On Demand
- Cloud App Security Portal Microsoft
- Microsoft Cloud App Security Docs
- Microsoft Cloud Application Security Software
Better protection across your cloud apps
More than 80% of employees admit to using non-approved cloud applications at work. While these apps are essential to today's connected workforce, they also introduce a new set of security concerns. Microsoft Cloud App Security is a Cloud Access Security Broker (CASB) solution that gives you visibility into your cloud apps and services, provides sophisticated analytics to identify and combat cyberthreats, and enables you to control how your data travels across all the apps in your organization.
Join this webinar to:
More than 80% of employees admit to using non-approved cloud applications at work. While these apps are essential to today's connected workforce, they also introduce a new set of security concerns. Microsoft Cloud App Security is a Cloud Access Security Broker (CASB) solution that gives you visibility into your cloud apps and services, provides sophisticated analytics to identify and combat cyberthreats, and enables you to control how your data travels across all the apps in your organization.
Join this webinar to:
- Find out how to detect and mitigate cyberthreats like malware and risky OAuth apps in your institution's network.
- See how you can discover and more safely manage your Shadow IT.
- Learn how your institution can get started with Microsoft Cloud App Security right away.
Speaker
Kim Kischel
Senior Product Marketing Manager,
Cloud App Security,
Microsoft
[REPLACE] Chris Capossela
[REPLACE] Chief Marketing Officer, Microsoft Corporation
Applies to: Microsoft Cloud App Security
Note
For information about Office 365 Cloud App Security, see Get started with Office 365 Cloud App Security.
Moving to the cloud increases flexibility for employees and IT alike. However, it also introduces new challenges and complexities for keeping your organization secure. To get the full benefit of cloud apps and services, an IT team must find the right balance of supporting access while maintaining control to protect critical data.
Microsoft Cloud App Security is a Cloud Access Security Broker that supports various deployment modes including log collection, API connectors, and reverse proxy. It provides rich visibility, control over data travel, and sophisticated analytics to identify and combat cyberthreats across all your Microsoft and third-party cloud services.
Microsoft Cloud App Security natively integrates with leading Microsoft solutions and is designed with security professionals in mind. It provides simple deployment, centralized management, and innovative automation capabilities.
For information about licensing, see the Microsoft Cloud App Security licensing datasheet.
The Cloud App Security framework
- Discover and control the use of Shadow IT: Identify the cloud apps, IaaS, and PaaS services used by your organization. Investigate usage patterns, assess the risk levels and business readiness of more than 16,000 SaaS apps against more than 80 risks. Start managing them to ensure security and compliance.
- Protect your sensitive information anywhere in the cloud: Understand, classify, and protect the exposure of sensitive information at rest. Leverage out-of-the box policies and automated processes to apply controls in real-time across all your cloud apps.
- Protect against cyberthreats and anomalies: Detect unusual behavior across cloud apps to identify ransomware, compromised users or rogue applications, analyze high-risk usage and remediate automatically to limit the risk to your organization.
- Assess the compliance of your cloud apps: Assess if your cloud apps meet relevant compliance requirements including regulatory compliance and industry standards. Prevent data leaks to non-compliant apps, and limit access to regulated data.
Architecture
Cloud App Security integrates visibility with your cloud by:
- Using Cloud Discovery to map and identify your cloud environment and the cloud apps your organization is using.
- Sanctioning and unsanctioning apps in your cloud.
- Using easy-to-deploy app connectors that take advantage of provider APIs, for visibility and governance of apps that you connect to.
- Using Conditional Access App Control protection to get real-time visibility and control over access and activities within your cloud apps.
- Helping you have continuous control by setting, and then continually fine-tuning, policies.
Data retention & compliance
For more information about Microsoft Cloud App Security data retention and compliance, see Microsoft Cloud App Security data security and privacy.
Cloud Discovery
Cloud Discovery uses your traffic logs to dynamically discover and analyze the cloud apps that your organization is using. To create a snapshot report of your organization's cloud use, you can manually upload log files from your firewalls or proxies for analysis. To set up continuous reports, use Cloud App Security log collectors to periodically forward your logs.
For more information about Cloud Discovery, see Set up Cloud Discovery.
Sanctioning and unsanctioning an app
You can use Cloud App Security to sanction or unsanction apps in your organization by using the Cloud app catalog. The Microsoft team of analysts has an extensive and continuously growing catalog of over 16,000 cloud apps that are ranked and scored based on industry standards. You can use the Cloud app catalog to rate the risk for your cloud apps based on regulatory certifications, industry standards, and best practices. Then, customize the scores and weights of various parameters to your organization's needs. Based on these scores, Cloud App Security lets you know how risky an app is. Scoring is based on over 70 risk factors that might affect your environment.
App connectors
App connectors use APIs from cloud app providers to integrate the Cloud App Security cloud with other cloud apps. App connectors extend control and protection. They also give you access to information directly from cloud apps, for Cloud App Security analysis.
To connect an app and extend protection, the app administrator authorizes Cloud App Security to access the app. Then, Cloud App Security queries the app for activity logs, and it scans data, accounts, and cloud content. Cloud App Security can enforce policies, detects threats, and provides governance actions for resolving issues.
Cloud App Security uses the APIs provided by the cloud provider. Each app has its own framework and API limitations. Cloud App Security works with app providers on optimizing the use of APIs to ensure the best performance. Considering the various limitations that apps impose on APIs (such as throttling, API limits, and dynamic time-shifting API windows), the Cloud App Security engines utilize the allowed capacity. Some operations, like scanning all files in the tenant, require a large number of APIs, so they're spread over a longer period. Expect some policies to run for several hours or several days.
Conditional Access App Control protection
Microsoft Cloud App Security Conditional Access App Control uses reverse proxy architecture to give you the tools you need to have real-time visibility and control over access to and activities performed within your cloud environment. With Conditional Access App Control, you can protect your organization:
- Avoid data leaks by blocking downloads before they happen
- Set rules that force data stored in and downloaded from the cloud to be protected with encryption
- Gain visibility into unprotected endpoints so you can monitor what's being done on unmanaged devices
- Control access from non-corporate networks or risky IP addresses
Policy control
You can use policies to define your users' behavior in the cloud. Use policies to detect risky behavior, violations, or suspicious data points and activities in your cloud environment. If needed, you can use policies to integrate remediation processes to achieve complete risk mitigation. Types of policies correlate to the different types of information you might want to gather about your cloud environment and the types of remediation actions you might take.
Related Videos
Next steps
Read about the basics in Getting started with Cloud App Security.
Premier customers can also create a new support request directly in the Premier Portal.
Azure Information Protection training
Learn how to classify, label, and protect your data using Azure Information Protection.Microsoft Mechanics: protection updates
In this episode of Microsoft Mechanics, we go hands-on with the new updates to Azure Information Protection.Cybersecurity reference strategies
Learn Microsoft cybersecurity reference strategies that help you plan for and manage the threats and capabilities faced by modern enterprises.Overview of Cloud App Security
Gain a greater understanding of Microsoft Cloud App Security with experts who explore the complete set of data protection features for cloud apps.Deploying Windows Information Protection
See a demonstration of how to deploy and maintain Windows Information Protection, the mobile application management (MAM) mechanism for Windows.Roundtable: Information protection at Microsoft
Microsoft security experts answer questions about how we protect information at Microsoft.Cybersecurity reference architecture
With the Microsoft Cybersecurity Reference Architecture, plan and implement a security strategy to protect a hybrid of on-premises and cloud assets.Security in Office 365
Learn how to plan, implement, and manage security in Office 365.
Applies to: Microsoft Cloud App Security
This quickstart provides you with steps for getting up and running with Cloud App Security. Microsoft Cloud App Security can help you take advantage of the benefits of cloud applications while maintaining control of your corporate resources. It works by improving visibility of cloud activity and helping to increase the protection of corporate data. In this article, we walk you through the steps you take to set up and work with Microsoft Cloud App Security.
Your organization must have a license to use Cloud App Security. For more information, see the How to buy Cloud App Security section on the Cloud App Security home page.
Note
You don't need an Office 365 license to use Cloud App Security.
Prerequisites
- Your organization must have a license for Cloud App Security to use the product. For more information, see the How to buy Cloud App Security section on the Cloud App Security home page.For tenant activation support, see Contact Office 365 for business support - Admin Help.
- After you have a license for Cloud App Security, you'll receive an email with activation information and a link to the Cloud App Security portal.
- To set up Cloud App Security, you must be a Global Administrator, a Compliance Administrator, or a Security Reader in Azure Active Directory or Office 365. It's important to understand that a user who is assigned an admin role will have the same permissions across all of the cloud apps that your organization has subscribed to. This is regardless of whether you assign the role in the Microsoft 365 admin center, or in the Azure classic portal, or by using the Azure AD module for Windows PowerShell. For more information, see Assigning admin roles in Office 365 and Assigning administrator roles in Azure Active Directory.
- To run the Cloud App Security portal, use Internet Explorer 11, Microsoft Edge (latest), Google Chrome (latest), Mozilla Firefox (latest), or Apple Safari (latest).
To access the portal
To access the Cloud App Security portal, go to https://portal.cloudappsecurity.com.
You can also access the portal through the Microsoft 365 admin center by clicking the Admin centers icon. Then select Cloud App Security.
You can also access the portal through the Microsoft 365 admin center by clicking the Admin centers icon. Then select Cloud App Security.
Step 1. Set instant visibility, protection, and governance actions for your apps.
Required task: Connect apps
- From the settings cog, select App connectors.
- Click the plus sign to add an app and select an app.
- Follow the configuration steps to connect the app.
Why connect an app?After you connect an app, you can gain deeper visibility so you can investigate activities, files, and accounts for the apps in your cloud environment.
Step 2. Control cloud apps with policies.
Required task: Create policies
To create policies
- Go to Control > Templates.
- Select a policy template from the list, and then choose (+) Create policy.
- Customize the policy (select filters, actions, and other settings), and then choose Create.
- On the Policies tab, choose the policy to see the relevant matches (activities, files, alerts).Tip: To cover all your cloud environment security scenarios, create a policy for each risk category.
How can policies help your organization?You can use policies to help you monitor trends, see security threats, and generate customized reports and alerts. With policies, you can create governance actions, and set data loss prevention and file-sharing controls.
Cloud App Security Portal Microsoft
Step 3. Set up Cloud Discovery.
Required task: Enable Cloud App Security to view your cloud app use
- Integrate with Microsoft Defender ATP to automatically enable Cloud App Security to monitor your Windows 10 devices inside and outside your corporation.
- If you use Zscaler, integrate it with Cloud App Security.
- To achieve full coverage, create a continuous Cloud Discovery report
- From the settings cog, select Cloud Discovery settings.
- Choose Automatic log upload.
- On the Data sources tab, add your sources.
- On the Log collectors tab, configure the log collector.
To create a snapshot Cloud Discovery report
Go to Discover > Snapshot report and follow the steps shown.
Why should you configure Cloud Discovery reports?Having visibility into shadow IT in your organization is critical.After your logs are analyzed, you can easily find which cloud apps are being used, by which people, and on which devices.
Step 4. Personalize your experience.
Recommended task: Add your organization details
To enter email settings
- From the settings cog, select Mail settings.
- Under Email sender identity, enter your email addresses and display name.
- Under Email design, upload your organization's email template.
To set admin notifications
- In the navigation bar, choose your user name, and then go to User settings.
- Under Notifications, configure the methods you want to set for system notifications.
- Choose Save.
To customize the score metrics
- From the settings cog, select Cloud Discovery settings.
- From the settings cog, select Cloud Discovery settings.
- Under Score metrics, configure the importance of various risk values.
- Choose Save.
Now the risk scores given to discovered apps are configured precisely according to your organization needs and priorities.
Why personalize your environment?Some features work best when they're customized to your needs.Provide a better experience for your users with your own email templates. Decide what notifications you receive and customize your risk score metric to fit your organization’s preferences.
Step 5. Organize the data according to your needs.
Recommended task: Configure important settings
To create IP address tags
Microsoft Cloud App Security Docs
- From the settings cog, select Cloud Discovery settings.
- From the settings cog, select IP address ranges.
- Click the plus sign to add an IP address range.It is amazing how real the environments look and feel, you really feel like you’re running through the canyons of Tatooine or the icy trenches on Hoth. Fighting Stormtroopers in an almost perfect looking Endor while the sun sets into darkness is an amazing experience.The character models and weapons all look fantastic too; DICE’s time at the Lucasfilm archives definitely helped with the look of the game. Star wars battlefront ultimate review. DICE uses direct sound effects from the movies; the iconic TIE Fighter roar, the heavy sounding AT-AT noises, the purr of a lightsaber and even a couple sound effects from the prequels in the form of the bubble shield and Boba Fett’s blaster. All of the details from the actual costumes and props in the films are present in the game; from the look of an X-Wing to the dents all over Boba Fett’s battle-worn armor.The animations are also a site to behold as everything looks just like it does in the movies. The animation on the AT-ST is particularly impressive as DICE has perfected the odd way it walks, something no other game featuring the iconic vehicle has gotten right.SoundDICE has always been praised for their sound design and they haven’t let us down with Battlefront‘s sounds.
- Enter the IP range details, location, tags, and category.
- Choose Create.Now you can use IP tags when you create policies, and when you filter and create continuous reports.
To create continuous reports
- From the settings cog, Cloud Discovery settings.
- Under Continuous reports, choose Create report.
- Follow the configuration steps.
- Choose Create.
Now you can view discovered data based on your own preferences, such as business units or IP ranges.
To add domains
- From the settings cog, select Settings.
- Under Organization details, add your organization's internal domains.
- Choose Save.
Microsoft Cloud Application Security Software
Why should you configure these settings?These settings help give you better control of features in the console. With IP tags, it's easier to create policies that fit your needs, to accurately filter data, and more. Use Data views to group your data into logical categories.
Next Steps
Set policies Control cloud apps with policies.
Premier customers can also create a new support request directly in the Premier Portal. Download xenserver to vmware windows 7.