SlideShare a Scribd company logo
Office 365 Seguro? Sym, Cloud!
Luis Souza Lucas Romaris André de Oliveira
Channel SE Systems Engineer Advanced Support
Acerca de Nuestros Presentadores
Copyright © 2015 Symantec Corporation
LUIS SOUZA
Engenheiro de Pré-vendas, trabalha há 8 anos na Symantec e já atuou em
clientes de Large Enterprise do segmento Financeiro. Hoje é responsável pela
área técnica da área de Canais focado em Segurança da Informação.
ANDRÉ DE OLIVEIRA
Profissional com mais de 15 anos de experiência em Tecnologia da Informação e
há 8 anos trabalhando com Segurança para Endpoint e Messaging na Symantec.
Formado no Mackenzie em Ciências da Computação e Pós Graduado no IPT/USP
em Gestão de Projetos. Atualmente trabalha com foco em suporte avançado a
clientes BCS.
LUCAS ROMARIS
Formado em análise e desenvolvimento de sistemas, trabalha há 6 anos na
Symantec, atuando nas áreas de pré-vendas e consultoria. Atualmente exerce
a função de engenheiro de sistemas com foco em Compliance, Análise de
Vulnerabilidades, e Prevenção contra perda de dados confidenciais.
Agenda
Copyright © 2014 Symantec Corporation
3
1 Estratégia de Segurança da Symantec
2 VIP & SAM for Office 365
3 DLP for Office 365
4 Email Security.cloud
5 Q&A
Segurança Corporativa| Estratégia de Produtos e Serviços
4
Threat Protection
ENDPOINTS DATA CENTER GATEWAYS
• Advanced Threat Protection através de todos os pontos de controle
• Forense e Remediação embutida em cada ponto de controle
• Proteção integrada para Workloads: On-Premise, Virtual e Cloud
• Gestão baseada em nuvem para Endpoints, Datacenter e Gateways
Unified Security Analytics Platform
Coleta de Logs
e Telemetria
Gestão Unificadas
de Incidentes e
Customer Hub
Integrações com
Terceitos e Inteligência
Benchmarking
Regional e por
Segmento
Análise Integrada
de Comportamento
e Ameaças
Information Protection
DADOS IDENTIDADES
• Proteção integrada para Dados e Identidades
• Cloud Security Broker para Apps Móveis e em Nuvem
• Análise de comportamento dos usuários
• Gestão de Chaves e Criptografia em Nuvem
Users
Data
Apps
Cloud
Endpoints
Gateways
Data
Center
Cyber Security Services
Monitoramento, Resposta a Incidentes, Simulação, Inteligência conta Ameaças e Adversários
Copyright © 2015 Symantec Corporation
UNRIVALED SECURITY WITH UNIQUE VISIBLITY
175M
endpoints
57M attack sensors in 157
countries
182M web attacks blocked last
year
3.7T
rows of telemetry
30% of world’s enterprise email traffic
scanned/day
9
threat response centers
5
Symantec has Unique Visibility into Today’s Threat Landscape
Symantec Endpoint Protection 12.1
Copyright © 2014 Symantec Corporation
6
O365 tem a segurança necessária para os ataques de hoje?
7
https://www.cogmotive.com/blog/office-365-tips/vulnerability-in-office-365-allows-unauthorised-administrator-access
http://www.tripwire.com/state-of-security/latest-security-news/office-365-vulnerability-allowed-unauthorized-administrator-access/
Ataques em ambientes Cloud
8
Pontos de atenção para O365
Pare de ignorar a
necessidade de SSO e
autenticação com
duplo fator
Diminuir ao máximo
vazamento de
informação buscando
novas formas de
identificação.
APT – Ataques
direcionados estão
entre as formas mais
efetivas de ataque
usando as 3 camadas
“Email, network e
Endpoints”
Email é o #1 “Porta”de
ataques direcionados.
5 de 6 empresas
grandes (83%) foram
alvo de campanhas de
spear phishing no
ultimo ano.
9
Cloud Security for Office 365
Copyright © 2015 Symantec Corporation 10
User AuthenticationData
Protection
Threat
Protection
Admins and UsersSensitive DataEmail
Cloud Security for Office 365 – Symantec
Copyright © 2015 Symantec Corporation 11
SAM VIP
External Mail
Strong Authentication with Single Sign On
Threat Protection, Encryption, Data Protection
Admins and Users
Cloud Security for Office 365 – Symantec ( VIP + SAM)
Copyright © 2015 Symantec Corporation 12
SAM VIP
Strong Authentication with Single Sign On
Admins and Users
Symantec Identity Access Manager
14
A New Cloud Protection Platform
15
Identity-based Access
Control
Single Sign-on with Strong
Authentication
Public and private cloud
applications
User Directory
Symantec Identity Access Manager
16
User Management
• Embedded virtual user directory
• Self-Service registration, profile management, password reset
• Use credential at SSO Portal to access Web applications
Access Management
• Policies based on user’s identity and session context
• VIP, RSA and User certificate integration
• Rich access audit logs
Single Sign On with Strong Authentication
• SSO to any web application
• Federation: SAML and HTTP-Fed
• Plug-in for internal applications and consumer sites
• Extensive built-in app catalog
How SAM Works
17
SAM
Gateway
IDP, IWA, mPKI
Any User Store
LDAP RDBMS
Layered Protection
2F Authentication
(VIP, mPKI, RSA)
Admin Console
Compliance
Identity & Context based
access control
1
6
54
3
2
Flexible Deployments – SAM Architecture
18
Hosted Service On Premise Solution
Mobile User
Consumer Portal,
Business Partner
Extranet
Corporate Network
User
Enterprise
SAM Gateway
Mobile User
Consumer Portal,
Business Partner
Extranet
Corporate Network User
Enterprise
SAM Gateway
1
2
1
2
SAM ID Bridge
User Friendly – Login Anywhere, Anytime
19
Symantec VIP – Validation and Identity Protection
20
CLOUD SECURITY PUTS A GREATER EMPHASIS ON IDENTITY
CLOUD AND MOBILE HAVE CHANGED THE SECURITY PARADYME
Copyright © 2015 Symantec Corporation
21
• Corporate Data (Box)
• Employee Data (Workday)
• Customer Data (Salesforce)
IDENTITYFor cloud apps the first layer of
protection – sometimes the only
layer is the PASSWORD
A PASSWORD IS NOT AN EFFECTIVE WAY TO SECURE IDENTITY
• 77% of passwords are in a 1000 word dictionary
• Contextual risk: In network vs unmanaged device on public network
• Risky password tricks – like password reuse (26 password protected accounts and 5 passwords)
Passwords are
Vulnerable
• Password resets #1 support call - 30% of calls are password related
• $70 estimated average to reset password - Billions of dollars annually
• 62% of organizations see SaaS apps as a better way to support their mobile/remote workers =
more passwords and a growing cost
Passwords are Costly
• Credential entry is a huge challenge with mobile devices
• Failed logins and account lockouts are common occurrences
Passwords are Complex
Copyright © 2015 Symantec Corporation
22
Trusted Access and
Authentication only
from Symantec
CONTROL, CONVENIENCE, CONFIDENCE WITH VIP EVERYWHERE
FOR THE ENTERPRISE AND THE CLOUD
Copyright © 2015 Symantec Corporation 23
Enterprise
Gateway (on-
premise apps)
Symantec
Access
Manager
(web apps)
WE SIMPLIFY ACCESS TO CLOUD APPLICATIONS
IDENTITY ACCESS MANAGER, VIP PUSH, ONE PASSWORD
Copyright © 2015 Symantec Corporation
24
• First layer of security: Single sign-on
portal to all cloud-based apps
provides access anytime, anywhere
WITH ONE PASSWORD
 VIP Access Push adds another layer
of security – one tap, no 6-digit
code.
 Identity and context-based policies
authorize access to only the apps a
user needs to do his/her job.
DATA LOSS PREVENTION
Protegendo sua informação e reputação
26
Cloud Security + DLP for Office 365 Architecture
DLP Cloud Prevent
DLP Enforce
External Mail
Strong Authentication with Single Sign On
Threat Protection and Encryption
Protect Confidential Data
Inbound
Admins and Users
SAM VIP
Symantec Data Loss Prevention Customer Presentation
27
You don’t own the app
You don’t own the infrastructure
You can’s say “no”
Cloud
Your security slows me down
I expect an insanely great user
experience
Mobile
You don’t own the device
You can’t lock my device down
I will use the device and app I want
BYOD
Cloud & Mobile
Create new information protection risks
and challenges
Company Information
Intellectual Property
HR Records
Internal Auditing
M&A and Strategy
Customer Information
Credit Card Info
Medical Records
SSNs and Government IDs
Financials
Protects
Your most important, high-value data
Copyright © 2015 Symantec Corporation
29
Protect Data
In the cloud
Symantec DLP
FOR CLOUD STORAGE
Symantec DLP Cloud Service
FOR EMAIL
Symantec DLP Cloud Prevent
FOR MICROSOFT OFFICE 365
Single, convenient cloud-based
email protection solution
Stop malware, spam and
malicious links
Protect against data breaches
Combines industry-leading email
security and DLP
30
Protect cloud data
In Office 365 and Gmail
Be Aware Webinar – Office 365 Seguro? Sym, Cloud!
Be Aware Webinar – Office 365 Seguro? Sym, Cloud!
Cloud Security + Email Security.cloud + ATP for Office 365 Architecture
Copyright © 2015 Symantec Corporation 33
SAM VIP
External Mail
Strong Authentication with Single Sign On
Threat Protection, Encryption, Data Protection
SEPMATPSymantec GIN
Advanced Persistent Threat Detection
Admins and Users
Cohesive and Unified Protection
Cohesive and Unified Protection
Camadas Inteligentes de Segurança
Análise Avançada de Mensagens Skeptic
Detects anomalies
Intelligence gathered through
detailed code analysis
Attack intelligence processed
and shared in real-time to
protect all Symantec customers
Análise dos Links em Tempo Real
Intelligent real-time link
following
Analyzes content in real-
time
Stops emails with bad links
from being delivered
No detectable delivery
latency
Policy-Based Data Loss Prevention
GLBA HIPAA
PCI ITAR
Policy-Based Encryption
Console Unificada de Gerenciamento
Performance & SLA`s
Target
Actual Performance
Antispam
Effectiveness
Antispam
Accuracy
Antivirus
Accuracy
Email Service
Availability
Over 99%
No more than
.0003%
No more than
.0001%
100% 100% 100% 100% 100% 100% 100%
November
2014
December
2014
January
2015
February
2015
March
2015
April
2015
99.999974% 99.999982% 99.999981% 99.999980% 99.999975% 99.999979%
0.000010% 0.000008% 0.000009% 0.000011% 0.000015% 0.000015%
0.000002% 0.000002% 0.000002% 0.000002% 0.000001% 0.000001%
Office 365 Inbound Email Flow
Copyright © 2015 Symantec Corporation
42
Connection Manager
Spam Blocklist
Spoofed Sender Detection
Malware Scanning
Skeptic™ AS & AV
ATP Synapse™
Office 365
Office 365 Outbound Email Flow
Copyright © 2015 Symantec Corporation
43
Office 365 Exchange
Data Protection
Threat Protection
Encryption
Perguntas do Chat
Copyright © 2015 Symantec Corporation
44
SymantecMarketing_BR@symantec.com
Próximo Webinar
Copyright © 2014 Symantec Corporation
45
Eliminando os
Passwords
Para mais informação
@SymantecBR
https://www.facebook.com/SymantecBrasil
SymantecMarketing_BR@symantec.com
Thank you!
Copyright © 2015 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be
trademarks of their respective owners.
This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by
law. The information in this document is subject to change without notice.
Obrigado!

More Related Content

Be Aware Webinar – Office 365 Seguro? Sym, Cloud!

  • 1. Office 365 Seguro? Sym, Cloud! Luis Souza Lucas Romaris André de Oliveira Channel SE Systems Engineer Advanced Support
  • 2. Acerca de Nuestros Presentadores Copyright © 2015 Symantec Corporation LUIS SOUZA Engenheiro de Pré-vendas, trabalha há 8 anos na Symantec e já atuou em clientes de Large Enterprise do segmento Financeiro. Hoje é responsável pela área técnica da área de Canais focado em Segurança da Informação. ANDRÉ DE OLIVEIRA Profissional com mais de 15 anos de experiência em Tecnologia da Informação e há 8 anos trabalhando com Segurança para Endpoint e Messaging na Symantec. Formado no Mackenzie em Ciências da Computação e Pós Graduado no IPT/USP em Gestão de Projetos. Atualmente trabalha com foco em suporte avançado a clientes BCS. LUCAS ROMARIS Formado em análise e desenvolvimento de sistemas, trabalha há 6 anos na Symantec, atuando nas áreas de pré-vendas e consultoria. Atualmente exerce a função de engenheiro de sistemas com foco em Compliance, Análise de Vulnerabilidades, e Prevenção contra perda de dados confidenciais.
  • 3. Agenda Copyright © 2014 Symantec Corporation 3 1 Estratégia de Segurança da Symantec 2 VIP & SAM for Office 365 3 DLP for Office 365 4 Email Security.cloud 5 Q&A
  • 4. Segurança Corporativa| Estratégia de Produtos e Serviços 4 Threat Protection ENDPOINTS DATA CENTER GATEWAYS • Advanced Threat Protection através de todos os pontos de controle • Forense e Remediação embutida em cada ponto de controle • Proteção integrada para Workloads: On-Premise, Virtual e Cloud • Gestão baseada em nuvem para Endpoints, Datacenter e Gateways Unified Security Analytics Platform Coleta de Logs e Telemetria Gestão Unificadas de Incidentes e Customer Hub Integrações com Terceitos e Inteligência Benchmarking Regional e por Segmento Análise Integrada de Comportamento e Ameaças Information Protection DADOS IDENTIDADES • Proteção integrada para Dados e Identidades • Cloud Security Broker para Apps Móveis e em Nuvem • Análise de comportamento dos usuários • Gestão de Chaves e Criptografia em Nuvem Users Data Apps Cloud Endpoints Gateways Data Center Cyber Security Services Monitoramento, Resposta a Incidentes, Simulação, Inteligência conta Ameaças e Adversários Copyright © 2015 Symantec Corporation
  • 5. UNRIVALED SECURITY WITH UNIQUE VISIBLITY 175M endpoints 57M attack sensors in 157 countries 182M web attacks blocked last year 3.7T rows of telemetry 30% of world’s enterprise email traffic scanned/day 9 threat response centers 5 Symantec has Unique Visibility into Today’s Threat Landscape Symantec Endpoint Protection 12.1
  • 6. Copyright © 2014 Symantec Corporation 6
  • 7. O365 tem a segurança necessária para os ataques de hoje? 7 https://www.cogmotive.com/blog/office-365-tips/vulnerability-in-office-365-allows-unauthorised-administrator-access http://www.tripwire.com/state-of-security/latest-security-news/office-365-vulnerability-allowed-unauthorized-administrator-access/
  • 9. Pontos de atenção para O365 Pare de ignorar a necessidade de SSO e autenticação com duplo fator Diminuir ao máximo vazamento de informação buscando novas formas de identificação. APT – Ataques direcionados estão entre as formas mais efetivas de ataque usando as 3 camadas “Email, network e Endpoints” Email é o #1 “Porta”de ataques direcionados. 5 de 6 empresas grandes (83%) foram alvo de campanhas de spear phishing no ultimo ano. 9
  • 10. Cloud Security for Office 365 Copyright © 2015 Symantec Corporation 10 User AuthenticationData Protection Threat Protection Admins and UsersSensitive DataEmail
  • 11. Cloud Security for Office 365 – Symantec Copyright © 2015 Symantec Corporation 11 SAM VIP External Mail Strong Authentication with Single Sign On Threat Protection, Encryption, Data Protection Admins and Users
  • 12. Cloud Security for Office 365 – Symantec ( VIP + SAM) Copyright © 2015 Symantec Corporation 12 SAM VIP Strong Authentication with Single Sign On Admins and Users
  • 14. A New Cloud Protection Platform 15 Identity-based Access Control Single Sign-on with Strong Authentication Public and private cloud applications User Directory
  • 15. Symantec Identity Access Manager 16 User Management • Embedded virtual user directory • Self-Service registration, profile management, password reset • Use credential at SSO Portal to access Web applications Access Management • Policies based on user’s identity and session context • VIP, RSA and User certificate integration • Rich access audit logs Single Sign On with Strong Authentication • SSO to any web application • Federation: SAML and HTTP-Fed • Plug-in for internal applications and consumer sites • Extensive built-in app catalog
  • 16. How SAM Works 17 SAM Gateway IDP, IWA, mPKI Any User Store LDAP RDBMS Layered Protection 2F Authentication (VIP, mPKI, RSA) Admin Console Compliance Identity & Context based access control 1 6 54 3 2
  • 17. Flexible Deployments – SAM Architecture 18 Hosted Service On Premise Solution Mobile User Consumer Portal, Business Partner Extranet Corporate Network User Enterprise SAM Gateway Mobile User Consumer Portal, Business Partner Extranet Corporate Network User Enterprise SAM Gateway 1 2 1 2 SAM ID Bridge
  • 18. User Friendly – Login Anywhere, Anytime 19
  • 19. Symantec VIP – Validation and Identity Protection 20
  • 20. CLOUD SECURITY PUTS A GREATER EMPHASIS ON IDENTITY CLOUD AND MOBILE HAVE CHANGED THE SECURITY PARADYME Copyright © 2015 Symantec Corporation 21 • Corporate Data (Box) • Employee Data (Workday) • Customer Data (Salesforce) IDENTITYFor cloud apps the first layer of protection – sometimes the only layer is the PASSWORD
  • 21. A PASSWORD IS NOT AN EFFECTIVE WAY TO SECURE IDENTITY • 77% of passwords are in a 1000 word dictionary • Contextual risk: In network vs unmanaged device on public network • Risky password tricks – like password reuse (26 password protected accounts and 5 passwords) Passwords are Vulnerable • Password resets #1 support call - 30% of calls are password related • $70 estimated average to reset password - Billions of dollars annually • 62% of organizations see SaaS apps as a better way to support their mobile/remote workers = more passwords and a growing cost Passwords are Costly • Credential entry is a huge challenge with mobile devices • Failed logins and account lockouts are common occurrences Passwords are Complex Copyright © 2015 Symantec Corporation 22
  • 22. Trusted Access and Authentication only from Symantec CONTROL, CONVENIENCE, CONFIDENCE WITH VIP EVERYWHERE FOR THE ENTERPRISE AND THE CLOUD Copyright © 2015 Symantec Corporation 23 Enterprise Gateway (on- premise apps) Symantec Access Manager (web apps)
  • 23. WE SIMPLIFY ACCESS TO CLOUD APPLICATIONS IDENTITY ACCESS MANAGER, VIP PUSH, ONE PASSWORD Copyright © 2015 Symantec Corporation 24 • First layer of security: Single sign-on portal to all cloud-based apps provides access anytime, anywhere WITH ONE PASSWORD  VIP Access Push adds another layer of security – one tap, no 6-digit code.  Identity and context-based policies authorize access to only the apps a user needs to do his/her job.
  • 24. DATA LOSS PREVENTION Protegendo sua informação e reputação
  • 25. 26 Cloud Security + DLP for Office 365 Architecture DLP Cloud Prevent DLP Enforce External Mail Strong Authentication with Single Sign On Threat Protection and Encryption Protect Confidential Data Inbound Admins and Users SAM VIP
  • 26. Symantec Data Loss Prevention Customer Presentation 27 You don’t own the app You don’t own the infrastructure You can’s say “no” Cloud Your security slows me down I expect an insanely great user experience Mobile You don’t own the device You can’t lock my device down I will use the device and app I want BYOD Cloud & Mobile Create new information protection risks and challenges
  • 27. Company Information Intellectual Property HR Records Internal Auditing M&A and Strategy Customer Information Credit Card Info Medical Records SSNs and Government IDs Financials Protects Your most important, high-value data
  • 28. Copyright © 2015 Symantec Corporation 29 Protect Data In the cloud Symantec DLP FOR CLOUD STORAGE Symantec DLP Cloud Service FOR EMAIL Symantec DLP Cloud Prevent FOR MICROSOFT OFFICE 365
  • 29. Single, convenient cloud-based email protection solution Stop malware, spam and malicious links Protect against data breaches Combines industry-leading email security and DLP 30 Protect cloud data In Office 365 and Gmail
  • 32. Cloud Security + Email Security.cloud + ATP for Office 365 Architecture Copyright © 2015 Symantec Corporation 33 SAM VIP External Mail Strong Authentication with Single Sign On Threat Protection, Encryption, Data Protection SEPMATPSymantec GIN Advanced Persistent Threat Detection Admins and Users
  • 33. Cohesive and Unified Protection Cohesive and Unified Protection
  • 35. Análise Avançada de Mensagens Skeptic Detects anomalies Intelligence gathered through detailed code analysis Attack intelligence processed and shared in real-time to protect all Symantec customers
  • 36. Análise dos Links em Tempo Real Intelligent real-time link following Analyzes content in real- time Stops emails with bad links from being delivered No detectable delivery latency
  • 37. Policy-Based Data Loss Prevention GLBA HIPAA PCI ITAR
  • 39. Console Unificada de Gerenciamento
  • 40. Performance & SLA`s Target Actual Performance Antispam Effectiveness Antispam Accuracy Antivirus Accuracy Email Service Availability Over 99% No more than .0003% No more than .0001% 100% 100% 100% 100% 100% 100% 100% November 2014 December 2014 January 2015 February 2015 March 2015 April 2015 99.999974% 99.999982% 99.999981% 99.999980% 99.999975% 99.999979% 0.000010% 0.000008% 0.000009% 0.000011% 0.000015% 0.000015% 0.000002% 0.000002% 0.000002% 0.000002% 0.000001% 0.000001%
  • 41. Office 365 Inbound Email Flow Copyright © 2015 Symantec Corporation 42 Connection Manager Spam Blocklist Spoofed Sender Detection Malware Scanning Skeptic™ AS & AV ATP Synapse™ Office 365
  • 42. Office 365 Outbound Email Flow Copyright © 2015 Symantec Corporation 43 Office 365 Exchange Data Protection Threat Protection Encryption
  • 43. Perguntas do Chat Copyright © 2015 Symantec Corporation 44 SymantecMarketing_BR@symantec.com
  • 44. Próximo Webinar Copyright © 2014 Symantec Corporation 45 Eliminando os Passwords Para mais informação @SymantecBR https://www.facebook.com/SymantecBrasil SymantecMarketing_BR@symantec.com
  • 45. Thank you! Copyright © 2015 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice. Obrigado!