Office 365 and Cyber threat protection for GDPR
Here's a follow-up to the Tip of the Night for April 28, 2018 which discussed a Microsoft webcast on how Office 365 can help secure personal data for the purposes of compiling with the EU's General Data Protection Regulation, effective May 25, 2018. Tonight's tip concerns how Office 365 can be used to protect against data breaches and provide an adequate level of cyber security to meet the requirements of the GDPR. See, 'Cyber threat protection for GDPR' available here.
Threat Protection Services help protect against data breaches and also help detect when data breaches have occurred. Threat actors are using machine learning and AI on a much larger attack surface that has been increased by factors like the Internet of Things.
The GDPR requires organizations to report data breaches that put the rights of individuals at risk to supervisory authorities without undue delay and where feasible - no later than 72 hours after they are first discovered, and also notify the individuals whose personal data was compromised.
Windows Security Analytics shows which security controls a user has enabled.
Windows Defender ATP (Advanced Threat Protection) is a unified platform for security. EDR is Endpoint Detection and Response. PUA stands for Potential Unwanted Application.
An overall score is given in the upper left, and in the lower right a panel indicates which security features are not enabled for one or more devices.
The security operations dashboard shows alerts in the upper right which indicate which machines pose security risks.
Windows Defender ATP stores endpoint data for 6 months, to help track activities that may have contributed to a breach. Incident graphs can illustrate where breaches began and how they spread. Notice how this graph shows that the breach involved the use of Powershell.
Office 365 Threat Explorer can be used to track the recipients of an email infected with a virus, and who has blocked it.
An admin can isolate specific machine using ATP.