Automation Ops Series: Session 2 - Governance for UiPath projects
Automation Ops Series: Session 2 - Governance for UiPath projectsAutomation Ops Series: Session 2 - Governance for UiPath projects
Automation Ops Series: Session 2 - Governance for UiPath projectsDianaGray10
 
Stobox 4: Revolutionizing Investment in Real-World Assets Through Tokenization
Stobox 4: Revolutionizing Investment in Real-World Assets Through TokenizationStobox 4: Revolutionizing Investment in Real-World Assets Through Tokenization
Stobox 4: Revolutionizing Investment in Real-World Assets Through TokenizationStobox
 
The New Cloud World Order Is FinOps (Slideshow)
The New Cloud World Order Is FinOps (Slideshow)The New Cloud World Order Is FinOps (Slideshow)
The New Cloud World Order Is FinOps (Slideshow)codyslingerland1
 
Q4 2023 Quarterly Investor Presentation - FINAL - v1.pdf
Q4 2023 Quarterly Investor Presentation - FINAL - v1.pdfQ4 2023 Quarterly Investor Presentation - FINAL - v1.pdf
Q4 2023 Quarterly Investor Presentation - FINAL - v1.pdfTejal81
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
 
TrustArc Webinar - How to Live in a Post Third-Party Cookie World
TrustArc Webinar - How to Live in a Post Third-Party Cookie WorldTrustArc Webinar - How to Live in a Post Third-Party Cookie World
TrustArc Webinar - How to Live in a Post Third-Party Cookie WorldTrustArc
 
My key hands-on projects in Quantum, and QAI
My key hands-on projects in Quantum, and QAIMy key hands-on projects in Quantum, and QAI
My key hands-on projects in Quantum, and QAIVijayananda Mohire
 
Introduction - IPLOOK NETWORKS CO., LTD.
Introduction - IPLOOK NETWORKS CO., LTD.Introduction - IPLOOK NETWORKS CO., LTD.
Introduction - IPLOOK NETWORKS CO., LTD.IPLOOK Networks
 
Trailblazer Community - Flows Workshop (Session 2)
Trailblazer Community - Flows Workshop (Session 2)Trailblazer Community - Flows Workshop (Session 2)
Trailblazer Community - Flows Workshop (Session 2)Muhammad Tiham Siddiqui
 
Oracle Database 23c Security New Features.pptx
Oracle Database 23c Security New Features.pptxOracle Database 23c Security New Features.pptx
Oracle Database 23c Security New Features.pptxSatishbabu Gunukula
 

Último (20)

.NET 8 ChatBot with Azure OpenAI Services.pptx
.NET 8 ChatBot with Azure OpenAI Services.pptx.NET 8 ChatBot with Azure OpenAI Services.pptx
.NET 8 ChatBot with Azure OpenAI Services.pptx
 
Graphene Quantum Dots-Based Composites for Biomedical Applications
Graphene Quantum Dots-Based Composites for  Biomedical ApplicationsGraphene Quantum Dots-Based Composites for  Biomedical Applications
Graphene Quantum Dots-Based Composites for Biomedical Applications
 
The Importance of Indoor Air Quality (English)
The Importance of Indoor Air Quality (English)The Importance of Indoor Air Quality (English)
The Importance of Indoor Air Quality (English)
 
Where developers are challenged, what developers want and where DevEx is going
Where developers are challenged, what developers want and where DevEx is goingWhere developers are challenged, what developers want and where DevEx is going
Where developers are challenged, what developers want and where DevEx is going
 
Webinar: The Art of Prioritizing Your Product Roadmap by AWS Sr PM - Tech
Webinar: The Art of Prioritizing Your Product Roadmap by AWS Sr PM - TechWebinar: The Art of Prioritizing Your Product Roadmap by AWS Sr PM - Tech
Webinar: The Art of Prioritizing Your Product Roadmap by AWS Sr PM - Tech
 
20140402 - Smart house demo kit
20140402 - Smart house demo kit20140402 - Smart house demo kit
20140402 - Smart house demo kit
 
Flow Control | Block Size | ST Min | First Frame
Flow Control | Block Size | ST Min | First FrameFlow Control | Block Size | ST Min | First Frame
Flow Control | Block Size | ST Min | First Frame
 
Introduction to RAG (Retrieval Augmented Generation) and its application
Introduction to RAG (Retrieval Augmented Generation) and its applicationIntroduction to RAG (Retrieval Augmented Generation) and its application
Introduction to RAG (Retrieval Augmented Generation) and its application
 
Planetek Italia Srl - Corporate Profile Brochure
Planetek Italia Srl - Corporate Profile BrochurePlanetek Italia Srl - Corporate Profile Brochure
Planetek Italia Srl - Corporate Profile Brochure
 
UiPath Studio Web workshop Series - Day 3
UiPath Studio Web workshop Series - Day 3UiPath Studio Web workshop Series - Day 3
UiPath Studio Web workshop Series - Day 3
 
Automation Ops Series: Session 2 - Governance for UiPath projects
Automation Ops Series: Session 2 - Governance for UiPath projectsAutomation Ops Series: Session 2 - Governance for UiPath projects
Automation Ops Series: Session 2 - Governance for UiPath projects
 
Stobox 4: Revolutionizing Investment in Real-World Assets Through Tokenization
Stobox 4: Revolutionizing Investment in Real-World Assets Through TokenizationStobox 4: Revolutionizing Investment in Real-World Assets Through Tokenization
Stobox 4: Revolutionizing Investment in Real-World Assets Through Tokenization
 
The New Cloud World Order Is FinOps (Slideshow)
The New Cloud World Order Is FinOps (Slideshow)The New Cloud World Order Is FinOps (Slideshow)
The New Cloud World Order Is FinOps (Slideshow)
 
Q4 2023 Quarterly Investor Presentation - FINAL - v1.pdf
Q4 2023 Quarterly Investor Presentation - FINAL - v1.pdfQ4 2023 Quarterly Investor Presentation - FINAL - v1.pdf
Q4 2023 Quarterly Investor Presentation - FINAL - v1.pdf
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
 
TrustArc Webinar - How to Live in a Post Third-Party Cookie World
TrustArc Webinar - How to Live in a Post Third-Party Cookie WorldTrustArc Webinar - How to Live in a Post Third-Party Cookie World
TrustArc Webinar - How to Live in a Post Third-Party Cookie World
 
My key hands-on projects in Quantum, and QAI
My key hands-on projects in Quantum, and QAIMy key hands-on projects in Quantum, and QAI
My key hands-on projects in Quantum, and QAI
 
Introduction - IPLOOK NETWORKS CO., LTD.
Introduction - IPLOOK NETWORKS CO., LTD.Introduction - IPLOOK NETWORKS CO., LTD.
Introduction - IPLOOK NETWORKS CO., LTD.
 
Trailblazer Community - Flows Workshop (Session 2)
Trailblazer Community - Flows Workshop (Session 2)Trailblazer Community - Flows Workshop (Session 2)
Trailblazer Community - Flows Workshop (Session 2)
 
Oracle Database 23c Security New Features.pptx
Oracle Database 23c Security New Features.pptxOracle Database 23c Security New Features.pptx
Oracle Database 23c Security New Features.pptx
 

Microsoft on open source and security

  • 2. Microsoft + Open Source Momentum Dead and buried: Microsoft's holy war on open-source software “Years ago, Microsoft's CEO described open source as a cancer. Times have changed. Just ask 22- year Redmond veteran and open- source proponent Mark Hill.” Charles Cooper Redmond top man Satya Nadella: 'Microsoft LOVES Linux‘ Neil McAllister Microsoft: the Open Source Company “This is not your dad’s Microsoft” Steven J. Vaughan-Nichols Tweet “Azure Container Service is different and offers the broadest hint yet that Microsoft wants to build real products with open source, not merely leverage it where it's convenient” Serdar Yegulalp
  • 3. 10+ Years of Open Source Involvement Docker on Microsoft Azure O365+Moodle Integration
  • 4. We’re Reimagining Microsoft We will empower every person and every organization on the planet to achieve more Build the best-in-class platforms and productivity services for the mobile-first, cloud-first world Create more personal computing Reinvent productivity & business processes Build the intelligent cloud platform
  • 5. Your Infrastructure is a Function of Time How do you plot your journey to the cloud? The Landscape of Now!
  • 6. The Microsoft Open Approach For your journey to the cloud Empowering Customers By Enabling Choice To Provide a Trusted Cloud Freedom to Choose Freedom to Change Optimal Value Vibrant Local IT Economy X-Platform Open Standards Interoperability Open Source Ecosystem Engagement Secure Privacy & Control Compliance Transparent
  • 7. +Hundreds of community supported images on VM Depot SQL Server Microsoft Azure is an Open Cloud We’ve delivered an open, broad, and flexible cloud across the stack Web App Gallery Dozens of .NET & PHP CMS and Web apps Microsoft Azure One in Four VMs on Azure Runs Linux Today!
  • 8. Open Source on Azure: Addressing Industry Trends
  • 9. Azure Open Source Customers
  • 10. Facing increasing malware threats and a growing trend of BYOD with
  • 11. 11
  • 12. 12
  • 13. “The Target hackers broke into the network using a stolen user name and password that had been created for the company servicing their air conditioning systems.” BRAIN KREBS (SECURITY BLOGGER) Target - Exploiting Weak Identities Source: “Cards Stolen in Target Breach Flood Underground Markets,” KrebsOnSecurity.com, December 20, 2013 13
  • 14. 14
  • 15. THREAT RESISTANCE Increasing password theft Poor password practices Support infrastructure and costs Cumbersome and costly MFA deployment Disk encryption optional Lacking integrated DLP Varying experience in mobile and desktops Platform security built of software alone Bootkit and rootkit Pass-the-hash Trusted until detected as a threat, Not realistic facing numerous new threats per day 15@yungchou
  • 16. Internet username and password 16
  • 17. Business username and password 17
  • 18. 18
  • 21. Multi-factor authentication (MFA) On-premises • Physical smartcard • Reader • User-and-smartcard specific • Virtual smartcard • Company issued device • Hardware-specific pin • User-and-device specific Cloud-centric • Azure Active Directory • Identity as a Service • 2FA as a Service • User-specific with designated phone Windows 10 MDM device enrollment • Microsoft Passport • Windows Hello biometrics as primary • BYOD MDM enrollment • Device Guard and Credential Guard 21@yungchou
  • 22. 87% Source: Stroz Friedberg, “On The Pulse: Information Security In American Business,” 2013 22
  • 23. 58% ? Source: Stroz Friedberg, “On The Pulse: Information Security In American Business,” 2013 23
  • 24. The Fappening On August 31, 2014, a collection of almost 500 private pictures of various celebrities, mostly women, and with many containing nudity, were posted on the imageboard 4chan, via Apple’s iCloud. 24
  • 25. Protecting data with Enterprise Data Protection (EDP) • Specifying “privileged apps” that can access enterprise data • Blocking selected apps from accessing enterprise data • Offering consistent UX while switching between personal & enterprise apps w/ enterprise policies in place without the need to switch environments or sign in again https://technet.microsoft.com/en-us/library/dn985838%28v=vs.85%29.aspx 25
  • 26. Protecting data with Enterprise Data Protection (EDP) • Requiring Intune, Configuration Manager or an MDM solution • Encrypting enterprise data on employee-owned & corporate- owned devices • Remotely wiping enterprise data off corporate devices and employee-owned computers, without affecting the personal data https://technet.microsoft.com/en-us/library/dn985838%28v=vs.85%29.aspx 26
  • 27. 27
  • 28. Windows 10 Enterprise Device Guard • Restricts OS to run only code signed by trusted signers • Defined by your code integrity policy through specific hardware & security configurations • OS trusts only apps authorized by your enterprise How it works: 1. Universal Extensible Firmware Interface (UEFI) 2.3.1 (or later) Secure Boot • Bootkits and rootkis • Loading/starting Windows 10 Enterprise before anything else 2. Virtualization-based security services including the core (Kernel), while preventing malware from running early in the boot process 3. User Mode Code Integrity to ensure only trusted apps/binaries to run 4. TPM to provide an isolated hardware to helps protect user credentials, certificates and secure information https://technet.microsoft.com/en-us/library/dn986865(v=vs.85).aspx 28
  • 29. Dangers - - Rootkits, Bootkits 29 • Firmware/kernel/driver rootkits • Overwrite the system’s basic I/O system • Bootkits • System’s OS, infects MBR • Allows the malicious program to be executed before the OS boots
  • 30. Counter Measures 30 • Secure Boot • PCs with UEFI firmware and a Trusted Platform Module (TPM) can be configured to load only trusted OS bootloaders • Trusted Boot • Windows checks the integrity of every component of the startup process before loading it. • Early Launch Anti-Malware (ELAM) • Tests all drivers before they load and prevents unapproved drivers from loading • Measured Boot • PC’s firmware logs the boot process, & Windows can send it to a trusted server that can objectively assess the PC’s health.
  • 31. Prove to me you are healthy IMPORTANT RESOURCES WINDOWS PPCH & INTUNE Measured Boot Integrity Data (PPCH) Client policies (AV, Firewall, Patch state (Intune) Here is my proof Access please Provable PC Health (PPCH) Approved 31
  • 32. THREAT RESISTANCE Biometrics and strong MFA with Windows Hello Microsoft Passport Enterprise Data Protection (EDP) Bitlocker auto-drive encryption Device Guard Credential Guard Windows Defender Provable PC Health Boot integrity and platform integrity with Device Guard, UEFI Secure Boot, Trusted Boot, Measured Boot, and TPM 32
  • 33. Call to action 33 • Learn Windows 10 security and “Windows as a Service” • Microsoft Virtual Academy: http://aka.ms/MVA1 • Inventory hardware and software of your IT environment • Microsoft Deployment Tool Kit (MDT) • Assess your business needs for • Windows Hello and Microsoft Passport • Device Guard and Credential Guard
  • 34. Call to action 34 • Roll out UEFI and Secure Boot sooner than later • Plan your next hardware/software refresh accordingly • X64, UEFI 2.3.1, TPM 2.0, Intel VT-x/AMD-V, Windows 10 Enterprise • Evaluate Windows 10, Office 365, Enterprise Management Suits, and Azure AD
  • 35. Reach out to me! 35 @DaveVoyles DaveVoyles.com