EMS Partner Community: Introduction to Microsoft Cloud App Security
Have you ever signed up for a cloud-based application on your own to help you get your job done? If so, within minutes of signup it’s likely you were putting company information and data into that application. Did you tell your company you were using it? Did you know whether the application met your company’s security and privacy standards?
Odds are you or someone you know has done this. Studies show that more than 80% of employees admit to using non-approved software as a service (SaaS) applications in their jobs (Stratecast, 2013). Users choose to tap into the cloud applications that are available because they help us get our jobs done more efficiently. But in the interest of getting our jobs done, we often ignore, or aren’t aware of, the potential risk. That doesn’t make the risk any less real.
What is the risk? Any time company data is entered into a system that is outside of your company’s control, you are trusting others to protect your information as well as you would.
For anyone who works in an IT or Security role, you have to balance out the need to protect the company, while enabling workers to be as efficient and productive as possible. Put too many controls in place, and users will strike out on their own to find a solution. Enable too few controls, and company data will be at risk. In addition, IT and Security are faced with the challenge of discovering all the cloud apps that are being used, and determining if they meet company standards.
As a partner, you probably see this tension between productivity and security in your customers regularly. A solution that offered a way to discover all the cloud apps that are being used, investigate them, put controls in place, and be alerted if something or someone exceeds the limits of control would let your customers stay secure and continue their digital transformation.
Introduction to Cloud App Security
Microsoft Cloud App Security is a component of Microsoft Enterprise Mobility + Security E5, and enables customers to discover and secure all the cloud apps in use within their organizations. Once the apps are discovered customers can put comprehensive controls in place for management and monitoring.
The video introduction highlights three functions of Cloud App Security: visibility, data control, and threat protection.
The discovery engine leverages logs from firewalls and proxies in an organization to determine what apps are being used. It can discover 13,000+ apps today. No client-side agents are required, ensuring the discovery process does not block production systems. Discovery is also able to automatically ingest log data on a regular basis to ensure always up-to-date information.
Once apps have been discovered, Cloud App Security assigns a risk score based on 60+ parameters. This risk score is based on each individual app’s security mechanisms and compliance regulations.
Here is what the Discover section of the Cloud App Security dashboard looks like.
Once applications have been discovered, Administrators can set controls for each app, and choose to sanction or block apps. Admins can also leverage what are calls App Connectors to monitor what happens in sanctioned apps.
Policies are used to enable granular-control for approved apps. These policies are used to govern data in the cloud, such as files stored in cloud drives, attachments, or within cloud apps. Finally, the policies are enforced by Cloud App Security to help admins identify policy violations, investigate on a user, files, or activity level. When a policy is enforced it can quarantine files, remove permissions, block sensitive transactions, and more.
Ongoing threat protection enables Admins to identify anomalies in their cloud environment that could indicate a breach as well as leveraging behavioral analytics to assess risk in each transaction. Cloud App Security can also identify and stop known attack pattern activities originating from risky sources with threat prevention enhanced with the vast Microsoft threat intelligence capabilities.
In an upcoming post, I’ll look at Cloud App Security architecture and how to get started using it. If you want to learn more now, here are some suggested learnings.
|Level 100||Level 200||Level 300|
|Cloud App Security data sheet (download)
Cloud App Security infographic (download)
|Microsoft Mechanics Cloud App Security video||Daily activities to protect your cloud environment|
The partner opportunity
Digital transformation and moving to the cloud changes the way we must think about security. No longer is a firewall sufficient. Protecting identities, apps, data, devices, and infrastructure is a critical conversation to have with every customer. Customers need to feel confident that they are protected in the cloud, and not just in the Microsoft Cloud. As partners, you can help them build that confidence through leveraging Cloud App Security and EMS as part of the Microsoft Security platform.
On the October 27 EMS Partner Community call, we’ll go into depth on this topic, and I’ll be joined by a Microsoft Cloud App Security expert.