Upload
others
View
4
Download
1
Embed Size (px)
Citation preview
Established
in 2008 Countries
165 100,000+
Members1,500+
Partners
BizSpark, Microsoft’s program dedicated to startups
35,000
Graduates
Free
Software,
Tools and
Support
All about BizSpark Video
4 BizSpark
Microsoft and Startups – Yesterday and Today
2008 2015
MSDN Startup Offer BizSpark Program
• Microsoft engagement with startups limited
• MSDN startup discount for startup developers
• Expensive ($1,500) and difficult to get
• Microsoft recognizes need to engage startups, where innovation begins
• 100,000+ BizSpark members
• Free Azure cloud services• BizSpark - $750/month free• BizSpark Plus - $120,000 free
Available through select accelerators
• Full developer tools via MSDN including software, tools, training and support
Financial Express
NextUp Asia
Economic Times
Computer World
Fortune
TechWorld
MicrosoftRevenue
$95 B$60 B
1 M(US)
85 M (US)
100 Million Users
1 BillionUsers
Travis Kalanick and Garrett Camp have an
idea
$10B in annual revenue
A lot has changed since Microsoft launched our initial offer for startups
BizSpark and BizSpark Plus
Helping Startups SucceedFree Azure cloud services BizSpark - up $750/month FREE Azure cloud services for three years
BizSpark Plus - $120,000 FREE Azure available through select acceleratorsWith support for Windows plus most OSS including and Linux, .NET, Node.js, PHP, and Python
Access to software and toolsDownload developer licenses for Microsoft’s most popular products optimized for startups
Developer Store AccountsPublish your Windows apps for free for one year
Technical SupportHundreds of free training classes, professional technical and product support plus four free phone support
incidents.
Scale with Microsoft Azure $120K OfferWhen you are ready to scale, work with our network partners, be nominated for $10,000 per month for one
year of Azure by a select accelerator.
Program Benefits
Two Startup ProgramsFor startups less than 5 years
old, privately held, less than $1
million annual revenue
Mature startups that
are scaling their business
Available to members of select
Accelerators
Free Azure Cloud
Services
$750/mo for 3 years
($150/mo for each of 5
developers)
$120K for one year
Free Software and
Services MSDN
Subscription includes Office,
Visual Studio, Windows
Server and SQL Server
SupportTechnical, product and
business training and support
MS EcosystemAccess to investors, advisors
and valuable offers
Microsoft startup program benefits
"BizSpark gives us the
licenses for Azure, Visual
Studio, and SQL Server
that we couldn’t have
afforded on our own. It
gives us marketing
support and networking
support to help us reach
the investors who are
funding our expansion."
Owolabi Olatunji
Founder & CEO, Hutbay
Large Scale Technology Trends -
Transforming access to people and information
Mobile Social Cloud Big Data
Cybersecurity Environment is Evolving
Cybercrime costs US
economy up to
$140 billion
annually, report says
Los Angeles Times [2013]
Malware burrows
deep into computer
BIOS to escape AVResearchers have discovered one of the first
pieces ever used in the wild that modifies
the software on the motherboard of
infected computers to ensure the infection
can’t be easily eradicated…
The Register [September 2011]
How hackers
allegedly stole
“unlimited” amounts
of cash from banks in
just a few hours
Ars Technica [2013]
Forget carjacking, soon it will be carhackingRising cyber security risks to drivers as their cars become increasingly powered by and connected to computers have prompted the US auto-safety regulator to start a new office focusing on the threat…
The Sydney Morning Herald [2013]
Ars Technica [2013]
Universities face a
rising barrage of
cyberattacks
New York Times [2013]
Cyberattacks on the rise against US corporations
Espionage malware infects rafts of governments, industries around the world
Ars Technica [2013]
Pirated Software is a Key Source of Malware
Criminals embrace
pirated software:
It’s lucrative
It spreads malware
It’s less risky and has a low barrier to entry
As a result, one out of three computers with counterfeit software installed will be infected by malware
Digital Downloads
Production of
counterfeit software
You can’t protect what you don’t know.
For an overall cybersecurity program to be effective, it is necessary to first have a clear understanding of an organization’s IT infrastructure.
The focus of a Cybersecurity SAM Engagement is to provide customers
with a view of what software is deployed to identify areas of potential risk
and provide high-level guidance on their cybersecurity programs and
policies to help enable good IT software asset management.
SAM Supports
Your
Cybersecurity Strategy
Comprehensive data
platform solution with
massive strides in mission
critical and business
intelligence capabilities
Comprehensive,
integrated data
management and
business intelligence with
award-winning analytics.
A new standard for
missions critical databases
and end-to-end business
intelligence with cloud-
ready technologies and
solutions.
Delivering mission-critical
performance across all
workloads with faster
insights from any data and
a platform for hybrid cloud.
• In-memory across workloads
• Performance & scale
• Hybrid cloud
• Optimized
• HDinsight
• Cloud BI
2014Using outdated software. Use of old software that is no longer supported is a much more attractive target to cyber thieves, and increases cyber risk.
Not updating software. Not using the latest version of software or having patches that are not up to date opens doors to cybercrime.
Adding software indiscriminately. Illegal digital downloads, or purchasing online from an unknown vendor increases the risk of unknowingly downloading malware.
Sharing removable media. Use of removable media is a common way that inappropriate software is shared from machine to machine, and can compromise assets, open breaches, or cause similar problems.
Common
Scenarios for
Compromising Security
What is Software Asset Management (SAM)?
SAM is a global industry standard• ISO/IEC 19770-1
• Endorsed by Microsoft and many others
SAM is essential in today’s business worldSAM is a best practice incorporating a set of proven processes and procedures for managing and optimizing your organization's IT assets.
SAM is an integral part of the control framework of any well-run organizationFollowing SAM best practices results in better information for decision making and a higher degree of operational excellence; ultimately driving long-term business value.
Cybersecurity SAM Engagement
Minimize
cybersecurity risks
Optimize licensing
Decrease costs
associated with
cyber risk like data
loss, fraud,
support.
Secure your IT
infrastructure
A customer
focused SAM
engagement
will help you:
Establish a solid foundation for securely managing software assets that promotes good cybersecurity preventative practices in a holistic, integrated way.
Become more prepared in order to build a resilient, adaptive IT infrastructure that can respond to threats.
Support an effective defense against attacks through added policies and controls.
Decrease costs from data loss, fraud from theft, loss in revenue, labor, support, employee downtime, cost to locate and reinstall lost data, customer support, and negative impact to reputation.
Benefits of a
Cybersecurity
SAM Engagement
What Every Customer Needs to Do
Address Cybersecurity at its Foundational Roots
Prio
rity
1Align Active Directory to Current Threat Environment
2Assess Threats & Countermeasures of the IT Infrastructure and Operational Practices
3Institute Policies Aimed at Reducing Cyber Risk
4
Run Latest Microsoft & Third-party Products
Implement Good Patch Management Practices
Align Active Directory to Current Threat Environment
Assess Threats & Countermeasures of the IT Infrastructure and Operational Practices
Institute Policies Aimed at Reducing Cyber Risk
Cybersecurity SAM Engagement: Step 1
Gather preliminary information about the existing environment, future goals, and security concerns
Organizational Profile Security Considerations
Applications, OS,
and data security
Infrastructure
Environment
Cybersecurity
Concerns
Basic information
about the
organization
People
Cybersecurity Engagement: Step 2
Inventory deployed
software
Match installations
with licenses
...build a detailed report on your current state
Microsoft
Cybersecurity Engagement: Step 3
A Cybersecurity Assessment will assess your current status using generally accepted security
controls. The assessment will cover topics such as:
• Authorized and Unauthorized Devices
• Authorized and Unauthorized Software
• Secure Configurations for Hardware and Software
• Malware Defenses
• Application Software Security
Increasing the efficiency of each control
raises the success rate of the defenses
in the environment.
Frequently install security updates for all software. This is the simplest,
and perhaps most effective, way to protect an organization
Keep anti-virus software active and up-to-date. Run frequent security
scans.
Whenever possible, use the newest versions of applications. They
typically have much stronger security features.
Manage Active Directory roles and access. Validate the configuration
management of applications to ensure there are no security gaps.
Monitor what software and devices employees bring into the workplace and the network environment. A successful BYOD program needs
to take into account data security risks.
Carefully manage the supply chain. Understand threats that can be introduced
in procurement, configuration, exception management, and disposal.
Deployment
Considerations
for a Secure IT environment
Pirated software puts computers and data at risk.
Only devices with genuine Microsoft software get important software updates needed to operate reliably and protect from malware often found in counterfeit software.
Tips for safer shopping
• Make sure you are getting what you paid for. Buy from a reseller you trust.
• Use a secure payment method.
• Beware of Product Keys sold separately.
The best way to get everything you expect up front is to buy genuine Microsoft software preinstalled on a new PC or from an authorized reseller.
Genuine Software
Managing vulnerabilities through proper patch
management
Topics covered
by SAM Policies and Processes
Example policy: Laptops, workstations, and servers
must be configured so that they will not auto-run
content from removable media, like USB tokens (i.e.,
"thumb drives"), USB hard drives, CDs/DVDs, FireWire
devices, external serial advanced technology attachment devices, and mounted network shares.
Aligning Active Directory to the current threat
environment
Creating and managing an authorized software media
library
Establishing protocols to secure devices
Instituting proper permission management
Training Employees, vendors, and others
accessing organizational resources
Addressing change management
The Path Forward
How secure is the IT
environment?
Where do
cybersecurity
improvement
opportunities exist?
Are there any
licensing issues to
discuss?