EMS Partner Community: Introduction to Microsoft Cloud App Security


Nick Johnson - Technology Solutions Professional

Have you ever signed up for a cloud-based application on your own to help you get your job done? If so, within minutes of signup it’s likely you were putting company information and data into that application. Did you tell your company you were using it? Did you know whether the application met your company’s security and privacy standards?

Odds are you or someone you know has done this. Studies show that more than 80% of employees admit to using non-approved software as a service (SaaS) applications in their jobs (Stratecast, 2013). Users choose to tap into the cloud applications that are available because they help us get our jobs done more efficiently. But in the interest of getting our jobs done, we often ignore, or aren’t aware of, the potential risk. That doesn’t make the risk any less real.

What is the risk? Any time company data is entered into a system that is outside of your company’s control, you are trusting others to protect your information as well as you would.

For anyone who works in an IT or Security role, you have to balance out the need to protect the company, while enabling workers to be as efficient and productive as possible. Put too many controls in place, and users will strike out on their own to find a solution. Enable too few controls, and company data will be at risk. In addition, IT and Security are faced with the challenge of discovering all the cloud apps that are being used, and determining if they meet company standards.

As a partner, you probably see this tension between productivity and security in your customers regularly. A solution that offered a way to discover all the cloud apps that are being used, investigate them, put controls in place, and be alerted if something or someone exceeds the limits of control would let your customers stay secure and continue their digital transformation.

Introduction to Cloud App Security

Microsoft Cloud App Security is a component of Microsoft Enterprise Mobility + Security E5, and enables customers to discover and secure all the cloud apps in use within their organizations. Once the apps are discovered customers can put comprehensive controls in place for management and monitoring.

Sign up for the October 27 EMS Partner Community call

Cloud App Security overview

Watch this 2-minute introduction to Cloud App Security

The video introduction highlights three functions of Cloud App Security: visibility, data control, and threat protection.

Visibility

The discovery engine leverages logs from firewalls and proxies in an organization to determine what apps are being used. It can discover 13,000+ apps today. No client-side agents are required, ensuring the discovery process does not block production systems. Discovery is also able to automatically ingest log data on a regular basis to ensure always up-to-date information.

Once apps have been discovered, Cloud App Security assigns a risk score based on 60+ parameters. This risk score is based on each individual app’s security mechanisms and compliance regulations.

Here is what the Discover section of the Cloud App Security dashboard looks like.

Cloud App Security - Cloud Discovery page

Data control

Once applications have been discovered, Administrators can set controls for each app, and choose to sanction or block apps. Admins can also leverage what are calls App Connectors to monitor what happens in sanctioned apps.

Policies are used to enable granular-control for approved apps. These policies are used to govern data in the cloud, such as files stored in cloud drives, attachments, or within cloud apps. Finally, the policies are enforced by Cloud App Security to help admins identify policy violations, investigate on a user, files, or activity level. When a policy is enforced it can quarantine files, remove permissions, block sensitive transactions, and more.

Threat protection

Ongoing threat protection enables Admins to identify anomalies in their cloud environment that could indicate a breach as well as leveraging behavioral analytics to assess risk in each transaction. Cloud App Security can also identify and stop known attack pattern activities originating from risky sources with threat prevention enhanced with the vast Microsoft threat intelligence capabilities.

Learn more

In an upcoming post, I’ll look at Cloud App Security architecture and how to get started using it. If you want to learn more now, here are some suggested learnings.

Level 100 Level 200 Level 300
Cloud App Security data sheet (download)

Cloud App Security infographic (download)

Microsoft Mechanics Cloud App Security video

Technical Overview video

Setup Essentials video

Log Upload video

Getting Started article

Daily activities to protect your cloud environment

Deploying Microsoft EMS

Troubleshooting resources

The partner opportunity

Digital transformation and moving to the cloud changes the way we must think about security. No longer is a firewall sufficient. Protecting identities, apps, data, devices, and infrastructure is a critical conversation to have with every customer. Customers need to feel confident that they are protected in the cloud, and not just in the Microsoft Cloud. As partners, you can help them build that confidence through leveraging Cloud App Security and EMS as  part of the Microsoft Security platform.

On the October 27 EMS Partner Community call, we’ll go into depth on this topic, and I’ll be joined by a Microsoft Cloud App Security expert.

Sign up for the October 27 community call

Enterprise Mobility + Security (EMS) Partner Community

Comments about this blog post, or questions about the topic? Let us know in the Enterprise Mobility + Security Partners Yammer group.

EMS partner community call Oct 27     EMS Partners Yammer group     Learn more about Cloud App Security


Comments (2)

  1. Kazzan says:

    Hello, as Microsoft partner, we receive Office 365 E5 and EMS suite to our MPN IUR. But we do not see Cloud App Security in Admin Center to be activated. Can be this done?

    1. Nick Johnson says:

      I’d encourage you to join our Yammer group and post your question. http://aka.ms/usemsyammer

Skip to main content