April 21, 2020 Cloud Security for Financial Markets using Microsoft Teams We explore the security considerations for financial institutions that have a ton of confidential and sensitive data. Also, we further look at Microsoft Teams and how it can help collaboration in the office or remotely for such heavily regulated industries. Introduction Cybersecurity risks have always befuddled financial institutions and capital markets when it comes to moving to the cloud. The emergence of cloud services paved a way for mobile breakthroughs and real-time data analysis. Payment card numbers, social security numbers, user passwords, business plans, financial records, and every other sensitive information can rest on the cloud. Cloud security if compromised has grave implications for financial markets. Their concern for security and compliance regulations is understandable as protected data must not travel beyond national borders. Greatest fears that plague financial markets today are online frauds, scams, privacy breaches, money laundering, and lending discrimination. However, organizations that chose to migrate their services to the public cloud gained a massive competitive advantage over their rivals recently. Cloud-based collaboration platforms such as Microsoft Teams, empowered businesses by driving user engagement and productivity. In fact, continuous security improvement in the public cloud is inspiring more and more organizations to become a part of the shared platform. So, can financial organizations and capital markets also rely on the public cloud? Can public cloud fulfill global compliance requirements for financial markets? Cloud Security Microsoft’s endeavor to provide an additional layer of security for organizations that need greater visibility and control over their cloud services is commendable. Let’s explore how Microsoft hardwires cloud security in its operational framework to manage risks for financial markets using Office365 and Microsoft Teams. Service Level Security Microsoft 365 has built-in service-level security that splits into physical, logical and data layers. Microsoft’s data centers are under high surveillance for security at a physical level. Smart cards, biometric scanners, and two-factor authentication are security checkpoints for service access. Similarly, at the network level, protocols and port numbers follow firewall rules and tiered access control lists to disallow invasion. At the logical level, Microsoft 365 follows the software security assurance process during every stage of the Security Development Lifecycle (SDL). Automated operations on hosts and apps and Microsoft Lockbox reduce human intervention. Additionally, anti-malware software does not let malicious code corrupt the systems. Microsoft also sequesters an infected system to control the spread. It performs regular system patches such as hotfixes, perimeter vulnerability scanning too. Microsoft also segregates co-tenant data using Active Directory for Microsoft 365. It is compliant with cryptographic standards such as SSL, TLS, AES, etc. to encrypt data in transit as well. It secures data at rest using BitLocker encryption. Updates to files ensure that the key renews thus preventing breaches. Email Threat Protection Office 365 employs advanced threat protection for Exchange Online. Using Machine learning (ML), email attachments are scanned and marked safe. This prevents malicious code spread across the tenant. Real-time protection of emails detects malicious URLs and blocks them so users and data remain unharmed even if they click it accidentally. Furthermore, Microsoft scans trillions of signals across the web to detect malicious URLs and virus origination points. Security Monitoring Microsoft’s Operation Security Assurance (OSA) strictly adheres to regulatory standards such as ISO 27001, SSAE 16 SOC1 Type II and HIPAA. Microsoft’s operational security processes conforms to the latest business requirements and standards. Office 365 governs applications through internal and external audits for continuous monitoring and identification of operational risks. Rights Management Service With Azure Rights Management Service (RMS), Microsoft ensures the safety of sensitive content that is shared. This restrains users from performing critical actions on data. Also, accessing the content is not possible by external partners if their Office 365 environment is incompatible. To freely collaborate with clients, partners must migrate to Azure RMS. Data Loss Prevention Data Loss Prevention (DLP) is yet another intelligent service that Office 365 offers to its customers. It can locate sensitive information hidden in messages or files. It then applies policy tips you configured about what action needs to be taken. Most organizations use DLP to search for credit card numbers, insurance numbers and other identification numbers. Secure MIME Secure Multipurpose Internet Mail Extension (S/MIME) is used to send secure emails by encrypting the data. The digitally signed message can be decrypted by the recipient with a private key so that it can’t be deciphered by anyone during transit or at rest. S/MIME offers authentication and integrity for electronic messaging, especially required in B2B, B2C and government use cases. Transport Layer Security For setting up secure connections with partners, Transport Layer Security (TLS) is used by organizations. TLS are cryptographic protocols that encrypt the connection between two hosts and not messages. TLS uses security certificate to ensure a secure channel of communication with a business partner who doesn’t use Office 365 environment. Federated Identities and Multi-factor Authentication Microsoft integrates Azure Active Directory platform with Active Directory Federation Services to extend advanced access control capability. A federation trust is established between on-premises Active Directory and Office 365 suite. Users who have federated identities can access Office 365 cloud services using their Active Directory corporate login credentials. Cloud services are accessed by multiple devices regardless of location or network. Hence multi-factor authentication is must to create a protected layer of defense against intrusion. Multifactor authentication requires two or more login credentials from independent categories to validate user’s identity. Assume Breach Approach To prevent breach, Microsoft keeps enhancing its built-in security features including port scanning, network level boundaries, DDoS prevention etc. Advanced AI intelligently detects security breaches and sends alerts by monitoring internal security systems and customer actions. Access to confidential data is instantly ceased in case of a security breach and the concerned parties are notified. Finally, to recover from the breach, the system automatically updates and audits the affected part of the system to discover system fragility and weaknesses. Office 365 Compliance Microsoft’s cloud services fully comply with industrial and government standards to safeguard customer’s data against illegitimate transfer or use. It has acquired accreditation namely SAS 70/SSAE 16, ISO 27001, HIPAA, EU Safe Harbor, FISMA, and PCI DSS. Microsoft is also responsible for sharing the reports of audits of information security policy conducted by experts annually. Secure Collaboration with Microsoft Teams Microsoft Teams is a cloud-based multi-function collaboration platform that facilitates seamless and secure communications for financial institutes and other organizations to transform their business operations while complying with regulations. Organizations that have adopted Microsoft Teams are experiencing a massive rise in user engagement and overall productivity in virtual workspace. Here’s why you can trust Microsoft Teams: Governance Controls Managing integrated applications is a controlled process in Microsoft Teams. Hence, create collaboration spaces by trusted content owners or stakeholders. Users need to justify the purpose of their groups. Maintain collaboration best practices for access and ownership. Control third-party integrations using administrators at the team level. Policy Enforcement Microsoft Teams allows automating properties and naming conventions when user creates a group or team. It facilitates easier discoverability of teams and information they hold and restrain inappropriate usage of words. Also, configuring group expiration policies saves a lot of time in information lifecycle management. Secure User Identities Compromised identities lay a stronghold for credential leakages, anonymous sign-ins or other suspicious activities. Microsoft Teams implements Azure Risks Policies to protect user identities girding organizations to remediate potential attacks. Intelligent Security Graph Intelligent Security Graph uses machine learning, AI and behavioral analytics to derive rich threat insights. It helps organizations to detect cyberattacks and speed up the remediation process. It also helps Microsoft to brace its products and services. To embed threat protection capabilities, Microsoft integrates Office 365 Advanced Threat Protection (OATP), Microsoft Defender Advanced Threat Protection (MDATP), Windows Defender System Guard (WDSG), Microsoft Cloud App Security (MCAS), and Azure Advanced Threat Protection (AATP) security solutions in Office 365 productivity suite. Insider Risk Management Once again Microsoft leverages machine learning as a savior when to comes to spot insider risks. Insider Risk Management helps mitigate accidental or intentional data leakages by employees. Employees when leaving organizations are very likely to download or copy company’s legal information, marketing content, product designs or employee private data for personal use or to show them to future employers. Insider Risk Management solution intelligently identifies exfiltration patterns, analyses potentially risk user behaviors and surfaces key activities for internal investigators to examine. Security and Governance using TeamsHub by Cyclotron Automate most of the security and governance controls in Microsoft Teams using TeamsHub by Cylotron. Streamline administration, cloud security with Microsoft Teams for financial markets. For more information on security please read the article on Security, Document Tracking and Sharing with AIP. For more articles on governance and best practices please visit our blog Summary Cloud security is one of the foremost concerns for financial markets. Consequently, adopting cloud and enabling a robust and secure framework for productivity and collaboration in the office or remotely can be achieved using Microsoft Teams. Furthermore, TeamsHub by Cyclotron can enable a lot of security features with little effort. Suggested Reading Office365 Advanced Threat Protection
