New toolkits for security and GDPR
Join our January 12th call—Security & Compliance Update for Office 365 Partners – to learn about new toolkits for security and GDPR, as well as the Compliance Manager and new updates to Threat Intelligence.
Security is big business and continues to demand a growing percentage of the overall IT budget. When it comes to productivity software, Microsoft 365 and Office 365 E5 offer robust, enterprise grade features that are built into the service to help customers secure their data from external threats and manage data compliance. There are also custom controls that allow partners to specifically configure an environment to meet their customer’s security and compliance needs.
Partners are critical to Microsoft for successful security sales and to help drive adoption as well as increased customer engagement. Research shows organizations are often underprepared to effectively manage the growing need for cybersecurity. Partners bring expert experience to have door-opening conversations and longer-term support, thus becoming an extension of customers’ security teams.
At the Microsoft Ignite conference, we announced deeper integration and new capabilities to Office 365 security & compliance and I recommend you check out this post for a good summary of the announcements. Since that time, we continue to innovate and add new value. I wanted to highlight a few of these that should be of interest to partners with security and compliance offerings.
Office 365 Threat Intelligence – Attack Simulator
As part of Office 365 Threat Intelligence, one of the three new capabilities we announced is the Attack Simulator. With Attack Simulator you will have the ability to simulate different threat scenarios to gain an understanding of how your users would behave in the event of a real attack and evaluate how secure their configurations are. It provides the capability to launch attack simulations for account breaches including Spear Phishing, Brute Force Password, and Password Spray Attacks – these simulations can help identify overused, systematic, and easy to guess passwords. An example report can then be displayed of the successful attack vectors the tools found.
Attack Simulator can be part of a security evaluation service a partner provides to a customer. The findings, mitigation efforts and other recommendations can be presented in a report to the customer, demonstrating a real value to the security services they are paying for. The simulation should be executed on a regular basis as passwords change and be part of a periodic security evaluation engagement.
Like the way Secure Score helps you understand and manage your security posture, Compliance Manager helps you manage your compliance posture.
Compliance Manager is a new compliance solution that enables you to conduct real-time risk assessment, providing one intelligent score that reflects your compliance performance against data protection regulatory requirements when using Microsoft cloud services. You will also be able to use the built-in control management and audit-ready reporting tools to improve and monitor compliance.
Our target is to cover Office 365, Dynamics 365 and Azure when Compliance Manager is released but for now, while in preview, you can try it with GDPR and ISO 27001 regulations.
Resources for Partners
Compliance Manager is just one of many of the helpful solutions and resources that we have for our partners. With GDPR right around the corner, you may be planning or already conducting detailed assessments to help your customers meet GDPR compliance requirements. A great partner resource can be found at http://aka.ms/gdprpartners. There you will find a collection of assets to help you understand the opportunity and how you can leverage these resources to help your customers navigate the nuances of the GDPR and position your business as leaders in the privacy and data management space.
Sign up for the January 12th partner call
Please join our January call – Security & Compliance Update for Office 365 Partners – where we will have Microsoft experts on hand to help you navigate the available toolkits for security and GDPR, as well as learn more about the Compliance Manager and the new updates to Threat Intelligence discussed in this blog.