Microsoft Cloud App Security integrating with Office365
As part of the new Microsoft Enterprise Mobility + Security E5 or as a standalone product, Cloud App Security is a new product which deliveres alot of cool functionality. Up until now, alot of the products in the EMS space have been aimed at controlling the endpoints (Intune) , controlling and protecting the data (Azure information protection), and protecting the user (Azure AD) and with Cloud App Security, it is more of controlling the data flow and getting if users are violating rules and creating alerts if they for instance are sharing data with the competitors for instance. Another example might just be that an user clicked wrong and shared data with ALL external resources for instance. (Here is the list of supported Cloud Appilcations and API’s https://docs.microsoft.com/nb-no/cloud-app-security/enable-instant-visibility-protection-and-governance-actions-for-your-apps)
Now it can integrate directly to different cloud applications using connectors which leverages the apps API’s to search and identify risks. Now in most cases that might not be enough, for instance an application might not have opened their APIs to dig down into the material, but Cloud app Security can also use uploaded traffic logs from on-premises proxies and firewalls like Palo Alto, Cisco, Forefront and such and also hypervisor, which allows it to collect larger amounts of data and digest it ( Here is a list of supported network devices –> https://docs.microsoft.com/nb-no/cloud-app-security/set-up-cloud-discovery )
Read the entire article here, Microsoft Cloud App Security integrating with Office365
via Marius Sandbu.