Embed Size (px)
Citation preview
Identity Protection
By Hugh Simpson-Wells, CEO of Oxford Computer Group
• Identity is central to modern computing.• Modern identity theft is a multi-million dollar
business.• Protecting identities must therefore be the
number one priority for the security-minded.
What’s the problem?Knowing who has access to what is a vital part of
commerce and corporate collaboration.
Identity theft has to be taken very seriously.
Efforts made by criminals to steal an identity with a view to impersonating its
true owner have increased dramatically
Read more about Identity Protection
Is it getting worse?
It used to be enough to implement orderly
management of the identity lifecycle, in a
closed network environment…
The threat of identity management is getting worse (and there have been plenty of highly visible examples).
…but the new generation of threats means that even well-managed identities can be stolen, with the use of cached-token theft, social engineering, and phishingOxford Computer
Group is a leading Microsoft Partner, concerned with secure and well-managed identity systems.
Read more about Identity Protection
Detection and response
Detection
Risk assessment score
Automated
notification and
remediation
Further steps
based on judgemen
t
Reset risk score
The shadowy nature of identity theft means that certainty is a rare commodity, so the evaluation of the threat must be on a risk basis
Microsoft evaluate suspicious activity using the evidence of billions of authentications made each day to the Microsoft Azure Active Directory
Administrators are notified; some remediation is policy-based (like blocking login, or adding multi-factor authentication); administrators may judge that further action is required
Risk score has to be reset, so that evaluation can start over
Read more about Identity Protection
Risk depends on the severity of the issue detected, coupled with the confidence in the detection algorithm that this issue is indeed present.
Risk evaluation is performed both in real-time and asynchronously – so detection can be delayed by 2-4 hours after anomalous events take place.
Assessing risk
Increasing severity
Incr
easin
g co
nfide
nce
Low risk
Medium risk
Medium risk
High risk
Read more about Identity Protection
These Microsoft technologies can come together to give insight into the security of your organization:
• Advanced Threat Analytics (ATA)• Multi-Factor Authentication (MFA)• Privileged Identity Management (PIM)• Privileged Access Management (PAM)• Microsoft Identity Manager (MIM)
Together, they offer state-of-the-art identity protection.
Read more in our Identity Protection blog
What next? Read more about Identity Protection
