6
Identity Protection By Hugh Simpson-Wells, CEO of Oxford Computer Group Identity is central to modern computing. Modern identity theft is a multi-million dollar business. Protecting identities must therefore be the number one priority for the security-minded.

What is Microsoft Identity Protection and why it matters

Embed Size (px)

Citation preview

Page 1: What is Microsoft Identity Protection and why it matters

Identity Protection

By Hugh Simpson-Wells, CEO of Oxford Computer Group

• Identity is central to modern computing.• Modern identity theft is a multi-million dollar

business.• Protecting identities must therefore be the

number one priority for the security-minded.

Page 2: What is Microsoft Identity Protection and why it matters

What’s the problem?Knowing who has access to what is a vital part of

commerce and corporate collaboration.

Identity theft has to be taken very seriously.

Efforts made by criminals to steal an identity with a view to impersonating its

true owner have increased dramatically

Read more about Identity Protection

Page 3: What is Microsoft Identity Protection and why it matters

Is it getting worse?

It used to be enough to implement orderly

management of the identity lifecycle, in a

closed network environment…

The threat of identity management is getting worse (and there have been plenty of highly visible examples).

…but the new generation of threats means that even well-managed identities can be stolen, with the use of cached-token theft, social engineering, and phishingOxford Computer

Group is a leading Microsoft Partner, concerned with secure and well-managed identity systems.

Read more about Identity Protection

Page 4: What is Microsoft Identity Protection and why it matters

Detection and response

Detection

Risk assessment score

Automated

notification and

remediation

Further steps

based on judgemen

t

Reset risk score

The shadowy nature of identity theft means that certainty is a rare commodity, so the evaluation of the threat must be on a risk basis

Microsoft evaluate suspicious activity using the evidence of billions of authentications made each day to the Microsoft Azure Active Directory

Administrators are notified; some remediation is policy-based (like blocking login, or adding multi-factor authentication); administrators may judge that further action is required

Risk score has to be reset, so that evaluation can start over

Read more about Identity Protection

Page 5: What is Microsoft Identity Protection and why it matters

Risk depends on the severity of the issue detected, coupled with the confidence in the detection algorithm that this issue is indeed present.

Risk evaluation is performed both in real-time and asynchronously – so detection can be delayed by 2-4 hours after anomalous events take place.

Assessing risk

Increasing severity

Incr

easin

g co

nfide

nce

Low risk

Medium risk

Medium risk

High risk

Read more about Identity Protection

Page 6: What is Microsoft Identity Protection and why it matters

These Microsoft technologies can come together to give insight into the security of your organization:

• Advanced Threat Analytics (ATA)• Multi-Factor Authentication (MFA)• Privileged Identity Management (PIM)• Privileged Access Management (PAM)• Microsoft Identity Manager (MIM)

Together, they offer state-of-the-art identity protection.

Read more in our Identity Protection blog

What next? Read more about Identity Protection