2. Mobile-first,
cloud-first reality
Mobile devices
72% of the U.S. workforce will
be mobile by 2020, relying on
devices other than their laptop
to be productive.
72% 1/3
Shadow IT
By 2022, a third of successful
attacks experienced by
enterprises will be on their
shadow IT resources.
Data breaches
63% of confirmed data breaches
involved weak, default, or stolen
passwords.
63%
3. Information
Rights
Management
Mobile Device
& Application
Management
Cloud Access
Security
Broker
SIEM
Data Loss
Prevention
User &
Entity
Behavioral
Analytics
Mobile
Data Loss
Prevention
Threat
Detection
Identity
governance
Single-
sign on
Cloud
Data Loss
Prevention
Conditional
access
Discovery
Cloud
visibility
Secure
collaboration
Cloud
anomaly
detection
Identity & Access
Management
4. Identity & Access
Management
Mobile Device
& Application
Management
Data Loss
Prevention
User &
Entity
Behavioral
Analytics
Cloud Access
Security
Broker
Information
Rights
Management
Protect at the
front door
Detect &
remediate attacks
Protect your
data anywhere
Cloud Access Security Broker
Mobile Device &
App Management
Identity & Access
Management
User & Entity
Behavioral Analytics
Data Loss Prevention
Cloud Access Security Broker
6. How do I gain visibility into cloud
apps used in my organization
and get a risk assessment?
How can I prevent data loss in
cloud apps and stay compliant
with regulations?
How do I protect cloud apps
and the data in them from
security attacks?
How can I control and limit access
to data in cloud apps?
7. A comprehensive, intelligent security solution that extends the visibility, real-time control, and security you
have in your on-premises network to your cloud applications
ControlDiscover Protect
8. Microsoft Cloud App Security
Discover and
assess risks
Control access
in real time
Detect
threats
Protect your
information
Identify cloud apps on your
network, gain visibility into shadow
IT, and get risk assessments and
ongoing analytics.
Manage and limit cloud app
access based on conditions and
session context, including user
identity, device, and location.
Identify high-risk usage and
detect unusual behavior using
Microsoft threat intelligence
and research.
Get granular control over data
and use built-in or custom
policies for data sharing and
data loss prevention.
Threat detection: Microsoft Intelligent Security Graph, Office ATP
Information Protection: Office 365 & Azure Information Protection
Identity: Azure AD and Conditional Access
To your cloud appsExtend Microsoft security
+ more
9. Anomalous usage alerts
New apps and trending apps
alerts
Identify and close policy
enforcement gaps
Programmatically generate
blocking scripts to supported
network appliances
On-going
protection
and analytics
Discover cloud apps in use across
your networks
Investigate users and source IP
cloud usage
Create custom views and reports
for business units, networks and
groups
Optional PII anonymized reports
Shadow IT
discovery
Risk assessment
and migration
to business-
ready apps
Risk assessment for 15,000+ cloud
apps based on 60 security and
compliance risk factors
Un-sanction, sanction and protect
apps
Customize labels, notes, weight in
risk scoring and override per app
risk assessment to support internal
workflows
Integrates with
Your network appliances, SIEM
11. MICROSOFT’S APPROACH TO INFORMATION PROTECTION
Detect ProtectClassify Monitor
C L O U DD E V I C E S O N P R E M I S E S
Comprehensive protection of sensitive data throughout the lifecycle – inside and
outside the organization
Scan & detect sensitive
data based on policy
Classify data and apply
labels based on sensitivity
Apply protection actions,
including encryption,
access restrictions
Reporting, alerts,
remediation
12. Identify policy violations
Investigate incidents and
related activities
Quarantine and permissions
removal
Monitor &
investigate
Visibility to sharing level and
classification labels
Quantify over-sharing exposure
and compliance risks
Detect and manage 3rd apps
access
Gain visibility
into data and
sharing
Classify, label and
protect
Govern data in the cloud with granular
DLP policies
Leverage Microsoft’s Information
Protection capabilities for classification
Automatically protect your data using
Azure Information Protection
Integrates with
Azure Information Protection, Office 365, External DLP solutions
13. Control access to cloud apps
based on user, location, device
and app
Identify managed devices via VPN
(location based), Domain joined
devices, Intune compliant devices
or client certificates
Supports any SAML-based app,
any OS
Context-aware
session policies
Investigate &
enforce app and
data restrictions
Enforce browser-based “view only”
mode for low-trust sessions
Limit access to sensitive data
Classify, label and protect on
download
Visibility into for unmanaged device
activity
Integrates with
Azure Active Directory
Unique integration
with Azure AD
Integral component of Azure AD
Conditional Access
Simple deployment directly from
your Azure AD portal
Leverages existing device
management mechanisms, no
additional deployment required
14. Leverages Microsoft
Intelligent Security Graph:
Unique insights, informed by
trillions of signals across
Microsoft’s customer base
Native integration with Office
Threat Intelligence
Threat
Intelligence
Identify anomalies in your cloud
environment via advanced
behavioral analytics
Built-in detections for leading
threat scenarios: Ransomware,
admin take-over, shared accounts
Behavioral
analytics &
ransomware
detection
Advanced
investigation &
remediation
Pivot on users, IP addresses, resources,
activities and locations
Customize detections based on your
findings
Automate remediation with Azure AD
Integrates with
Microsoft Intelligent Security Graph, 3rd party SIEM solutions
15. Office 365 Cloud App Security
Enhanced visibility and control for Office 365
• Advanced security alerts
• Productivity app discovery
• App permissions and control
Available in Office E5
Microsoft Cloud App Security
Integrated security suite across identity, device, apps
and data
• Discovery of Shadow IT
• Unified Information protection
• Automated detection and remediation
Available standalone and as a part of EMS E5
16. of enterprises indicated
security as a top
challenge holding back
SaaS adoption*
73%
SaaS adoption challenge
• Cloud Security Alliance (CSA) survey, Cloud Adoption, Practices and Priorities Survey Report 2015
** http://www.computing.co.uk/ctg/news/2321750/more-than-80-per-cent-of-employees-use-non-approved-saas-apps-report
>80% of employees
admit to using non-
approved SaaS apps in
their jobs**
80%
17. Technology Benefit E3 E5
Azure Active Directory
Premium P1
Secure single sign-on to cloud and on-premises app
MFA, conditional access, and advanced security reporting ● ●
Azure Active Directory
Premium P2
Identity and access management with advanced protection for
users and privileged identities ●
Microsoft Intune
Mobile device and app management to protect corporate apps
and data on any device ● ●
Azure Information Protection P1
Encryption for all files and storage locations
Cloud-based file tracking
● ●
Azure Information Protection P2
Intelligent classification and encryption for files shared inside
and outside your organization ●
Microsoft Cloud App Security
Enterprise-grade visibility, control, and protection for your
cloud applications ●
Microsoft Advanced Threat Analytics
Protection from advanced targeted attacks leveraging user
and entity behavioral analytics ● ●
Identity and access
management
Managed mobile
productivity
Information
protection
Threat protection
18. Microsoft Cloud App Security Office 365 Advanced Security Management
Cloud
Discovery
Discovered apps 15,000 + cloud apps 750+ cloud apps with similar functionality to Office 365
Deployment for discovery analysis Manual and automatic log upload Manual log upload
Log anonymization for user privacy Yes Yes
Access to full Cloud App Catalog Yes
Cloud app risk assessment Yes
Cloud usage analytics per app, user, IP address Yes
Ongoing analytics & reporting Yes
Anomaly detection for discovered apps Yes
Information
Protection
Data Loss Prevention (DLP) support Cross-SaaS DLP and data sharing control Uses existing Office DLP (available in Office E3 and above)
App permissions and ability to revoke access Yes Yes
Policy setting and enforcement Yes
Integration with Azure Information Protection Yes
Integration with third party DLP solutions Yes
Threat
Detection
Anomaly detection and behavioral analytics For Cross-SaaS apps including Office 365 For Office 365 apps
Manual and automatic alert remediation Yes Yes
SIEM connector Yes. Alerts and activity logs for cross-SaaS apps. Yes. Office 365 alerts only.
Integration to Microsoft Intelligent Security Graph Yes Yes
Activity policies Yes Yes
https://docs.microsoft.com/en-us/cloud-app-security/editions-cloud-app-security