Microsoft 365 Enterprise E5

Security Overview
Rani Lofstrom
05/01/18
title

Microsoft Secure
Ensuring security to enable your digital
transformation through a comprehensive
platform, unique intelligence, and broad
partnerships
title
OUR UNIQUE APPROACH

PLATFORM INTELLIGENCE PARTNERS

Microsoft Intelligent Security Graph Shared threat
data from
Unique insights, informed by trillions of signals partners,
researchers,
OneDrive
Outlook
and law
5B enforcement
threats worldwide
detected on
devices every
month
400B
emails
1.2B
devices
200+
analyzed
scanned each
month Botnet data
global cloud consumer from
and commercial Windows
Microsoft
Azure
services Digital Crimes
Unit Microsoft
accounts

Enterprise Bing
security for
90% of 18B+ Bing
web pages
Fortune 500
450B
scanned
750M+ Xbox Live
Azure user monthly
accounts authentications
How Microsoft 365
Realities of digital
Enterprise E5 Fits In transformation
Microsoft Secure
global security vision

Securing the enterprise

with Microsoft 365

Microsoft 365 Enterprise E5

A single suite that unifies
enterprise security with user
Microsoft 365 Enterprise
productivity to meet the needs
of today’s modern workplace
E5 security products
Realities of digital
transformation
REALITIES OF DIGITAL TRANSFORMATION

The intelligent, connected cloud introduces

both opportunity and risk

Technology has changed the way Requiring a new approach to protect

enterprises conduct business company assets

96% 43% 1/3 Only 26%

of companies have (1.88B) of the global of successful enterprise of European companies
embraced the cloud workforce will be attacks will be on say they are GDPR
mobile by 2023 Shadow IT resources by compliant
2018 State of the Cloud Survey (Rightside)

2020
Global Mobile Workforce Forecast Update 2017-2023, “The State of GDPR Readiness: GDPR Readiness Progress
Strategy Analytics es, But Strategies Depend Too Heavily on IT” Forrester, J
anuary, 2018
How to eliminate enterprise shadow IT, Gartner, April 11,
2017
REALITIES OF DIGITAL TRANSFORMATION

Complexity is the enemy of intelligent security

$1.37M 1.87M 70
Security
from
35
Security
products vendors
On average that an
organization spends annually in
Global cybersecurity Is the average for companies
time wasted responding to
workforce shortage by 2022 with over 1,000 employees
erroneous malware alerts Global Information Security Workforce Study 2017 Nick McQuire, VP Enterprise Research CCS Insight.
“The Cost of Insecure Endpoints” Ponemon Institute© Research Report, June 2017
REALITIES OF DIGITAL TRANSFORMATION

Balancing security capabilities with

a manageable security posture

Best-of-breed point Security you can maintain with

solutions your current staff and budget
REALITIES OF DIGITAL TRANSFORMATION

Reducing complexity can eliminate

many security challenges:

Lack of specific Too much time spent managing Too many alerts to investigate
recommendations on how to security vendors
improve security posture

Learning how to configure and Integration is time-consuming User productivity is compromised

manage disparate security and increases total cost of for the sake of security, resulting in
solutions slows deployment ownership users bypassing security measures
Securing the enterprise
with Microsoft 365
SECURING THE ENTERPRISE WITH MICROSOFT 365 E5

title
Threat
Protection

Identity & Access

Management

Security
Management
Information
Protection

Data is your most Security starts with great Correlate threat information Optimize with security insights
important company asset user authentication and automatically respond and configuration tools
SECURING THE ENTERPRISE WITH MICROSOFT 365 E5

Intelligent security for the modern workplace

Microsoft 365 Enterprise E5 unifies enterprise security and user productivity

Identity & Access Information Threat Security

Management Protection Protection Management

Protect users’ Protect sensitive Protect against Gain visibility

identities and control information wherever advanced threats and and control over
access to valuable it lives or travels recover quickly when security tools
resources based on attacked
user risk level
SECURING THE ENTERPRISE WITH MICROSOFT 365 E5

For enterprise
customers that
embrace the Microsoft
productivity suite,
significant gains can be
realized in security
SECURING THE ENTERPRISE WITH MICROSOFT 365 E5

Microsoft 365 security suite advantages

Holistic security capabilities Individual components are Because security is built-in, Security tools are fed by
that can reduce the number purpose-built to integrate, deployment and on-going trillions of signals to
of vendors you manage which decreases TCO management is simplified provide insights across the
global Microsoft ecosystem

Security capabilities extend Standard integration Intelligent, adaptive security

beyond Microsoft to secure capabilities connect to gives users more freedom
3rd party platforms, apps your other security tools in how they work, from
and services (3rd party or homegrown) anywhere on any device
SECURING THE ENTERPRISE WITH MICROSOFT 365 E5

Security capabilities only available in

Microsoft 365 Enterprise E5

Recognize users and devices and dynamically
change what level of access is allowed and
how users authenticate based on parameters
such as location, device risk, user risk or
document confidentiality level
Control access to sensitive
data, even when its shared
outside of your organization
or accessed via a 3rd party
application
Discover shadow IT so it can be
secured and managed, reducing
your exposure to data leakage
through inappropriate sharing
and unsecured storage

Security automation detects potential threats
and correlates alerts to identify a specific
attack vector, investigates and remediates
threats, reauthenticates high-risk users, and
takes action to limit access to data
Because users log in with a single
user ID to any application from
any device from any location, you
have the context to detect and
investigate suspicious activities
Identity and Access Management
Protect users’ identities and control access to valuable resources based on user risk

If a user’s identity or device Alert me when a user's Discover 3rd party cloud apps
becomes compromised, credentials are for sale on the that are in use and assess their
automatically block or limit dark web and elevate their risk risk level, so you can sanction or
access, or require MFA level block them

Discover, restrict, and monitor A single solution that can protect Eliminate passwords by using
privileged identities and their identity across on premises and biometrics or pins
access to resources cloud directories
Information Protection
Protect sensitive information wherever it lives or travels

Automatically apply data security
policies if a user's access to that
data changes, the user becomes
compromised or the data reaches
a certain age.
Identify potentially sensitive
information, like credit card
numbers or bank routing numbers,
and automatically apply a label
and protection to the file
Protect sensitive data when it
travels outside of your
organization via email, USB, or a
3rd party SaaS app

Scan historical on-premises data Allow select partners and

files for potentially sensitive customers to access sensitive
information information
Threat Protection
Protect against advanced threats and recover quickly when attacked

Detect attacks from both Endpoint monitoring with Advanced email protection Automatically investigate
on premises and cloud the ability to quarantine against phishing attempts, endpoint alerts and
signals the endpoint for and unknown (zero day) remediate threats,
investigation and wipe the threats removing them from all
device, if compromised impacted machines

Detect and remove Automatically detect Reduce false positives by

ransomware, then recover anomalies and suspicious contextually aggregating
my files behavior without needing alerts together to identify a
to create and fine tune specific attack vector
rules
Security Management
Gain visibility and control over security tools
A quantifiable measurement
of your security posture
Detailed reports on the latest
threats, so you can answer
questions, like "How well am I
protected against the latest
threats?"
Benchmark your security score
against companies in your
industry or of similar size
Teach users to guard against
email phishing by simulating an
attack in a safe environment
Recommended actions you can
take to improve your security
posture
Incident and event
forensic reporting
 Addressing the risks inherent in a
title growing shadow IT environment

“Using Cloud App Security as a magnifying

glass, we gain amazing visibility into our SaaS
environment. Cloud App Security works with
Azure Information Protection to alert us if
someone is trying to share sensitive data. Our
vision is to use Cloud App Security together
with the Azure conditional access policies
that we have already defined, such as for our
SuccessFactors app.”

Muhammad Yasir Khan

Head of IT Infrastructure
Nakilat, Qatar Gas Transport
MICROSOFT 365 E5 SECURITY PRODUCT SUITE

Whole Food protects

apps with Microsoft
365 security

“Identity is the new firewall of the future.

We can’t continue to use our old way of
controlling application access, because
business isn’t happening exclusively in our
network anymore. With Azure Active
Directory Premium, we can stay in control,
no matter where our users roam.”
WILL LAMB
Infrastructure Coordinator
Whole Foods Market, United States
 Korn Ferry authenticates and protects Office
title 365 apps and 60 third-party applications,
including SAP and Salesforce.com.

“With Azure Active Directory, we can

set policies that treat employees
outside the office more strictly than
those inside it and that prompt for
Multi-Factor Authentication on
unmanaged devices or for certain
applications. With Microsoft 365, we
no longer have to choose between
mobility and security—we have both.”

Bryan Ackermann
Chief Information Officer
Korn Ferry, United States
 title
In just a few months, Yara deployed
Azure Information Protection for
14,000 users and 10,000 devices.

“We set Azure Information Protection so

that when you click ‘confidential,’ the
file will be encrypted automatically and
access will be restricted to designated
users—even if you accidentally send it
to the wrong person.”
Erlend Skuterud
Chief Information Security Officer
Yara, Norway
title

“Teams across different

divisions and different
countries can now easily build
and safely store and share
documents. In the past, there
was nothing comparable.”

CONOR O’HALLORAN
Head of Identity Management
Merck KGaA, Darmstadt,
Germany
title

“As we see the security

landscape evolving with more
sophisticated attacks, we trust
Microsoft to stay ahead of the
latest threats to protect our
network and our data.”
CHRIS KREBS
Chief Information Officer
Fruit of the Loom
title
“Today, we trust EMS and
Surface devices running
Windows 10 as a highly
reliable platform that protects
our data—such as the
proprietary running shoe
designs that make our name—
in a mobile environment.”

EDWIN IDEMA
IT Manager, EMEA
Asics
Microsoft 365 Enterprise E5
security products
MICROSOFT 365 E5 SECURITY PRODUCT SUITE
Security solutions in Microsoft 365 Enterprise E5
Identity & Access
Management
Azure Active Directory
Microsoft Cloud App Security
Windows Hello
Windows Credential Guard
Information
Protection
Azure Information Protection
Office 365 Data Loss Prevention
Microsoft Cloud App Security
Office 365 Advanced Threat Protection
Windows Information Protection
Microsoft Intune
BitLocker
Threat
Protection
Azure Advanced Threat Protection
Windows Defender
Advanced Threat Protection
Office 365 Threat Intelligence
Microsoft Cloud App Security
Security
Management
Microsoft Security & Compliance Center
Windows Defender Security Center
Microsoft Secure Score
 Identity & Access Information
title Management Protection
• Single Sign-on • Data Loss Prevention (DLP)
• Multi-Factor Authentication • Data Encryption
• Access Control • Information Protection
• Privileged Access Management • Data Classification
(PAM) • Data Governance
• Cloud Access Security Broker (CASB)
• Secrets Management • Key Management
• Mobile Application Management
• Database Security
• Encrypted Cloud Storage
• Back Up
• Disaster Recovery
• Virtual Private Networks (VPN)
Security categories M365 Enterprise E5 covers
Security categories other Microsoft solutions cover
What Microsoft Services/ MSSPs cover
What Microsoft integrates with
What Microsoft doesn’t do
Threat Security
Protection Management
• Secure Email Gateway • Security Scoring
• Endpoint Detection and Response • Reporting
(EDR)
• Cloud-based Management
• Endpoint Protection (EPP)
• Anti-malware/phishing • Asset Discovery
• Anti-spyware • Pen Testing/ Risk Assessment
• Antivirus Software • Vulnerability Assessment
• User and Entity Behavior Analytics • Web Application Testing
(UEBA) • Managed detection and response
• Anomaly Detection (MDR)
• Threat Intelligence Feeds • SOC
• Remote Browser • Security training
• Intrusion Detection System (IDS)
• SIEM (SIM/ SEM/ Log management)
• Intrusion Prevention System (IPS)
• IoT Protection
• Cloud Workload Protection
• DDoS Protection
• Incident Response Services
• Cross-platform endpoint protection
• Incident Ticket System
• Firewall/ Network
• Mobile Threat Detection tools
• Host intrusion prevention system
(HIPS)
• Network traffic analysis (NTA)
• Container Security
• Anti-subversion software
• Anti-tamper software
• Deception
E3 vs E5 E3 E5

Identity and Azure Active Directory P1 Azure Active Directory P2

Access Management Windows Hello
Credential Guard

Information
Azure Information Protection P1
Azure Information Protection P2
Office 365 Data Loss Prevention
Protection
Microsoft Cloud App Security
Windows Information Protection
Office 365 Cloud App Security
BitLocker

Microsoft Threat Microsoft Advanced Threat Analytics

Windows Defender Advanced Threat Protection

365
Office 365 Advanced Threat Protection
Protection
Windows Defender Antivirus
Office 365 Threat Intelligence
Device Guard
Enterprise Azure Advanced Threat Protection

E5
Security Secure Score

Management
Microsoft security and compliance center (additional management reports and capabilities)
(includes E3 solutions) Windows Security Center

Compliance eDiscovery
Advanced eDiscovery, Customer Lockbox,
Advanced Data Governance

Analytics Delve Power BI Pro, MyAnalytics

Office Applications
Productivity, Creativity Outlook/ Exchange Skype Audio Conferencing
and Teamwork solutions Microsoft Teams Phone System
Skype for Business
MICROSOFT 365 E5 SECURITY PRODUCT SUITE

title
E5 Security
Microsoft Cloud
App Security
Discovers cloud app being used in your
Windows Defender
Advanced Threat Protection
A unified endpoint security platform
Office 365 Advanced
Threat Protection
Protects your email, files and online
enterprise, identifies and combats that protects against advanced attacks
storage against unknown and
cyberthreats and enables you to control and automatically investigates and
sophisticated attacks
how your data travels remediates evolving threats

Office 365 Threat

Azure Active Azure Information Intelligence
Directory P2 Protection P2 Azure ATP Research threats, track phishing or
Identity & Access Management that is Protects sensitive enterprise data, even Detect and investigate advanced malware campaigns aimed at your
automated across your entire digital when it travels outside of your attacks on-premises and in the cloud users, and search for threat indicators
footprint organization from user reports and other intelligence
sources

Compliance Advanced Data Governance Customer Lockbox Advanced eDiscovery

Analytics My Analytics Power BI Pro

Audio Conferencing, Phone

Voice System
MICROSOFT 365 E5 SECURITY PRODUCT SUITE

Microsoft 365 addresses real-world

security challenges

I need to be compliant with data protection How do I find and manage shadow IT and
regulations, like GDPR. How can Microsoft help rogue devices, and put in place policies to
me discover, classify and protect my sensitive data? ensure we remain compliant and secure?

I have solutions from many vendors in my How can Microsoft help me understand my
enterprise IT environment, how can Microsoft help current security posture and get
me secure our entire digital landscape? recommendations on how to improve it?

Eventually, we will experience a breach. How If a user becomes compromised, how can I
can Microsoft help me detect and respond configure security policies that automatically
to a breach fast? enforce additional layers of authentication to
keep my organization safe?
Thank you.

© Copyright Microsoft Corporation. All rights reserved.

Appendix

© Copyright Microsoft Corporation. All rights reserved.

 Real life data breaches

Jason’s Deli FedEx Under Armour Saks Fifth Avenue

January 11, 2018 February 15, 2018 March 29, 2018 April 1, 2018

As many as 2 million payment cards we Personal information was found on a An unauthorized party acquired data fr Hackers stole 5 million credit and debit
re stolen and sold on the dark web n unsecure cloud storage server. om 150 million cloud app users cards and sold them on the dark web.
.