Blue Square Security
"Blue Square Security" is a Microsoft Security focused podcast that explores the latest trends and best practices in cybersecurity, led by the Microsoft Digital Security team including in-depth discussions with experts from multiple industry experts and Microsoft partners. Each episode will delve into a different topic, such as cloud security, threat intelligence, or identity and access management, providing listeners with practical insights and actionable advice to help them better protect their organizations from cyber threats. From start to finish - these episodes are 100% Microsoft - all hosts are FT MS employees, we leverage Surface hardware, we record via teams, we edit via Microsoft Clipchamp, we generate thumbnails via CoPilot, we edit artwork via Microsoft Office, multiple questions are generated via CoPilot, guests are scheduled via Office, episode notes are kept in One Note, sound is edited via Windows Sound Recorder, hosts leverage a teams channel for internal idea sharing and real time collaboration.
Blue Square Security
Ep. 6_Grady Boggs_Microsoft Security Specialist_Privacy
· Background review
· Security Specialist overview, Digital Security Specialist overview
· Privacy:
o Microsoft Priva 101
o Privacy is a Human Right
o GDPR, CCPA
o 2007 > Sarbanes-Oxley
o financial impact
o “Compliance reporting from a spreadsheet and in inbox is no way to go through life.”
o Solving issues with software vs. people/resources.
o Regulation with compliance
o Audit-worthy reports
o Different types of data and the challenges this creates.
o Auditors/Legal teams highlighting pain points.
o Good stewards of PII
o Healthcare/EHR/FinServ/Retail/Spending or Buying habits.
o User training vs. Top down approach (helping the end user) | Educate.
o Microsoft 365 Policy Tip Engine infused with privacy.
o Granularity
o Privacy integration
o Data protection is a team sport.
o Data Classification service
o Integration with SaaS
o Open API
o LMS > Microsoft Viva Learning
o Retention policy
o 3 prong approach > alert/prevent/train (Empower the end user)
o Privacy is ramping up in 2023 – what changed? Proliferation of Bad Actors
o Ransomware, Crypto-Jacking, Phishing
o Privacy regulation ramping up
o Subject Rights Request = $1702.28 with an average of 135 requests = $130k/mo. Avg.
o Automated workflows
o OLTP
o Redaction, Retention
o Artificial Intelligence is a tool
o Security Co-Pilot
o Sentinel and Threat Intelligence
o Spear-Phishing
o CCP: Compliance & Privacy Customer Connection Program (CCP)
Microsoft Purview products: Information Protection, Data Loss Prevention, eDiscovery; Audit, Data Lifecycle Management, Records Management and Microsoft Priva
Microsoft Community Sign-up (office.com)
Trial: Learn about the free Priva trial - Microsoft Priva | Microsoft Learn
Assessment: Microsoft Security