Migrating to the cloud and keeping all your corporate data secure is always a big challenge. Many companies do not migrate to the cloud just because it is vulnerable. If you are still not on the cloud it does not mean your data is secure as your employees are already using multiple cloud applications i.e. for socializing, for ticketing and many other things. So, it means they are also accessing their cloud application using corporate workstations. The main challenge arises when you want to protect your data and keep an eye on all the applications running on your workstations.
To answer all the concerns of companies regarding their data security, Microsoft brings Cloud application security. It provides you complete visibility into every activity happening in your organization.
Microsoft Cloud App Security:
Microsoft Cloud App Security natively integrates with leading Microsoft solutions and is designed with security professionals in mind. It provides simple deployment, centralized management, and innovative automation capabilities.
CAS covers four main areas
Shadow IT Discovery
- Identify the cloud apps, IaaS, and PaaS services used by your organization. Investigate usage patterns, assess the risk levels and business readiness of more than 16,000 SaaS apps against more than 80 risks. Start managing them to ensure security and compliance.
- Understand, classify, and protect the exposure of sensitive information at rest. Leverage out-of-the box policies and automated processes to apply controls in real-time across all your cloud apps.
- Detect unusual behavior across cloud apps to identify ransomware, compromised users or rogue applications, analyze high-risk usage and remediate automatically to limit the risk to your organization.
- Assess if your cloud apps meet relevant compliance requirements including regulatory compliance and industry standards. Prevent data leaks to non-compliant apps, and limit access to regulated data.
- Understand, classify, and protect the exposure of sensitive information at rest. Leverage out-of-the box policies and automated processes to apply con
It can identify more than 16,000 applications that employees are using in your organization, CAS evaluates every application with 80+ risk factors and starts managing them to ensure security and compliance. The assessment of each app is particularly crucial – a study of 33,000 apps revealed less than 1% had the built-in security requirements for regular business use and 39% were not suitable for business use at all.
Here is an example how CAS collect logs from firewalls and proxies and shows you which user is using SaaS application and the amount of data downloaded or uploaded from your workstations:
You can see that 1.6GB of data is used on social network. We can also go into the details to get information about the which application’s are being used and also get the details of the user.
In the screenshot above you can see the details of social application where the data is being used now if we click on the application, we will get the details about users and how much data have been passed through your organization network.
You can also check how much data is transmitted through risky apps and you can also check the details of the users who are using these apps.
Apart from getting log details from firewalls we can also connect other cloud platforms to the Cloud App Security if you are using EMS E5 license or Microsoft 365 E5 license. The screenshot below shows how many other cloud platforms you can integrate with Cloud App Security
Currently we are connected to Office 365 and Microsoft Azure in this tenant.
You can see the activity log of the users who are in cloud. For example, their location, IP address, what they did on the cloud and on which devices they are using corporate data.
Cloud App Security also provides you deep insights about the activity of the user with corporate files/folders.
- Owner of the file
- File creation date
- Last edited date
Cloud App Security also provides the ability to create polices for your corporate data. You can also create conditional access policies in Cloud App Security for the users. There are already different templates already available to help you create new policies from the scratch.