Microsoft en la empresa y el Gobierno

El cambio de rol de TI

Microsoft es el único habilitado para ayudarlo a balancear las expectativas de los usuarios con los requerimientos institucionales.

Seguridad y Administración

herramientas que ayudan a IT a proteger las

organizaciones

Dispositivos Windows-based

que las personas gustan de utilizar

Windows Next

Cuatro Pilares de nuestra estrategia:

Desarrollo de Aplicaciones

herramientas que simplifican y enriquecen

experiencia desarrolladores

Productividad

herramientas que trabajan “como” y “con” servicios

para consumidores

•

•

•

•

•

7.5

Windows 7

¡Impleméntelo hoy!

Windows 8 es

Windows reinventado

• Interfaz optimizada para pantalla táctil y lápiz

digital

• Soporte sin paralelos para seguridad

empresaria

• Entorno de desarrollo unificado

• Más resistente/a prueba de agua/saneada

• Lectora de código de barras y tarjetas de

crédito

• Integración de aplicaciones comerciales

• Sincronización on- y offline

•

•

•

••

Administre los permisos de acceso a las aplicaciones para cada usuario, no para cada

dispositivo individual

Tradicional App-V Citrix XenApp

Administrado No administrado, basado en

Windows

No administrado, sin base en

Windows

•

•

•

•

•

•

•

•

•

http://blogs.msdn.com/cfs-file.ashx/__key/communityserver-blogs-components-weblogfiles/00-00-00-63-56-metablogapi/3733.image_5F00_2F6BC482.png

Nota del presentador:

personalice la diapositiva para

su cliente y luego descúbrala.

Vea las notas de la misma para

obtener mayor información

sobre los próximos pasos del

marcador de posición.

Windows Server 2008 R2 Active Directory

Microsoft Confidential

Security Strategy Briefing Marco A. Zúñiga Public Sector Manager Julio 2012

Microsoft Confidential

Microsoft Confidential

• Secures against attacks • Protects confidentiality,

integrity, and availability of data and systems

• Helps manage risk

• Protects from unwanted communication

• User choice and control • Products, online services

adhere to fair information principles

• Dependable, available • Predictable, consistent,

responsive service • Maintainable • Resilient, easily restored • Proven, ready

• Commitment to customer-centric interoperability

• Recognized industry leader, world-class partner

• Open, Transparent

Microsoft Confidential

Microsoft Confidential

Sony Finds More Cases of Hacking of Its Servers By NICK BILTON , May 2, 2011

Sony said Monday that it had discovered that more credit card information and customer profiles had been compromised during an attack on its servers last week.

Microsoft Exposes Scope of Botnet Threat By Tony Bradley, October 15, 2010

Microsoft's latest Security Intelligence Report focuses on the expanding threat posed by bots and botnets. Microsoft this week unveiled the ninth volume of its Security Intelligence Report (SIR). The semi-annual assessment of the state of computer and Internet security and overview of the threat landscape generally yields some valuable information. This particular edition of the Security Intelligence Report focuses its attention on the threat posed by botnets.

Microsoft Confidential

Global Foundation

Services (GFS)

Malware Protection

Center

Microsoft Security Response Center

(MSRC)

Microsoft Confidential

SECURITY FUNDAMENTALS

TECHNOLOGY INNOVATIONS

INDUSTRY LEADERSHIP

Microsoft Confidential

Ongoing Process Improvements – 12 month cycle

Education Accountability Process

Microsoft Confidential

DEVICES

APPS

INFORMATION PROTECTION

ACCESS CONTROL

ANTI- MALWARE

POLICY MANAGEMENT

RESEARCH & RESPONSE

SECURE DEVELOPMENT

Private Cloud

Public Cloud

On-Premises Online

Microsoft Confidential

Devices

DEVICES

Private Cloud

Public Cloud

INFORMATION PROTECTION

ACCESS CONTROL

ANTI- MALWARE

POLICY MANAGEMENT

RESEARCH & RESPONSE

SECURE DEVELOPMENT

On-Premises Online

Microsoft Confidential

Universal Extensible Firmware Interface (UEFI) Trusted Platform Model (TPM)

Windows Standard User Accounts User Account Control, and AppLocker Modern Applications Security Development Lifecycle (SDL)

• Maintain software with a patch management solution • Deliver software that is secure by design • Operate a malware resistant platform and applications

Protect Against and Manage Threats

Windows 7 BitLocker MDOP -BitLocker Administration and Monitoring Office Information Rights Management (IRM) Office Encrypted File System Active Directory Rights Management Services z

• Secure data that is at rest with encryption • Protect data that is in motion with encryption • Protect data that is in use with access controls

Active Directory Direct Access Network Access Protection Dynamic Access Control

• Manage the full identity lifecycle • Validate user identity with strong

authentication • Secured and always connected remote access • Protect resources as environment changes

Protect Sensitive Data Secure Access to Resources

Secured Boot Measured Boot Protected View IE Smart Screen

Microsoft Confidential

Microsoft Confidential

Cloud Platform Services

Cloud Infrastructure

Cloud Services

Global Foundation Services

Security Global Delivery Sustainability Infrastructure

Microsoft Confidential

Cloud Services

Cloud Infrastructure

Cloud Platform Services

Cloud Services

Users

Data

Application

Host

Network

Physical

Cloud Provider

Cloud Consumer Cloud Platform

Services

Cloud Infrastructure

Microsoft Confidential

Windows Server Core

File Classification

Infrastructure

Direct Access

Bitlocker

Server and Domain Isolation

Network Access Protection

Kernel Mode Code Signing

Micro-Kernel Based

Architecture

Restricted-Access Hypervisor

Full Guest Isolation

Monitoring and Policy

Enforced via Parent Partition

System Center Manageability

Active Directory

Read-Only Domain Controller

Federation Services

Rights Management Services

Certificate Authority Services

Cloud Service Integration

Forefront Identity Manager

Secure at

the Foundation

Server Virtualization

and Private Cloud

Identity and Policy

Management

Microsoft Confidential

Helping to making it easy for organizations to meet compliance policies

Transparent Data Encryption

Backup Encryption

Extensible Key Management

Crypto enhancements

Protect Data Control Access Ensure Compliance

Help protect your data with a

database solution that is historically

known for the lowest vulnerabilities

across the major DBMS vendors

Control access to your data by managing

authentication and authorization

effectively and by providing access to

only users who need it

Ensure compliance with company

policies and/or government

regulations like HIPAA, PCI, and

Common Criteria

Kerberos authentication

User-Defined Server Roles

Default Schema for Groups

Contained Database Authentication

Policy-Based Management

User-Defined Audit, Filtering, and Resilience

SQL Server Audit in all SKUs

Change Data Capture

Whitepaper “SQL Server Delivers Industry-Leading Security” by ITIC, a leading analyst firm Whitepaper “Supporting HIPAA Compliance with SQL Server,” by Information Security Center of Expertise

at Jefferson Wells International, Inc, a leading Risk Advisory and Security Compliance services organization. Whitepaper “Deploying SQL Server Based on Payment Card Industry Data Security Standards (PCI DSS 2.0),”

by certified audit firm, Parente Randolph (now ParenteBeard). KB Support Article How to use SQL Server in FIPS 140-2 compliant mode

Microsoft Confidential

Communicate and collaborate more securely using Exchange, SharePoint, Lync, and Office

Multi-layered protection

against spam and malware

Effectiveness guaranteed by

5 financially-backed SLAs

In-product controls that help

protect users from threats

Comprehensive Protection

Policy rules that inspect

emails in transit

Integration with AD RMS

to safeguard sensitive data

End-to-end encryption

of communications

Information Security

Integrated administration,

reporting, and auditing

Granular control over user

access and permissions

Mobile security policies and

remote device wipe

Visibility and Control

Microsoft Confidential

Security Response Center

Security Development Lifecycle

Security TechCenter

Security Intelligence Report

Microsoft Security Update Guide

Security Development Center

End to End Trust

Malware Protection Center

Trustworthy Computing

Security Blog

www.microsoft.com /security/msrc

www.microsoft.com /security/sir

www.microsoft.com /sdl

technet.microsoft.com /security

www.microsoft.com /securityupdateguide

msdn.microsoft.com /security

www.microsoft.com /twc

www.microsoft.com /endtoendtrust

www.microsoft.com /security/portal

www.microsoft.com /about/twc/en/us/blogs.aspx

Microsoft Confidential

© 2011 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.