Presentation is loading. Please wait.

Presentation is loading. Please wait.

Microsoft Cloud App Security

Published byAnis Miles Modified over 7 years ago

Similar presentations

Presentation on theme: "Microsoft Cloud App Security"— Presentation transcript:

1 Microsoft Cloud App Security
Enterprise-grade security for your cloud apps April 2016

2 With mobility come new security challenges
More than 1,000 businesses affected by cyber attacks Another major retailer hacked Attacks have become organized, targeted, and persistent You want to have visibility and control in the cloud The network perimeter has vanished

3 What is driving change? Life before cloud Life with cloud On-premises
Storage, corp data Users On-premises Only sanctioned apps are installed Resources accessed via managed devices/networks IT had layers of defense protecting internal apps IT has a known security perimeter User chooses apps (unsanctioned, shadow IT) User can access resources from anywhere Data is shared by user and cloud apps IT has limited visibility and protection

4 Is it possible to keep up?
Microsoft’s vision Users Apps Devices Data Employees Business partners Customers

5 Is it possible to keep up?
Microsoft’s vision Users Apps Devices Data Employees Business partners Customers

6 This is why the solution needs to be comprehensive
The problem is complex 75% Exploited credentials 88% Losing control of data “I can log in with Matt’s credentials and lay low in the network.” Hacker “I would like to send this customer file to one of our vendors so they can take a look.” Matt Mobility 60% 80% Non-approved SaaS app use “I would work on this file on my tablet while I am waiting for my flight at the airport.” Matt “I’ll save the file to my cloud storage app so I can work on it from home.” Matt This is why the solution needs to be comprehensive

7 Microsoft Enterprise Mobility Solution
Customer’s needs Secure devices, apps, and data Access to everything from everything Preserve existing invesments Empower Enterprise Mobility Integrated, secure identity It protects Office better It just works Identity-driven security Comprehensive solution Managed mobile productivity Microsoft’s Solution

8 Enterprise mobility + security
Extend enterprise-grade security to your cloud and SaaS apps Microsoft Cloud App Security Intune Azure Active Directory Identity Protection Manage identity with hybrid integration to protect application access from identity attacks Azure Rights Management and Secure Islands Protect your data, everywhere Protect your users, devices, and apps Detect problems early with visibility and threat analytics Advanced Threat Analytics

9 Microsoft enterprise mobility solutions
Identity and access management User and entity behavioral analytics Mobile device and app management Information protection Cloud and SaaS app security Azure Active Directory Advanced Threat Analytics Azure Rights Management Cloud App Security Intune Single sign-on to 1000s of cloud and on-premises applications. Identity protection with notifications, analysis, recommended remediation, and risk-based conditional access. Identify suspicious activities and advanced attacks that target your on-premises platform. Quickly focus on what is most important with clear, actionable reporting. Leverage mobile device management and mobile app management to protect corporate apps and data on almost any device. Encryption, identity, and authorization to secure corporate files and across phones, tablets, and PCs. Bring enterprise-grade visibility, control, and protection to your cloud applications. Enterprise Mobility Suite

10 SaaS adoption challenge
80% 73% of enterprises indicated security as a top challenge holding back SaaS adoption* >80% of employees admit to using non-approved SaaS apps in their jobs** Cloud Security Alliance (CSA) survey, Cloud Adoption, Practices and Priorities Survey Report 2015 **

11 Questions to answer Shadow IT Access control How do I know what apps are used in my environment? How do I ensure appropriate access to my cloud apps? Threat prevention Data protection How do I know if my users have been breached? How do I prevent data leakage? Visibility/reporting How do I address regulatory mandates? Compliance How do I gain visibility into cloud apps and usage?

12 Introducing Microsoft Cloud App Security
Enterprise-grade security for your cloud apps Based on Adallom acquisition Cloud-delivered service bringing visibility and control to cloud apps Comprehensive and proven protection Committed to supporting third-party cloud applications

13 Why you’ll love Cloud App Security
No agents required on user devices for discovery Comprehensive controls for your sanctioned apps Enterprise-grade: simple to deploy and manage Threat detection draws from Microsoft’s security intelligence Deeply integrated with Office 365 Builds on broader Microsoft security platform

14 What does Cloud App Security provide?
Discovery Data control Threat protection Gain complete visibility and context for cloud usage and shadow IT—no agents required Shape your cloud environment with granular controls and policy setting for access, data sharing, and DLP Identify high-risk usage and security incidents, detect abnormal user behavior, and prevent threats Integrate with existing security, mobility, and encryption solutions

15 Integrate with existing security, mobility, and encryption solutions
Discovery Discover 13,000+ cloud apps in use—no agents required Identify all users, IP addresses, top apps, top users Shadow IT discovery Risk scoring Get an automated risk score driven by 60+ parameters See each app’s risk assessment based on its security mechanisms and compliance regulations Ongoing risk detection, powerful reporting, and analytics on users, usage patterns, upload/download traffic, and transactions Ongoing anomaly detection for discovered apps Ongoing analytics Integrate with existing security, mobility, and encryption solutions

16 Data control Policy definition DLP and data sharing Policy enforcement
Set granular-control security policies for your approved apps Use out-of-the-box policies or customize your own Prevent data loss both inline and at rest Govern data in the cloud, such as files stored in cloud drives, attachments, or within cloud apps Use pre-defined templates or extend existing DLP policies Identify policy violations, investigate on a user, file, activity level Enforce actions such as quarantine and permissions removal Block sensitive transactions, limit sessions for unmanaged devices

17 Threat prevention Behavioral analytics Attack detection
Identify and stop known attack pattern activities originating from risky sources with threat prevention enhanced with vast Microsoft threat intelligence Coming soon: send any file through real-time behavioral malware analysis Identify anomalies in your cloud environment which may be indicative of a breach Leverage behavioral analytics (each user’s interaction with SaaS apps) to assess risk in each transaction

18 Cloud app security challenge
Sanctioned Shadow IT Integration with existing systems and workflows Cloud security expertise Visibility and control Compliance and regulations Cloud Discovery

19 Cloud App Security Console
Discover Investigate Control Alerts

20 Cloud App Security Console
Discover Investigate Control Alerts

21 Cloud App Security Console
Discover Investigate Control Alerts

22 Cloud App Security Console
Discover Investigate Control Alerts

23 Cloud App Security portal demo
Mechanics video

24 Architecture and how it works
Discovery Use traffic logs to discover and analyze which cloud apps are in use Manually or automatically upload log files for analysis from your firewalls and proxies Sanctioning and un-sanctioning Sanction or block apps in your organization using the cloud app catalog App connectors Leverage APIs provided by various cloud app providers Connect an app and extend protection by authorizing access to the app. Cloud App Security queries the app for activity logs and scans data, accounts, and cloud content Cloud App Security Cloud apps API App connectors Protected Cloud discovery Cloud traffic The following firewalls and proxies are supported: Blue Coat, Cisco (Cisco ASA - Virtual Context, Cisco ScanSafe, Cisco IronPort WSA), Zscaler, Fortigate, Palo Alto, McAfee Secure Web Gateway, Check Point (Check Point, Check Point OPSEC LEA), Squid (Common), Juniper SRX, Sophos SG, Microsoft Forefront Threat Management Gateway, Websense. Firewalls Cloud traffic logs Proxies Your organization from any location

25 What was announced Office 365 Advanced Cloud App Security
Security Management Cloud App Security Cross-SaaS solution (April 2016) Shadow IT discovery Advanced visibility, data control, and protection Threat detection and prevention Enhanced visibility and control for Office 365 (Q3 2016) Discovery for apps with similar functionality to Office 365 App permissions and control Advanced security alerts NDA until 2/25/2016, 9 am Pacific

26 New security capabilities in Office 365
Microsoft Cloud App Security powers new advanced security management capabilities for Office 365 that improve IT visibility and control Cloud app discovery enables IT to analyze which cloud services your users are connecting to App permissions provides IT the ability to approve or revoke permissions for third-party services that users have authorized to connect to Office 365 Advanced security alerts notify Office 365 admins of anomalous or suspicious activity in the service so they can take action

27 Complementary to EMS and Office 365
App security Identity-driven security Cross-SaaS Complements EMS Microsoft Cloud App Security Provides cross-SaaS app security Discovery for 13,000 apps and risk scoring- no agents Ongoing assessment and analytics for all discovered apps Cross-cloud controls for creating and enforcing policies, DLP, and data sharing Alerts for threat detection for supported and all discovered apps Microsoft Cloud App Security Complements EMS by providing enterprise-grade security for cloud apps Discovery for 13,000 apps and risk scoring— no agents needed Ongoing assessment and analytics for all discovered apps Cross-cloud controls for creating and enforcing policies, DLP, and data sharing Alerts for threat detection for supported and all discovered apps Only Office 365-related capabilities embedded into Office 365 Security and Compliance Center Discovery for apps with similar functionality to O365 App permissions and control Alerts for anomaly detection Built rich DLP features integrated into Office DLP Enterprise Mobility Suite Comprehensive solution for mobility, identity, and security Azure AD Premium provides shadow IT discovery, identity, and access management Advanced Threat Analytics provides threat protection on-premises with behavioral analysis Azure Rights Management provides encryption, identity & authorization to secure data Microsoft Intune provides MDM/MAM capabilities to protect corporate apps and data almost on any device

28 Pricing and licensing Per-user per-month subscription service
$5/user/month April 1, 2016 price list (all volume license channels) Sold separately from EMS

29 Proven protection for top SaaS apps

30 From SaaS providers “At Box, we believe in a modern content management and collaboration experience where information can move easily and securely between individuals and organizations and across devices and applications. By working closely with Microsoft Cloud App Security, we're providing businesses with stronger controls and deeper visibility around their cloud apps, and protecting unwanted access to critical business content."  ROGER MURFF Vice President of Technology Partnerships at Box BOX

31 From our customers “Securing our data in the cloud is critical to maintain our success. Microsoft Cloud App Security protects our users and data by providing us with alerts and information on unusual application and user activity, so we can determine if it’s malicious or authorized or not.” CHRIS THIBAULT Lead SE First American Equipment Finance

32 From our customers “It is so important to see what’s going in and out of a cloud application, to see where data is going and to manage who gets into the cloud application. No one but Cloud App Security can validate the user and end point, block unapproved access and give you full visibility into the transfer of critical corporate data.” DR. RON TORTEN Sr. VP WW Operations and IT Inphi

33 Next steps Visit our product page at (live in April 2016) for more information and to request a demo

34 Cloud App Security vs. O365 Advanced Security Management
Cross-SaaS security Office 365 security Microsoft Cloud App Security Office 365 Advanced Security Management App discovery Discovers 13,000 apps and provides an automated risk score Provides ongoing risk assessment for discovered services (usage patterns, upload/download traffic anomalies) Anomaly detection for discovered apps Manual or automatic log upload Discovers apps that have similar functionality to Office 365 Manual log upload Data control Policy setting and enforcement DLP and data sharing controls all sanctioned apps (cross-SaaS) Identify and control apps connected to supported cloud services with the ability to revoke access Use Azure AD Premium for user and session access control, SAML proxy for non-Azure AD customers for any app Use existing Office DLP (available in E3 and above) Use Azure AD Premium for user and session access control Identify and control apps connected to Office 365 with the ability to revoke access Threat prevention Alerts dashboard includes all policy violations, threat detection, and anomaly detection across SaaS apps Manual or automatic alert remediation Anomaly detection and security alerts for Office 365 Manual and automatic alert remediation

35 App discovery comparison
Based on Adallom acquisition Azure AD Cloud App Discovery Promise Uncover shadow IT and onboard selected apps to Azure AD. Deployment Automatic update via endpoint agents Coverage Only Windows 7 or newer devices, on and off-premises Cloud App Catalog ~2,100+ business cloud apps that can be managed through Azure AD Cloud App Discovery; can discovery every web app employees are using. Cloud trust index (Trust score/app) No Cloud usage analytics Usage per user and per app SIEM integration No. All the information can be exported to Azure Storage and presented through Power BI. App alerts New app discovery weekly and alerts on Azure AD Identity Protection console. Anomaly detection for cloud apps Office 365 Advanced Security Management App Discovery Microsoft Cloud App Security Gain visibility over your organization adoption and utilization of Office 365 cloud apps. Uncover shadow IT and onboard selected apps to Azure AD. Block unwanted apps. Sanction and protect apps with anomaly detection. Manual log upload Manual or automatic log upload All organization network traffic, any devices ~1,000 apps Limited to apps that have similar functionality to Office 365 >13,000 apps No Assessed by specialists inspecting more than 50 attributes including compliance industry standards, security features and posture, terms of service, and more. Discovery dashboard providing an overview Dive into specific service, business unit, geographic area, user, or IP address Yes. Simply with SIEM agents. New app discovery Risky app alerts Custom-built alerts based on the Cloud Trust Index Yes. Office 365 focus only. Yes. For example: large amounts of uploaded data compared to other users, large user transactions compared to user history.

Download ppt "Microsoft Cloud App Security"

Similar presentations

Power BI Sites and Mobile BI. What You Will Learn Sharing and Collaboration Introducing Power BI Exploring Power BI Features and Services Partner Opportunities.

Power BI Sites and Mobile BI. What You Will Learn Sharing and Collaboration Introducing Power BI Exploring Power BI Features and Services Partner Opportunities.
4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.

4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.
Empower Enterprise Mobility Jasbir Gill Azure Mobility.

Empower Enterprise Mobility Jasbir Gill Azure Mobility.
Dell Connected Security Solutions Simplify & unify.

Dell Connected Security Solutions Simplify & unify.
123456789101112…. PrePlanPrepareMigratePost Pre- Deployment PlanPrepareMigrate Post- Deployment First Mailbox.

…. PrePlanPrepareMigratePost Pre- Deployment PlanPrepareMigrate Post- Deployment First Mailbox.
Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.

Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.
Network security Product Group 2 McAfee Network Security Platform.

Network security Product Group 2 McAfee Network Security Platform.
FND2851. Mobile First | Cloud First Sixty-one percent of workers mix personal and work tasks on their devices* >Seventy-five percent of network intrusions.

FND2851. Mobile First | Cloud First Sixty-one percent of workers mix personal and work tasks on their devices* >Seventy-five percent of network intrusions.
Employees use multiple devices Employees use both corporate and personal applications Data is stored in various locations Cybersecurity is a top concern.

Employees use multiple devices Employees use both corporate and personal applications Data is stored in various locations Cybersecurity is a top concern.
What’s New Data Loss Prevention 14. Information is Everywhere Brings Productivity, Agility, Convenience ……and Problems Copyright © 2015 Symantec Corporation.

What’s New Data Loss Prevention 14. Information is Everywhere Brings Productivity, Agility, Convenience ……and Problems Copyright © 2015 Symantec Corporation.
Why EMS? What benefit does EMS provide O365 customers Manage Mobile Productivity Increase IT ProductivitySimplify app delivery and deployment LOB Apps.

Why EMS? What benefit does EMS provide O365 customers Manage Mobile Productivity Increase IT ProductivitySimplify app delivery and deployment LOB Apps.
Enterprise Mobility Suite: Simplify security, stay productive Protect data and empower workers Unsecured company data can cost millions in lost research,

Enterprise Mobility Suite: Simplify security, stay productive Protect data and empower workers Unsecured company data can cost millions in lost research,
Go mobile. Stay in control. Craig Morris EMPOWER ENTERPRISE MOBILITY.

Go mobile. Stay in control. Craig Morris EMPOWER ENTERPRISE MOBILITY.
Get Full Protection on Microsoft Azure with Symantec™ Endpoint Protection 12.1 MICROSOFT AZURE ISV PROFILE: SYMANTEC Symantec™ Endpoint Protection is an.

Get Full Protection on Microsoft Azure with Symantec™ Endpoint Protection 12.1 MICROSOFT AZURE ISV PROFILE: SYMANTEC Symantec™ Endpoint Protection is an.
Complete Cloud Security Anyone, anywhere, any app, any device.

Complete Cloud Security Anyone, anywhere, any app, any device.
Blue Coat Cloud Continuum

Blue Coat Cloud Continuum
Protect your data Enable your users Desktop Virtualization Information protection Mobile device & application management Identity and Access Management.

Protect your data Enable your users Desktop Virtualization Information protection Mobile device & application management Identity and Access Management.
Microsoft Ignite 2016 10/1/ :41 PM BRK3249

Microsoft Ignite /1/ :41 PM BRK3249
Office 365 Advanced Security Management

Office 365 Advanced Security Management
Advanced Endpoint Security Data Connectors-Charlotte January 2016

Advanced Endpoint Security Data Connectors-Charlotte January 2016

Similar presentations

Ads by Google