SlideShare una empresa de Scribd logo

Microsoft Cloud Application Security Overview

Descargar como PPTX, PDF
Syed Sabhi Haider
Syed Sabhi Haider

Overview of Microsoft Cloud Application Security which is a part of Microsoft Enterprise Mobility Suite (EMS Security)

Tecnología
1 de 20
GET VISIBILITY, DATA CONTROL AND THREAT PROTECTION TO YOUR CLOUD APPS
Mobile-first, cloud-first reality Mobile devices 72% of the U.S. workforce will be mobile by 2020, relying on devices other than their laptop to be productive. 72% 1/3 Shadow IT By 2022, a third of successful attacks experienced by enterprises will be on their shadow IT resources. Data breaches 63% of confirmed data breaches involved weak, default, or stolen passwords. 63%
Information Rights Management Mobile Device & Application Management Cloud Access Security Broker SIEM Data Loss Prevention User & Entity Behavioral Analytics Mobile Data Loss Prevention Threat Detection Identity governance Single- sign on Cloud Data Loss Prevention Conditional access Discovery Cloud visibility Secure collaboration Cloud anomaly detection Identity & Access Management
Identity & Access Management Mobile Device & Application Management Data Loss Prevention User & Entity Behavioral Analytics Cloud Access Security Broker Information Rights Management Protect at the front door Detect & remediate attacks Protect your data anywhere Cloud Access Security Broker Mobile Device & App Management Identity & Access Management User & Entity Behavioral Analytics Data Loss Prevention Cloud Access Security Broker
Protect at the front door Detect & remediate attacks Protect your data anywhere
How do I gain visibility into cloud apps used in my organization and get a risk assessment? How can I prevent data loss in cloud apps and stay compliant with regulations? How do I protect cloud apps and the data in them from security attacks? How can I control and limit access to data in cloud apps?
A comprehensive, intelligent security solution that extends the visibility, real-time control, and security you have in your on-premises network to your cloud applications ControlDiscover Protect
Microsoft Cloud App Security Discover and assess risks Control access in real time Detect threats Protect your information Identify cloud apps on your network, gain visibility into shadow IT, and get risk assessments and ongoing analytics. Manage and limit cloud app access based on conditions and session context, including user identity, device, and location. Identify high-risk usage and detect unusual behavior using Microsoft threat intelligence and research. Get granular control over data and use built-in or custom policies for data sharing and data loss prevention. Threat detection: Microsoft Intelligent Security Graph, Office ATP Information Protection: Office 365 & Azure Information Protection Identity: Azure AD and Conditional Access To your cloud appsExtend Microsoft security + more
Anomalous usage alerts New apps and trending apps alerts Identify and close policy enforcement gaps Programmatically generate blocking scripts to supported network appliances On-going protection and analytics Discover cloud apps in use across your networks Investigate users and source IP cloud usage Create custom views and reports for business units, networks and groups Optional PII anonymized reports Shadow IT discovery Risk assessment and migration to business- ready apps Risk assessment for 15,000+ cloud apps based on 60 security and compliance risk factors Un-sanction, sanction and protect apps Customize labels, notes, weight in risk scoring and override per app risk assessment to support internal workflows Integrates with Your network appliances, SIEM
See CSP’s categories, risk levels, and compliance certifications Identify high risk usage and cloud app security violations
MICROSOFT’S APPROACH TO INFORMATION PROTECTION Detect ProtectClassify Monitor C L O U DD E V I C E S O N P R E M I S E S Comprehensive protection of sensitive data throughout the lifecycle – inside and outside the organization Scan & detect sensitive data based on policy Classify data and apply labels based on sensitivity Apply protection actions, including encryption, access restrictions Reporting, alerts, remediation
Identify policy violations Investigate incidents and related activities Quarantine and permissions removal Monitor & investigate Visibility to sharing level and classification labels Quantify over-sharing exposure and compliance risks Detect and manage 3rd apps access Gain visibility into data and sharing Classify, label and protect Govern data in the cloud with granular DLP policies Leverage Microsoft’s Information Protection capabilities for classification Automatically protect your data using Azure Information Protection Integrates with Azure Information Protection, Office 365, External DLP solutions
Control access to cloud apps based on user, location, device and app Identify managed devices via VPN (location based), Domain joined devices, Intune compliant devices or client certificates Supports any SAML-based app, any OS Context-aware session policies Investigate & enforce app and data restrictions Enforce browser-based “view only” mode for low-trust sessions Limit access to sensitive data Classify, label and protect on download Visibility into for unmanaged device activity Integrates with Azure Active Directory Unique integration with Azure AD Integral component of Azure AD Conditional Access Simple deployment directly from your Azure AD portal Leverages existing device management mechanisms, no additional deployment required
Leverages Microsoft Intelligent Security Graph: Unique insights, informed by trillions of signals across Microsoft’s customer base Native integration with Office Threat Intelligence Threat Intelligence Identify anomalies in your cloud environment via advanced behavioral analytics Built-in detections for leading threat scenarios: Ransomware, admin take-over, shared accounts Behavioral analytics & ransomware detection Advanced investigation & remediation Pivot on users, IP addresses, resources, activities and locations Customize detections based on your findings Automate remediation with Azure AD Integrates with Microsoft Intelligent Security Graph, 3rd party SIEM solutions
Office 365 Cloud App Security Enhanced visibility and control for Office 365 • Advanced security alerts • Productivity app discovery • App permissions and control Available in Office E5 Microsoft Cloud App Security Integrated security suite across identity, device, apps and data • Discovery of Shadow IT • Unified Information protection • Automated detection and remediation Available standalone and as a part of EMS E5
of enterprises indicated security as a top challenge holding back SaaS adoption* 73% SaaS adoption challenge • Cloud Security Alliance (CSA) survey, Cloud Adoption, Practices and Priorities Survey Report 2015 ** http://www.computing.co.uk/ctg/news/2321750/more-than-80-per-cent-of-employees-use-non-approved-saas-apps-report >80% of employees admit to using non- approved SaaS apps in their jobs** 80%
Technology Benefit E3 E5 Azure Active Directory Premium P1 Secure single sign-on to cloud and on-premises app MFA, conditional access, and advanced security reporting ● ● Azure Active Directory Premium P2 Identity and access management with advanced protection for users and privileged identities ● Microsoft Intune Mobile device and app management to protect corporate apps and data on any device ● ● Azure Information Protection P1 Encryption for all files and storage locations Cloud-based file tracking ● ● Azure Information Protection P2 Intelligent classification and encryption for files shared inside and outside your organization ● Microsoft Cloud App Security Enterprise-grade visibility, control, and protection for your cloud applications ● Microsoft Advanced Threat Analytics Protection from advanced targeted attacks leveraging user and entity behavioral analytics ● ● Identity and access management Managed mobile productivity Information protection Threat protection
Microsoft Cloud App Security Office 365 Advanced Security Management Cloud Discovery Discovered apps 15,000 + cloud apps 750+ cloud apps with similar functionality to Office 365 Deployment for discovery analysis Manual and automatic log upload Manual log upload Log anonymization for user privacy Yes Yes Access to full Cloud App Catalog Yes Cloud app risk assessment Yes Cloud usage analytics per app, user, IP address Yes Ongoing analytics & reporting Yes Anomaly detection for discovered apps Yes Information Protection Data Loss Prevention (DLP) support Cross-SaaS DLP and data sharing control Uses existing Office DLP (available in Office E3 and above) App permissions and ability to revoke access Yes Yes Policy setting and enforcement Yes Integration with Azure Information Protection Yes Integration with third party DLP solutions Yes Threat Detection Anomaly detection and behavioral analytics For Cross-SaaS apps including Office 365 For Office 365 apps Manual and automatic alert remediation Yes Yes SIEM connector Yes. Alerts and activity logs for cross-SaaS apps. Yes. Office 365 alerts only. Integration to Microsoft Intelligent Security Graph Yes Yes Activity policies Yes Yes https://docs.microsoft.com/en-us/cloud-app-security/editions-cloud-app-security
From SaaS providers
Microsoft Cloud Application Security Overview

Recomendados

An introduction to Defender for Business
An introduction to Defender for BusinessAn introduction to Defender for Business
An introduction to Defender for Business
Robert Crane
 
7 Experts on Implementing Microsoft 365 Defender
7 Experts on Implementing Microsoft 365 Defender7 Experts on Implementing Microsoft 365 Defender
7 Experts on Implementing Microsoft 365 Defender
Mighty Guides, Inc.
 
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan
David J Rosenthal
 
Azure Information Protection
Azure Information ProtectionAzure Information Protection
Azure Information Protection
Robert Crane
 
Microsoft intune
Microsoft intuneMicrosoft intune
Microsoft intune
ManishKumar959920
 
Microsoft Azure Security Overview
Microsoft Azure Security OverviewMicrosoft Azure Security Overview
Microsoft Azure Security Overview
Alert Logic
 
Microsoft 365 Security Overview
Microsoft 365 Security OverviewMicrosoft 365 Security Overview
Microsoft 365 Security Overview
Robert Crane
 
Working with MS Endpoint Manager
Working with MS Endpoint ManagerWorking with MS Endpoint Manager
Working with MS Endpoint Manager
George Grammatikos
 

Recomendados

An introduction to Defender for Business
An introduction to Defender for BusinessAn introduction to Defender for Business
An introduction to Defender for Business
Robert Crane
 
7 Experts on Implementing Microsoft 365 Defender
7 Experts on Implementing Microsoft 365 Defender7 Experts on Implementing Microsoft 365 Defender
7 Experts on Implementing Microsoft 365 Defender
Mighty Guides, Inc.
 
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan
David J Rosenthal
 
Azure Information Protection
Azure Information ProtectionAzure Information Protection
Azure Information Protection
Robert Crane
 
Microsoft intune
Microsoft intuneMicrosoft intune
Microsoft intune
ManishKumar959920
 
Microsoft Azure Security Overview
Microsoft Azure Security OverviewMicrosoft Azure Security Overview
Microsoft Azure Security Overview
Alert Logic
 
Microsoft 365 Security Overview
Microsoft 365 Security OverviewMicrosoft 365 Security Overview
Microsoft 365 Security Overview
Robert Crane
 
Working with MS Endpoint Manager
Working with MS Endpoint ManagerWorking with MS Endpoint Manager
Working with MS Endpoint Manager
George Grammatikos
 
Microsoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewMicrosoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 Overview
David J Rosenthal
 
Microsoft Cloud App Security
Microsoft Cloud App SecurityMicrosoft Cloud App Security
Microsoft Cloud App Security
Microsoft
 
Overview of Microsoft Teams and Data Loss Prevention(DLP)
Overview of Microsoft Teams and Data Loss Prevention(DLP)Overview of Microsoft Teams and Data Loss Prevention(DLP)
Overview of Microsoft Teams and Data Loss Prevention(DLP)
Radhakrishnan Govindan
 
Securely Harden Microsoft 365 with Secure Score
Securely Harden Microsoft 365 with Secure ScoreSecurely Harden Microsoft 365 with Secure Score
Securely Harden Microsoft 365 with Secure Score
Joel Oleson
 
Windows intune
Windows intuneWindows intune
Windows intune
Iron Cove Solutions
 
48. Azure Active Directory - Part 1
48. Azure Active Directory - Part 148. Azure Active Directory - Part 1
48. Azure Active Directory - Part 1
Shawn Ismail
 
Azure conditional access
Azure conditional accessAzure conditional access
Azure conditional access
Tad Yoke
 
Microsoft 365 Security and Compliance
Microsoft 365 Security and ComplianceMicrosoft 365 Security and Compliance
Microsoft 365 Security and Compliance
David J Rosenthal
 
Azure sentinel
Azure sentinelAzure sentinel
Azure sentinel
Marius Sandbu
 
07 - Defend Against Threats with SIEM Plus XDR Workshop - Microsoft Sentinel ...
07 - Defend Against Threats with SIEM Plus XDR Workshop - Microsoft Sentinel ...07 - Defend Against Threats with SIEM Plus XDR Workshop - Microsoft Sentinel ...
07 - Defend Against Threats with SIEM Plus XDR Workshop - Microsoft Sentinel ...
carlitocabana
 
Microsoft Office 365 Advanced Threat Protection
Microsoft Office 365 Advanced Threat ProtectionMicrosoft Office 365 Advanced Threat Protection
Microsoft Office 365 Advanced Threat Protection
David J Rosenthal
 
Azure Virtual Desktop Overview.pptx
Azure Virtual Desktop Overview.pptxAzure Virtual Desktop Overview.pptx
Azure Virtual Desktop Overview.pptx
ceyhan1
 
Microsoft Defender and Azure Sentinel
Microsoft Defender and Azure SentinelMicrosoft Defender and Azure Sentinel
Microsoft Defender and Azure Sentinel
David J Rosenthal
 
Azure security and Compliance
Azure security and ComplianceAzure security and Compliance
Azure security and Compliance
Karina Matos
 
M365 e3 and identity and threat protection and compliance new skus
M365 e3 and identity and threat protection and compliance new skusM365 e3 and identity and threat protection and compliance new skus
M365 e3 and identity and threat protection and compliance new skus
SpencerLuke2
 
Microsoft Information Protection: Your Security and Compliance Framework
Microsoft Information Protection: Your Security and Compliance FrameworkMicrosoft Information Protection: Your Security and Compliance Framework
Microsoft Information Protection: Your Security and Compliance Framework
Alistair Pugin
 
Windows Virtual Desktop Powered By Microsoft Azure
Windows Virtual Desktop Powered By Microsoft AzureWindows Virtual Desktop Powered By Microsoft Azure
Windows Virtual Desktop Powered By Microsoft Azure
David J Rosenthal
 
Microsoft Azure Information Protection
Microsoft Azure Information Protection Microsoft Azure Information Protection
Microsoft Azure Information Protection
Syed Sabhi Haider
 
Microsoft Zero Trust
Microsoft Zero TrustMicrosoft Zero Trust
Microsoft Zero Trust
David J Rosenthal
 
Modern Devices Management
Modern Devices ManagementModern Devices Management
Modern Devices Management
Atanas Gergiminov
 
Get ahead of cybersecurity with MS Enterprise Mobility + Security
Get ahead of cybersecurity with MS Enterprise Mobility + Security Get ahead of cybersecurity with MS Enterprise Mobility + Security
Get ahead of cybersecurity with MS Enterprise Mobility + Security
Kjetil Lund-Paulsen
 
Get Ahead of Cyber Attacks with Microsoft Enterprise Mobility + Security
Get Ahead of Cyber Attacks with Microsoft Enterprise Mobility + SecurityGet Ahead of Cyber Attacks with Microsoft Enterprise Mobility + Security
Get Ahead of Cyber Attacks with Microsoft Enterprise Mobility + Security
David J Rosenthal
 

Más contenido relacionado

La actualidad más candente

Securely Harden Microsoft 365 with Secure Score
Securely Harden Microsoft 365 with Secure ScoreSecurely Harden Microsoft 365 with Secure Score
Securely Harden Microsoft 365 with Secure Score
Joel Oleson
 
Microsoft 365 Security and Compliance
Microsoft 365 Security and ComplianceMicrosoft 365 Security and Compliance
Microsoft 365 Security and Compliance
David J Rosenthal
 
07 - Defend Against Threats with SIEM Plus XDR Workshop - Microsoft Sentinel ...
07 - Defend Against Threats with SIEM Plus XDR Workshop - Microsoft Sentinel ...07 - Defend Against Threats with SIEM Plus XDR Workshop - Microsoft Sentinel ...
07 - Defend Against Threats with SIEM Plus XDR Workshop - Microsoft Sentinel ...
carlitocabana
 
Windows Virtual Desktop Powered By Microsoft Azure
Windows Virtual Desktop Powered By Microsoft AzureWindows Virtual Desktop Powered By Microsoft Azure
Windows Virtual Desktop Powered By Microsoft Azure
David J Rosenthal
 
Microsoft Zero Trust
Microsoft Zero TrustMicrosoft Zero Trust
Microsoft Zero Trust
David J Rosenthal
 

La actualidad más candente (20)

Microsoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewMicrosoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 Overview
 
Microsoft Cloud App Security
Microsoft Cloud App SecurityMicrosoft Cloud App Security
Microsoft Cloud App Security
 
Overview of Microsoft Teams and Data Loss Prevention(DLP)
Overview of Microsoft Teams and Data Loss Prevention(DLP)Overview of Microsoft Teams and Data Loss Prevention(DLP)
Overview of Microsoft Teams and Data Loss Prevention(DLP)
 
Securely Harden Microsoft 365 with Secure Score
Securely Harden Microsoft 365 with Secure ScoreSecurely Harden Microsoft 365 with Secure Score
Securely Harden Microsoft 365 with Secure Score
 
Windows intune
Windows intuneWindows intune
Windows intune
 
48. Azure Active Directory - Part 1
48. Azure Active Directory - Part 148. Azure Active Directory - Part 1
48. Azure Active Directory - Part 1
 
Azure conditional access
Azure conditional accessAzure conditional access
Azure conditional access
 
Microsoft 365 Security and Compliance
Microsoft 365 Security and ComplianceMicrosoft 365 Security and Compliance
Microsoft 365 Security and Compliance
 
Azure sentinel
Azure sentinelAzure sentinel
Azure sentinel
 
07 - Defend Against Threats with SIEM Plus XDR Workshop - Microsoft Sentinel ...
07 - Defend Against Threats with SIEM Plus XDR Workshop - Microsoft Sentinel ...07 - Defend Against Threats with SIEM Plus XDR Workshop - Microsoft Sentinel ...
07 - Defend Against Threats with SIEM Plus XDR Workshop - Microsoft Sentinel ...
 
Microsoft Office 365 Advanced Threat Protection
Microsoft Office 365 Advanced Threat ProtectionMicrosoft Office 365 Advanced Threat Protection
Microsoft Office 365 Advanced Threat Protection
 
Azure Virtual Desktop Overview.pptx
Azure Virtual Desktop Overview.pptxAzure Virtual Desktop Overview.pptx
Azure Virtual Desktop Overview.pptx
 
Microsoft Defender and Azure Sentinel
Microsoft Defender and Azure SentinelMicrosoft Defender and Azure Sentinel
Microsoft Defender and Azure Sentinel
 
Azure security and Compliance
Azure security and ComplianceAzure security and Compliance
Azure security and Compliance
 
M365 e3 and identity and threat protection and compliance new skus
M365 e3 and identity and threat protection and compliance new skusM365 e3 and identity and threat protection and compliance new skus
M365 e3 and identity and threat protection and compliance new skus
 
Microsoft Information Protection: Your Security and Compliance Framework
Microsoft Information Protection: Your Security and Compliance FrameworkMicrosoft Information Protection: Your Security and Compliance Framework
Microsoft Information Protection: Your Security and Compliance Framework
 
Windows Virtual Desktop Powered By Microsoft Azure
Windows Virtual Desktop Powered By Microsoft AzureWindows Virtual Desktop Powered By Microsoft Azure
Windows Virtual Desktop Powered By Microsoft Azure
 
Microsoft Azure Information Protection
Microsoft Azure Information Protection Microsoft Azure Information Protection
Microsoft Azure Information Protection
 
Microsoft Zero Trust
Microsoft Zero TrustMicrosoft Zero Trust
Microsoft Zero Trust
 
Modern Devices Management
Modern Devices ManagementModern Devices Management
Modern Devices Management
 

Similar a Microsoft Cloud Application Security Overview

Enterprise Mobility+Security Overview
Enterprise Mobility+Security Overview Enterprise Mobility+Security Overview
Enterprise Mobility+Security Overview
Chris Genazzio
 
Microsoft 365 eEnterprise E5 Overview
Microsoft 365 eEnterprise E5 OverviewMicrosoft 365 eEnterprise E5 Overview
Microsoft 365 eEnterprise E5 Overview
David J Rosenthal
 
Microsoft Security - New Capabilities In Microsoft 365 E5 Plans
Microsoft Security - New Capabilities In Microsoft 365 E5 PlansMicrosoft Security - New Capabilities In Microsoft 365 E5 Plans
Microsoft Security - New Capabilities In Microsoft 365 E5 Plans
David J Rosenthal
 
Xylos Clients Day - Public cloud and security go hand in hand, if you approac...
Xylos Clients Day - Public cloud and security go hand in hand, if you approac...Xylos Clients Day - Public cloud and security go hand in hand, if you approac...
Xylos Clients Day - Public cloud and security go hand in hand, if you approac...
Karim Vaes
 
Microsoft Enterprise Mobility Suite Presented by Atidan
Microsoft Enterprise Mobility Suite Presented by AtidanMicrosoft Enterprise Mobility Suite Presented by Atidan
Microsoft Enterprise Mobility Suite Presented by Atidan
David J Rosenthal
 

Similar a Microsoft Cloud Application Security Overview (20)

Get ahead of cybersecurity with MS Enterprise Mobility + Security
Get ahead of cybersecurity with MS Enterprise Mobility + Security Get ahead of cybersecurity with MS Enterprise Mobility + Security
Get ahead of cybersecurity with MS Enterprise Mobility + Security
 
Get Ahead of Cyber Attacks with Microsoft Enterprise Mobility + Security
Get Ahead of Cyber Attacks with Microsoft Enterprise Mobility + SecurityGet Ahead of Cyber Attacks with Microsoft Enterprise Mobility + Security
Get Ahead of Cyber Attacks with Microsoft Enterprise Mobility + Security
 
Enterprise Mobility+Security Overview
Enterprise Mobility+Security Overview Enterprise Mobility+Security Overview
Enterprise Mobility+Security Overview
 
Gestión de identidad
Gestión de identidadGestión de identidad
Gestión de identidad
 
Microsoft Intune y Gestión de Identidad Corporativa
Microsoft Intune y Gestión de Identidad Corporativa Microsoft Intune y Gestión de Identidad Corporativa
Microsoft Intune y Gestión de Identidad Corporativa
 
Securing your Organization with Microsoft 365
Securing your Organization with Microsoft 365Securing your Organization with Microsoft 365
Securing your Organization with Microsoft 365
 
Sikkerhed & Compliance i en cloud-verden
Sikkerhed & Compliance i en cloud-verdenSikkerhed & Compliance i en cloud-verden
Sikkerhed & Compliance i en cloud-verden
 
Techorama - Shadow IT with Cloud Apps
Techorama - Shadow IT with Cloud AppsTechorama - Shadow IT with Cloud Apps
Techorama - Shadow IT with Cloud Apps
 
Microsoft 365 eEnterprise E5 Overview
Microsoft 365 eEnterprise E5 OverviewMicrosoft 365 eEnterprise E5 Overview
Microsoft 365 eEnterprise E5 Overview
 
Security management
Security managementSecurity management
Security management
 
Security As A Service
Security As A ServiceSecurity As A Service
Security As A Service
 
Power Saturday 2019 E1 - Office 365 security
Power Saturday 2019 E1 - Office 365 securityPower Saturday 2019 E1 - Office 365 security
Power Saturday 2019 E1 - Office 365 security
 
Microsoft Security - New Capabilities In Microsoft 365 E5 Plans
Microsoft Security - New Capabilities In Microsoft 365 E5 PlansMicrosoft Security - New Capabilities In Microsoft 365 E5 Plans
Microsoft Security - New Capabilities In Microsoft 365 E5 Plans
 
Microsoft Enterprise Mobility and Security EMS
Microsoft Enterprise Mobility and Security EMSMicrosoft Enterprise Mobility and Security EMS
Microsoft Enterprise Mobility and Security EMS
 
Information protection & classification
Information protection & classificationInformation protection & classification
Information protection & classification
 
Thr30117 - Securely logging to Microsoft 365
Thr30117 - Securely logging to Microsoft 365Thr30117 - Securely logging to Microsoft 365
Thr30117 - Securely logging to Microsoft 365
 
Xylos Clients Day - Public cloud and security go hand in hand, if you approac...
Xylos Clients Day - Public cloud and security go hand in hand, if you approac...Xylos Clients Day - Public cloud and security go hand in hand, if you approac...
Xylos Clients Day - Public cloud and security go hand in hand, if you approac...
 
Microsoft Enterprise Mobility Suite Presented by Atidan
Microsoft Enterprise Mobility Suite Presented by AtidanMicrosoft Enterprise Mobility Suite Presented by Atidan
Microsoft Enterprise Mobility Suite Presented by Atidan
 
Teknisen tietoturvan minimivaatimukset
Teknisen tietoturvan minimivaatimuksetTeknisen tietoturvan minimivaatimukset
Teknisen tietoturvan minimivaatimukset
 
20181213 - wazug protecting your data with azure ad
20181213 - wazug protecting your data with azure ad20181213 - wazug protecting your data with azure ad
20181213 - wazug protecting your data with azure ad
 

Último

Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Angeliki Cooney
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 

Último (20)

Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 

Microsoft Cloud Application Security Overview

  • 1. GET VISIBILITY, DATA CONTROL AND THREAT PROTECTION TO YOUR CLOUD APPS
  • 2. Mobile-first, cloud-first reality Mobile devices 72% of the U.S. workforce will be mobile by 2020, relying on devices other than their laptop to be productive. 72% 1/3 Shadow IT By 2022, a third of successful attacks experienced by enterprises will be on their shadow IT resources. Data breaches 63% of confirmed data breaches involved weak, default, or stolen passwords. 63%
  • 3. Information Rights Management Mobile Device & Application Management Cloud Access Security Broker SIEM Data Loss Prevention User & Entity Behavioral Analytics Mobile Data Loss Prevention Threat Detection Identity governance Single- sign on Cloud Data Loss Prevention Conditional access Discovery Cloud visibility Secure collaboration Cloud anomaly detection Identity & Access Management
  • 4. Identity & Access Management Mobile Device & Application Management Data Loss Prevention User & Entity Behavioral Analytics Cloud Access Security Broker Information Rights Management Protect at the front door Detect & remediate attacks Protect your data anywhere Cloud Access Security Broker Mobile Device & App Management Identity & Access Management User & Entity Behavioral Analytics Data Loss Prevention Cloud Access Security Broker
  • 5. Protect at the front door Detect & remediate attacks Protect your data anywhere
  • 6. How do I gain visibility into cloud apps used in my organization and get a risk assessment? How can I prevent data loss in cloud apps and stay compliant with regulations? How do I protect cloud apps and the data in them from security attacks? How can I control and limit access to data in cloud apps?
  • 7. A comprehensive, intelligent security solution that extends the visibility, real-time control, and security you have in your on-premises network to your cloud applications ControlDiscover Protect
  • 8. Microsoft Cloud App Security Discover and assess risks Control access in real time Detect threats Protect your information Identify cloud apps on your network, gain visibility into shadow IT, and get risk assessments and ongoing analytics. Manage and limit cloud app access based on conditions and session context, including user identity, device, and location. Identify high-risk usage and detect unusual behavior using Microsoft threat intelligence and research. Get granular control over data and use built-in or custom policies for data sharing and data loss prevention. Threat detection: Microsoft Intelligent Security Graph, Office ATP Information Protection: Office 365 & Azure Information Protection Identity: Azure AD and Conditional Access To your cloud appsExtend Microsoft security + more
  • 9. Anomalous usage alerts New apps and trending apps alerts Identify and close policy enforcement gaps Programmatically generate blocking scripts to supported network appliances On-going protection and analytics Discover cloud apps in use across your networks Investigate users and source IP cloud usage Create custom views and reports for business units, networks and groups Optional PII anonymized reports Shadow IT discovery Risk assessment and migration to business- ready apps Risk assessment for 15,000+ cloud apps based on 60 security and compliance risk factors Un-sanction, sanction and protect apps Customize labels, notes, weight in risk scoring and override per app risk assessment to support internal workflows Integrates with Your network appliances, SIEM
  • 10. See CSP’s categories, risk levels, and compliance certifications Identify high risk usage and cloud app security violations
  • 11. MICROSOFT’S APPROACH TO INFORMATION PROTECTION Detect ProtectClassify Monitor C L O U DD E V I C E S O N P R E M I S E S Comprehensive protection of sensitive data throughout the lifecycle – inside and outside the organization Scan & detect sensitive data based on policy Classify data and apply labels based on sensitivity Apply protection actions, including encryption, access restrictions Reporting, alerts, remediation
  • 12. Identify policy violations Investigate incidents and related activities Quarantine and permissions removal Monitor & investigate Visibility to sharing level and classification labels Quantify over-sharing exposure and compliance risks Detect and manage 3rd apps access Gain visibility into data and sharing Classify, label and protect Govern data in the cloud with granular DLP policies Leverage Microsoft’s Information Protection capabilities for classification Automatically protect your data using Azure Information Protection Integrates with Azure Information Protection, Office 365, External DLP solutions
  • 13. Control access to cloud apps based on user, location, device and app Identify managed devices via VPN (location based), Domain joined devices, Intune compliant devices or client certificates Supports any SAML-based app, any OS Context-aware session policies Investigate & enforce app and data restrictions Enforce browser-based “view only” mode for low-trust sessions Limit access to sensitive data Classify, label and protect on download Visibility into for unmanaged device activity Integrates with Azure Active Directory Unique integration with Azure AD Integral component of Azure AD Conditional Access Simple deployment directly from your Azure AD portal Leverages existing device management mechanisms, no additional deployment required
  • 14. Leverages Microsoft Intelligent Security Graph: Unique insights, informed by trillions of signals across Microsoft’s customer base Native integration with Office Threat Intelligence Threat Intelligence Identify anomalies in your cloud environment via advanced behavioral analytics Built-in detections for leading threat scenarios: Ransomware, admin take-over, shared accounts Behavioral analytics & ransomware detection Advanced investigation & remediation Pivot on users, IP addresses, resources, activities and locations Customize detections based on your findings Automate remediation with Azure AD Integrates with Microsoft Intelligent Security Graph, 3rd party SIEM solutions
  • 15. Office 365 Cloud App Security Enhanced visibility and control for Office 365 • Advanced security alerts • Productivity app discovery • App permissions and control Available in Office E5 Microsoft Cloud App Security Integrated security suite across identity, device, apps and data • Discovery of Shadow IT • Unified Information protection • Automated detection and remediation Available standalone and as a part of EMS E5
  • 16. of enterprises indicated security as a top challenge holding back SaaS adoption* 73% SaaS adoption challenge • Cloud Security Alliance (CSA) survey, Cloud Adoption, Practices and Priorities Survey Report 2015 ** http://www.computing.co.uk/ctg/news/2321750/more-than-80-per-cent-of-employees-use-non-approved-saas-apps-report >80% of employees admit to using non- approved SaaS apps in their jobs** 80%
  • 17. Technology Benefit E3 E5 Azure Active Directory Premium P1 Secure single sign-on to cloud and on-premises app MFA, conditional access, and advanced security reporting ● ● Azure Active Directory Premium P2 Identity and access management with advanced protection for users and privileged identities ● Microsoft Intune Mobile device and app management to protect corporate apps and data on any device ● ● Azure Information Protection P1 Encryption for all files and storage locations Cloud-based file tracking ● ● Azure Information Protection P2 Intelligent classification and encryption for files shared inside and outside your organization ● Microsoft Cloud App Security Enterprise-grade visibility, control, and protection for your cloud applications ● Microsoft Advanced Threat Analytics Protection from advanced targeted attacks leveraging user and entity behavioral analytics ● ● Identity and access management Managed mobile productivity Information protection Threat protection
  • 18. Microsoft Cloud App Security Office 365 Advanced Security Management Cloud Discovery Discovered apps 15,000 + cloud apps 750+ cloud apps with similar functionality to Office 365 Deployment for discovery analysis Manual and automatic log upload Manual log upload Log anonymization for user privacy Yes Yes Access to full Cloud App Catalog Yes Cloud app risk assessment Yes Cloud usage analytics per app, user, IP address Yes Ongoing analytics & reporting Yes Anomaly detection for discovered apps Yes Information Protection Data Loss Prevention (DLP) support Cross-SaaS DLP and data sharing control Uses existing Office DLP (available in Office E3 and above) App permissions and ability to revoke access Yes Yes Policy setting and enforcement Yes Integration with Azure Information Protection Yes Integration with third party DLP solutions Yes Threat Detection Anomaly detection and behavioral analytics For Cross-SaaS apps including Office 365 For Office 365 apps Manual and automatic alert remediation Yes Yes SIEM connector Yes. Alerts and activity logs for cross-SaaS apps. Yes. Office 365 alerts only. Integration to Microsoft Intelligent Security Graph Yes Yes Activity policies Yes Yes https://docs.microsoft.com/en-us/cloud-app-security/editions-cloud-app-security

Notas del editor

  1. 2
  2. 8