The past few months have changed the way we work in many ways, working from home, social distancing, and remote operations have all had impacts on our previously known ways of life. At Microsoft, we have been working hard to assist our customers adjust to this rapidly changing and evolving work environment. As has been the case for a while now, this is anchored in the framework of Zero Trust, an approach that we believe is critical to a strong security posture. At its heart, Zero Trust is all about applying visibility, adhering to governance requirements, and enforcing control of cloud apps, services, assets and workloads.
As businesses adapt to the increase in remote work and unmanaged device use, Cloud Access Security Broker (CASB) use has accelerated. According to the most recent report from Gartner, “CASBs (have become) essential elements of cloud security strategies.”
We believe that Cloud App Security is a critical component of any security portfolio to enable a Zero Trust security approach. Organizations across all customer segments are securing their apps with Microsoft Cloud App Security, from large enterprises in professional services like Accenture to health organizations such as St. Luke’s.
According to a recent Total Economic Impact (TEI) study commissioned from Forrester Consulting, customers can save time, resources, and improve security with Microsoft Cloud App Security. The Forrester study shows a three-year 151 percent return on investment (ROI) less than a three-month payback on Cloud App Security investment. Indeed, at Microsoft Cloud App Security is leveraged internally and it has been great to see the momentum across our customers, where we crossed the threshold of protecting 100 million users in the summer of 2020. We have been building to deliver a unique perspective from which customers can leverage control and governance has been recognized with this year’s Gartner Magic Quadrant for Cloud Access Security Brokers (CASB).
Microsoft Cloud App Security is Microsoft’s CASB. This essential productivity and security enabler helps organizations gain visibility into their cloud apps and services. It provides sophisticated analytics to identify and combat cyberthreats and control the travel of sensitive information to equally support Microsoft’s native cloud services, as well as numerous third party cloud apps and services, such as Dropbox, Salesforce, and others.
Our vision for the CASB category is to push beyond just controlling SaaS apps and into IaaS and PaaS posture recommendations and management. We believe it is incumbent on us to provide our customers with a holistic security solution that acknowledges their security estate across platforms and clouds. We deliver this vision through five key capabilities:
- Shadow IT Discovery enables customers to see clearly into the opaque space of cloud usage; in addition to traditional proxy and firewall logs, we extend this discovery to the endpoint with an integration with Microsoft Defender for Endpoint. This integration also powers Endpoint CASB capabilities, allowing Cloud App Security to enforce threat protection and information protection policies on every supported endpoint. Once visibility into cloud resource usage is in place, customers can start applying control and management policies.
- Information Protection capabilities, identifying the most critical information, and applying policy and access controls, are significant investments for customers. Through deep integration with Microsoft Information Protection, together with the reverse proxy capabilities of Cloud App Security, customers have the power to enforce complex information and DLP (Data Loss Prevention) policies across Microsoft and 3rd party enterprise apps.
- Threat Protection leverages Microsoft Defender for Identity to provide a unified view into the identities of an organization across on-premises and cloud resources and monitor behaviors and highlight abnormalities, in addition to blocking nefarious content and malicious payloads.
- Secure Access capabilities provided by Cloud App Security are deeply connected with Azure Active Directory (Azure AD) allowing customers to enforce and monitor access and session policies across all managed cloud resources.
- Cloud Security Posture Management (CSPM) assessment and governance, which is founded in close collaboration with Azure Security Center, providing Multi-Cloud security posture (AWS, GCP, and more) to customers.
Microsoft remains committed to Cloud App Security and we are actively looking at which areas of investment are the most beneficial to our customers. For example, we will extend multi-application SaaS Security Posture Management (SSPM) capabilities as a core scenario across our security offerings, and we will continue to listen to our customers on how we can best help them in their efforts to maintain a strong security posture.
Read this complimentary copy of the Gartner Magic Quadrant for Cloud Access Security Brokers for the analysis behind Microsoft’s position as a Leader.
You can also read Forrester’s Total Economic Impact ™ of Microsoft Cloud App Security for details on how Cloud App Security can save time and money.
For more information about our CASB solution, visit our website and stay up to date with our blog. Want to see our CASB in action? Start a free trial today and learn how to get started with our detailed technical documentation.
* Gartner Magic Quadrant for Cloud Access Security Brokers, Craig Lawson, Steve Riley, October 28, 2020.
This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Microsoft.
Gartner does not endorse any vendor, product, or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.