If your business has legal, regulatory, and technical standards to meet for content security and data use, you're in the right place. You can also use Office 365 security and compliance features if your business has specific security requirements for controlling sensitive information. In this section, you can also find out how Office 365 uses encryption and other security technologies to protect your data.
4. Exchange Online
Protection
Preventing signature-
based malware
Advanced Threat
Protection
Preventing exposure to
“unknown” threats
Advanced Security
Management
Understanding
user behavior to
customize policies
Threat
Intelligence
Developing proactive
cybersecurity strategy
5. Office 365 Advanced Threat Protection
Protect against sophisticated threats
Protection against unknown
malware/viruses
• Behavioral analysis with
machine learning
• Admin alerts
Time-of-click protection
• Real-time protection
against malicious URLs
• Growing URL coverage
Rich reporting and tracing
• Built-in URL trace
• Built-in Message Trace
• Reports for advanced threats
6. Multiple features, maximum security
Safe Links
Provides time-of-click
malicious URL detection
Safe Attachments
Protect against
malicious attachments
URL Detonation
Scan files that are linked in
email via URLs to websites
7. Safe Attachments
Protects against zero-day exploits in email attachments.
Provides visibility into compromised users for administrators.
Leverages sandboxing technology.
IP +
envelope
filter
Signature-
based AV
Blocking
known
exploits
EOP user without
Office 365 ATP
EOP user with
Office 365 ATP
Anti-spam
filter
8. Admin sets policy
Safe Attachments: Policy and notification
Admin gets notification
if message is blocked
9.
10. Protects against phishing and sites with malicious content.
Provides visibility into compromised users for administrators.
Rewrites all URLs to proxy through an EOP server.
Safe Links
IP +
envelope
filter
Signature-
based AV
Blocking
known
exploits
EOP user without
Office 365 ATP
EOP user with
Office 365 ATP
Anti-spam
filter
http://www.
Web servers
perform latest URL
reputation check
User clicking URL is
taken to EOP web
servers for the
latest check at the
“time-of-click”
Rewriting URLs
to redirect to a
web server
12. URL Detonation
Zero-day protection from
malicious links
Perform real-time behavioral
malware analysis in a sandbox
environment against malicious
files at destination URLs.
14. What’s next?
ATP Beyond Email
ATP protection in SharePoint Online, OneDrive for Business, Skype for
Business and Windows endpoints.
ATP Enhanced Reporting
Provides visibility into the threats that ATP stops and why ATP viewed
something as a threat. Helps set up the appropriate security measures
to make the organization more proactive with cyber-defense.
Enhanced Anti-Phish Capabilities
New Machine Learning algorithms to strengthen anti-phishing.
Document Preview
Ability to view any attachment while the attachment is being scanned
by ATP.
Per-tenant Block List
Customized block list of URLs that are of greatest concern to your
tenant.
15. Threat intelligence is
evidence-based knowledge,
including context,
mechanisms, indicators,
implications. and actionable
advice, about an existing or
emerging menace or hazard
to assets that can be used to
inform decisions regarding
the subject's response to
that menace or hazard.
– Gartner
Mail
Metadata
Malware
Phish
Spoof
Activity
Audit activities
Click trace
TI Sources
GeoIP
Threat indicators
DLP hits
Machine
infections
Information
Insight/Analysis
What is threat intelligence?
17. What type of attack to launch…
Who to target in attacks…
When to launch an attack…
Hackers How often to attack…
What type of attacks are happening…
Who is attacking them…
When attackers strike…
Analysts
How often do attacks occur…
A hacker’s advantage is preparation & knowledge
22. 50%
year over year
growth rate in
electronic data
45%
of orgs state lack of
governance opens
them to security &
compliance risks
41%
of orgs state enforcing
a governance policy is
their biggest issue
Achieving organizational compliance is challenging
“My data is
scattered across
sources and the
data continues to
grow”
“I can’t apply
unified policies
across various
data sources or
to a specific
repository .”
“When enforcing
compliance our
business users’
productivity is
disrupted.”
23. Compliance vision
Productivity first
Educate and empower end users to be compliant
without affecting productivity
In-place
Deliver rich, low cost compliance via built in features
Suite wide
Easily apply compliance controls and access reports
via a consistent UX across Office 365 workloads
24. Office 365 In-place Compliance Solutions
Meeting organizational data compliance needs
Preserve vital data
Organization needs
Find relevant data Monitor activity
Data Governance
Import, store, preserve and expire data
eDiscovery
Quickly identify the most relevant data
Auditing
Monitor and investigate actions taken on data
Security & Compliance Center
Manage compliance for all your data across Office 365
26. 2
6
Traditional Data Governance
Challenges
Point in time data
Captures data at a point in time which miss any edits in place
or from transport agents in flight
Increased risks
Content may be compromised moving from one
environment to another
Increased time
Waiting for indexing increases time required to find relevant
data
Increased costs
Having a separate copy of the data being stored significantly
increases costs
No service wide insights
Unable to leverage service wide machine learning to draw
correlations between the data
Exchange Data Outsourced Data Journaling
Third party
outsourced
journaling
Many organizations transfer data to a third party hosted archiving service which has challenges
27. 2
7
In-Place Office 365 Data Governance
Office 365 In-Place Data Governance
Benefits of In-Place Office over Journaling
Location, query or policy based
Apply preservation to mailbox or SharePoint site, apply a
query to hold less content, or use preservation policies
Higher fidelity and lower costs
Content stays in Exchange and SharePoint, which results in
lower storage costs, and higher fidelity data
No impact to users
Seamlessly create, edit, and delete without knowing
data is being preserved
Reduce risk
Data is not duplicated to another provider or compliance
boundary. Record all actions taken on the data
Insights
Insights to enable you to keep what’s important, delete
what’s not, and to share according to policy
Data stays in-place and does not need to be continually transferred out of Office 365 providing benefits
28. 2
8
Ingestion of data outside Office 365 In-Place data creation, retention and archiving In-Place eDiscovery
Auditing
Export
Office 365 Compliance Data Lifecycle
29. Retention policies
Unified Retention and Disposition Policy for workloads in Office 365
Records management
End user classification in Outlook, SharePoint, OneDrive and Groups. Manual
review and disposition, reporting and permissions
SEC 17A-4 compliant
SEC 17A-4 whitepaper covering SharePoint, OneDrive, Groups, Skype,
Preservation Lock, immutability, Supervisory Review
Import
Drive Shipping, Network Upload and 3rd Party Data Ingestion (Facebook,
Twitter, Bloomberg) through partners to provide cross platform compliance
and governance
Security and Compliance Center
Office 365 experience to bring together all compliance and security experiences
Data Governance:
Core Capabilities