![]() ![]() ![]() ![]() But what about having visibility on what end users are doing after they are cleared for accessing that cloud app? What IT admins need is a broker that can sit between end users and the cloud app, and act as a guardian that can monitor what is happening during that session, and perhaps applying controls according to a predefined set of conditions. So far, all what IT admins can do is ensure end users are accessing those applications from trusted networks, managed devices, or even by using strong authentication. Microsoft provides the Cloud App Catalog as part of their cloud app security service, to help IT admin sanction or un-sanction cloud apps based on a risk score, where each app gets a risk score based on comprehensive set of check lists.įinally, it is obvious that sometimes employees need to access third party cloud applications. While detecting such applications is one challenge, having the ability to give a risk score for such applications is not an easy task. This new type of collaboration-based behavior analysis is what Microsoft cloud app security can provide as one of its many services.įurthermore, shadow IT is becoming a nightmare for IT admins, as end users are not afraid anymore to use third party unapproved SaaS applications, to help them get the work done. This can be in the form of mass file download from his OneDrive or sharing sensitive documents to eternal collaborators. A user can access Office 365 from a managed device, providing the correct credential, with no detected risk on his authentication session, but still his actions inside Office 365 from collaboration perspective can be considered suspicious. Moreover, Microsoft Advanced threat Protection family of products like Azure Advanced Threat Protection, Windows Defender ATP and Office 365 ATP, help mitigating zero-day attacks and detecting lateral movements inside corporate networks.Īs the new security trend is based on AI, machine learning and detecting anomalies, it is obvious that there is opportunity to apply the same thing to end user’s collaboration experience inside Office 365. This is sometimes called Management as a Service, and Intune provides unique device and application protection capabilities, so that corporate data are always protected on devices, and compliance rules can be enforced before granting access.Īzure Information Protection helps protecting the data itself by providing rich set of right management and encryption controls via labeling, encryption and document tracking capabilities. Azure AD Identity Protection from the other side helps mitigating risky authentications and can identify users at risks based on their authentication behavior. Moreover, Intune and configuration manager help managing and applying security policies to devices and mobile apps. Microsoft provides a suite of security solutions that can help securing corporate identities, devices, application and data.Īs more data is moving to the cloud, and with the rapid adoption of SaaS applications, Identity Driven Security becomes the new front-end protection gate that can enforce set of controls when accessing cloud apps. Microsoft Conditional Access is a brilliant offering from Microsoft that helps restricting and controlling access to SaaS applications based on rich set of conditions. There is always a trade-off between moving to the cloud with all its benefits, and the challenge of keeping an organization secure. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |