Microsoft Cloud App Security

Slides:



Advertisements
Similar presentations
Power BI Sites and Mobile BI. What You Will Learn Sharing and Collaboration Introducing Power BI Exploring Power BI Features and Services Partner Opportunities.
Advertisements

4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.
Empower Enterprise Mobility Jasbir Gill Azure Mobility.
Dell Connected Security Solutions Simplify & unify.
…. PrePlanPrepareMigratePost Pre- Deployment PlanPrepareMigrate Post- Deployment First Mailbox.
Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.
Network security Product Group 2 McAfee Network Security Platform.
FND2851. Mobile First | Cloud First Sixty-one percent of workers mix personal and work tasks on their devices* >Seventy-five percent of network intrusions.
Employees use multiple devices Employees use both corporate and personal applications Data is stored in various locations Cybersecurity is a top concern.
What’s New Data Loss Prevention 14. Information is Everywhere Brings Productivity, Agility, Convenience ……and Problems Copyright © 2015 Symantec Corporation.
Why EMS? What benefit does EMS provide O365 customers Manage Mobile Productivity Increase IT ProductivitySimplify app delivery and deployment LOB Apps.
Enterprise Mobility Suite: Simplify security, stay productive Protect data and empower workers Unsecured company data can cost millions in lost research,
Go mobile. Stay in control. Craig Morris EMPOWER ENTERPRISE MOBILITY.
Get Full Protection on Microsoft Azure with Symantec™ Endpoint Protection 12.1 MICROSOFT AZURE ISV PROFILE: SYMANTEC Symantec™ Endpoint Protection is an.
Complete Cloud Security Anyone, anywhere, any app, any device.
Blue Coat Cloud Continuum
Protect your data Enable your users Desktop Virtualization Information protection Mobile device & application management Identity and Access Management.
Microsoft Ignite /1/ :41 PM BRK3249
Office 365 Advanced Security Management
Advanced Endpoint Security Data Connectors-Charlotte January 2016
Sophos Central for partners and customers: overview and new features
Microsoft 365 Security and Compliance: Training and Resources
Your Office 365 Journey Prepare, Migrate, and Operate with Barracuda
The time to address enterprise mobility is now
Deployment Planning Services
Cloud App Security vs. O365 Advanced Security Management
Deployment Planning Services
Enterprise Mobility Suite Technical and Business Briefing
“Introduction to Azure Security Center”
Identity & Access Management for a cloud-first, mobile-first world
Accelerate GDPR compliance with Microsoft 365
Hybrid Management and Security
Journey to Microsoft Secure Cloud
Simplifying Hybrid Cloud Protection with Azure Security Center
Microsoft Cloud App Security
Azure Information Protection Strategy and Roadmap
6/10/2018 5:07 PM THR2218 Deploying Windows Defender AV and more with Intune and Configuration Manager Amitai Senior Program Manager,
Deployment Planning Services
SaaS Application Deep Dive
Microsoft Ignite /17/2018 1:49 PM BRK3092
Microsoft Cloud App Security: Learn how to deploy and manage
Protect sensitive information with Office 365 DLP
7/23/2018 6:01 PM BRK2282 Protecting complete data lifecycle using Microsoft’s information protection capabilities Gagan Gulati Alex Li Principal.
9/4/2018 6:45 PM Secure your Office 365 environment with best practices recommended for political campaigns Ethan Chumley Campaign Technology Advisor Civic.
Security managed from the cloud.
Threat Management Gateway
Identity Driven Security
Extending classification ,labeling , and protection to 3rd party applications Kartik Microsoft Tony Digital Guardian Amit Cohen.
9/14/2018 2:22 AM THR2026 Set up secure and efficient collaboration for your organization with Office 365 Joe Davies Senior Content Developer Brenda Carter.
Microsoft Ignite /18/2018 9:42 AM
Prevent Costly Data Leaks from Microsoft Office 365
BOMGAR REMOTE SUPPORT Karl Lankford
2018 Real Cisco Dumps IT-Dumps
Skyhigh Enables Enterprises to Use Productivity Tools of Microsoft Office 365 While Meeting Their Security, Compliance & Governance Requirements Partner.
Protect your OneDrive and SharePoint files on mobile devices
Healthcare Cloud Security Stack for Microsoft Azure
11/17/2018 9:32 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
12/1/ :04 AM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
Everything Windows User Group Meeting, Aug 2016
Secure once, run anywhere Simplify your security with Sophos
What’s new in the Fall Creators Update for Windows Defender ATP
Healthcare Cloud Security Stack for Microsoft Azure
Case Study 1: Security Considerations
Create a Modern Workplace with Microsoft 365
Using the Cloud App Marketplace Monitoring cloud app migrations
IN THE PAST, THE FIREWALL WAS THE SECURITY PERIMETER devicesdata users apps On-premises.
Protecting your data with Azure AD
4/9/ :42 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
Microsoft Data Insights Summit
Comodo Dome Data Protection
Presentation transcript:

Microsoft Cloud App Security Enterprise-grade security for your cloud apps April 2016

With mobility come new security challenges More than 1,000 businesses affected by cyber attacks Another major retailer hacked Attacks have become organized, targeted, and persistent You want to have visibility and control in the cloud The network perimeter has vanished

What is driving change? Life before cloud Life with cloud On-premises Storage, corp data Users On-premises Only sanctioned apps are installed Resources accessed via managed devices/networks IT had layers of defense protecting internal apps IT has a known security perimeter User chooses apps (unsanctioned, shadow IT) User can access resources from anywhere Data is shared by user and cloud apps IT has limited visibility and protection

Is it possible to keep up? Microsoft’s vision Users Apps Devices Data Employees Business partners Customers

Is it possible to keep up? Microsoft’s vision Users Apps Devices Data Employees Business partners Customers

This is why the solution needs to be comprehensive The problem is complex 75% Exploited credentials 88% Losing control of data “I can log in with Matt’s credentials and lay low in the network.” Hacker “I would like to send this customer file to one of our vendors so they can take a look.” Matt Mobility 60% 80% Non-approved SaaS app use “I would work on this file on my tablet while I am waiting for my flight at the airport.” Matt “I’ll save the file to my cloud storage app so I can work on it from home.” Matt This is why the solution needs to be comprehensive

Microsoft Enterprise Mobility Solution Customer’s needs Secure devices, apps, and data Access to everything from everything Preserve existing invesments Empower Enterprise Mobility Integrated, secure identity It protects Office better It just works Identity-driven security Comprehensive solution Managed mobile productivity Microsoft’s Solution

Enterprise mobility + security Extend enterprise-grade security to your cloud and SaaS apps Microsoft Cloud App Security Intune Azure Active Directory Identity Protection Manage identity with hybrid integration to protect application access from identity attacks Azure Rights Management and Secure Islands Protect your data, everywhere Protect your users, devices, and apps Detect problems early with visibility and threat analytics Advanced Threat Analytics

Microsoft enterprise mobility solutions Identity and access management User and entity behavioral analytics Mobile device and app management Information protection Cloud and SaaS app security Azure Active Directory Advanced Threat Analytics Azure Rights Management Cloud App Security Intune Single sign-on to 1000s of cloud and on-premises applications. Identity protection with notifications, analysis, recommended remediation, and risk-based conditional access. Identify suspicious activities and advanced attacks that target your on-premises platform. Quickly focus on what is most important with clear, actionable reporting. Leverage mobile device management and mobile app management to protect corporate apps and data on almost any device. Encryption, identity, and authorization to secure corporate files and email across phones, tablets, and PCs. Bring enterprise-grade visibility, control, and protection to your cloud applications. Enterprise Mobility Suite

SaaS adoption challenge 80% 73% of enterprises indicated security as a top challenge holding back SaaS adoption* >80% of employees admit to using non-approved SaaS apps in their jobs** Cloud Security Alliance (CSA) survey, Cloud Adoption, Practices and Priorities Survey Report 2015 ** http://www.computing.co.uk/ctg/news/2321750/more-than-80-per-cent-of-employees-use-non-approved-saas-apps-report

Questions to answer Shadow IT Access control How do I know what apps are used in my environment? How do I ensure appropriate access to my cloud apps? Threat prevention Data protection How do I know if my users have been breached? How do I prevent data leakage? Visibility/reporting How do I address regulatory mandates? Compliance How do I gain visibility into cloud apps and usage?

Introducing Microsoft Cloud App Security Enterprise-grade security for your cloud apps Based on Adallom acquisition Cloud-delivered service bringing visibility and control to cloud apps Comprehensive and proven protection Committed to supporting third-party cloud applications

Why you’ll love Cloud App Security No agents required on user devices for discovery Comprehensive controls for your sanctioned apps Enterprise-grade: simple to deploy and manage Threat detection draws from Microsoft’s security intelligence Deeply integrated with Office 365 Builds on broader Microsoft security platform

What does Cloud App Security provide? Discovery Data control Threat protection Gain complete visibility and context for cloud usage and shadow IT—no agents required Shape your cloud environment with granular controls and policy setting for access, data sharing, and DLP Identify high-risk usage and security incidents, detect abnormal user behavior, and prevent threats Integrate with existing security, mobility, and encryption solutions

Integrate with existing security, mobility, and encryption solutions Discovery Discover 13,000+ cloud apps in use—no agents required Identify all users, IP addresses, top apps, top users Shadow IT discovery Risk scoring Get an automated risk score driven by 60+ parameters See each app’s risk assessment based on its security mechanisms and compliance regulations Ongoing risk detection, powerful reporting, and analytics on users, usage patterns, upload/download traffic, and transactions Ongoing anomaly detection for discovered apps Ongoing analytics Integrate with existing security, mobility, and encryption solutions

Data control Policy definition DLP and data sharing Policy enforcement Set granular-control security policies for your approved apps Use out-of-the-box policies or customize your own Prevent data loss both inline and at rest Govern data in the cloud, such as files stored in cloud drives, attachments, or within cloud apps Use pre-defined templates or extend existing DLP policies Identify policy violations, investigate on a user, file, activity level Enforce actions such as quarantine and permissions removal Block sensitive transactions, limit sessions for unmanaged devices

Threat prevention Behavioral analytics Attack detection Identify and stop known attack pattern activities originating from risky sources with threat prevention enhanced with vast Microsoft threat intelligence Coming soon: send any file through real-time behavioral malware analysis Identify anomalies in your cloud environment which may be indicative of a breach Leverage behavioral analytics (each user’s interaction with SaaS apps) to assess risk in each transaction

Cloud app security challenge Sanctioned Shadow IT Integration with existing systems and workflows Cloud security expertise Visibility and control Compliance and regulations Cloud Discovery

Cloud App Security Console Discover Investigate Control Alerts

Cloud App Security Console Discover Investigate Control Alerts

Cloud App Security Console Discover Investigate Control Alerts

Cloud App Security Console Discover Investigate Control Alerts

Cloud App Security portal demo Mechanics video

Architecture and how it works Discovery Use traffic logs to discover and analyze which cloud apps are in use Manually or automatically upload log files for analysis from your firewalls and proxies Sanctioning and un-sanctioning Sanction or block apps in your organization using the cloud app catalog App connectors Leverage APIs provided by various cloud app providers Connect an app and extend protection by authorizing access to the app. Cloud App Security queries the app for activity logs and scans data, accounts, and cloud content Cloud App Security Cloud apps API App connectors Protected Cloud discovery Cloud traffic The following firewalls and proxies are supported: Blue Coat, Cisco (Cisco ASA - Virtual Context, Cisco ScanSafe, Cisco IronPort WSA), Zscaler, Fortigate, Palo Alto, McAfee Secure Web Gateway, Check Point (Check Point, Check Point OPSEC LEA), Squid (Common), Juniper SRX, Sophos SG, Microsoft Forefront Threat Management Gateway, Websense. Firewalls Cloud traffic logs Proxies Your organization from any location

What was announced Office 365 Advanced Cloud App Security Security Management Cloud App Security Cross-SaaS solution (April 2016) Shadow IT discovery Advanced visibility, data control, and protection Threat detection and prevention Enhanced visibility and control for Office 365 (Q3 2016) Discovery for apps with similar functionality to Office 365 App permissions and control Advanced security alerts NDA until 2/25/2016, 9 am Pacific

New security capabilities in Office 365 Microsoft Cloud App Security powers new advanced security management capabilities for Office 365 that improve IT visibility and control Cloud app discovery enables IT to analyze which cloud services your users are connecting to App permissions provides IT the ability to approve or revoke permissions for third-party services that users have authorized to connect to Office 365 Advanced security alerts notify Office 365 admins of anomalous or suspicious activity in the service so they can take action

Complementary to EMS and Office 365 App security Identity-driven security Cross-SaaS Complements EMS Microsoft Cloud App Security Provides cross-SaaS app security Discovery for 13,000 apps and risk scoring- no agents Ongoing assessment and analytics for all discovered apps Cross-cloud controls for creating and enforcing policies, DLP, and data sharing Alerts for threat detection for supported and all discovered apps Microsoft Cloud App Security Complements EMS by providing enterprise-grade security for cloud apps Discovery for 13,000 apps and risk scoring— no agents needed Ongoing assessment and analytics for all discovered apps Cross-cloud controls for creating and enforcing policies, DLP, and data sharing Alerts for threat detection for supported and all discovered apps Only Office 365-related capabilities embedded into Office 365 Security and Compliance Center Discovery for apps with similar functionality to O365 App permissions and control Alerts for anomaly detection Built rich DLP features integrated into Office DLP Enterprise Mobility Suite Comprehensive solution for mobility, identity, and security Azure AD Premium provides shadow IT discovery, identity, and access management Advanced Threat Analytics provides threat protection on-premises with behavioral analysis Azure Rights Management provides encryption, identity & authorization to secure data Microsoft Intune provides MDM/MAM capabilities to protect corporate apps and data almost on any device

Pricing and licensing Per-user per-month subscription service $5/user/month April 1, 2016 price list (all volume license channels) Sold separately from EMS

Proven protection for top SaaS apps

From SaaS providers “At Box, we believe in a modern content management and collaboration experience where information can move easily and securely between individuals and organizations and across devices and applications. By working closely with Microsoft Cloud App Security, we're providing businesses with stronger controls and deeper visibility around their cloud apps, and protecting unwanted access to critical business content."  ROGER MURFF Vice President of Technology Partnerships at Box BOX

From our customers “Securing our data in the cloud is critical to maintain our success. Microsoft Cloud App Security protects our users and data by providing us with alerts and information on unusual application and user activity, so we can determine if it’s malicious or authorized or not.” CHRIS THIBAULT Lead SE First American Equipment Finance

From our customers “It is so important to see what’s going in and out of a cloud application, to see where data is going and to manage who gets into the cloud application. No one but Cloud App Security can validate the user and end point, block unapproved access and give you full visibility into the transfer of critical corporate data.” DR. RON TORTEN Sr. VP WW Operations and IT Inphi

Next steps Visit our product page at www.cloudappsecurity.com (live in April 2016) for more information and to request a demo

Cloud App Security vs. O365 Advanced Security Management Cross-SaaS security Office 365 security Microsoft Cloud App Security Office 365 Advanced Security Management App discovery Discovers 13,000 apps and provides an automated risk score Provides ongoing risk assessment for discovered services (usage patterns, upload/download traffic anomalies) Anomaly detection for discovered apps Manual or automatic log upload Discovers apps that have similar functionality to Office 365 Manual log upload Data control Policy setting and enforcement DLP and data sharing controls all sanctioned apps (cross-SaaS) Identify and control apps connected to supported cloud services with the ability to revoke access Use Azure AD Premium for user and session access control, SAML proxy for non-Azure AD customers for any app Use existing Office DLP (available in E3 and above) Use Azure AD Premium for user and session access control Identify and control apps connected to Office 365 with the ability to revoke access Threat prevention Alerts dashboard includes all policy violations, threat detection, and anomaly detection across SaaS apps Manual or automatic alert remediation Anomaly detection and security alerts for Office 365 Manual and automatic alert remediation

App discovery comparison Based on Adallom acquisition Azure AD Cloud App Discovery Promise Uncover shadow IT and onboard selected apps to Azure AD. Deployment Automatic update via endpoint agents Coverage Only Windows 7 or newer devices, on and off-premises Cloud App Catalog ~2,100+ business cloud apps that can be managed through Azure AD Cloud App Discovery; can discovery every web app employees are using. Cloud trust index (Trust score/app) No Cloud usage analytics Usage per user and per app SIEM integration No. All the information can be exported to Azure Storage and presented through Power BI. App alerts New app discovery weekly email and alerts on Azure AD Identity Protection console. Anomaly detection for cloud apps Office 365 Advanced Security Management App Discovery Microsoft Cloud App Security Gain visibility over your organization adoption and utilization of Office 365 cloud apps. Uncover shadow IT and onboard selected apps to Azure AD. Block unwanted apps. Sanction and protect apps with anomaly detection. Manual log upload Manual or automatic log upload All organization network traffic, any devices ~1,000 apps Limited to apps that have similar functionality to Office 365 >13,000 apps No Assessed by specialists inspecting more than 50 attributes including compliance industry standards, security features and posture, terms of service, and more. Discovery dashboard providing an overview Dive into specific service, business unit, geographic area, user, or IP address Yes. Simply with SIEM agents. New app discovery Risky app alerts Custom-built alerts based on the Cloud Trust Index Yes. Office 365 focus only. Yes. For example: large amounts of uploaded data compared to other users, large user transactions compared to user history.