Microsoft Security Newsletter - September 2015



September 2015
Microsoft Security Newsletter



Welcome to September's Security Newsletter!

The theme of this month's newsletter is data security. The CISOs I meet are responsible for protecting their organization's data whether it's on-premises, on mobile devices or Internet of Things (IoT) devices, or in the cloud—or traveling anywhere between these points.



It's interesting to see the different security strategies that different organizations are employing these days. The underlying assumption for some organizations' security strategy is that since they aren't managing all the devices that their information workers use, consistently, then all of those devices should be treated as if they are untrusted. These organizations tend to focus on protecting the data and not the devices used to access it - which is a reasonable strategy for some organizations. They leverage

https://technet.microsoft.com/windows/hh826073.aspx?ocid=wc-nl-secnews
desktop and application virtualization technologies,

https://technet.microsoft.com/library/jj150527.aspx
data loss prevention ,

https://technet.microsoft.com/dn175751.aspx
Rights Management Services , and

https://azure.microsoft.com/services/active-directory/
identity services , and other controls to help them manage the risk to the data.



Other organizations have embraced new mobile device management offerings, like the

http://www.microsoft.com/en-us/server-cloud/enterprise-mobility/overview.aspx Microsoft Enterprise Mobility Suite (which includes

http://www.microsoft.com/en-us/server-cloud/products/microsoft-intune/ Microsoft Intune ), that enable them to manage a wide range of devices in a consistent and predictable manner. Most of the customers I talk to in this category are also using the layered protections built into Windows 7 and 8.1 to protect data, and plan to leverage all the new and enhanced protections built into Windows 10 such as

https://technet.microsoft.com/library/dn985838.aspx?ocid=wc-nl-secnews Enterprise Data Protection ,

https://technet.microsoft.com/library/mt403325.aspx?ocid=wc-nl-secnews BitLocker ,

https://technet.microsoft.com/library/mt483740.aspx?ocid=wc-nl-secnews Credential Guard , to name a few. For enterprise customers looking to evaluate these security features in Windows 10, please download the

https://technet.microsoft.com/evalcenter/dn781239.aspx?ocid=wc-nl-secnews Windows 10 Enterprise Evaluation to try Windows 10 Enterprise free for 90 days.



It's both a challenging time to be a CISO and a great time to be a CISO because of all the options organizations have to inform and support their security strategies. Please enjoy this month's newsletter.



Best regards,

Tim Rains, Chief Security Advisor

Cybersecurity & Cloud Strategy, Microsoft



Want to share this newsletter with a friend or colleague? https://technet.microsoft.com/en-us/security/cc307424.aspx
Click here for the online edition and subscription options .


Have feedback on how we can improve this newsletter? Email us at mailto:secnlfb@microsoft.com
secnlfb@microsoft.com and share your ideas.




Top Stories



http://blogs.microsoft.com/cybertrust/2015/09/10/cloud-security-controls-series -encrypting-data-at-rest/

Cloud Security Controls Series: Encrypting Data at Rest

Learn about some of the controls that are available to help manage the security of data stored and processed in Microsoft's cloud services, and Microsoft Azure in particular.


http://blogs.windows.com/windowsexperience/2015/09/28/privacy-and-windows-10/ Privacy and Windows 10

In today's connected world, maintaining our privacy is an incredibly important topic. Learn how Windows 10 was designed with straightforward privacy principles in mind.


http://blogs.technet.com/b/srd/archive/2015/09/08/what-makes-a-good-microsoft-d efense-bounty-submission.aspx

What Makes a Good Microsoft Defense Bounty Submission?

One of Microsoft's longstanding strategies toward improving software security continues to involve investing in defensive technologies that make it difficult and costly for attackers to exploit vulnerabilities. To cast a wider net for defensive ideas, Microsoft awarded the BlueHat Prize in 2012 and subsequently started the ongoing Microsoft Defense Bounty in June, 2013 which has offered up to $50,000 USD for novel defensive solutions. Last month, we announced that we will now award up to $100,000 USD for qualifying Microsoft Defense Bounty submissions. Learn how Microsoft evaluates defensive solutions and the characteristics that we look for in a good defense.




Security Guidance

https://technet.microsoft.com/security/mt587084.aspx
Security Tip of the Month: Implement a Data-Driven Computer Security Defense
By Roger A. Grimes, Microsoft IT Information Security and Risk Management


In today's environment, information security executives face a challenge of protecting company assets by optimally aligning defenses with an ever increasing number of threats and risks. Often, organizations have considerable investments in protection without using a risk-based approach to prioritizing investments. This approach leads to ineffective security controls and an inefficient use of resources.Information security organizations collect a tremendous amount of data about IT environments.For some organizations, activities occurring on those IT infrastructures exceed more than ten billion events on a daily basis. In other words, considerable information is available about the environments we manage and it's that data that can help us make informed decisions.



In support of these challenges, considerable improvement in rigor and process is necessary to inform and make better business decisions. Drawing upon hundreds of engagements with Microsoft clients, as well as internal security operations,
https://technet.microsoft.com/security/mt587084.aspx
this guide outlines a framework for dramatically improving operational security posture. The framework utilizes a data-driven approach to optimize investment allocation for security defenses and significantly improve the management of risk for an organization.


https://channel9.msdn.com/Events/Ignite/2015/BRK3490
Enabling Data Protection in Microsoft Azure

Find out how to control your data in Microsoft Azure through advanced technologies to encrypt, control and audit access, separate, and dispose of data according to your business needs. This video provides an overview of these technologies with a focus on encryption of data.


https://azure.microsoft.com/en-us/documentation/articles/storage-client-side-en cryption/

Client-Side Encryption and Azure Key Vault for Microsoft Azure Storage

The Azure Storage Client Library for .NET supports encrypting data within client applications before uploading to Azure Storage, and decrypting data while downloading to the client. The library also supports integration with Azure Key Vault for storage account key management. Explore these methods and learn about encryption and decryption via the envelope technique.


https://msdn.microsoft.com/library/bb934049.aspx
Transparent Data Encryption

Transparent Data Encryption (TDE) encrypts SQL Server and Azure SQL Database data files, known as encrypting data at rest. Learn how to use TDE including commands and functions, catalog views and dynamic management views, permissions, and other considerations.


https://msdn.microsoft.com/library/bb895340.aspx
Extensible Key Management (EKM)

While not available in every edition of SQL Server, Extensible Key Management (EKM) enables third-party EKM/HSM vendors to register their modules in SQL Server so that users can use the encryption keys stored on EKM modules. Find out how this enables SQL Server to access the advanced encryption features these modules support such as bulk encryption and decryption, and key management functions such as key aging and key rotation.


https://msdn.microsoft.com/library/dn449489.aspx
SQL Server Backup Encryption

Starting in SQL Server 2014, SQL Server has the ability to encrypt the data while creating a backup. Explore usage scenarios, benefits, and recommended practices for encrypting during backup.


https://channel9.msdn.com/Events/Ignite/2015/BRK3172
Encryption Controls in Office 365: Across Devices and Platforms

Whether it is at rest or in transit, Office 365 protects your data using a variety of encryption mechanisms. In addition to what's baked into the platform, you have several options for customer-controlled encryption features to meet the business needs of your organization. Learn about the different types of encryption technologies in Office 365 that you can use and how they work seamlessly across devices and platforms. This video talks about https://technet.microsoft.com/library/dn792011.aspx
Information Rights Management (IRM) with RMS, S/MIME, and

https://technet.microsoft.com/library/dn569286.aspx
Office 365 Message Encryption and how these encryption technologies help keep your data safe and secure.


https://technet.microsoft.com/library/mt404675.aspx?ocid=wc-nl-secnews BitLocker in Windows 10

BitLocker Drive Encryption is a data protection feature that integrates with the operating system and addresses the threats of data theft or exposure from lost, stolen, or inappropriately decommissioned computers. Find out

https://technet.microsoft.com/library/mt403325.aspx?ocid=wc-nl-secnews
what's new in BitLocker in Windows 10, then find answers to

https://technet.microsoft.com/library/mt404671.aspx?ocid=wc-nl-secnews frequently asked questions ,

https://technet.microsoft.com/library/mt404680.aspx?ocid=wc-nl-secnews
planning tips ,

https://technet.microsoft.com/library/mt404669.aspx?ocid=wc-nl-secnews deployment guidance and much more.




Community Update

http://social.technet.microsoft.com/wiki/contents/articles/1256.database-engine -security-checklist-database-engine-security-configuration.aspx

Database Engine Security Checklist: Database Engine Security Configuration

Get a quick list of key security configuration options for the SQL Server Database Engine. Use this checklist to periodically audit your Database Engine environment. These recommended settings should be adjusted based on your security and business needs.




This Month's Security Bulletins


September 2015 Security Bulletins


Critical

-MS15-094:3089548
https://technet.microsoft.com/library/security/ms15-094
Cumulative Security Update for Internet Explorer

-MS15-095:3089665
https://technet.microsoft.com/library/security/ms15-095
Cumulative Security Update for Microsoft Edge

-MS15-097:3089656
https://technet.microsoft.com/library/security/ms15-097
Vulnerabilities in Microsoft Graphics Component Could Allow Remote Code Execution

-MS15-098:3089669
https://technet.microsoft.com/library/security/ms15-098
Vulnerabilities in Windows Journal Could Allow Remote Code Execution

-MS15-099:3089664
https://technet.microsoft.com/library/security/ms15-099
Vulnerabilities in Microsoft Office Could Allow Remote Code Execution



Important

-MS15-096:3072595
https://technet.microsoft.com/library/security/ms15-096
Vulnerability in Active Directory Service Could Allow Denial of Service

-MS15-100:3087918
https://technet.microsoft.com/library/security/ms15-100
Vulnerability in Windows Media Center Could Allow Remote Code Execution

-MS15-101:3089662
https://technet.microsoft.com/library/security/ms15-101
Vulnerabilities in .NET Framework Could Allow Elevation of Privilege

-MS15-102:3089657
https://technet.microsoft.com/library/security/ms15-102
Vulnerabilities in Windows Task Management Could Allow Elevation of Privilege

-MS15-103:3089250
https://technet.microsoft.com/library/security/ms15-103
Vulnerabilities in Microsoft Exchange Server Could Allow Information Disclosure

-MS15-104:3089952
https://technet.microsoft.com/library/security/ms15-104
Vulnerabilities in Skype for Business Server and Lync Server Could Allow Elevation of Privilege

-MS15-105:3091287
https://technet.microsoft.com/library/security/ms15-105
Vulnerability in Windows Hyper-V Could Allow Security Feature Bypass


September 2015 Security Bulletin Resources:

- http://blogs.technet.com/b/msrc/archive/2015/09/08/september-2015-security-up date-release-summary.aspx


September 2015 Security Update Release Summary
-
Malicious Software Removal Tool: http://www.microsoft.com/en-us/download/malic ious-software-removal-tool-details.aspx

September 2015 Update and

http://blogs.technet.com/b/mmpc/archive/2015/09/08/msrt-september-2015-teerac.a spx
blog summary



Security Events and Training



https://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032671692
Azure, The Trusted Cloud
Thursday, October 1, 2015 - 10:00 AM Pacific Time

Microsoft understands that for you to realize the benefits of the cloud, you must be willing to entrust your cloud provider with one of your most valuable assets—your data. Learn how Microsoft's long experience running online services has involved extensive investment in foundational technology that builds security and privacy into the development process.


https://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032668896 Security, Compliance and IRM in Office 365
Thursday, October 15, 2015 - 11:00 AM Central Time

Explore the different regulations to which Office 365 and, more specifically, SharePoint Online and OD4B are compliant. You'll also find out what IRM means and how you can utilize it to secure your cloud data.


http://go.microsoft.com/?linkid=9898460
TechNet Virtual Lab: Exploring Row Level Security
On demand

This hands on lab will familiarize you with the new Row Level Security (RLS) in SQL Server 2016, which allows you to store data for different customers, departments, or tenants in the same table, while restricting access to rows based on a query's execution context.


http://go.microsoft.com/?linkid=9875125
TechNet Virtual Lab: On-Prem and Cloud App and Data Protection with Azure RMS On demand

Learn how to protect files from unauthorized access by using Microsoft Azure Rights Management, the Microsoft Rights Management connector, the Rights Management sharing app, and Microsoft Office 2013. These technologies help protect data on devices that are domain-joined or standalone regardless of whether they are owned by the organization or a user.


http://go.microsoft.com/?linkid=9851304
TechNet Virtual Lab: Protecting Your Data with System Center 2012 R2 Data Protection Manager
On demand

In this introductory lab, you will learn how to use the Data Protection Manager console to protect and recover data. You will learn how to allocate local storage, configure protection for files and SQL Server databases, create recovery points, and recover data. You will also learn how to recover a database to a SQL Server cluster.






Essential Tools


-
http://technet.microsoft.com/security/bulletin
Microsoft Security Bulletins

-
http://technet.microsoft.com/security/advisory
Microsoft Security Advisories

-
http://www.microsoft.com/security/sdl/adopt/starterkit.aspx
Microsoft Security Development Lifecycle Starter Kit

-
http://support.microsoft.com/kb/2458544
Enhanced Mitigation Experience Toolkit

-
http://www.microsoft.com/security/pc-security/malware-removal.aspx
Malicious Software Removal Tool

-
http://technet.microsoft.com/security/cc184924.aspx
Microsoft Baseline Security Analyzer


Security Centers


-
http://technet.microsoft.com/security
Security TechCenter

-
http://msdn.microsoft.com/security
Security Developer Center

-
http://www.microsoft.com/security/msrc/default.aspx
Microsoft Security Response Center

-
http://www.microsoft.com/security/portal/
Microsoft Malware Protection Center

-
http://www.microsoft.com/privacy
Microsoft Privacy

-
http://support.microsoft.com/select/default.aspx?target=hub&c1=10750 Microsoft Security Product Solution Centers


Additional Resources


-
http://blogs.microsoft.com/cybertrust/
Microsoft Cybertrust Blog

-
http://blogs.msdn.com/b/azuresecurity/
Microsoft Azure Security Blog

-
http://www.microsoft.com/security/sir
Microsoft Security Intelligence Report

-
http://www.microsoft.com/security/sdl
Microsoft Security Development Lifecycle

-
http://technet.microsoft.com/library/cc162838.aspx
Malware Response Guide

-
http://technet.microsoft.com/security/bb980617.aspx
Security Troubleshooting and Support Resources




technet.microsoft.com/security




This is a monthly newsletter for IT professionals and developers–bringing security news, guidance, updates, and community resources directly to your inbox. If you would like to receive less technical security news, guidance, and updates, please subscribe to the Microsoft Security for Home Computer Users Newsletter.



(c) 2015 Microsoft Corporation

http://www.microsoft.com/About/Legal/EN/US/IntellectualProperty/Copyright/defau lt.aspx

Terms of Use |

http://www.microsoft.com/en-us/legal/intellectualproperty/trademarks/en-us.aspx Trademarks


Microsoft respects your privacy. To learn more please read our online http://go.microsoft.com/fwlink/?LinkId=248681
Privacy Statement .



If you would prefer not to receive the Microsoft Security Newsletter from Microsoft and its family of companies please http://click.email.microsoftemail .com/m_hcp.aspx?qs=0bb7f39debca1b0ad10fb2e924b6311d344a0079e5cc587f4d16330b7c3c c8e7aa3d48879950d85d33a47e9a9586dfefd285dcac31618dc84856723b79aad9dc141ac1b2d1f f65f52b32c1ec81a40e05f7b65012608875ea&oneClick=newsletter

click here . These settings will not affect any other newsletters you've requested or any mandatory service communications that are considered part of certain Microsoft services.



To set your contact preferences for other Microsoft communications http://clic k.email.microsoftemail.com/m_hcp.aspx?qs=0bb7f39debca1b0ad10fb2e924b6311d344a00 79e5cc587f4d16330b7c3cc8e7aa3d48879950d85d33a47e9a9586dfefd285dcac31618dc848567 23b79aad9dc141ac1b2d1ff65f52b32c1ec81a40e05f7b65012608875ea

click here .



Microsoft Corporation

One Microsoft Way

Redmond, WA 98052 USA
---
■ Synchronet ■ Time Warp of the Future BBS - Home of League 10 IBBS Games