John attended an invitation-only Microsoft event focused on cloud security and compliance. Sobering statistics on cyber attack trends and a vast array of topics you can’t afford to ignore when it comes to protecting your company’s brand and assets. We’ll recap.
Microsoft Cloud event: Transparency and Trust, a Security and Legal summit
Hosted in Cleveland at Microsoft office on March 12, 2015
- Cyber Security and Cloud Trends, WW Chief Security Advisor Tim Rains
- How Microsoft Asst General Counsel uses Office365, Dennis Garcia
- Azure Tech Specialist Delbert Murphy on how Microsoft Cloud is secured
- MS-IT Principal Program Manager Maya Davis on Azure Adoption
- panel and lunch
- 6B Bing queries/month, 2.4M emails/day for Hosted Exchange, for 400M accounts on Outlook.com, 250M active OneDrive users, 48M Xbox accounts, 50B minutes/month of Skype, 90 markets ww
- MSFT adopt cloud privacy standard ISO/IEC 27018
- Independently verified. See Trust Center
- 243 DAYS to detect intrusion
- Daily Breach costs are up 15%YoY to $3.5M/day
- CEO scale problem now, at $3T lost productivity and growth
- complexity: on-prem+cloud+hybrid at remote+at work+at home with work devices+personal devices+social media channels
Forensics Lab: taking the fight to the cyber criminals (gov collab to take down botnets)
- staffed with 100 people
- learnings go into products
- unique to Microsoft
- Data Breach Calculator
Legal Best Practices
Pre-contract framework of Transparency, Protect, Comply, Control
- Transparency: who are the subs, who easy is an audit reports, DC pinning
- Protect: who is the privacy regulator that validates, Batman clause (cybercrime fighting ability)
- Comply: ISO 27001 and 27018; HIPAA and BAA; FISMA; FERPA; CJIS
- Control: your data ownership; what of 3rd party requests; law enforcement requests and reporting; sue others to protect YOU; (in1H2014, 5 Enterprise Customer requests from Law for 5 users were either rejected or redirected to the actual customer) (Ireland DC for US citizen is in court)
- Security of hard drives: Hotel California policy (never leave: shredded)
- Defense in Depth: physical, network, Host Security, app sec, data sec;
- IAM, configuration and vulnerability scanning, 24/7/365 Incident response
- SEE US AT MICROSOFT IGNITE in Chicago May 3-8!
[box style=”quote”]Help Us Spread the Word!
Please let your Twitter followers know about this podcast. Simply click here now to post a tweet.
If you enjoyed this episode of IT Pro Show, please head over to iTunes, leave a rating, write a review and subscribe.
Subscribe to the ITPS podcast. It’s absolutely free!
- Subscribe with iTunes
- Subscribe with RSS (for Android and other non-iTunes)
- Subscribe with Stitcher Radio
- Subscribe with TuneIn Radio