initiation à la conformité dans office365
TRANSCRIPT
![Page 1: Initiation à la conformité dans Office365](https://reader030.vdocuments.pub/reader030/viewer/2022020301/5885d3a61a28ab42028b6f53/html5/thumbnails/1.jpg)
Accessible content is available upon request.
Initiation à la conformité dans O365Hassen Boumaraf, Senior Technical Account [email protected]
![Page 2: Initiation à la conformité dans Office365](https://reader030.vdocuments.pub/reader030/viewer/2022020301/5885d3a61a28ab42028b6f53/html5/thumbnails/2.jpg)
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of
AvePoint, Inc.
Agenda Définitions
Quelques chiffres
Roadmap
Office 365 et conformité : Démo
La conformité au coeur de l’organisation
![Page 3: Initiation à la conformité dans Office365](https://reader030.vdocuments.pub/reader030/viewer/2022020301/5885d3a61a28ab42028b6f53/html5/thumbnails/3.jpg)
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of
AvePoint, Inc.
Définitions
![Page 4: Initiation à la conformité dans Office365](https://reader030.vdocuments.pub/reader030/viewer/2022020301/5885d3a61a28ab42028b6f53/html5/thumbnails/4.jpg)
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of
AvePoint, Inc.
Données sensibles
Métiers Personnelles
Finance : N° de carte bancaireVisa, Amex, MasterCard
RH / Médicales
N° de Sécurité Sociale
Denmark Personal Identification Number
![Page 5: Initiation à la conformité dans Office365](https://reader030.vdocuments.pub/reader030/viewer/2022020301/5885d3a61a28ab42028b6f53/html5/thumbnails/5.jpg)
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of
AvePoint, Inc.
Règlementation
Métiers PersonnellesPCI – DSS
SOX (Sarbanes-Oxley)
HIPAA
loi Informatique et Libertés et la Directive Européenne 95/46/EC
![Page 6: Initiation à la conformité dans Office365](https://reader030.vdocuments.pub/reader030/viewer/2022020301/5885d3a61a28ab42028b6f53/html5/thumbnails/6.jpg)
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of
AvePoint, Inc.
Data breach• “A data breach is a security incident in which sensitive, protected or confidential data is copied, transmitted, viewed, stolen or used by an individual unauthorized to do so”
[U.S. DEPARTMENT OF HEALTH AND HUMAN SERVICES Administration for Children and Families]
![Page 7: Initiation à la conformité dans Office365](https://reader030.vdocuments.pub/reader030/viewer/2022020301/5885d3a61a28ab42028b6f53/html5/thumbnails/7.jpg)
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of
AvePoint, Inc.
Conformité
• “Compliance means conforming to a rule, such as a specification, policy, standard or law …”
[Wikipedia]
![Page 8: Initiation à la conformité dans Office365](https://reader030.vdocuments.pub/reader030/viewer/2022020301/5885d3a61a28ab42028b6f53/html5/thumbnails/8.jpg)
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of
AvePoint, Inc.
Conformité des données• Une information ne doit être que là où elle devrait être• Une information ne doit être visible que par ceux qui devraient la voir
[Hassen Boumaraf]
Malheureusement, ce n’est pas toujours le cas
![Page 9: Initiation à la conformité dans Office365](https://reader030.vdocuments.pub/reader030/viewer/2022020301/5885d3a61a28ab42028b6f53/html5/thumbnails/9.jpg)
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of
AvePoint, Inc.
Quelques chiffres
![Page 10: Initiation à la conformité dans Office365](https://reader030.vdocuments.pub/reader030/viewer/2022020301/5885d3a61a28ab42028b6f53/html5/thumbnails/10.jpg)
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of
AvePoint, Inc.
Records breached (known)Data breaches (known)
Incident trends
3,525 605,742,928Security
breaches
April 20, 2005 toDecember 20, 2012
Represents United StatesSource: http://www.privacyrights.org
![Page 11: Initiation à la conformité dans Office365](https://reader030.vdocuments.pub/reader030/viewer/2022020301/5885d3a61a28ab42028b6f53/html5/thumbnails/11.jpg)
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of
AvePoint, Inc.
Causes de “data breach”
System glitches
Malicious intent Oops!
39%
24%
37%
Online Trust Alliance: 2013 Data Protection and Breach Readiness Guide
![Page 12: Initiation à la conformité dans Office365](https://reader030.vdocuments.pub/reader030/viewer/2022020301/5885d3a61a28ab42028b6f53/html5/thumbnails/12.jpg)
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of
AvePoint, Inc.
Etude IBM / Ponemon• 29 entreprises ont participé à l’étude en France
• Coût moyen d’un enregistrement compromis : 134€
• Augmentation de 3.3% par rapport à l’année dernière
![Page 13: Initiation à la conformité dans Office365](https://reader030.vdocuments.pub/reader030/viewer/2022020301/5885d3a61a28ab42028b6f53/html5/thumbnails/13.jpg)
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of
AvePoint, Inc.
Actions correctives suite à un incident
![Page 14: Initiation à la conformité dans Office365](https://reader030.vdocuments.pub/reader030/viewer/2022020301/5885d3a61a28ab42028b6f53/html5/thumbnails/14.jpg)
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of
AvePoint, Inc.
Solutions O365
Comment mettre ces solutions en place dans O365 ?
![Page 15: Initiation à la conformité dans Office365](https://reader030.vdocuments.pub/reader030/viewer/2022020301/5885d3a61a28ab42028b6f53/html5/thumbnails/15.jpg)
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of
AvePoint, Inc.
O365 et conformité
![Page 16: Initiation à la conformité dans Office365](https://reader030.vdocuments.pub/reader030/viewer/2022020301/5885d3a61a28ab42028b6f53/html5/thumbnails/16.jpg)
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of
AvePoint, Inc.
Données sensibles• France Driver's License Number• France National ID Card (CNI)• France Passport Number• France Social Security Number (INSEE)SWIFT Code• Taiwan National ID• Taiwan Passport Number• Taiwan Resident Certificate (ARC/TARC) Number• U.K. Driver's License Number• U.K. Electoral Roll Number• U.K. National Health Service Number• U.K. National Insurance Number (NINO)• U.S. / U.K. Passport Number• U.S. Bank Account Number• U.S. Driver's License Number• U.S. Individual Taxpayer Identification Number (ITIN)• U.S. Social Security Number (SSN)
![Page 17: Initiation à la conformité dans Office365](https://reader030.vdocuments.pub/reader030/viewer/2022020301/5885d3a61a28ab42028b6f53/html5/thumbnails/17.jpg)
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of
AvePoint, Inc.
Outlook• Titre/Corps/
Pièces jointes• Policy Tips• Justification
![Page 18: Initiation à la conformité dans Office365](https://reader030.vdocuments.pub/reader030/viewer/2022020301/5885d3a61a28ab42028b6f53/html5/thumbnails/18.jpg)
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of
AvePoint, Inc.
SharePoint• eDiscovery
![Page 19: Initiation à la conformité dans Office365](https://reader030.vdocuments.pub/reader030/viewer/2022020301/5885d3a61a28ab42028b6f53/html5/thumbnails/19.jpg)
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of
AvePoint, Inc.
SharePoint• Audit
![Page 20: Initiation à la conformité dans Office365](https://reader030.vdocuments.pub/reader030/viewer/2022020301/5885d3a61a28ab42028b6f53/html5/thumbnails/20.jpg)
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of
AvePoint, Inc.
Yammer
![Page 21: Initiation à la conformité dans Office365](https://reader030.vdocuments.pub/reader030/viewer/2022020301/5885d3a61a28ab42028b6f53/html5/thumbnails/21.jpg)
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of
AvePoint, Inc.
O365 Compliance Center• Equipe conformité• Intégration de DLP aux solutions MS• Centralisation des outils de conformité
![Page 22: Initiation à la conformité dans Office365](https://reader030.vdocuments.pub/reader030/viewer/2022020301/5885d3a61a28ab42028b6f53/html5/thumbnails/22.jpg)
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of
AvePoint, Inc.
O365 : Partage vers l’exterieur
![Page 23: Initiation à la conformité dans Office365](https://reader030.vdocuments.pub/reader030/viewer/2022020301/5885d3a61a28ab42028b6f53/html5/thumbnails/23.jpg)
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of
AvePoint, Inc.
MFA• Communément : Double authentification
![Page 24: Initiation à la conformité dans Office365](https://reader030.vdocuments.pub/reader030/viewer/2022020301/5885d3a61a28ab42028b6f53/html5/thumbnails/24.jpg)
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of
AvePoint, Inc.
RMS• Azure Right Management
• Chiffrement de contenu, d’e-mail
![Page 25: Initiation à la conformité dans Office365](https://reader030.vdocuments.pub/reader030/viewer/2022020301/5885d3a61a28ab42028b6f53/html5/thumbnails/25.jpg)
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of
AvePoint, Inc.
MDM•Mobile Device Management
•Mobilité
• Policy
![Page 26: Initiation à la conformité dans Office365](https://reader030.vdocuments.pub/reader030/viewer/2022020301/5885d3a61a28ab42028b6f53/html5/thumbnails/26.jpg)
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of
AvePoint, Inc.
La conformité au coeur de l’organisation
![Page 27: Initiation à la conformité dans Office365](https://reader030.vdocuments.pub/reader030/viewer/2022020301/5885d3a61a28ab42028b6f53/html5/thumbnails/27.jpg)
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of
AvePoint, Inc.
Responsables « Conformité »
• CISO / RSSI
• CPO / CIL / DPO
![Page 28: Initiation à la conformité dans Office365](https://reader030.vdocuments.pub/reader030/viewer/2022020301/5885d3a61a28ab42028b6f53/html5/thumbnails/28.jpg)
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of
AvePoint, Inc.
![Page 29: Initiation à la conformité dans Office365](https://reader030.vdocuments.pub/reader030/viewer/2022020301/5885d3a61a28ab42028b6f53/html5/thumbnails/29.jpg)
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of
AvePoint, Inc.
Roadmap
![Page 30: Initiation à la conformité dans Office365](https://reader030.vdocuments.pub/reader030/viewer/2022020301/5885d3a61a28ab42028b6f53/html5/thumbnails/30.jpg)
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of
AvePoint, Inc.
Roadmap• SharePoint 2016- Intégration de la recherche
des données sensibles
O365 roadmap : http://success.office.com/en-us/roadmap
![Page 31: Initiation à la conformité dans Office365](https://reader030.vdocuments.pub/reader030/viewer/2022020301/5885d3a61a28ab42028b6f53/html5/thumbnails/31.jpg)
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of
AvePoint, Inc.
Q / A