SlideShare une entreprise Scribd logo

Microsoft Cloud Application Security Overview

Télécharger en tant que PPTX, PDF
Syed Sabhi Haider
Syed Sabhi Haider

Overview of Microsoft Cloud Application Security which is a part of Microsoft Enterprise Mobility Suite (EMS Security)

Technologie
1  sur  20
GET VISIBILITY, DATA CONTROL AND THREAT PROTECTION TO YOUR CLOUD APPS
Mobile-first, cloud-first reality Mobile devices 72% of the U.S. workforce will be mobile by 2020, relying on devices other than their laptop to be productive. 72% 1/3 Shadow IT By 2022, a third of successful attacks experienced by enterprises will be on their shadow IT resources. Data breaches 63% of confirmed data breaches involved weak, default, or stolen passwords. 63%
Information Rights Management Mobile Device & Application Management Cloud Access Security Broker SIEM Data Loss Prevention User & Entity Behavioral Analytics Mobile Data Loss Prevention Threat Detection Identity governance Single- sign on Cloud Data Loss Prevention Conditional access Discovery Cloud visibility Secure collaboration Cloud anomaly detection Identity & Access Management
Identity & Access Management Mobile Device & Application Management Data Loss Prevention User & Entity Behavioral Analytics Cloud Access Security Broker Information Rights Management Protect at the front door Detect & remediate attacks Protect your data anywhere Cloud Access Security Broker Mobile Device & App Management Identity & Access Management User & Entity Behavioral Analytics Data Loss Prevention Cloud Access Security Broker
Protect at the front door Detect & remediate attacks Protect your data anywhere
How do I gain visibility into cloud apps used in my organization and get a risk assessment? How can I prevent data loss in cloud apps and stay compliant with regulations? How do I protect cloud apps and the data in them from security attacks? How can I control and limit access to data in cloud apps?
A comprehensive, intelligent security solution that extends the visibility, real-time control, and security you have in your on-premises network to your cloud applications ControlDiscover Protect
Microsoft Cloud App Security Discover and assess risks Control access in real time Detect threats Protect your information Identify cloud apps on your network, gain visibility into shadow IT, and get risk assessments and ongoing analytics. Manage and limit cloud app access based on conditions and session context, including user identity, device, and location. Identify high-risk usage and detect unusual behavior using Microsoft threat intelligence and research. Get granular control over data and use built-in or custom policies for data sharing and data loss prevention. Threat detection: Microsoft Intelligent Security Graph, Office ATP Information Protection: Office 365 & Azure Information Protection Identity: Azure AD and Conditional Access To your cloud appsExtend Microsoft security + more
Anomalous usage alerts New apps and trending apps alerts Identify and close policy enforcement gaps Programmatically generate blocking scripts to supported network appliances On-going protection and analytics Discover cloud apps in use across your networks Investigate users and source IP cloud usage Create custom views and reports for business units, networks and groups Optional PII anonymized reports Shadow IT discovery Risk assessment and migration to business- ready apps Risk assessment for 15,000+ cloud apps based on 60 security and compliance risk factors Un-sanction, sanction and protect apps Customize labels, notes, weight in risk scoring and override per app risk assessment to support internal workflows Integrates with Your network appliances, SIEM
See CSP’s categories, risk levels, and compliance certifications Identify high risk usage and cloud app security violations
MICROSOFT’S APPROACH TO INFORMATION PROTECTION Detect ProtectClassify Monitor C L O U DD E V I C E S O N P R E M I S E S Comprehensive protection of sensitive data throughout the lifecycle – inside and outside the organization Scan & detect sensitive data based on policy Classify data and apply labels based on sensitivity Apply protection actions, including encryption, access restrictions Reporting, alerts, remediation
Identify policy violations Investigate incidents and related activities Quarantine and permissions removal Monitor & investigate Visibility to sharing level and classification labels Quantify over-sharing exposure and compliance risks Detect and manage 3rd apps access Gain visibility into data and sharing Classify, label and protect Govern data in the cloud with granular DLP policies Leverage Microsoft’s Information Protection capabilities for classification Automatically protect your data using Azure Information Protection Integrates with Azure Information Protection, Office 365, External DLP solutions
Control access to cloud apps based on user, location, device and app Identify managed devices via VPN (location based), Domain joined devices, Intune compliant devices or client certificates Supports any SAML-based app, any OS Context-aware session policies Investigate & enforce app and data restrictions Enforce browser-based “view only” mode for low-trust sessions Limit access to sensitive data Classify, label and protect on download Visibility into for unmanaged device activity Integrates with Azure Active Directory Unique integration with Azure AD Integral component of Azure AD Conditional Access Simple deployment directly from your Azure AD portal Leverages existing device management mechanisms, no additional deployment required
Leverages Microsoft Intelligent Security Graph: Unique insights, informed by trillions of signals across Microsoft’s customer base Native integration with Office Threat Intelligence Threat Intelligence Identify anomalies in your cloud environment via advanced behavioral analytics Built-in detections for leading threat scenarios: Ransomware, admin take-over, shared accounts Behavioral analytics & ransomware detection Advanced investigation & remediation Pivot on users, IP addresses, resources, activities and locations Customize detections based on your findings Automate remediation with Azure AD Integrates with Microsoft Intelligent Security Graph, 3rd party SIEM solutions
Office 365 Cloud App Security Enhanced visibility and control for Office 365 • Advanced security alerts • Productivity app discovery • App permissions and control Available in Office E5 Microsoft Cloud App Security Integrated security suite across identity, device, apps and data • Discovery of Shadow IT • Unified Information protection • Automated detection and remediation Available standalone and as a part of EMS E5
of enterprises indicated security as a top challenge holding back SaaS adoption* 73% SaaS adoption challenge • Cloud Security Alliance (CSA) survey, Cloud Adoption, Practices and Priorities Survey Report 2015 ** http://www.computing.co.uk/ctg/news/2321750/more-than-80-per-cent-of-employees-use-non-approved-saas-apps-report >80% of employees admit to using non- approved SaaS apps in their jobs** 80%
Technology Benefit E3 E5 Azure Active Directory Premium P1 Secure single sign-on to cloud and on-premises app MFA, conditional access, and advanced security reporting ● ● Azure Active Directory Premium P2 Identity and access management with advanced protection for users and privileged identities ● Microsoft Intune Mobile device and app management to protect corporate apps and data on any device ● ● Azure Information Protection P1 Encryption for all files and storage locations Cloud-based file tracking ● ● Azure Information Protection P2 Intelligent classification and encryption for files shared inside and outside your organization ● Microsoft Cloud App Security Enterprise-grade visibility, control, and protection for your cloud applications ● Microsoft Advanced Threat Analytics Protection from advanced targeted attacks leveraging user and entity behavioral analytics ● ● Identity and access management Managed mobile productivity Information protection Threat protection
Microsoft Cloud App Security Office 365 Advanced Security Management Cloud Discovery Discovered apps 15,000 + cloud apps 750+ cloud apps with similar functionality to Office 365 Deployment for discovery analysis Manual and automatic log upload Manual log upload Log anonymization for user privacy Yes Yes Access to full Cloud App Catalog Yes Cloud app risk assessment Yes Cloud usage analytics per app, user, IP address Yes Ongoing analytics & reporting Yes Anomaly detection for discovered apps Yes Information Protection Data Loss Prevention (DLP) support Cross-SaaS DLP and data sharing control Uses existing Office DLP (available in Office E3 and above) App permissions and ability to revoke access Yes Yes Policy setting and enforcement Yes Integration with Azure Information Protection Yes Integration with third party DLP solutions Yes Threat Detection Anomaly detection and behavioral analytics For Cross-SaaS apps including Office 365 For Office 365 apps Manual and automatic alert remediation Yes Yes SIEM connector Yes. Alerts and activity logs for cross-SaaS apps. Yes. Office 365 alerts only. Integration to Microsoft Intelligent Security Graph Yes Yes Activity policies Yes Yes https://docs.microsoft.com/en-us/cloud-app-security/editions-cloud-app-security
From SaaS providers
Microsoft Cloud Application Security Overview

Recommandé

Azure Sentinel.pptx
Azure Sentinel.pptxAzure Sentinel.pptx
Azure Sentinel.pptx
Mohit Chhabra
 
Microsoft Office 365 Security and Compliance
Microsoft Office 365 Security and ComplianceMicrosoft Office 365 Security and Compliance
Microsoft Office 365 Security and Compliance
David J Rosenthal
 
Microsoft Defender and Azure Sentinel
Microsoft Defender and Azure SentinelMicrosoft Defender and Azure Sentinel
Microsoft Defender and Azure Sentinel
David J Rosenthal
 
Microsoft Defender for Endpoint
Microsoft Defender for EndpointMicrosoft Defender for Endpoint
Microsoft Defender for Endpoint
Cheah Eng Soon
 
Azure security and Compliance
Azure security and ComplianceAzure security and Compliance
Azure security and Compliance
Karina Matos
 
Microsoft Azure Sentinel
Microsoft Azure SentinelMicrosoft Azure Sentinel
Microsoft Azure Sentinel
BGA Cyber Security
 
Azure Sentinel
Azure SentinelAzure Sentinel
Azure Sentinel
Cheah Eng Soon
 
Microsoft 365 Security and Compliance
Microsoft 365 Security and ComplianceMicrosoft 365 Security and Compliance
Microsoft 365 Security and Compliance
David J Rosenthal
 

Recommandé

Azure Sentinel.pptx
Azure Sentinel.pptxAzure Sentinel.pptx
Azure Sentinel.pptx
Mohit Chhabra
 
Microsoft Office 365 Security and Compliance
Microsoft Office 365 Security and ComplianceMicrosoft Office 365 Security and Compliance
Microsoft Office 365 Security and Compliance
David J Rosenthal
 
Microsoft Defender and Azure Sentinel
Microsoft Defender and Azure SentinelMicrosoft Defender and Azure Sentinel
Microsoft Defender and Azure Sentinel
David J Rosenthal
 
Microsoft Defender for Endpoint
Microsoft Defender for EndpointMicrosoft Defender for Endpoint
Microsoft Defender for Endpoint
Cheah Eng Soon
 
Azure security and Compliance
Azure security and ComplianceAzure security and Compliance
Azure security and Compliance
Karina Matos
 
Microsoft Azure Sentinel
Microsoft Azure SentinelMicrosoft Azure Sentinel
Microsoft Azure Sentinel
BGA Cyber Security
 
Azure Sentinel
Azure SentinelAzure Sentinel
Azure Sentinel
Cheah Eng Soon
 
Microsoft 365 Security and Compliance
Microsoft 365 Security and ComplianceMicrosoft 365 Security and Compliance
Microsoft 365 Security and Compliance
David J Rosenthal
 
Application Security Architecture and Threat Modelling
Application Security Architecture and Threat ModellingApplication Security Architecture and Threat Modelling
Application Security Architecture and Threat Modelling
Priyanka Aash
 
introduction to Azure Sentinel
introduction to Azure Sentinelintroduction to Azure Sentinel
introduction to Azure Sentinel
Robert Crane
 
Microsoft Office 365 Advanced Threat Protection
Microsoft Office 365 Advanced Threat ProtectionMicrosoft Office 365 Advanced Threat Protection
Microsoft Office 365 Advanced Threat Protection
David J Rosenthal
 
Introduction to Azure Sentinel
Introduction to Azure SentinelIntroduction to Azure Sentinel
Introduction to Azure Sentinel
arnaudlh
 
SEIM-Microsoft Sentinel.pptx
SEIM-Microsoft Sentinel.pptxSEIM-Microsoft Sentinel.pptx
SEIM-Microsoft Sentinel.pptx
AmrMousa51
 
Identity Security - Azure Identity Protection
Identity Security - Azure Identity ProtectionIdentity Security - Azure Identity Protection
Identity Security - Azure Identity Protection
Eng Teong Cheah
 
Azure sentinel
Azure sentinelAzure sentinel
Azure sentinel
Marius Sandbu
 
Application Security
Application SecurityApplication Security
Application Security
Reggie Niccolo Santos
 
An introduction to Defender for Business
An introduction to Defender for BusinessAn introduction to Defender for Business
An introduction to Defender for Business
Robert Crane
 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security Overview
David J Rosenthal
 
Azure Information Protection
Azure Information ProtectionAzure Information Protection
Azure Information Protection
Robert Crane
 
3 Modern Security - Secure identities to reach zero trust with AAD
3 Modern Security - Secure identities to reach zero trust with AAD3 Modern Security - Secure identities to reach zero trust with AAD
3 Modern Security - Secure identities to reach zero trust with AAD
Andrew Bettany
 
Security Operation Center Fundamental
Security Operation Center FundamentalSecurity Operation Center Fundamental
Security Operation Center Fundamental
Amir Hossein Zargaran
 
Microsoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewMicrosoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 Overview
David J Rosenthal
 
Soc
SocSoc
Soc
Mukesh Chaudhari
 
Microsoft-CISO-Workshop-Security-Strategy-and-Program (1).pdf
Microsoft-CISO-Workshop-Security-Strategy-and-Program (1).pdfMicrosoft-CISO-Workshop-Security-Strategy-and-Program (1).pdf
Microsoft-CISO-Workshop-Security-Strategy-and-Program (1).pdf
ParishSummer
 
Microsoft Cloud App Security CASB
Microsoft Cloud App Security CASBMicrosoft Cloud App Security CASB
Microsoft Cloud App Security CASB
Ammar Hasayen
 
Microsoft Information Protection.pptx
Microsoft Information Protection.pptxMicrosoft Information Protection.pptx
Microsoft Information Protection.pptx
ChrisaldyChandra
 
Microsoft Information Protection: Your Security and Compliance Framework
Microsoft Information Protection: Your Security and Compliance FrameworkMicrosoft Information Protection: Your Security and Compliance Framework
Microsoft Information Protection: Your Security and Compliance Framework
Alistair Pugin
 
Cybersecurity Insiders Webinar - Zero Trust: Best Practices for Securing the...
Cybersecurity Insiders Webinar - Zero Trust: Best Practices for Securing the...Cybersecurity Insiders Webinar - Zero Trust: Best Practices for Securing the...
Cybersecurity Insiders Webinar - Zero Trust: Best Practices for Securing the...
Ivanti
 
Get ahead of cybersecurity with MS Enterprise Mobility + Security
Get ahead of cybersecurity with MS Enterprise Mobility + Security Get ahead of cybersecurity with MS Enterprise Mobility + Security
Get ahead of cybersecurity with MS Enterprise Mobility + Security
Kjetil Lund-Paulsen
 
Get Ahead of Cyber Attacks with Microsoft Enterprise Mobility + Security
Get Ahead of Cyber Attacks with Microsoft Enterprise Mobility + SecurityGet Ahead of Cyber Attacks with Microsoft Enterprise Mobility + Security
Get Ahead of Cyber Attacks with Microsoft Enterprise Mobility + Security
David J Rosenthal
 

Contenu connexe

Tendances

Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security Overview
David J Rosenthal
 
Cybersecurity Insiders Webinar - Zero Trust: Best Practices for Securing the...
Cybersecurity Insiders Webinar - Zero Trust: Best Practices for Securing the...Cybersecurity Insiders Webinar - Zero Trust: Best Practices for Securing the...
Cybersecurity Insiders Webinar - Zero Trust: Best Practices for Securing the...
Ivanti
 

Tendances (20)

Application Security Architecture and Threat Modelling
Application Security Architecture and Threat ModellingApplication Security Architecture and Threat Modelling
Application Security Architecture and Threat Modelling
 
introduction to Azure Sentinel
introduction to Azure Sentinelintroduction to Azure Sentinel
introduction to Azure Sentinel
 
Microsoft Office 365 Advanced Threat Protection
Microsoft Office 365 Advanced Threat ProtectionMicrosoft Office 365 Advanced Threat Protection
Microsoft Office 365 Advanced Threat Protection
 
Introduction to Azure Sentinel
Introduction to Azure SentinelIntroduction to Azure Sentinel
Introduction to Azure Sentinel
 
SEIM-Microsoft Sentinel.pptx
SEIM-Microsoft Sentinel.pptxSEIM-Microsoft Sentinel.pptx
SEIM-Microsoft Sentinel.pptx
 
Identity Security - Azure Identity Protection
Identity Security - Azure Identity ProtectionIdentity Security - Azure Identity Protection
Identity Security - Azure Identity Protection
 
Azure sentinel
Azure sentinelAzure sentinel
Azure sentinel
 
Application Security
Application SecurityApplication Security
Application Security
 
An introduction to Defender for Business
An introduction to Defender for BusinessAn introduction to Defender for Business
An introduction to Defender for Business
 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security Overview
 
Azure Information Protection
Azure Information ProtectionAzure Information Protection
Azure Information Protection
 
3 Modern Security - Secure identities to reach zero trust with AAD
3 Modern Security - Secure identities to reach zero trust with AAD3 Modern Security - Secure identities to reach zero trust with AAD
3 Modern Security - Secure identities to reach zero trust with AAD
 
Security Operation Center Fundamental
Security Operation Center FundamentalSecurity Operation Center Fundamental
Security Operation Center Fundamental
 
Microsoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewMicrosoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 Overview
 
Soc
SocSoc
Soc
 
Microsoft-CISO-Workshop-Security-Strategy-and-Program (1).pdf
Microsoft-CISO-Workshop-Security-Strategy-and-Program (1).pdfMicrosoft-CISO-Workshop-Security-Strategy-and-Program (1).pdf
Microsoft-CISO-Workshop-Security-Strategy-and-Program (1).pdf
 
Microsoft Cloud App Security CASB
Microsoft Cloud App Security CASBMicrosoft Cloud App Security CASB
Microsoft Cloud App Security CASB
 
Microsoft Information Protection.pptx
Microsoft Information Protection.pptxMicrosoft Information Protection.pptx
Microsoft Information Protection.pptx
 
Microsoft Information Protection: Your Security and Compliance Framework
Microsoft Information Protection: Your Security and Compliance FrameworkMicrosoft Information Protection: Your Security and Compliance Framework
Microsoft Information Protection: Your Security and Compliance Framework
 
Cybersecurity Insiders Webinar - Zero Trust: Best Practices for Securing the...
Cybersecurity Insiders Webinar - Zero Trust: Best Practices for Securing the...Cybersecurity Insiders Webinar - Zero Trust: Best Practices for Securing the...
Cybersecurity Insiders Webinar - Zero Trust: Best Practices for Securing the...
 

Similaire à Microsoft Cloud Application Security Overview

Enterprise Mobility+Security Overview
Enterprise Mobility+Security Overview Enterprise Mobility+Security Overview
Enterprise Mobility+Security Overview
Chris Genazzio
 
Microsoft 365 eEnterprise E5 Overview
Microsoft 365 eEnterprise E5 OverviewMicrosoft 365 eEnterprise E5 Overview
Microsoft 365 eEnterprise E5 Overview
David J Rosenthal
 
Microsoft Security - New Capabilities In Microsoft 365 E5 Plans
Microsoft Security - New Capabilities In Microsoft 365 E5 PlansMicrosoft Security - New Capabilities In Microsoft 365 E5 Plans
Microsoft Security - New Capabilities In Microsoft 365 E5 Plans
David J Rosenthal
 
Microsoft Zero Trust
Microsoft Zero TrustMicrosoft Zero Trust
Microsoft Zero Trust
David J Rosenthal
 
Xylos Clients Day - Public cloud and security go hand in hand, if you approac...
Xylos Clients Day - Public cloud and security go hand in hand, if you approac...Xylos Clients Day - Public cloud and security go hand in hand, if you approac...
Xylos Clients Day - Public cloud and security go hand in hand, if you approac...
Karim Vaes
 
Microsoft Enterprise Mobility Suite Presented by Atidan
Microsoft Enterprise Mobility Suite Presented by AtidanMicrosoft Enterprise Mobility Suite Presented by Atidan
Microsoft Enterprise Mobility Suite Presented by Atidan
David J Rosenthal
 

Similaire à Microsoft Cloud Application Security Overview (20)

Get ahead of cybersecurity with MS Enterprise Mobility + Security
Get ahead of cybersecurity with MS Enterprise Mobility + Security Get ahead of cybersecurity with MS Enterprise Mobility + Security
Get ahead of cybersecurity with MS Enterprise Mobility + Security
 
Get Ahead of Cyber Attacks with Microsoft Enterprise Mobility + Security
Get Ahead of Cyber Attacks with Microsoft Enterprise Mobility + SecurityGet Ahead of Cyber Attacks with Microsoft Enterprise Mobility + Security
Get Ahead of Cyber Attacks with Microsoft Enterprise Mobility + Security
 
Enterprise Mobility+Security Overview
Enterprise Mobility+Security Overview Enterprise Mobility+Security Overview
Enterprise Mobility+Security Overview
 
Gestión de identidad
Gestión de identidadGestión de identidad
Gestión de identidad
 
Microsoft Intune y Gestión de Identidad Corporativa
Microsoft Intune y Gestión de Identidad Corporativa Microsoft Intune y Gestión de Identidad Corporativa
Microsoft Intune y Gestión de Identidad Corporativa
 
Securing your Organization with Microsoft 365
Securing your Organization with Microsoft 365Securing your Organization with Microsoft 365
Securing your Organization with Microsoft 365
 
Sikkerhed & Compliance i en cloud-verden
Sikkerhed & Compliance i en cloud-verdenSikkerhed & Compliance i en cloud-verden
Sikkerhed & Compliance i en cloud-verden
 
Techorama - Shadow IT with Cloud Apps
Techorama - Shadow IT with Cloud AppsTechorama - Shadow IT with Cloud Apps
Techorama - Shadow IT with Cloud Apps
 
Microsoft 365 eEnterprise E5 Overview
Microsoft 365 eEnterprise E5 OverviewMicrosoft 365 eEnterprise E5 Overview
Microsoft 365 eEnterprise E5 Overview
 
Security management
Security managementSecurity management
Security management
 
Security As A Service
Security As A ServiceSecurity As A Service
Security As A Service
 
Power Saturday 2019 E1 - Office 365 security
Power Saturday 2019 E1 - Office 365 securityPower Saturday 2019 E1 - Office 365 security
Power Saturday 2019 E1 - Office 365 security
 
Microsoft Security - New Capabilities In Microsoft 365 E5 Plans
Microsoft Security - New Capabilities In Microsoft 365 E5 PlansMicrosoft Security - New Capabilities In Microsoft 365 E5 Plans
Microsoft Security - New Capabilities In Microsoft 365 E5 Plans
 
Microsoft Zero Trust
Microsoft Zero TrustMicrosoft Zero Trust
Microsoft Zero Trust
 
Microsoft Enterprise Mobility and Security EMS
Microsoft Enterprise Mobility and Security EMSMicrosoft Enterprise Mobility and Security EMS
Microsoft Enterprise Mobility and Security EMS
 
Information protection & classification
Information protection & classificationInformation protection & classification
Information protection & classification
 
Thr30117 - Securely logging to Microsoft 365
Thr30117 - Securely logging to Microsoft 365Thr30117 - Securely logging to Microsoft 365
Thr30117 - Securely logging to Microsoft 365
 
Xylos Clients Day - Public cloud and security go hand in hand, if you approac...
Xylos Clients Day - Public cloud and security go hand in hand, if you approac...Xylos Clients Day - Public cloud and security go hand in hand, if you approac...
Xylos Clients Day - Public cloud and security go hand in hand, if you approac...
 
Microsoft Enterprise Mobility Suite Presented by Atidan
Microsoft Enterprise Mobility Suite Presented by AtidanMicrosoft Enterprise Mobility Suite Presented by Atidan
Microsoft Enterprise Mobility Suite Presented by Atidan
 
Teknisen tietoturvan minimivaatimukset
Teknisen tietoturvan minimivaatimuksetTeknisen tietoturvan minimivaatimukset
Teknisen tietoturvan minimivaatimukset
 

Dernier

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 

Dernier (20)

Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 

Microsoft Cloud Application Security Overview

  • 1. GET VISIBILITY, DATA CONTROL AND THREAT PROTECTION TO YOUR CLOUD APPS
  • 2. Mobile-first, cloud-first reality Mobile devices 72% of the U.S. workforce will be mobile by 2020, relying on devices other than their laptop to be productive. 72% 1/3 Shadow IT By 2022, a third of successful attacks experienced by enterprises will be on their shadow IT resources. Data breaches 63% of confirmed data breaches involved weak, default, or stolen passwords. 63%
  • 3. Information Rights Management Mobile Device & Application Management Cloud Access Security Broker SIEM Data Loss Prevention User & Entity Behavioral Analytics Mobile Data Loss Prevention Threat Detection Identity governance Single- sign on Cloud Data Loss Prevention Conditional access Discovery Cloud visibility Secure collaboration Cloud anomaly detection Identity & Access Management
  • 4. Identity & Access Management Mobile Device & Application Management Data Loss Prevention User & Entity Behavioral Analytics Cloud Access Security Broker Information Rights Management Protect at the front door Detect & remediate attacks Protect your data anywhere Cloud Access Security Broker Mobile Device & App Management Identity & Access Management User & Entity Behavioral Analytics Data Loss Prevention Cloud Access Security Broker
  • 5. Protect at the front door Detect & remediate attacks Protect your data anywhere
  • 6. How do I gain visibility into cloud apps used in my organization and get a risk assessment? How can I prevent data loss in cloud apps and stay compliant with regulations? How do I protect cloud apps and the data in them from security attacks? How can I control and limit access to data in cloud apps?
  • 7. A comprehensive, intelligent security solution that extends the visibility, real-time control, and security you have in your on-premises network to your cloud applications ControlDiscover Protect
  • 8. Microsoft Cloud App Security Discover and assess risks Control access in real time Detect threats Protect your information Identify cloud apps on your network, gain visibility into shadow IT, and get risk assessments and ongoing analytics. Manage and limit cloud app access based on conditions and session context, including user identity, device, and location. Identify high-risk usage and detect unusual behavior using Microsoft threat intelligence and research. Get granular control over data and use built-in or custom policies for data sharing and data loss prevention. Threat detection: Microsoft Intelligent Security Graph, Office ATP Information Protection: Office 365 & Azure Information Protection Identity: Azure AD and Conditional Access To your cloud appsExtend Microsoft security + more
  • 9. Anomalous usage alerts New apps and trending apps alerts Identify and close policy enforcement gaps Programmatically generate blocking scripts to supported network appliances On-going protection and analytics Discover cloud apps in use across your networks Investigate users and source IP cloud usage Create custom views and reports for business units, networks and groups Optional PII anonymized reports Shadow IT discovery Risk assessment and migration to business- ready apps Risk assessment for 15,000+ cloud apps based on 60 security and compliance risk factors Un-sanction, sanction and protect apps Customize labels, notes, weight in risk scoring and override per app risk assessment to support internal workflows Integrates with Your network appliances, SIEM
  • 10. See CSP’s categories, risk levels, and compliance certifications Identify high risk usage and cloud app security violations
  • 11. MICROSOFT’S APPROACH TO INFORMATION PROTECTION Detect ProtectClassify Monitor C L O U DD E V I C E S O N P R E M I S E S Comprehensive protection of sensitive data throughout the lifecycle – inside and outside the organization Scan & detect sensitive data based on policy Classify data and apply labels based on sensitivity Apply protection actions, including encryption, access restrictions Reporting, alerts, remediation
  • 12. Identify policy violations Investigate incidents and related activities Quarantine and permissions removal Monitor & investigate Visibility to sharing level and classification labels Quantify over-sharing exposure and compliance risks Detect and manage 3rd apps access Gain visibility into data and sharing Classify, label and protect Govern data in the cloud with granular DLP policies Leverage Microsoft’s Information Protection capabilities for classification Automatically protect your data using Azure Information Protection Integrates with Azure Information Protection, Office 365, External DLP solutions
  • 13. Control access to cloud apps based on user, location, device and app Identify managed devices via VPN (location based), Domain joined devices, Intune compliant devices or client certificates Supports any SAML-based app, any OS Context-aware session policies Investigate & enforce app and data restrictions Enforce browser-based “view only” mode for low-trust sessions Limit access to sensitive data Classify, label and protect on download Visibility into for unmanaged device activity Integrates with Azure Active Directory Unique integration with Azure AD Integral component of Azure AD Conditional Access Simple deployment directly from your Azure AD portal Leverages existing device management mechanisms, no additional deployment required
  • 14. Leverages Microsoft Intelligent Security Graph: Unique insights, informed by trillions of signals across Microsoft’s customer base Native integration with Office Threat Intelligence Threat Intelligence Identify anomalies in your cloud environment via advanced behavioral analytics Built-in detections for leading threat scenarios: Ransomware, admin take-over, shared accounts Behavioral analytics & ransomware detection Advanced investigation & remediation Pivot on users, IP addresses, resources, activities and locations Customize detections based on your findings Automate remediation with Azure AD Integrates with Microsoft Intelligent Security Graph, 3rd party SIEM solutions
  • 15. Office 365 Cloud App Security Enhanced visibility and control for Office 365 • Advanced security alerts • Productivity app discovery • App permissions and control Available in Office E5 Microsoft Cloud App Security Integrated security suite across identity, device, apps and data • Discovery of Shadow IT • Unified Information protection • Automated detection and remediation Available standalone and as a part of EMS E5
  • 16. of enterprises indicated security as a top challenge holding back SaaS adoption* 73% SaaS adoption challenge • Cloud Security Alliance (CSA) survey, Cloud Adoption, Practices and Priorities Survey Report 2015 ** http://www.computing.co.uk/ctg/news/2321750/more-than-80-per-cent-of-employees-use-non-approved-saas-apps-report >80% of employees admit to using non- approved SaaS apps in their jobs** 80%
  • 17. Technology Benefit E3 E5 Azure Active Directory Premium P1 Secure single sign-on to cloud and on-premises app MFA, conditional access, and advanced security reporting ● ● Azure Active Directory Premium P2 Identity and access management with advanced protection for users and privileged identities ● Microsoft Intune Mobile device and app management to protect corporate apps and data on any device ● ● Azure Information Protection P1 Encryption for all files and storage locations Cloud-based file tracking ● ● Azure Information Protection P2 Intelligent classification and encryption for files shared inside and outside your organization ● Microsoft Cloud App Security Enterprise-grade visibility, control, and protection for your cloud applications ● Microsoft Advanced Threat Analytics Protection from advanced targeted attacks leveraging user and entity behavioral analytics ● ● Identity and access management Managed mobile productivity Information protection Threat protection
  • 18. Microsoft Cloud App Security Office 365 Advanced Security Management Cloud Discovery Discovered apps 15,000 + cloud apps 750+ cloud apps with similar functionality to Office 365 Deployment for discovery analysis Manual and automatic log upload Manual log upload Log anonymization for user privacy Yes Yes Access to full Cloud App Catalog Yes Cloud app risk assessment Yes Cloud usage analytics per app, user, IP address Yes Ongoing analytics & reporting Yes Anomaly detection for discovered apps Yes Information Protection Data Loss Prevention (DLP) support Cross-SaaS DLP and data sharing control Uses existing Office DLP (available in Office E3 and above) App permissions and ability to revoke access Yes Yes Policy setting and enforcement Yes Integration with Azure Information Protection Yes Integration with third party DLP solutions Yes Threat Detection Anomaly detection and behavioral analytics For Cross-SaaS apps including Office 365 For Office 365 apps Manual and automatic alert remediation Yes Yes SIEM connector Yes. Alerts and activity logs for cross-SaaS apps. Yes. Office 365 alerts only. Integration to Microsoft Intelligent Security Graph Yes Yes Activity policies Yes Yes https://docs.microsoft.com/en-us/cloud-app-security/editions-cloud-app-security

Notes de l'éditeur

  1. 2
  2. 8