Upload
intel-security
View
4.402
Download
1
Embed Size (px)
Citation preview
Step Up Your Security for Microsoft Office 365
Dave Bull | Director, Product Marketing
Agenda
• Five Security Considerations to Avoid Common Pitfalls
• Email Continuity• Phishing assessment
2
3
Email is Driving the EvolutionEmail is the Primary Capability Being Used or Planned with Office 365
File Sharing
Document Management
Instant Messaging
Team Sites
Online Meetings
…0% 20% 40% 60% 80%
Percentage of Respondents
4
95% of all attacks on the enterprise network are the result of successful
spearphishing-Allen Paller
Director of Research, SANS Institute
NetworkWorld
5
88% of HR and Finance clicked on at
least one phishing email
McAfee Phishing Quiz, 2015
6
17.4% of documents in Office 365 contain sensitive data.
http://www.businesswire.com/news/home/20150729005619/en/Industry%E2%80%99s-Office-365-Cloud-Adoption-Risk-Report#.VckV-flViOx
7
Consideration #1: Strength of Security
8
Targeted Phishing Attacks Continue to PrevailSophistication and Delivery of Malware Increase Unabated
Delayed malware dropOne time URLs Recon for
Targeted Attacks
9
What Customers Are AskingSecurity for Office 365 Exchange Online
Uptime?
How susceptible are my users?
How can I gain visibility into phishing attacks my
users fell for?
Data Exfiltration?
Threats delivered via embedded
URLs?
Do I need
additional security?
Why stronger email security is neededSolution Overview
10AV-TEST.org – April 2015 Product Review Report
Microsoft
Intel Security
Industry Average
Protection against 0-day malware attacks, inclusive of web and email-threats (Real-World Testing) - 153 samples used
79% 100% 97%
Detection of widespread and prevalent malware discovered in the last 4 weeks (the AV-TEST reference set) 12,327 samples used
88% 100% 99%
Protection Score
0.0 / 6.0
Protection Score 6.0 / 6.0
Targeted Attacks:Different technology, different outcomes
ClickProtect
12
Scan-time and Click-time URL Protection• Combats spear phishing and
links to malware• Educates users• Fully customizable
Scan Time• URL reputation check• Rewrites delivered URLs
Click Time• URL reputation check• Enterprise web security
scanning for 0-hour malware• Safe Preview
Any device,
anywhere, anytime
Is the URL safe?
Is the URL still
safe?
13
ClickProtect for Embedded URL ProtectionLeverages Leading Web Protection Technology
AV-Test.org
Enterprise Web Security
McAfee
Blue C
oat
Websen
seCisc
o
95%
74%58%
25%
Zero Day Protection Rate
14
ClickProtect for Embedded URL ProtectionEducation Reinforcement
Unmasked Web Addresshttp://www.funshion.comMcAfee GTI® Web Reputation: UnverifiedMcAfee GTI® Web Category: Entertainment, Streaming Media
Enterprise Web SecurityUnmasks URL
15
ClickProtect for Embedded URL ProtectionCustomizable Template Reinforces Awareness
Is that your destination site? (Customize your message)
Enterprise Web SecurityUnmasks URLSafe Preview
16
ClickProtect for Embedded URL ProtectionPolicy Configuration – Custom Warnings
17
Data Exfiltration PreventionPreventing the last step of a targeted attack
Source: Data Breach Today
Compliance Templates
Document Fingerprinting
Regular Expressions
Scans 500+ file types
Built-in DLP provides:
Dec 1H’14 2H’14
150M
Peop
le A
ffect
ed
110M104M
4.6M12M
800K1.5M
145M
20.7M
4.5M 5M
868K
76M
310K 338K
18
Granular DLP and Encryption Controls for Hosted MailboxesHelps Achieve Compliance and Prevent Exfiltration
• Fully compatible integration
• Includes:• Extensive, robust templates• More granularity per template• File fingerprinting • Policy-driven encryption
Allow filtering email fromMicrosoft Office 365
Google Apps for Work
19
Consideration #2: Speed of Response
20
Faster Protection for Office 365 Exchange OnlineBreadth of Listeners
Source: AVTest.org
Threat feedback
3rd Party FeedsEOP Windows
Endpoint AV
21
Faster Protection for Office 365 Exchange OnlineBreadth of Listeners – McAfee Global Threat Intelligence
Threat feedback
3rd Party FeedsEOP Windows
Endpoint AV
Email Protection
with
Email Gateway
Web Gateway
Advanced Malware Network IPSEndpoint AV 3rd Party
Feeds Firewall
Faster Protection for Office 365 Exchange Online
22Microsoft Technet, 200669, 200664
Recent AVTest.org 0-day Score 76% 100%
Cloud Intelligence Sources 3 7
AV Engine Update Cycle 60 minutes 12x faster
Threat Response Time 2 hours 10x faster
Policy Updates 60 minutes 3x faster
+ Email Protection
23
Nearly 50% open and click on a phishing links within the first
hourVerizon Data Breach
Investigation Report, 2015
24
Consideration #3: Continuity Strategy
25
• 60 days of rolling storage• Web-based access to email during outage• Post-outage email activity release and
synchronization
Email Continuity Ensures Hosted Mailbox UptimeAutomatic service engagement when outage is detected
39% are concerned they will not be able to access cloud applications
Frost & Sullivan, The Hidden Truth Behind Shadow IT
26
Email ContinuityQuick Demonstration
27
Consideration #4: Data Protection Strategy
McAfee DLP vs. O365 DLP Coverage
Endpoints
The Cloud
Editing and Discovery Crawl
What O365 DLP provides today
McAfee DLP vs. O365 DLP Coverage (cont.)
29
Email & Web Protection
McAfee ePO
Endpoints
Management
The Cloud
Editing and Discovery Crawl*
Firewall
Data Repositories
30
Encryption protects cloud-based files
Who should hold the encryption keys?
31
Consideration #5: Planning Ahead
Two categories of Office 365 Customers• Willing to try Microsoft Security• You know you need security
What we hear from customers
32
Custom Insights to Increase Security AwarenessAssess Your Anti-Phishing Aptitude
34Intel Security Phishing Quiz, 2015; Intel Security Quarterly Threat Report, Q1 2015
75,000 business users 120,000 business users
https://intelsecurity.com/phishingquiz
Q1 2015:500,00 new phishingURLs identified, almost 2x the average
35
36
37
38
uniqueIdentifier
39
Your Organization
40
Get ahead of Security Pitfalls• Strength of Security• Speed of Response• Continuity Strategy• Data Protection Strategy• Plan Ahead
The 5 points of Consideration
41
42
Better Protection for Office 365 Exchange Online
Targeted Attack Protection PlannedYes
#1 in zero-day malware detection1 & Safe Preview
Native URL & Web Intelligence No Yes
Graymail Filtering Policies No Yes
Recent AVTest.org 0-day Score 79% 100%
Cloud Intelligence Sources 3 7
AV Engine Update Cycle 60 minutes2 12x faster
Threat Response Time 2 hours2 10x faster
Policy Updates 60 minutes2 3x fasterDLP policies apply beyond Office 365 No Yes
Customer holds encryption keys No Yes
+
1McAfee Gateway Anti-Malware Engine, AVTest.org2Microsoft Technet, 200669, 200664
43
Learn MoreNext StepsAssess Your Risk• Take the McAfee Phishing Quiz:
www.intelsecurity.com/phishingquiz • Run it within your own organization,
and gain results specific to your users
• Contact your McAfee technology resource for details
Read More• mcafee.com/emailsecurity• mcafee.com/o365• mcafee.com/expertcenter