SlideShare a Scribd company logo

GDPR Compliance Planning for Microsoft Environments

Download as PPTX, PDF
Quest
Quest

In this webcast, find out how to plan and implement an effective strategy to address the General Data Protection Regulation (GDPR) compliance.

1 of 28
© Copyright 2017 Server StorageIO® and UnlimitedIO LLC All rights reserved. www.storageio.com @StorageIO 1© Copyright 2017 Server StorageIO® and UnlimitedIO LLC All rights reserved. www.storageio.com @StorageIO June 22, 2017 GDPR Compliance Planning for Microsoft Environments Industry Trends Perspectives Produced by Redmond Magazine Presented by Greg Schulz Server StorageIO® Greg@storageio.com | StorageIOblog.com | Facebook.com/StorageIO | @storageio Eight Time
© Copyright 2017 Server StorageIO® and UnlimitedIO LLC All rights reserved. www.storageio.com @StorageIO 2 MSP, Colo, Cloud OS Image Files Files Other Files Information Infrastructures Habitats for Technology Your Facilities Business Infrastructures Habitats for Technology Cloud / MSP / Colo Habitats for Technology Somebody’s Site What Consumers Users Access Business Applications Databases / Repositories BYOD, IoT/IoX Mix of New and Legacy Mix of In-House Build vs. Buy vs. Subscribe Data Infrastructures Data Infrastructures Servers, Storage, I/O Networks Cloud, Virtual, Physical Hardware, Software Best Practices Cloud Service ROBO Workgroup Virtual Legacy ByoD IoT / IoD Source: Software-Defined Data Infrastructure Essentials (CRC) What Personal Information Handled How, where data stored and protected (policies) Who has or had access (and why) (logging and insight) How are you and your Microsoft environment prepared for GDPR? Industry Trends: General Data Protection Regulation (GDPR)
© Copyright 2017 Server StorageIO® and UnlimitedIO LLC All rights reserved. www.storageio.com @StorageIO 3 Todays Agenda and Discussion Topics Industry Trends: GDPR Big Picture and Discussion Topics  What is GDPR and who is it applicable to  Why is GDPR is important to be prepared for  How to be prepared for GDPR  Importance of having insight and awareness  What about Microsoft environments  Who should do what and when  What about tools, technologies and automation  Tips, comments and being prepared  Discussion, Questions and Answers (Q&A) People, Processes Practices, Polocies Tools, Technologies Services, Hardware Software, Services Assess, Insight, Awareness Logging, Monitoring Analytics, Notification Reporting
© Copyright 2017 Server StorageIO® and UnlimitedIO LLC All rights reserved. www.storageio.com @StorageIO 4 The quick overview Industry Trends: What is GDPR and who it applies to  GDPR = General Data Protection Regulation (goes into effect May 25, 2018) o Note emphasis on Data Protection which includes privacy of personal data o Policies and procedures on how to protect data (encrypt, mask, access control, monitor) o Report and notify of breach (and if encrypted), monitor and detect unauthorized access o Processes for removing user data when requested or required o Penalties for breaches of personal data and non-compliance  While EU focused, also applies to: o Organizations of different size across all industry sectors (not just financial or healthcare) o EU Organizations that process and hold/store data about EU individuals o EU Third-parties (including cloud) that process and hold/store EU personal data for others o Entities outside the EU that process and hold/store EU personal data o Various applications that involve personal data including Microsoft on premise and cloud
© Copyright 2017 Server StorageIO® and UnlimitedIO LLC All rights reserved. www.storageio.com @StorageIO 5 What you (and your organization) need to be doing Industry Trends: How to be prepared for GDPR  Gain insight and awareness o What is GDPR (or is not) and impact to your organization o What processes, procedures, policies are in effect today o What applications and data are impacted by GDPR  Review what your organization has done already o What is your strategy, plan, implementation progress o What is left to do, or, to get started with?  Identify what needs to be done to be prepared o Assess applicable data and applications (gain insight) o Various layers and levels of applications along with data o Enable access and audit (logging) along with notification o Processes, policies, how notification, how to remediate and mitigate
© Copyright 2017 Server StorageIO® and UnlimitedIO LLC All rights reserved. www.storageio.com @StorageIO 6 Avoid flying blind = having good instrumentation with timely accurate information Industry Trends: Importance of having insight and awareness  Insight awareness into GDPR and its impact on your organization o How the regulations impact you along with your applications o Processes, procedures, policies, protect, preserve, secure information o Upper-level management buy-in, lower-level implementation  Insight awareness into what applications and data are impacted o Who uses what applications along with data that is impacted o What are the risks that need to be mitigated to comply with GDPR o Identify action plan for audit, event and access log monitoring, analytics o Notification of any data breach or compromise of information o How data is protected with encryption, durable copies, security access controls o Leveraging automation and real-time monitoring, being proactive vs. reactive Roles and Responsibilities Policies and Processes Security and Access Event Log Management Management delegation Change tracking
© Copyright 2017 Server StorageIO® and UnlimitedIO LLC All rights reserved. www.storageio.com @StorageIO 7 How will you protect, preserve, secure as well as serve applications and data? Considerations • What are threat risks? • What needs protection? • What level of protection? • How and where to protect? • Processes, rules and policies o What exists, what is needed o Shared responsibilities o Mobile, ByoD, Legacy, IoT o AD, IAM, SSO integration o Intrusion Detection o Encryption at rest/ in-flight o Regulatory and compliance o Secure disposition (shred) Source: Software-Defined Data Infrastructure Essentials (CRC) How will you backup, replicate, snapshots? Industry Trends: Software Defined Data Protection and Security Host Guarded/Shielded VMs Buzzword and Trends Alert GDPR GDPR GDPR GDPR GDPR
© Copyright 2017 Server StorageIO® and UnlimitedIO LLC All rights reserved. www.storageio.com @StorageIO 8 Various applications with different focus areas that interact with personal data Industry Trends: What about Microsoft environments?  Various Microsoft applications o Exchange, O365, SharePoint, Lync, Skype o NAS, File Shares, OneDrive and work folders o Active Directory (AD) and Azure AD (AAD) o Hyper-V, SQL Server, Windows Server  Where deployed o On-premise (physical, virtual, container) o Cloud (Azure, O365, other clouds) o Hybrid (Public, private, legacy)  What is the impact o How and where data protected (security, access controls, event logs, encrypt, backup, BC/DR) o Awareness, monitoring, reporting, analytics real-time awareness and insight o Leverage automation where possible and practical including log analysis and preservation Various Types of Information • Name, Email, Medical/EMR, Bank/Financial, Identity, Demographics/Profile, preferences, IP and tracking, social media, other personal identify information Various Granularity • Databases (Table, Row, Record, Field, Column) • Files and Objects (Folders, Shares, Buckets) • Event and transaction logs • AD/AAD and other role security
© Copyright 2017 Server StorageIO® and UnlimitedIO LLC All rights reserved. www.storageio.com @StorageIO 9 Leveraging tools and technologies Industry Trends: What about tools, technologies & automation  Focus on Data Protection (Protect, Preserve, Secure and Serve) o Implement role based management, security, authentication for resource access o Leverage AD and AAD for role based access, administration (and delegated management) o Utilize encryption of data inflight and at rest along with key management o Data Masking utilized as part of protecting data at various granularities o Timely reporting and monitoring of access, changes, events o Two factor authentication, PINs and other access controls o Automated log insight analysis and notification of threat detection or breaches o Rethink when, where, why, how often data is copied, backed-up, snapshot, replicated o Key management of keys, certificates and other access control items o Network firewall, intrusion detection systems (reactive and proactive) o Data Loss Prevention (DLP) capabilities and access audit logs for applications
© Copyright 2017 Server StorageIO® and UnlimitedIO LLC All rights reserved. www.storageio.com @StorageIO 10 Protect, Preserve, Secure and Serve Information Closing comments, for now… Eight Time www.storageio.com/book4.html  GDPR combines people, processes, technology, policies  Now is a good time to assess your AD environment  Protect your AD (and Domain Controllers)  Leverage AD for implementing and managing roles  Gain insight and awareness of various layers  Leverage encryption and other security techniques  GDPR provides opportunity to modernize data protection  Key is having timely accurate insight to avoid flying blind  Where to learn more o Redmond Magazine and Quest o www.storageio.com (articles, videos & webcasts) o Feel free to call, tweet, or email greg@storageio.com
© Copyright 2017 Server StorageIO® and UnlimitedIO LLC All rights reserved. www.storageio.com @StorageIO 11© Copyright 2017 Server StorageIO® and UnlimitedIO LLC All rights reserved. www.storageio.com @StorageIO June 22, 2017 GDPR Compliance Planning for Microsoft Environments Industry Trends Perspectives Thank You Produced by Redmond Magazine Presented by Greg Schulz Server StorageIO® Greg@storageio.com | StorageIOblog.com | Facebook.com/StorageIO | @storageio Eight Time
12 Quest Solutions for GDPR Colin Truran Principal Technology Strategist Align technology vision with business strategy to enable an effective customer and partner engagement as a C-Level technical authority understanding both technical and business requirements.
Confidential13 Quest Microsoft Platform Management solutions have been used to migrate, secure and manage more than 180M users globally. Intro to Quest Microsoft Platform Management Cloud | Hybrid | On-Premises
Confidential14 Unrivaled Experience DOUBLE # of mailboxes migrated to Exchange over competition 86M AD accounts migrated Or more than 10X the number of people living in NYC! 101M If 1 user = 1 mile, then that’s 211 trips to the moon…and back! user accounts audited 5X More Exchange mailboxes managed than folks visiting the Eiffel Tower annually! TWICENamed Microsoft ISV Partner of the Year Or more than 6x the number of mates living in Australia! Active Directory accounts managed 149M Do you like my hat? Non! That’s 2 more than Johnny Depp’s Oscar count!
Confidential15 Simplify GDPR compliance for Microsoft environments Quest helps customers achieve and maintain GDPR compliance with security assessment, monitoring and governance solutions that protect on-prem, cloud and hybrid Microsoft environments. Discover & Assess Monitor & Investigate Govern & Control
Confidential16 Simplify GDPR compliance for Microsoft environments Quest helps customers achieve and maintain GDPR compliance with security assessment, monitoring and governance solutions that protect on-prem, cloud and hybrid Microsoft environments. Discover & Assess Monitor & Investigate Govern & Control • Discover access rights to unstructured personal data • Report on Windows file servers, NAS devices, SQL Server, O365, AD and more • Identify inappropriate access • Ensure proper access
Confidential17 Simplify GDPR compliance for Microsoft environments Quest helps customers achieve and maintain GDPR compliance with security assessment, monitoring and governance solutions that protect on-prem, cloud and hybrid Microsoft environments. Discover & Assess Monitor & Investigate Govern & Control • Discover access rights to unstructured personal data • Report on Windows file servers, NAS devices, SQL Server, O365, AD and more • Identify inappropriate access • Ensure proper access • Detect and audit suspicious activity or unauthorized access • Get real-time alerts • Prevent critical changes or unauthorized access • Long-term event log retention • Quickly investigate with forensic analysis
Confidential18 Simplify GDPR compliance for Microsoft environments Quest helps customers achieve and maintain GDPR compliance with security assessment, monitoring and governance solutions that protect on-prem, cloud and hybrid Microsoft environments. Discover & Assess Monitor & Investigate Govern & Control • Discover access rights to unstructured personal data • Report on Windows file servers, NAS devices, SQL Server, O365, AD and more • Identify inappropriate access • Ensure proper access • Detect and audit suspicious activity or unauthorized access • Get real-time alerts • Prevent critical changes or unauthorized access • Long-term event log retention • Quickly investigate with forensic analysis • Prevent unauthorized access • Delegate admin rights using least-privilege access model • Enforce permission blacklisting/whitelisting • Remediate permissions as needed
Discover and Assess
Confidential20 Enterprise Reporter
Monitor and Investigate
Confidential22 Real-time change auditing, in-depth forensics and comprehensive reporting on all key configuration, user and administrator changes. Change Auditor Who Made the change? Where Was the change made from? What Object was changed? When Was the change made? Why Was the change made (comment)? Workstation Where the change originated from Real-time smart alerts to any device
Confidential23 IT Security Search
Govern and Control
Confidential25 • Active Roles is used globally to manage and secure more than 60 million AD user accounts • Active Roles is in use at more than 2,500 companies worldwide • Product has been in existence since 2003 • Deployments range in size from 250 to 800K+ users Active Roles
Confidential26 Security Explorer
Confidential27 Discover & Asses Monitor & Investigate Govern & Control Summary: Simplify GDPR compliance for Microsoft environments Enterprise Reporter Change Auditor IT Security Search Active Roles Security Explorer • Discover access rights to unstructured personal data • Report on Windows file servers, NAS devices, SQL Server, O365, AD and more • Identify inappropriate access • Ensure proper access • Detect and audit suspicious activity or unauthorized access • Get real-time alerts • Prevent critical changes or unauthorized access • Long-term event log retention • Quickly investigate with forensic analysis • Prevent unauthorized access • Delegate admin rights using least- privilege access model • Enforce permission blacklisting/whitelisting • Remediate permissions as needed
Watch the on-demand: http://ow.ly/OpB730d45pT

Recommended

DBA vs Deadlock: How to Out-Index a Deadly Blocking Scenario
DBA vs Deadlock: How to Out-Index a Deadly Blocking ScenarioDBA vs Deadlock: How to Out-Index a Deadly Blocking Scenario
DBA vs Deadlock: How to Out-Index a Deadly Blocking Scenario
Quest
 
Got Open Source?
Got Open Source?Got Open Source?
Got Open Source?
Quest
 
SQL Server 2017 Enhancements You Need To Know
SQL Server 2017 Enhancements You Need To KnowSQL Server 2017 Enhancements You Need To Know
SQL Server 2017 Enhancements You Need To Know
Quest
 
Quest to the Cloud - Identifying the Barriers to Accelerate Office 365 Adoption
Quest to the Cloud - Identifying the Barriers to Accelerate Office 365 AdoptionQuest to the Cloud - Identifying the Barriers to Accelerate Office 365 Adoption
Quest to the Cloud - Identifying the Barriers to Accelerate Office 365 Adoption
Quest
 
Top 10 Enterprise Reporter Reports You Didn't Know You Needed
Top 10 Enterprise Reporter Reports You Didn't Know You NeededTop 10 Enterprise Reporter Reports You Didn't Know You Needed
Top 10 Enterprise Reporter Reports You Didn't Know You Needed
Quest
 
Migrating to Windows 10: Starting Fast. Finishing Strong
Migrating to Windows 10: Starting Fast. Finishing StrongMigrating to Windows 10: Starting Fast. Finishing Strong
Migrating to Windows 10: Starting Fast. Finishing Strong
Quest
 
The Cost of Doing Nothing: A Ransomware Backup Story
The Cost of Doing Nothing: A Ransomware Backup StoryThe Cost of Doing Nothing: A Ransomware Backup Story
The Cost of Doing Nothing: A Ransomware Backup Story
Quest
 
Ensuring Rock-Solid Unified Endpoint Management
Ensuring Rock-Solid Unified Endpoint ManagementEnsuring Rock-Solid Unified Endpoint Management
Ensuring Rock-Solid Unified Endpoint Management
Quest
 

Recommended

DBA vs Deadlock: How to Out-Index a Deadly Blocking Scenario
DBA vs Deadlock: How to Out-Index a Deadly Blocking ScenarioDBA vs Deadlock: How to Out-Index a Deadly Blocking Scenario
DBA vs Deadlock: How to Out-Index a Deadly Blocking Scenario
Quest
 
Got Open Source?
Got Open Source?Got Open Source?
Got Open Source?
Quest
 
SQL Server 2017 Enhancements You Need To Know
SQL Server 2017 Enhancements You Need To KnowSQL Server 2017 Enhancements You Need To Know
SQL Server 2017 Enhancements You Need To Know
Quest
 
Quest to the Cloud - Identifying the Barriers to Accelerate Office 365 Adoption
Quest to the Cloud - Identifying the Barriers to Accelerate Office 365 AdoptionQuest to the Cloud - Identifying the Barriers to Accelerate Office 365 Adoption
Quest to the Cloud - Identifying the Barriers to Accelerate Office 365 Adoption
Quest
 
Top 10 Enterprise Reporter Reports You Didn't Know You Needed
Top 10 Enterprise Reporter Reports You Didn't Know You NeededTop 10 Enterprise Reporter Reports You Didn't Know You Needed
Top 10 Enterprise Reporter Reports You Didn't Know You Needed
Quest
 
Migrating to Windows 10: Starting Fast. Finishing Strong
Migrating to Windows 10: Starting Fast. Finishing StrongMigrating to Windows 10: Starting Fast. Finishing Strong
Migrating to Windows 10: Starting Fast. Finishing Strong
Quest
 
The Cost of Doing Nothing: A Ransomware Backup Story
The Cost of Doing Nothing: A Ransomware Backup StoryThe Cost of Doing Nothing: A Ransomware Backup Story
The Cost of Doing Nothing: A Ransomware Backup Story
Quest
 
Ensuring Rock-Solid Unified Endpoint Management
Ensuring Rock-Solid Unified Endpoint ManagementEnsuring Rock-Solid Unified Endpoint Management
Ensuring Rock-Solid Unified Endpoint Management
Quest
 
Effective Patch and Software Update Management
Effective Patch and Software Update ManagementEffective Patch and Software Update Management
Effective Patch and Software Update Management
Quest
 
Predicting the Future of Endpoint Management in a Mobile World
Predicting the Future of Endpoint Management in a Mobile WorldPredicting the Future of Endpoint Management in a Mobile World
Predicting the Future of Endpoint Management in a Mobile World
Quest
 
Investigating and Recovering from a Potential Hybrid AD Security Breach
Investigating and Recovering from a Potential Hybrid AD Security BreachInvestigating and Recovering from a Potential Hybrid AD Security Breach
Investigating and Recovering from a Potential Hybrid AD Security Breach
Quest
 
Who’s Watching the Watchers? Fixing and Preventing Inappropriate Privileged A...
Who’s Watching the Watchers? Fixing and Preventing Inappropriate Privileged A...Who’s Watching the Watchers? Fixing and Preventing Inappropriate Privileged A...
Who’s Watching the Watchers? Fixing and Preventing Inappropriate Privileged A...
Quest
 
Sounding the Alarm with Real-Time AD Detection and Alerting
Sounding the Alarm with Real-Time AD Detection and AlertingSounding the Alarm with Real-Time AD Detection and Alerting
Sounding the Alarm with Real-Time AD Detection and Alerting
Quest
 
Identifying Hybrid AD Security Risks with Continuous Assessment
Identifying Hybrid AD Security Risks with Continuous Assessment Identifying Hybrid AD Security Risks with Continuous Assessment
Identifying Hybrid AD Security Risks with Continuous Assessment
Quest
 
Reducing the Chance of an Office 365 Security Breach
Reducing the Chance of an Office 365 Security BreachReducing the Chance of an Office 365 Security Breach
Reducing the Chance of an Office 365 Security Breach
Quest
 
Office 365 Best Practices That You Are Not Thinking About
Office 365 Best Practices That You Are Not Thinking AboutOffice 365 Best Practices That You Are Not Thinking About
Office 365 Best Practices That You Are Not Thinking About
Quest
 
How to Restructure Active Directory with ZeroIMPACT
How to Restructure Active Directory with ZeroIMPACTHow to Restructure Active Directory with ZeroIMPACT
How to Restructure Active Directory with ZeroIMPACT
Quest
 
How to Secure Access Control in Office 365 Environments
How to Secure Access Control in Office 365 EnvironmentsHow to Secure Access Control in Office 365 Environments
How to Secure Access Control in Office 365 Environments
Quest
 
Understanding "Red Forest" - The 3-Tier ESAE and Alternative Ways to Protect ...
Understanding "Red Forest" - The 3-Tier ESAE and Alternative Ways to Protect ...Understanding "Red Forest" - The 3-Tier ESAE and Alternative Ways to Protect ...
Understanding "Red Forest" - The 3-Tier ESAE and Alternative Ways to Protect ...
Quest
 
Your Biggest Systems Management Challenges – and How to Overcome Them
Your Biggest Systems Management Challenges – and How to Overcome ThemYour Biggest Systems Management Challenges – and How to Overcome Them
Your Biggest Systems Management Challenges – and How to Overcome Them
Quest
 
Top Five Office 365 Migration Headaches and How to Avoid Them
Top Five Office 365 Migration Headaches and How to Avoid ThemTop Five Office 365 Migration Headaches and How to Avoid Them
Top Five Office 365 Migration Headaches and How to Avoid Them
Quest
 
KACE Endpoint Systems Management Appliances - What’s New for 2017
KACE Endpoint Systems Management Appliances - What’s New for 2017KACE Endpoint Systems Management Appliances - What’s New for 2017
KACE Endpoint Systems Management Appliances - What’s New for 2017
Quest
 
How to Restructure and Modernize Active Directory
How to Restructure and Modernize Active DirectoryHow to Restructure and Modernize Active Directory
How to Restructure and Modernize Active Directory
Quest
 
How to Audit Privileged Operations and Mailbox Access in Office 365 Exchange ...
How to Audit Privileged Operations and Mailbox Access in Office 365 Exchange ...How to Audit Privileged Operations and Mailbox Access in Office 365 Exchange ...
How to Audit Privileged Operations and Mailbox Access in Office 365 Exchange ...
Quest
 
Mitigating Risk in a Complex Hybrid Directory Environment
Mitigating Risk in a Complex Hybrid Directory EnvironmentMitigating Risk in a Complex Hybrid Directory Environment
Mitigating Risk in a Complex Hybrid Directory Environment
Quest
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
Kumud Singh
 
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
名前 です男
 
Removing Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software FuzzingRemoving Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software Fuzzing
Aftab Hussain
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
Safe Software
 

More Related Content

More from Quest

Effective Patch and Software Update Management
Effective Patch and Software Update ManagementEffective Patch and Software Update Management
Effective Patch and Software Update Management
Quest
 
Predicting the Future of Endpoint Management in a Mobile World
Predicting the Future of Endpoint Management in a Mobile WorldPredicting the Future of Endpoint Management in a Mobile World
Predicting the Future of Endpoint Management in a Mobile World
Quest
 
Investigating and Recovering from a Potential Hybrid AD Security Breach
Investigating and Recovering from a Potential Hybrid AD Security BreachInvestigating and Recovering from a Potential Hybrid AD Security Breach
Investigating and Recovering from a Potential Hybrid AD Security Breach
Quest
 
Who’s Watching the Watchers? Fixing and Preventing Inappropriate Privileged A...
Who’s Watching the Watchers? Fixing and Preventing Inappropriate Privileged A...Who’s Watching the Watchers? Fixing and Preventing Inappropriate Privileged A...
Who’s Watching the Watchers? Fixing and Preventing Inappropriate Privileged A...
Quest
 
Sounding the Alarm with Real-Time AD Detection and Alerting
Sounding the Alarm with Real-Time AD Detection and AlertingSounding the Alarm with Real-Time AD Detection and Alerting
Sounding the Alarm with Real-Time AD Detection and Alerting
Quest
 
Identifying Hybrid AD Security Risks with Continuous Assessment
Identifying Hybrid AD Security Risks with Continuous Assessment Identifying Hybrid AD Security Risks with Continuous Assessment
Identifying Hybrid AD Security Risks with Continuous Assessment
Quest
 
Reducing the Chance of an Office 365 Security Breach
Reducing the Chance of an Office 365 Security BreachReducing the Chance of an Office 365 Security Breach
Reducing the Chance of an Office 365 Security Breach
Quest
 
Office 365 Best Practices That You Are Not Thinking About
Office 365 Best Practices That You Are Not Thinking AboutOffice 365 Best Practices That You Are Not Thinking About
Office 365 Best Practices That You Are Not Thinking About
Quest
 
How to Restructure Active Directory with ZeroIMPACT
How to Restructure Active Directory with ZeroIMPACTHow to Restructure Active Directory with ZeroIMPACT
How to Restructure Active Directory with ZeroIMPACT
Quest
 
How to Secure Access Control in Office 365 Environments
How to Secure Access Control in Office 365 EnvironmentsHow to Secure Access Control in Office 365 Environments
How to Secure Access Control in Office 365 Environments
Quest
 
Understanding "Red Forest" - The 3-Tier ESAE and Alternative Ways to Protect ...
Understanding "Red Forest" - The 3-Tier ESAE and Alternative Ways to Protect ...Understanding "Red Forest" - The 3-Tier ESAE and Alternative Ways to Protect ...
Understanding "Red Forest" - The 3-Tier ESAE and Alternative Ways to Protect ...
Quest
 
Your Biggest Systems Management Challenges – and How to Overcome Them
Your Biggest Systems Management Challenges – and How to Overcome ThemYour Biggest Systems Management Challenges – and How to Overcome Them
Your Biggest Systems Management Challenges – and How to Overcome Them
Quest
 
Top Five Office 365 Migration Headaches and How to Avoid Them
Top Five Office 365 Migration Headaches and How to Avoid ThemTop Five Office 365 Migration Headaches and How to Avoid Them
Top Five Office 365 Migration Headaches and How to Avoid Them
Quest
 
KACE Endpoint Systems Management Appliances - What’s New for 2017
KACE Endpoint Systems Management Appliances - What’s New for 2017KACE Endpoint Systems Management Appliances - What’s New for 2017
KACE Endpoint Systems Management Appliances - What’s New for 2017
Quest
 
How to Restructure and Modernize Active Directory
How to Restructure and Modernize Active DirectoryHow to Restructure and Modernize Active Directory
How to Restructure and Modernize Active Directory
Quest
 
How to Audit Privileged Operations and Mailbox Access in Office 365 Exchange ...
How to Audit Privileged Operations and Mailbox Access in Office 365 Exchange ...How to Audit Privileged Operations and Mailbox Access in Office 365 Exchange ...
How to Audit Privileged Operations and Mailbox Access in Office 365 Exchange ...
Quest
 
Mitigating Risk in a Complex Hybrid Directory Environment
Mitigating Risk in a Complex Hybrid Directory EnvironmentMitigating Risk in a Complex Hybrid Directory Environment
Mitigating Risk in a Complex Hybrid Directory Environment
Quest
 

More from Quest (17)

Effective Patch and Software Update Management
Effective Patch and Software Update ManagementEffective Patch and Software Update Management
Effective Patch and Software Update Management
 
Predicting the Future of Endpoint Management in a Mobile World
Predicting the Future of Endpoint Management in a Mobile WorldPredicting the Future of Endpoint Management in a Mobile World
Predicting the Future of Endpoint Management in a Mobile World
 
Investigating and Recovering from a Potential Hybrid AD Security Breach
Investigating and Recovering from a Potential Hybrid AD Security BreachInvestigating and Recovering from a Potential Hybrid AD Security Breach
Investigating and Recovering from a Potential Hybrid AD Security Breach
 
Who’s Watching the Watchers? Fixing and Preventing Inappropriate Privileged A...
Who’s Watching the Watchers? Fixing and Preventing Inappropriate Privileged A...Who’s Watching the Watchers? Fixing and Preventing Inappropriate Privileged A...
Who’s Watching the Watchers? Fixing and Preventing Inappropriate Privileged A...
 
Sounding the Alarm with Real-Time AD Detection and Alerting
Sounding the Alarm with Real-Time AD Detection and AlertingSounding the Alarm with Real-Time AD Detection and Alerting
Sounding the Alarm with Real-Time AD Detection and Alerting
 
Identifying Hybrid AD Security Risks with Continuous Assessment
Identifying Hybrid AD Security Risks with Continuous Assessment Identifying Hybrid AD Security Risks with Continuous Assessment
Identifying Hybrid AD Security Risks with Continuous Assessment
 
Reducing the Chance of an Office 365 Security Breach
Reducing the Chance of an Office 365 Security BreachReducing the Chance of an Office 365 Security Breach
Reducing the Chance of an Office 365 Security Breach
 
Office 365 Best Practices That You Are Not Thinking About
Office 365 Best Practices That You Are Not Thinking AboutOffice 365 Best Practices That You Are Not Thinking About
Office 365 Best Practices That You Are Not Thinking About
 
How to Restructure Active Directory with ZeroIMPACT
How to Restructure Active Directory with ZeroIMPACTHow to Restructure Active Directory with ZeroIMPACT
How to Restructure Active Directory with ZeroIMPACT
 
How to Secure Access Control in Office 365 Environments
How to Secure Access Control in Office 365 EnvironmentsHow to Secure Access Control in Office 365 Environments
How to Secure Access Control in Office 365 Environments
 
Understanding "Red Forest" - The 3-Tier ESAE and Alternative Ways to Protect ...
Understanding "Red Forest" - The 3-Tier ESAE and Alternative Ways to Protect ...Understanding "Red Forest" - The 3-Tier ESAE and Alternative Ways to Protect ...
Understanding "Red Forest" - The 3-Tier ESAE and Alternative Ways to Protect ...
 
Your Biggest Systems Management Challenges – and How to Overcome Them
Your Biggest Systems Management Challenges – and How to Overcome ThemYour Biggest Systems Management Challenges – and How to Overcome Them
Your Biggest Systems Management Challenges – and How to Overcome Them
 
Top Five Office 365 Migration Headaches and How to Avoid Them
Top Five Office 365 Migration Headaches and How to Avoid ThemTop Five Office 365 Migration Headaches and How to Avoid Them
Top Five Office 365 Migration Headaches and How to Avoid Them
 
KACE Endpoint Systems Management Appliances - What’s New for 2017
KACE Endpoint Systems Management Appliances - What’s New for 2017KACE Endpoint Systems Management Appliances - What’s New for 2017
KACE Endpoint Systems Management Appliances - What’s New for 2017
 
How to Restructure and Modernize Active Directory
How to Restructure and Modernize Active DirectoryHow to Restructure and Modernize Active Directory
How to Restructure and Modernize Active Directory
 
How to Audit Privileged Operations and Mailbox Access in Office 365 Exchange ...
How to Audit Privileged Operations and Mailbox Access in Office 365 Exchange ...How to Audit Privileged Operations and Mailbox Access in Office 365 Exchange ...
How to Audit Privileged Operations and Mailbox Access in Office 365 Exchange ...
 
Mitigating Risk in a Complex Hybrid Directory Environment
Mitigating Risk in a Complex Hybrid Directory EnvironmentMitigating Risk in a Complex Hybrid Directory Environment
Mitigating Risk in a Complex Hybrid Directory Environment
 

Recently uploaded

Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
Kumud Singh
 
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
名前 です男
 
Removing Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software FuzzingRemoving Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software Fuzzing
Aftab Hussain
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
Safe Software
 
GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...
ThomasParaiso2
 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
Alpen-Adria-Universität
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
Neo4j
 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
Octavian Nadolu
 
UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6
DianaGray10
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 
UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
DianaGray10
 
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
Neo4j
 
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIEnchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Vladimir Iglovikov, Ph.D.
 
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
James Anderson
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
mikeeftimakis1
 
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
SOFTTECHHUB
 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
Pierluigi Pugliese
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
Adtran
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
Matthew Sinclair
 

Recently uploaded (20)

Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
 
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
 
Removing Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software FuzzingRemoving Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software Fuzzing
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
 
GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...
 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
 
UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 
UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
 
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
 
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIEnchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
 
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
 
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
 

GDPR Compliance Planning for Microsoft Environments

  • 1. © Copyright 2017 Server StorageIO® and UnlimitedIO LLC All rights reserved. www.storageio.com @StorageIO 1© Copyright 2017 Server StorageIO® and UnlimitedIO LLC All rights reserved. www.storageio.com @StorageIO June 22, 2017 GDPR Compliance Planning for Microsoft Environments Industry Trends Perspectives Produced by Redmond Magazine Presented by Greg Schulz Server StorageIO® Greg@storageio.com | StorageIOblog.com | Facebook.com/StorageIO | @storageio Eight Time
  • 2. © Copyright 2017 Server StorageIO® and UnlimitedIO LLC All rights reserved. www.storageio.com @StorageIO 2 MSP, Colo, Cloud OS Image Files Files Other Files Information Infrastructures Habitats for Technology Your Facilities Business Infrastructures Habitats for Technology Cloud / MSP / Colo Habitats for Technology Somebody’s Site What Consumers Users Access Business Applications Databases / Repositories BYOD, IoT/IoX Mix of New and Legacy Mix of In-House Build vs. Buy vs. Subscribe Data Infrastructures Data Infrastructures Servers, Storage, I/O Networks Cloud, Virtual, Physical Hardware, Software Best Practices Cloud Service ROBO Workgroup Virtual Legacy ByoD IoT / IoD Source: Software-Defined Data Infrastructure Essentials (CRC) What Personal Information Handled How, where data stored and protected (policies) Who has or had access (and why) (logging and insight) How are you and your Microsoft environment prepared for GDPR? Industry Trends: General Data Protection Regulation (GDPR)
  • 3. © Copyright 2017 Server StorageIO® and UnlimitedIO LLC All rights reserved. www.storageio.com @StorageIO 3 Todays Agenda and Discussion Topics Industry Trends: GDPR Big Picture and Discussion Topics  What is GDPR and who is it applicable to  Why is GDPR is important to be prepared for  How to be prepared for GDPR  Importance of having insight and awareness  What about Microsoft environments  Who should do what and when  What about tools, technologies and automation  Tips, comments and being prepared  Discussion, Questions and Answers (Q&A) People, Processes Practices, Polocies Tools, Technologies Services, Hardware Software, Services Assess, Insight, Awareness Logging, Monitoring Analytics, Notification Reporting
  • 4. © Copyright 2017 Server StorageIO® and UnlimitedIO LLC All rights reserved. www.storageio.com @StorageIO 4 The quick overview Industry Trends: What is GDPR and who it applies to  GDPR = General Data Protection Regulation (goes into effect May 25, 2018) o Note emphasis on Data Protection which includes privacy of personal data o Policies and procedures on how to protect data (encrypt, mask, access control, monitor) o Report and notify of breach (and if encrypted), monitor and detect unauthorized access o Processes for removing user data when requested or required o Penalties for breaches of personal data and non-compliance  While EU focused, also applies to: o Organizations of different size across all industry sectors (not just financial or healthcare) o EU Organizations that process and hold/store data about EU individuals o EU Third-parties (including cloud) that process and hold/store EU personal data for others o Entities outside the EU that process and hold/store EU personal data o Various applications that involve personal data including Microsoft on premise and cloud
  • 5. © Copyright 2017 Server StorageIO® and UnlimitedIO LLC All rights reserved. www.storageio.com @StorageIO 5 What you (and your organization) need to be doing Industry Trends: How to be prepared for GDPR  Gain insight and awareness o What is GDPR (or is not) and impact to your organization o What processes, procedures, policies are in effect today o What applications and data are impacted by GDPR  Review what your organization has done already o What is your strategy, plan, implementation progress o What is left to do, or, to get started with?  Identify what needs to be done to be prepared o Assess applicable data and applications (gain insight) o Various layers and levels of applications along with data o Enable access and audit (logging) along with notification o Processes, policies, how notification, how to remediate and mitigate
  • 6. © Copyright 2017 Server StorageIO® and UnlimitedIO LLC All rights reserved. www.storageio.com @StorageIO 6 Avoid flying blind = having good instrumentation with timely accurate information Industry Trends: Importance of having insight and awareness  Insight awareness into GDPR and its impact on your organization o How the regulations impact you along with your applications o Processes, procedures, policies, protect, preserve, secure information o Upper-level management buy-in, lower-level implementation  Insight awareness into what applications and data are impacted o Who uses what applications along with data that is impacted o What are the risks that need to be mitigated to comply with GDPR o Identify action plan for audit, event and access log monitoring, analytics o Notification of any data breach or compromise of information o How data is protected with encryption, durable copies, security access controls o Leveraging automation and real-time monitoring, being proactive vs. reactive Roles and Responsibilities Policies and Processes Security and Access Event Log Management Management delegation Change tracking
  • 7. © Copyright 2017 Server StorageIO® and UnlimitedIO LLC All rights reserved. www.storageio.com @StorageIO 7 How will you protect, preserve, secure as well as serve applications and data? Considerations • What are threat risks? • What needs protection? • What level of protection? • How and where to protect? • Processes, rules and policies o What exists, what is needed o Shared responsibilities o Mobile, ByoD, Legacy, IoT o AD, IAM, SSO integration o Intrusion Detection o Encryption at rest/ in-flight o Regulatory and compliance o Secure disposition (shred) Source: Software-Defined Data Infrastructure Essentials (CRC) How will you backup, replicate, snapshots? Industry Trends: Software Defined Data Protection and Security Host Guarded/Shielded VMs Buzzword and Trends Alert GDPR GDPR GDPR GDPR GDPR
  • 8. © Copyright 2017 Server StorageIO® and UnlimitedIO LLC All rights reserved. www.storageio.com @StorageIO 8 Various applications with different focus areas that interact with personal data Industry Trends: What about Microsoft environments?  Various Microsoft applications o Exchange, O365, SharePoint, Lync, Skype o NAS, File Shares, OneDrive and work folders o Active Directory (AD) and Azure AD (AAD) o Hyper-V, SQL Server, Windows Server  Where deployed o On-premise (physical, virtual, container) o Cloud (Azure, O365, other clouds) o Hybrid (Public, private, legacy)  What is the impact o How and where data protected (security, access controls, event logs, encrypt, backup, BC/DR) o Awareness, monitoring, reporting, analytics real-time awareness and insight o Leverage automation where possible and practical including log analysis and preservation Various Types of Information • Name, Email, Medical/EMR, Bank/Financial, Identity, Demographics/Profile, preferences, IP and tracking, social media, other personal identify information Various Granularity • Databases (Table, Row, Record, Field, Column) • Files and Objects (Folders, Shares, Buckets) • Event and transaction logs • AD/AAD and other role security
  • 9. © Copyright 2017 Server StorageIO® and UnlimitedIO LLC All rights reserved. www.storageio.com @StorageIO 9 Leveraging tools and technologies Industry Trends: What about tools, technologies & automation  Focus on Data Protection (Protect, Preserve, Secure and Serve) o Implement role based management, security, authentication for resource access o Leverage AD and AAD for role based access, administration (and delegated management) o Utilize encryption of data inflight and at rest along with key management o Data Masking utilized as part of protecting data at various granularities o Timely reporting and monitoring of access, changes, events o Two factor authentication, PINs and other access controls o Automated log insight analysis and notification of threat detection or breaches o Rethink when, where, why, how often data is copied, backed-up, snapshot, replicated o Key management of keys, certificates and other access control items o Network firewall, intrusion detection systems (reactive and proactive) o Data Loss Prevention (DLP) capabilities and access audit logs for applications
  • 10. © Copyright 2017 Server StorageIO® and UnlimitedIO LLC All rights reserved. www.storageio.com @StorageIO 10 Protect, Preserve, Secure and Serve Information Closing comments, for now… Eight Time www.storageio.com/book4.html  GDPR combines people, processes, technology, policies  Now is a good time to assess your AD environment  Protect your AD (and Domain Controllers)  Leverage AD for implementing and managing roles  Gain insight and awareness of various layers  Leverage encryption and other security techniques  GDPR provides opportunity to modernize data protection  Key is having timely accurate insight to avoid flying blind  Where to learn more o Redmond Magazine and Quest o www.storageio.com (articles, videos & webcasts) o Feel free to call, tweet, or email greg@storageio.com
  • 11. © Copyright 2017 Server StorageIO® and UnlimitedIO LLC All rights reserved. www.storageio.com @StorageIO 11© Copyright 2017 Server StorageIO® and UnlimitedIO LLC All rights reserved. www.storageio.com @StorageIO June 22, 2017 GDPR Compliance Planning for Microsoft Environments Industry Trends Perspectives Thank You Produced by Redmond Magazine Presented by Greg Schulz Server StorageIO® Greg@storageio.com | StorageIOblog.com | Facebook.com/StorageIO | @storageio Eight Time
  • 12. 12 Quest Solutions for GDPR Colin Truran Principal Technology Strategist Align technology vision with business strategy to enable an effective customer and partner engagement as a C-Level technical authority understanding both technical and business requirements.
  • 13. Confidential13 Quest Microsoft Platform Management solutions have been used to migrate, secure and manage more than 180M users globally. Intro to Quest Microsoft Platform Management Cloud | Hybrid | On-Premises
  • 14. Confidential14 Unrivaled Experience DOUBLE # of mailboxes migrated to Exchange over competition 86M AD accounts migrated Or more than 10X the number of people living in NYC! 101M If 1 user = 1 mile, then that’s 211 trips to the moon…and back! user accounts audited 5X More Exchange mailboxes managed than folks visiting the Eiffel Tower annually! TWICENamed Microsoft ISV Partner of the Year Or more than 6x the number of mates living in Australia! Active Directory accounts managed 149M Do you like my hat? Non! That’s 2 more than Johnny Depp’s Oscar count!
  • 15. Confidential15 Simplify GDPR compliance for Microsoft environments Quest helps customers achieve and maintain GDPR compliance with security assessment, monitoring and governance solutions that protect on-prem, cloud and hybrid Microsoft environments. Discover & Assess Monitor & Investigate Govern & Control
  • 16. Confidential16 Simplify GDPR compliance for Microsoft environments Quest helps customers achieve and maintain GDPR compliance with security assessment, monitoring and governance solutions that protect on-prem, cloud and hybrid Microsoft environments. Discover & Assess Monitor & Investigate Govern & Control • Discover access rights to unstructured personal data • Report on Windows file servers, NAS devices, SQL Server, O365, AD and more • Identify inappropriate access • Ensure proper access
  • 17. Confidential17 Simplify GDPR compliance for Microsoft environments Quest helps customers achieve and maintain GDPR compliance with security assessment, monitoring and governance solutions that protect on-prem, cloud and hybrid Microsoft environments. Discover & Assess Monitor & Investigate Govern & Control • Discover access rights to unstructured personal data • Report on Windows file servers, NAS devices, SQL Server, O365, AD and more • Identify inappropriate access • Ensure proper access • Detect and audit suspicious activity or unauthorized access • Get real-time alerts • Prevent critical changes or unauthorized access • Long-term event log retention • Quickly investigate with forensic analysis
  • 18. Confidential18 Simplify GDPR compliance for Microsoft environments Quest helps customers achieve and maintain GDPR compliance with security assessment, monitoring and governance solutions that protect on-prem, cloud and hybrid Microsoft environments. Discover & Assess Monitor & Investigate Govern & Control • Discover access rights to unstructured personal data • Report on Windows file servers, NAS devices, SQL Server, O365, AD and more • Identify inappropriate access • Ensure proper access • Detect and audit suspicious activity or unauthorized access • Get real-time alerts • Prevent critical changes or unauthorized access • Long-term event log retention • Quickly investigate with forensic analysis • Prevent unauthorized access • Delegate admin rights using least-privilege access model • Enforce permission blacklisting/whitelisting • Remediate permissions as needed
  • 22. Confidential22 Real-time change auditing, in-depth forensics and comprehensive reporting on all key configuration, user and administrator changes. Change Auditor Who Made the change? Where Was the change made from? What Object was changed? When Was the change made? Why Was the change made (comment)? Workstation Where the change originated from Real-time smart alerts to any device
  • 25. Confidential25 • Active Roles is used globally to manage and secure more than 60 million AD user accounts • Active Roles is in use at more than 2,500 companies worldwide • Product has been in existence since 2003 • Deployments range in size from 250 to 800K+ users Active Roles
  • 27. Confidential27 Discover & Asses Monitor & Investigate Govern & Control Summary: Simplify GDPR compliance for Microsoft environments Enterprise Reporter Change Auditor IT Security Search Active Roles Security Explorer • Discover access rights to unstructured personal data • Report on Windows file servers, NAS devices, SQL Server, O365, AD and more • Identify inappropriate access • Ensure proper access • Detect and audit suspicious activity or unauthorized access • Get real-time alerts • Prevent critical changes or unauthorized access • Long-term event log retention • Quickly investigate with forensic analysis • Prevent unauthorized access • Delegate admin rights using least- privilege access model • Enforce permission blacklisting/whitelisting • Remediate permissions as needed