In late February, Microsoft announced a new security service called Microsoft Cloud App Security. This latest security offering by Microsoft focuses on helping companies manage all of the different cloud services their employees are connecting to.
The challenge is that in many organizations, employees use multiple cloud services to share data and collaborate in the current digital workplace. This can lead to an organization’s data being shared externally without their knowledge and with no control over what happens to it. All of these unofficial Software as a Service (SaaS) clouds to which employees are connecting are beyond the company’s reach or even knowledge, and they’ve become what the Microsoft Cyber Trust staff refers to as the company’s Shadow IT.
This Shadow IT problem is where Microsoft’s new Cloud App Security comes in. Based on technology from Microsoft’s acquisition of Adallom, the new Cloud App Security services is a “comprehensive cloud-delivered service built for IT and security teams to help combat one of the top security concerns today: “How can we gain deeper visibility, stronger controls and enhanced protection for cloud apps?”
Microsft is announcing today the general availability of their new Cloud App Security service. In today’s announcement, Microsoft describes Cloud App Security as providing the following three key security features:
- App Discovery: Cloud App Security identifies all cloud applications in your network—from all devices—and provides risk scoring and ongoing risk assessment and analytics.
- Data Control: With special focus on sanctioned apps, you can set granular controls and policies for data sharing and loss prevention (DLP) leveraging API-based integration. You can use either out-of-the-box policies or build and customize your own.
- Threat Protection: Cloud App Security provides threat protection for your cloud applications leveraging user behavioral analytics and anomaly detection.
Cloud App Security accomplishes this by first connecting to your network logs and then by connecting to your sanctioned apps. The list of sanctioned apps includes Office 365, Box, Okta, Google Apps, Service Now, Salesforce, Dropbox, and even Amazon Web Services. Once connected to the logs and sanctioned apps, Cloud App Security will scan and analyze for users, data, and activities. The analysis then gives IT pros a full picture of what cloud services their company’s data is connected to, and they can begin handing out out-of-the-box alerts or establish custom data control policies.
This new security service helps companies manage the every growing list of enterprise cloud services their employees are connecting to, which is a real problem that exposes the company to more security threats and data leaks. It also further demonstrates Microsoft’s commitment to being a mobile first cloud first company as it works to help companies manage multiple cloud services and give companies a holistic picture of their IT security.