SlideShare uma empresa Scribd logo

Use AADRM (Right Management Services) with Office 365

Transferir como PPTX, PDF
Benoit HAMET
Benoit HAMET

Presentation on how to enable and use Azure Active Directory Right Management (AADRM) on Office 365 Presentation held at Microsoft MVP ANZ event on June 2013

Tecnologia
1 de 17
Use ADDRM with Office 365 Benoit HAMET Sydney, June 5th 2013 Microsoft MVP June 2013 Event This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License.
The information contained in this presentation is proprietary. © 2012 Capgemini. All rights reserved. Who am I Benoit HAMET Manager – Microsoft Technologies Specialist at Capgemini MVP Office 365 http://blog.hametbenoit.info http://www.linkedin.com/in/benoithamet http://twitter.com/benoit_hamet
3Copyright © Capgemini 2013. All Rights Reserved Microsoft MVP Event Use AADRM with Office 365 | June-13 Agenda Terminology and Definition Information Protection Requirements & Approach What is Right Management and how it works? RMS in Office 365 Integration with Exchange, Office and SharePoint
4Copyright © Capgemini 2013. All Rights Reserved Microsoft MVP Event Use AADRM with Office 365 | June-13 Glossary IRM: Information Rights Management DRM: Digital Rights Management RMS: Right Management Server RMS Online (AADRM): Cloud based Right Management Service Publishing License: the license a document is published with Usage License: the license to use the document AD: Active directory ADFS: Active Directory Federation Services
5Copyright © Capgemini 2013. All Rights Reserved Microsoft MVP Event Use AADRM with Office 365 | June-13 Terminology and Definition  Protection: Encryption + Policy + Policy enforcement  Encryption: Targets securing data in transit or at rest but only until consumed  Policy: Definition of who (identity) can do what (conditions) on a protected item  Policy Enforcement: Application specific code to enforce common, standardized behaviors  Windows Azure AD Rights Management : An offering that is a part of Office 365  RMS: Right Management Services  IRM: Information Rights Management interchangeable with Rights Management  ERM/DRM: Enterprise or Digital Rights Management  Content-Aware Data Leakage Protection (DLP): Relies on „agents‟ to apply Protection (encryption + policy) to content Enterprise DRM Services Content Protection PoliciesSoftware responsible to protect content People responsible to protect content
6Copyright © Capgemini 2013. All Rights Reserved Microsoft MVP Event Use AADRM with Office 365 | June-13 Information Protection Requirements  Data is protected at the source  Modern apps save directly to „foreign storage‟ so they must encrypt before data leaves the app  Data is protected in „usable chunks‟  Use patterns are at the document level; not at the full drive level (e.g.: BitLocker)  Especially true on constrained-resource mobile devices; on shared cloud-based storage  Very strong encryption at rest is required; pretty good protection in apps is fine  Assume the data is exposed to adversaries when at rest (pre-authorization)  Presume the user is “trustworthy but possibly absent minded” (post-authorization)  Flexible model to support offline use or online authorization; ITPro decides  Per-app policies and customization(s) to increase usability (reduce friction)  Per-application optimizations (Outlook vs. Word); App Context Matters
7Copyright © Capgemini 2013. All Rights Reserved Microsoft MVP Event Use AADRM with Office 365 | June-13 Information Protection Approach  Protect files with EFS  Everyday Metaphor: Locking bike rack – useful at that particular location but nowhere else.  Once a good idea but not very useful in modern times… who has only one device?  Lock up personal data stores with BitLocker / BitLocker to Go  Everyday Metaphor: Lock on the front door of your home. Good, but once open, everyone gets in.  Great way to protect against lost laptops and other assets but not at a granular level  Rights Management on-premises, in the cloud, across „tenants‟ and to guests  Everyday Metaphor: Certified mail that, when closed, requires re-certification before reuse.  Protection for data „in the wild‟ with flexible terms-of-use, and transport agnostic  Generic file protection using „Rights Protected Folders‟  SharePoint „Secure Libraries‟  Everyday Metaphor: A well run public Library who‟s librarian actually asks to see your identity  Great way to host data that can be centralized; data that leaves is protected  Pro-active protection (aka DLP) via Exchange, FOPE, FCI, ISV offers, etc.  Everyday Metaphor: A persistent yard caretaker for your „digital landscape‟  Volunteer application of RM will only get you so far  DLP offers at strategic points does wonders! Combined, these offers give you protection of lost assets, data in repositories, data in flight (user protected or not), and IT controlled* auditing of data usage.
8Copyright © Capgemini 2013. All Rights Reserved Microsoft MVP Event Use AADRM with Office 365 | June-13 What is Rights Management? Information Protection technology  Protection is persisted with the data, content can travel anywhere (desktops, file shares, USB keys, network and devices) Combines encryption, access controls and policy expression and enforcement  Prevent the accidental disclosure of sensitive data by applying usage polices (cannot forward, cannot print, read-only) Simple to use  Authors just select a policy option, consumers just open documents  Securely share data with individuals within and outside of your organization.
9Copyright © Capgemini 2013. All Rights Reserved Microsoft MVP Event Use AADRM with Office 365 | June-13 How RMS works? Galactic Empire Confidential – You cannot copy, print or export this information in unprotected form to droids of any class. User certificates Use License Galactic Empire Confidential – You cannot copy, print or export this information in unprotected form to droids of any class. Publishing License + keys
10Copyright © Capgemini 2013. All Rights Reserved Microsoft MVP Event Use AADRM with Office 365 | June-13 AADRM in Office 365  AADRM: Azure Active Directory Rights Management AADRM is only available to Office 365 Enterprise plans Easy to setup and use Start protecting data within minutes of when you subscribe to Office 365, no on-premises infrastructure required. Integrated within Exchange Online, SharePoint Online and Office, users will use applications and services they are already familiar with today. Additional controls available in Exchange Online and SharePoint Online to meet your business requirements.
11Copyright © Capgemini 2013. All Rights Reserved Microsoft MVP Event Use AADRM with Office 365 | June-13 RMS in Office 365 Capabilities Simple mechanism to enable Rights management capabilities across applications and services. Once Rights Management is enabled, Exchange and Office integration is also enabled including IRM in Office, OWA and EAS. Provides default templates for to apply common usage rights Simple templates to restrict access to users within a company. Will assess usage policies during preview timeframe to gather feedback to add or tune policies. “Do Not Forward” and Ad-hoc Policies are also available.
Demo Enable RMS in Office 365
14Copyright © Capgemini 2013. All Rights Reserved Microsoft MVP Event Use AADRM with Office 365 | June-13 Office 2010 and 2013 Integration Information Worker  Applications are already familiar to users, just learn File, Protect, Restrict Permissions  Policy Templates available to easily apply protection  Users can create ad-hoc policy to provide an addition level of control.  Office IRM integration supports Outlook, Word, Excel, PowerPoint and InfoPath Information Control  Integrated with Exchange and SharePoint Online (more in a few minutes)  Word, Excel, PowerPoint integrated with SharePoint Document Libraries  Outlook works with Exchange IRM integrated features  Outlook 2013 is integrated with DLP and can use IRM to apply protection  Protection persisted independent of how the data is stored  Desktop, USB Drive, File Share, SkyDrive etc…
15Copyright © Capgemini 2013. All Rights Reserved Microsoft MVP Event Use AADRM with Office 365 | June-13 Exchange Online Integration Information Worker  Outlook Web App – IRM messages can be created and consumed in Outlook Web App  Exchange Active Sync – IRM messages can be consumed in EAS based clients that have enabled Rights Management including Windows Phone 7.5 and Touchdown for Android.  Supports collaboration across organizations Information Control  Journaling- Creates an unprotected copy of messages for compliance purposes  Exchange Transport Rules – Enables automatic protection of content by complementing the DLP capabilities in Exchange Online  Decryption – Can decrypt content for Malware scanning and the additions of disclaimers to messages.
16Copyright © Capgemini 2013. All Rights Reserved Microsoft MVP Event Use AADRM with Office 365 | June-13 SharePoint Online Integration Information Worker  Protection is applied when documents are downloaded from a document library, users will not observe a difference.  Provides view only capabilities for Web Access Companion Applications Information Control  Great for a centralized repository of documents. • When documents are downloaded from SharePoint protection is applied which resides with the document no matter where it goes.  Supports all IRM functionality for policy definition • Can define usage restrictions, policy renewal, and distribution groups on per document library basis.  Supports collaboration scenarios across organizations • Can set access policies to enable users from other organizations to access your document library and stay in control of your data.
Demo Integration with Exchange Online and SharePoint Online
23Copyright © Capgemini 2013. All Rights Reserved Microsoft MVP Event Use AADRM with Office 365 | June-13 Take Away Data can flow anywhere anytime  Access based control does not protect content once it has been accessed.  Rights Management provides encryption that is persisted with the content.  Enables rich policy to be associated with content to prevent accidental disclosure of content. Rights Management is now integrated within the Office 365  Does not require any additional on-premise infrastructure and takes a few minutes to configure.  Available as a part of the Office 365 Enterprise.  Deep Integration with Office 2013, SharePoint Online and Exchange Online.

Recomendados

Building an IP Reputation Engine: Tracking the Miscreants
Building an IP Reputation Engine: Tracking the MiscreantsBuilding an IP Reputation Engine: Tracking the Miscreants
Building an IP Reputation Engine: Tracking the Miscreants
AlienVault
 
Office365のID連携の機能の移り変わりについて
Office365のID連携の機能の移り変わりについてOffice365のID連携の機能の移り変わりについて
Office365のID連携の機能の移り変わりについて
Genki WATANABE
 
Ask a Malware Archaeologist
Ask a Malware ArchaeologistAsk a Malware Archaeologist
Ask a Malware Archaeologist
Michael Gough
 
Best Practices for Configuring Your OSSIM Installation
Best Practices for Configuring Your OSSIM InstallationBest Practices for Configuring Your OSSIM Installation
Best Practices for Configuring Your OSSIM Installation
AlienVault
 
2023-03 - Workplace Ninja - Migrating to a modern device management.pptx
2023-03 - Workplace Ninja - Migrating to a modern device management.pptx2023-03 - Workplace Ninja - Migrating to a modern device management.pptx
2023-03 - Workplace Ninja - Migrating to a modern device management.pptx
Benoit HAMET
 
Office 365 Saturday - Office 365 Security Best Practices
Office 365 Saturday - Office 365 Security Best PracticesOffice 365 Saturday - Office 365 Security Best Practices
Office 365 Saturday - Office 365 Security Best Practices
Benoit HAMET
 
TechDays 2012 - L’entreprise numérique: l’environnement de travail se transforme
TechDays 2012 - L’entreprise numérique: l’environnement de travail se transformeTechDays 2012 - L’entreprise numérique: l’environnement de travail se transforme
TechDays 2012 - L’entreprise numérique: l’environnement de travail se transforme
Benoit HAMET
 
TechDays 2009 - Introduction au troubleshooting de SharePoint 2007
TechDays 2009 - Introduction au troubleshooting de SharePoint 2007TechDays 2009 - Introduction au troubleshooting de SharePoint 2007
TechDays 2009 - Introduction au troubleshooting de SharePoint 2007
Benoit HAMET
 

Recomendados

Building an IP Reputation Engine: Tracking the Miscreants
Building an IP Reputation Engine: Tracking the MiscreantsBuilding an IP Reputation Engine: Tracking the Miscreants
Building an IP Reputation Engine: Tracking the Miscreants
AlienVault
 
Office365のID連携の機能の移り変わりについて
Office365のID連携の機能の移り変わりについてOffice365のID連携の機能の移り変わりについて
Office365のID連携の機能の移り変わりについて
Genki WATANABE
 
Ask a Malware Archaeologist
Ask a Malware ArchaeologistAsk a Malware Archaeologist
Ask a Malware Archaeologist
Michael Gough
 
Best Practices for Configuring Your OSSIM Installation
Best Practices for Configuring Your OSSIM InstallationBest Practices for Configuring Your OSSIM Installation
Best Practices for Configuring Your OSSIM Installation
AlienVault
 
2023-03 - Workplace Ninja - Migrating to a modern device management.pptx
2023-03 - Workplace Ninja - Migrating to a modern device management.pptx2023-03 - Workplace Ninja - Migrating to a modern device management.pptx
2023-03 - Workplace Ninja - Migrating to a modern device management.pptx
Benoit HAMET
 
Office 365 Saturday - Office 365 Security Best Practices
Office 365 Saturday - Office 365 Security Best PracticesOffice 365 Saturday - Office 365 Security Best Practices
Office 365 Saturday - Office 365 Security Best Practices
Benoit HAMET
 
TechDays 2012 - L’entreprise numérique: l’environnement de travail se transforme
TechDays 2012 - L’entreprise numérique: l’environnement de travail se transformeTechDays 2012 - L’entreprise numérique: l’environnement de travail se transforme
TechDays 2012 - L’entreprise numérique: l’environnement de travail se transforme
Benoit HAMET
 
TechDays 2009 - Introduction au troubleshooting de SharePoint 2007
TechDays 2009 - Introduction au troubleshooting de SharePoint 2007TechDays 2009 - Introduction au troubleshooting de SharePoint 2007
TechDays 2009 - Introduction au troubleshooting de SharePoint 2007
Benoit HAMET
 
TechDays 2011 - Préparation à la migration Lotus Notes vers SharePoint
TechDays 2011 - Préparation à la migration Lotus Notes vers SharePointTechDays 2011 - Préparation à la migration Lotus Notes vers SharePoint
TechDays 2011 - Préparation à la migration Lotus Notes vers SharePoint
Benoit HAMET
 
TechDays 2011 - Publier SharePoint 2010 sur internet de manière sécurisée
TechDays 2011 - Publier SharePoint 2010 sur internet de manière sécuriséeTechDays 2011 - Publier SharePoint 2010 sur internet de manière sécurisée
TechDays 2011 - Publier SharePoint 2010 sur internet de manière sécurisée
Benoit HAMET
 
Nouveautés dans l'administration de SharePoint 2010
Nouveautés dans l'administration de SharePoint 2010Nouveautés dans l'administration de SharePoint 2010
Nouveautés dans l'administration de SharePoint 2010
Benoit HAMET
 
Préparer la migration vers SharePoint 2010
Préparer la migration vers SharePoint 2010Préparer la migration vers SharePoint 2010
Préparer la migration vers SharePoint 2010
Benoit HAMET
 
Publication de SharePoint
Publication de SharePointPublication de SharePoint
Publication de SharePoint
Benoit HAMET
 
Quest IT Performance Day 2010 - Gouvernance SharePoint
Quest IT Performance Day 2010 - Gouvernance SharePointQuest IT Performance Day 2010 - Gouvernance SharePoint
Quest IT Performance Day 2010 - Gouvernance SharePoint
Benoit HAMET
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
Results
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
Pixlogix Infotech
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
Khem
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
Michael W. Hawkins
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
Antenna Manufacturer Coco
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
debabhi2
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
RTylerCroy
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
Gabriella Davis
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
The Digital Insurer
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Katpro Technologies
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
praypatel2
 

Mais conteúdo relacionado

Mais de Benoit HAMET

TechDays 2011 - Préparation à la migration Lotus Notes vers SharePoint
TechDays 2011 - Préparation à la migration Lotus Notes vers SharePointTechDays 2011 - Préparation à la migration Lotus Notes vers SharePoint
TechDays 2011 - Préparation à la migration Lotus Notes vers SharePoint
Benoit HAMET
 
TechDays 2011 - Publier SharePoint 2010 sur internet de manière sécurisée
TechDays 2011 - Publier SharePoint 2010 sur internet de manière sécuriséeTechDays 2011 - Publier SharePoint 2010 sur internet de manière sécurisée
TechDays 2011 - Publier SharePoint 2010 sur internet de manière sécurisée
Benoit HAMET
 
Préparer la migration vers SharePoint 2010
Préparer la migration vers SharePoint 2010Préparer la migration vers SharePoint 2010
Préparer la migration vers SharePoint 2010
Benoit HAMET
 
Publication de SharePoint
Publication de SharePointPublication de SharePoint
Publication de SharePoint
Benoit HAMET
 

Mais de Benoit HAMET (6)

TechDays 2011 - Préparation à la migration Lotus Notes vers SharePoint
TechDays 2011 - Préparation à la migration Lotus Notes vers SharePointTechDays 2011 - Préparation à la migration Lotus Notes vers SharePoint
TechDays 2011 - Préparation à la migration Lotus Notes vers SharePoint
 
TechDays 2011 - Publier SharePoint 2010 sur internet de manière sécurisée
TechDays 2011 - Publier SharePoint 2010 sur internet de manière sécuriséeTechDays 2011 - Publier SharePoint 2010 sur internet de manière sécurisée
TechDays 2011 - Publier SharePoint 2010 sur internet de manière sécurisée
 
Nouveautés dans l'administration de SharePoint 2010
Nouveautés dans l'administration de SharePoint 2010Nouveautés dans l'administration de SharePoint 2010
Nouveautés dans l'administration de SharePoint 2010
 
Préparer la migration vers SharePoint 2010
Préparer la migration vers SharePoint 2010Préparer la migration vers SharePoint 2010
Préparer la migration vers SharePoint 2010
 
Publication de SharePoint
Publication de SharePointPublication de SharePoint
Publication de SharePoint
 
Quest IT Performance Day 2010 - Gouvernance SharePoint
Quest IT Performance Day 2010 - Gouvernance SharePointQuest IT Performance Day 2010 - Gouvernance SharePoint
Quest IT Performance Day 2010 - Gouvernance SharePoint
 

Último

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
Earley Information Science
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
 

Último (20)

A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 

Use AADRM (Right Management Services) with Office 365

  • 1. Use ADDRM with Office 365 Benoit HAMET Sydney, June 5th 2013 Microsoft MVP June 2013 Event This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License.
  • 2. The information contained in this presentation is proprietary. © 2012 Capgemini. All rights reserved. Who am I Benoit HAMET Manager – Microsoft Technologies Specialist at Capgemini MVP Office 365 http://blog.hametbenoit.info http://www.linkedin.com/in/benoithamet http://twitter.com/benoit_hamet
  • 3. 3Copyright © Capgemini 2013. All Rights Reserved Microsoft MVP Event Use AADRM with Office 365 | June-13 Agenda Terminology and Definition Information Protection Requirements & Approach What is Right Management and how it works? RMS in Office 365 Integration with Exchange, Office and SharePoint
  • 4. 4Copyright © Capgemini 2013. All Rights Reserved Microsoft MVP Event Use AADRM with Office 365 | June-13 Glossary IRM: Information Rights Management DRM: Digital Rights Management RMS: Right Management Server RMS Online (AADRM): Cloud based Right Management Service Publishing License: the license a document is published with Usage License: the license to use the document AD: Active directory ADFS: Active Directory Federation Services
  • 5. 5Copyright © Capgemini 2013. All Rights Reserved Microsoft MVP Event Use AADRM with Office 365 | June-13 Terminology and Definition  Protection: Encryption + Policy + Policy enforcement  Encryption: Targets securing data in transit or at rest but only until consumed  Policy: Definition of who (identity) can do what (conditions) on a protected item  Policy Enforcement: Application specific code to enforce common, standardized behaviors  Windows Azure AD Rights Management : An offering that is a part of Office 365  RMS: Right Management Services  IRM: Information Rights Management interchangeable with Rights Management  ERM/DRM: Enterprise or Digital Rights Management  Content-Aware Data Leakage Protection (DLP): Relies on „agents‟ to apply Protection (encryption + policy) to content Enterprise DRM Services Content Protection PoliciesSoftware responsible to protect content People responsible to protect content
  • 6. 6Copyright © Capgemini 2013. All Rights Reserved Microsoft MVP Event Use AADRM with Office 365 | June-13 Information Protection Requirements  Data is protected at the source  Modern apps save directly to „foreign storage‟ so they must encrypt before data leaves the app  Data is protected in „usable chunks‟  Use patterns are at the document level; not at the full drive level (e.g.: BitLocker)  Especially true on constrained-resource mobile devices; on shared cloud-based storage  Very strong encryption at rest is required; pretty good protection in apps is fine  Assume the data is exposed to adversaries when at rest (pre-authorization)  Presume the user is “trustworthy but possibly absent minded” (post-authorization)  Flexible model to support offline use or online authorization; ITPro decides  Per-app policies and customization(s) to increase usability (reduce friction)  Per-application optimizations (Outlook vs. Word); App Context Matters
  • 7. 7Copyright © Capgemini 2013. All Rights Reserved Microsoft MVP Event Use AADRM with Office 365 | June-13 Information Protection Approach  Protect files with EFS  Everyday Metaphor: Locking bike rack – useful at that particular location but nowhere else.  Once a good idea but not very useful in modern times… who has only one device?  Lock up personal data stores with BitLocker / BitLocker to Go  Everyday Metaphor: Lock on the front door of your home. Good, but once open, everyone gets in.  Great way to protect against lost laptops and other assets but not at a granular level  Rights Management on-premises, in the cloud, across „tenants‟ and to guests  Everyday Metaphor: Certified mail that, when closed, requires re-certification before reuse.  Protection for data „in the wild‟ with flexible terms-of-use, and transport agnostic  Generic file protection using „Rights Protected Folders‟  SharePoint „Secure Libraries‟  Everyday Metaphor: A well run public Library who‟s librarian actually asks to see your identity  Great way to host data that can be centralized; data that leaves is protected  Pro-active protection (aka DLP) via Exchange, FOPE, FCI, ISV offers, etc.  Everyday Metaphor: A persistent yard caretaker for your „digital landscape‟  Volunteer application of RM will only get you so far  DLP offers at strategic points does wonders! Combined, these offers give you protection of lost assets, data in repositories, data in flight (user protected or not), and IT controlled* auditing of data usage.
  • 8. 8Copyright © Capgemini 2013. All Rights Reserved Microsoft MVP Event Use AADRM with Office 365 | June-13 What is Rights Management? Information Protection technology  Protection is persisted with the data, content can travel anywhere (desktops, file shares, USB keys, network and devices) Combines encryption, access controls and policy expression and enforcement  Prevent the accidental disclosure of sensitive data by applying usage polices (cannot forward, cannot print, read-only) Simple to use  Authors just select a policy option, consumers just open documents  Securely share data with individuals within and outside of your organization.
  • 9. 9Copyright © Capgemini 2013. All Rights Reserved Microsoft MVP Event Use AADRM with Office 365 | June-13 How RMS works? Galactic Empire Confidential – You cannot copy, print or export this information in unprotected form to droids of any class. User certificates Use License Galactic Empire Confidential – You cannot copy, print or export this information in unprotected form to droids of any class. Publishing License + keys
  • 10. 10Copyright © Capgemini 2013. All Rights Reserved Microsoft MVP Event Use AADRM with Office 365 | June-13 AADRM in Office 365  AADRM: Azure Active Directory Rights Management AADRM is only available to Office 365 Enterprise plans Easy to setup and use Start protecting data within minutes of when you subscribe to Office 365, no on-premises infrastructure required. Integrated within Exchange Online, SharePoint Online and Office, users will use applications and services they are already familiar with today. Additional controls available in Exchange Online and SharePoint Online to meet your business requirements.
  • 11. 11Copyright © Capgemini 2013. All Rights Reserved Microsoft MVP Event Use AADRM with Office 365 | June-13 RMS in Office 365 Capabilities Simple mechanism to enable Rights management capabilities across applications and services. Once Rights Management is enabled, Exchange and Office integration is also enabled including IRM in Office, OWA and EAS. Provides default templates for to apply common usage rights Simple templates to restrict access to users within a company. Will assess usage policies during preview timeframe to gather feedback to add or tune policies. “Do Not Forward” and Ad-hoc Policies are also available.
  • 12. Demo Enable RMS in Office 365
  • 13. 14Copyright © Capgemini 2013. All Rights Reserved Microsoft MVP Event Use AADRM with Office 365 | June-13 Office 2010 and 2013 Integration Information Worker  Applications are already familiar to users, just learn File, Protect, Restrict Permissions  Policy Templates available to easily apply protection  Users can create ad-hoc policy to provide an addition level of control.  Office IRM integration supports Outlook, Word, Excel, PowerPoint and InfoPath Information Control  Integrated with Exchange and SharePoint Online (more in a few minutes)  Word, Excel, PowerPoint integrated with SharePoint Document Libraries  Outlook works with Exchange IRM integrated features  Outlook 2013 is integrated with DLP and can use IRM to apply protection  Protection persisted independent of how the data is stored  Desktop, USB Drive, File Share, SkyDrive etc…
  • 14. 15Copyright © Capgemini 2013. All Rights Reserved Microsoft MVP Event Use AADRM with Office 365 | June-13 Exchange Online Integration Information Worker  Outlook Web App – IRM messages can be created and consumed in Outlook Web App  Exchange Active Sync – IRM messages can be consumed in EAS based clients that have enabled Rights Management including Windows Phone 7.5 and Touchdown for Android.  Supports collaboration across organizations Information Control  Journaling- Creates an unprotected copy of messages for compliance purposes  Exchange Transport Rules – Enables automatic protection of content by complementing the DLP capabilities in Exchange Online  Decryption – Can decrypt content for Malware scanning and the additions of disclaimers to messages.
  • 15. 16Copyright © Capgemini 2013. All Rights Reserved Microsoft MVP Event Use AADRM with Office 365 | June-13 SharePoint Online Integration Information Worker  Protection is applied when documents are downloaded from a document library, users will not observe a difference.  Provides view only capabilities for Web Access Companion Applications Information Control  Great for a centralized repository of documents. • When documents are downloaded from SharePoint protection is applied which resides with the document no matter where it goes.  Supports all IRM functionality for policy definition • Can define usage restrictions, policy renewal, and distribution groups on per document library basis.  Supports collaboration scenarios across organizations • Can set access policies to enable users from other organizations to access your document library and stay in control of your data.
  • 16. Demo Integration with Exchange Online and SharePoint Online
  • 17. 23Copyright © Capgemini 2013. All Rights Reserved Microsoft MVP Event Use AADRM with Office 365 | June-13 Take Away Data can flow anywhere anytime  Access based control does not protect content once it has been accessed.  Rights Management provides encryption that is persisted with the content.  Enables rich policy to be associated with content to prevent accidental disclosure of content. Rights Management is now integrated within the Office 365  Does not require any additional on-premise infrastructure and takes a few minutes to configure.  Available as a part of the Office 365 Enterprise.  Deep Integration with Office 2013, SharePoint Online and Exchange Online.