1. Microsoft Cloud App Security: Learn how to deploy and manage
7/18/2018 1:32 PM
BRK3008
Microsoft Cloud App Security: Learn how to deploy and manage
Yinon Costica
Principal PM, Cloud App Security
Asaf Kashi
Group Program Manager, Cloud App Security
© Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

2. Microsoft Enterprise Mobility + Security
Apps
Risk
MICROSOFT INTUNE
Make sure your devices are compliant and secure, while protecting data at the application level
AZURE ACTIVE DIRECTORY
Ensure only authorized users are granted access to personal data using risk-based conditional access
MICROSOFT CLOUD APP SECURITY
Gain deep visibility, strong controls and enhanced threat protection for data stored in cloud apps
AZURE INFORMATION PROTECTION
Classify, label, protect and audit data for persistent security throughout the complete data lifecycle
MICROSOFT ADVANCED THREAT ANALYTICS
Detect breaches before they cause damage by identifying abnormal behavior, known malicious attacks and security issues !
Device
Access granted to data
CONDITIONAL
ACCESS
Classify
Label
Audit
Protect
Location

3. We would like to use a single slide and use this format
We would like to use a single slide and use this format. Please update the icons. (You can use the icons from slide #13)
How do I gain visibility into cloud apps used in my organization and get a risk assessment?
How can I control and limit access to data in cloud apps?
How can I prevent data loss in cloud apps and stay compliant with regulations?
How do I protect cloud apps and the data in them from security attacks?

4. Microsoft Cloud App Security
Discover and assess risks
Control access in real time
Protect your information
Detect threats
Identify cloud apps on your network, gain visibility into shadow IT, and get risk assessments and ongoing analytics.
Manage and limit cloud app access based on conditions and session context, including user identity, device, and location.
Get granular control over data and use built-in or custom policies for data sharing and data loss prevention.
Identify high-risk usage and detect unusual behavior using Microsoft threat intelligence and research.
Extend Microsoft security
To your cloud apps
Threat detection: Microsoft Intelligent Security Graph, Office ATP
Information Protection: Office 365 & Azure Information Protection
Identity: Azure AD and Conditional Access
+ more
Discover and assess risks
Discover all cloud usage
in your organization
Information protection
Monitor and control
your data in the cloud
Conditional
access
Control and limit user access based on session context
Threat
detection
Detect usage anomalies and security incidents

5. Cloud App Security: Ignite Announcements
Cloud App Security: proxy
Control and limit access to cloud apps: Using proxy with Azure Active Directory Conditional Access. Public Preview in October
Scan, classify sensitive data and apply AIP labels automatically
Automatic labeling and protection will be in public preview in October Cloud App Security will classify file leveraging Microsoft’s Information Protection solution and capabilities starting Q
Support for Azure West Europe region
Cloud App Security is also be available in Azure West Europe region to better serve our customers in Europe and support their compliance requirements
New Cloud App Discovery experience in Azure AD
Cloud App Discovery in Azure AD’s now enhanced to provide deeper visibility into cloud app usage, no agents required, with ongoing analysis and alerts, powered by Cloud App Security. Available to Azure AD customers.

6. Architecture and how it works
Discovery
Manually or automatically upload traffic logs files from your firewalls and proxies to discover and analyze which cloud apps are in use
Sanction or block apps in your organization using the cloud app catalog
App connectors
Leverage APIs provided by various cloud app providers to extend protection to Cloud App Security
Proxy apps
Azure AD redirects risky sessions to the reverse proxy to apply app restrictions

7. Create a trial tenant Log in to your Microsoft work account
Go to or to  Enterprise Mobility + Security homepage
Sign up for a free Cloud App Security trial, or  Enterprise Mobility + Security all up
Assign licenses to users [at least one]
Login and assign role based access controls
Do-It-Yourself

8. Cloud discovery Shadow IT discovery
Microsoft Ignite 2016
7/18/2018 1:32 PM
Cloud discovery
Shadow IT discovery
Risk assessment and migration to business- ready apps
On-going protection and analytics
Discover cloud apps in use across your networks
Investigate users and source IP cloud usage
Create custom views and reports for business units, networks and groups
Optional PII anonymized reports
Risk assessment for 15,000+ cloud apps based on 60 security and compliance risk factors
Un-sanction, sanction and protect apps
Customize labels, notes, weight in risk scoring and override per app risk assessment to support internal workflows
Anomalous usage alerts
New apps and trending apps alerts
Identify and close policy enforcement gaps
Programmatically generate blocking scripts to supported network appliances
Integrates with
Your network appliances, SIEM
© 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

9. Discovery architecture
Azure
On-premise network
Microsoft Cloud App Security
Syslog CEF
Network logs
Log parser
Log collector
App Discovery
SaaS DB
FTP
Syslog
FTP
Discovery dashboard and alerts
Users and groups
Azure AD
Reporting engine
Tenant DB
SIEM
Web proxy
Firewall
Firewall
Cloud apps

10. Setup Cloud Discovery reports & alerts
Upload network logs to Cloud App Security
Create custom reports
Create new app alerts
Review discovered apps and take actions
Customize the risk scores
Generate blocking scripts
Live demo

11. Discovery workflows
Discovery of Shadow IT Without IT approval, users deploy and use cloud apps that are not business-ready and expose the organization to various risks. IT has limited visibility to the usage of these apps, and the assessment process requires lots of efforts and specialty.
Cloud migration Monitor adoption of new apps, and verify that usage grows over time while alternative, unsanctioned apps decline.
Cloud marketplace Wisely choose cloud apps that fit the security requirement of your organization, and meet the latest cloud security standards.
Live demo

12. Coming soon: Native integration with Zscaler
SSO
Microsoft
Cloud App Security
Enforce Policy
Tenant Bonding
Tenant Bonding
End User
Zscaler NSS
Log Forwarding
Create Unsanctioned App Policy
PAC/ZApp
Unsanctioned Apps URL category
API Polling

13. Cloud App Discovery in Azure AD
Deeper visibility into cloud app usage
Discover more than 15,000 apps from all organization network traffic and from any device.
No-agents required
Ongoing analytics

14. Microsoft’s approach to information protection
7/18/2018 1:32 PM
Microsoft’s approach to information protection
Comprehensive protection of sensitive data throughout the lifecycle – inside and outside the organization
Detect
Classify
Protect
Monitor
Scan & detect sensitive data based on policy
Classify data and apply labels based on sensitivity
Apply protection actions, including encryption, access restrictions
Reporting, alerts, remediation
Devices
cloud
On premises
© 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

15. The lifecycle of a sensitive file
7/18/2018 1:32 PM
The lifecycle of a sensitive file
Data travels across various locations, shared
Protection is persistent, travels with the data
Data is monitored
Reporting on data sharing, usage, potential abuse; take action & remediate
Data is created, imported, & modified across various locations
Data is detected
Across devices, cloud services, on-prem environments
Data is protected based on policy
Protection may in the form of encryption, permissions, visual markings, retention, deletion, or a DLP action such as blocking sharing
Sensitive data is classified & labeled
Based on sensitivity; used for either protection policies or retention policies
Retain, expire, delete data
Via data governance policies
© 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

16. Microsoft’s information protection solutions
7/18/2018 1:32 PM
Microsoft’s information protection solutions
Comprehensive protection of sensitive data across devices, cloud services and on-premises environments
Devices
OFFICE 365
CLOUD SERVICES, SaaS APPs & ON-PREMISES
PCs, tablets, mobile
Exchange Online, SharePoint Online & OneDrive for Business
Highly regulated
Azure
3rd-Party SaaS
Datacenters, file shares
Windows Information Protection & BitLocker for Windows 10
Office 365 DLP
Office 365 Advanced Data Governance
Intune MDM & MAM for iOS & Android
Azure Information Protection
Microsoft Cloud App Security
© 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

17. Information protection for cloud apps
Microsoft Ignite 2016
7/18/2018 1:32 PM
Information protection for cloud apps
Gain visibility into data and sharing
Classify, label and protect
Monitor & investigate
Visibility to sharing level and classification labels
Quantify over-sharing exposure and compliance risks
Detect and manage 3rd apps access
Govern data in the cloud with granular DLP policies
Leverage Microsoft’s Information Protection capabilities for classification
Automatically protect and encrypt your data using Azure Information Protection
Identify policy violations
Investigate incidents and related activities
Quarantine and permissions removal
Integrates with
Azure Information Protection, Office 365, External DLP solutions
© 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

18. Files and Data Control Architecture
Azure
Files
External collaborators
Users
Protected cloud apps
Microsoft Cloud App Security
Files API
Violation remediation (e.g. quarantine) & notification
File directory
Event processing
Files for re-scan as part of the ongoing scan process
File notifications for new and updated files
Activity API
Scan queue
3rd party DLP engine
Proxy
traffic
Selected file for scan
Content scan engine
DLP engine
Download file for scan
Extracted text
Remediation API
SIEM connector (preview)

19. Connecting a sanctioned app
Navigate to Settings > “App Connectors”
Choose your app from the list of available apps
Login with an admin user and approve the OAuth request
Validate deployment with “Test API”
Expect initial activity logs from the app within minutes to an hour.
Live demo

20. Set your first file policy
Navigate to the policies page
Create a policy and choose “file policy”
Choose a template, for example, “File containing PCI detected in the cloud”
Customize policy, for example, narrow scope for “Access level” equals Public
Customize actions in response
Live demo

21. Information protection workflows
Define a classification, labeling and protection policy Define your sensitive data types and how to protect them
Quantify risk: confidential files stored in connected apps Detect sensitive content in files stored in your cloud apps
Auto-remediate public sharing of confidential data Detect confidential data shared publicly and auto-remediate
Investigate and alert Investigate files activity upon violation and trigger alerts on violations and suspicious activity.
Live demo

22. Conditional Access: Proxy
Microsoft Ignite 2016
7/18/2018 1:32 PM
Conditional Access: Proxy
Investigate & enforce app and data restrictions
Unique integration with Azure AD
Context-aware session policies
Control access to cloud apps based on user, location, device and app
Identify managed devices via VPN (location based), Domain joined devices, Intune compliant devices or client certificates
Supports any SAML-based app, any OS
Enforce browser-based “view only” mode for low-trust sessions
Limit access to sensitive data
Classify, label and protect on download
Visibility into unmanaged device activity
Integral component of Azure AD Conditional Access
Simple deployment directly from your Azure AD portal
Leverages existing device management mechanisms, no additional deployment required
Integrates with
Public Preview in October
Join now, us at
Azure Active Directory
© 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

23. Monitor and control access to cloud apps
Microsoft Ignite 2016
7/18/2018 1:32 PM
Monitor and control access to cloud apps
CLOUD APP SECURITY
Allow access
Require MFA
Proxy
Limit access
Policy
Cloud apps
Deny access
Force password reset
******
© 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

24. Conditional Access – Block on download
Cloud App Security Proxy
USER
DEVICE
APP
SESSION RISK
Role: Marketing Mgr
Group: Marketing
Client: Mobile
Config: Open
Location: UNKNOWN
Last Sign-in: 8 hrs ago
Platform: Windows
Health: Fully patched
Config: Managed
Last seen: London, UK
Block on download
Unfamiliar IP address.

25. Conditional Access – Protect on Download
Cloud App Security Proxy
USER
DEVICE
APP
SESSION RISK
Role: Marketing Mgr
Group: Marketing Users
Client: Mobile
Config: Corp Proxy
Location: London, UK
Last Sign-in: 5 hrs ago
Platform: Windows
Health: Fully patched
Config: Managed
Last seen: London, UK
Classification Engine

26. Conditional Access – Protect on Download
Cloud App Security Proxy
USER
DEVICE
APP
SESSION RISK
Role: Vendor
Group: Contingent Staff
Client: Mobile
Config: Open
Location: Red Bank, NJ
Last Sign-in: 3 hrs ago
Platform: Windows
Health: Fully patched
Config: Unmanaged
Last seen: Red Bank, NJ
Protect on download
User is a not a full-time employee.
Device is unmanaged

27. Setup conditional access proxy
Navigate to Azure AD > Enterprise apps > Conditional Access
Apply the required assignments: choose your app, user scope and other conditions
Under Access Controls, check “Use proxy enforced restrictions”
Configure the required session policies in Cloud App Security
Live demo

28. Conditional Access Capabilities
Azure AD: Conditional access for any app with set of conditions
Intune: adds mobile device compliance
Cloud App Security Access Proxy (private preview)
Extends AAD Conditional Access to legacy SSO
Office 365 Conditional Access:
Application level implementation to enforce device, data access and location restrictions
Cloud App Security Session Proxy:
Inline implementation to enforce device, data access and location restrictions
EMS + Office 365

29. Threat detection & investigation
Microsoft Ignite 2016
7/18/2018 1:32 PM
Threat detection & investigation
Behavioral analytics & ransomware detection
Advanced investigation & remediation
Threat Intelligence
Leverages Microsoft Intelligent Security Graph: Unique insights, informed by trillions of signals across Microsoft’s customer base
Native integration with Office Threat Intelligence
Identify anomalies in your cloud environment via advanced behavioral analytics
Built-in detections for leading threat scenarios: Ransomware, admin take-over, shared accounts
Pivot on users, IP addresses, resources, activities and locations
Customize detections based on your findings
Automate remediation with Azure AD
Integrates with
Microsoft Intelligent Security Graph, 3rd party SIEM solutions
© 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

30. Activity & Anomaly detection Architecture
Azure
Users
Support
Admins
Protected cloud apps
Proxy
traffic
Microsoft Cloud App Security
Event enrichment
Geo-location database
Users/Groups
Microsoft Threat Intelligence Center
Alerts engine
Activity API
Alert investigation & notification
Based on big data and machine learning
- Anomaly detection
- Activity policy evaluation
e.g. risky IP addresses
SIEM connector (preview)

31. Set your first activity policy
Navigate to the Policies page
Create a policy and choose “activity policy”
Choose a template, for example, “Mass download by a single user”
Customize parameters, for example, change threshold to 10 downloads
Customize actions in response
Live demo

32. Threat detection scenarios
Suspicious access Unauthorized users accessing your cloud environment or possible breaches in your environment
Anomalous behavior Activities that were probably not done by your employees or may indicate data exfiltration by an insider
Privileged user monitoring Monitor privileged users to keep your cloud environment safe.
Ransomware activity
Detect potential ransomware activity and respond by invalidating access tokens
Live demo

33. External Integrations

34. External integrations
External DLP solution Integrate with existing DLP solutions to extend these controls to the cloud while preserving a consistent and unified policy across on-premises and cloud activities
Export alerts and activities to your SIEM Better protect your cloud applications while maintaining your usual security workflow, automating security procedures and correlating between cloud-based and on-premises events
Automate processes via API or Powershell
Create your own applications using programmatic access to Cloud App Security data and actions through REST API endpoints
Live demo

35. Microsoft Cloud App Security via Powershell
Powershell wrapper to Microsoft Cloud App Security RESTful API
Development managed on Github:
Published on Powershell Gallery:
Enables easy installation:
Install-Module Cloud-App-Security
Adheres to MS Open Source Project Office (OSPO) policies and licensed under MIT license
Available cmdlets:
Add-MCASAdminAccess
Export-MCASBlockScript
Get-MCASAdminAccess
Get-MCASAccount
Get-MCASActivity
Get-MCASAlert
Get-MCASAppInfo
Get-MCASCredential
Get-MCASDiscoveredApp
Get-MCASFile
Get-MCASGovernanceAction
Get-MCASPolicy
Get-MCASReport
Get-MCASReportData
Get-MCASStream
Remove-MCASAdminAccess
Send-MCASDiscoveryLog
Set-MCASAlert

36. Microsoft Enterprise Mobility + Security
Apps
Risk
MICROSOFT INTUNE
Make sure your devices are compliant and secure, while protecting data at the application level
AZURE ACTIVE DIRECTORY
Ensure only authorized users are granted access to personal data using risk-based conditional access
MICROSOFT CLOUD APP SECURITY
Gain deep visibility, strong controls and enhanced threat protection for data stored in cloud apps
AZURE INFORMATION PROTECTION
Classify, label, protect and audit data for persistent security throughout the complete data lifecycle
MICROSOFT ADVANCED THREAT ANALYTICS
Detect breaches before they cause damage by identifying abnormal behavior, known malicious attacks and security issues !
Device
Access granted to data
CONDITIONAL
ACCESS
Classify
Label
Audit
Protect
Location

37. Enterprise Mobility + Security Customers

38. Third-party Multi-Factor Authentication
Enterprise Mobility + Security Partners
MDM and MAM
Identity and Access Management
Third-party Multi-Factor Authentication
Threat Management
Information Protection
Mobile Threat Defense

39. Try Cloud App Security today
Microsoft Ignite 2016
7/18/2018 1:32 PM
Try Cloud App Security today
aka.ms/castrial
© 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

40. Check out other great EMS sessions
Deployment for EMS & Microsoft 365
Microsoft Cloud App Security
Azure Information Protection
Azure Active Directory
Microsoft Advanced Threat Analytics
Microsoft Intune
Download the Ignite app
Windows
iOS
Android

41. Keep going… Try Enterprise Mobility + Security for free, today:
See Microsoft Cloud App Security in action
Evaluate and try Microsoft Advanced Threat Analytics now
Explore Identity + Access Management
Learn more about Azure Information Protection
Discover new MDM and MAM solutions with Microsoft Intune
Check out new Desktop virtualization capabilities

42. 7/18/2018 1:32 PM
© 2016 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.
The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
© 2010 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.
The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

43. Appendix

44. Microsoft Ignite 2016
7/18/2018 1:32 PM
Shadow IT
On average, an organization has 28 cloud storage apps routinely used by its employees.
Only 27% of these support multi-factor authentication.
Only 54% of these encrypt data at-rest.
Only 10% of these are compliant with SOC 2, HIPAA and PCI DSS.
Only 49% of these apps claims they are preserving user's right on his own data.
Only 20% of these apps commit on deleting user’s data after account deletion/termination.
On average, an organization has 41 collaboration apps routinely used by its employees.
Only 22% of these support multi-factor authentication.
Only 24% of these encrypt data at-rest.
Only 6% of these are compliant with SOC 2, HIPAA and PCI DSS.
Only 31% of these claim they are preserving user's right on his own data.
Only 18% of these commit on deleting user’s data after account deletion/termination.
© 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

45. 80% 73% SaaS adoption challenge
Microsoft Ignite 2016
7/18/2018 1:32 PM
SaaS adoption challenge
80%
73%
of enterprises indicated security as a top challenge holding back SaaS adoption*
>80% of employees admit to using non-approved SaaS apps in their jobs**
Cloud Security Alliance (CSA) survey, Cloud Adoption, Practices and Priorities Survey Report 2015 **
© 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

46. Introducing Microsoft Cloud App Security
Enterprise-grade security for your cloud apps
Visibility
Gain complete visibility and context for cloud usage and shadow IT
Control
Shape your cloud environment with granular controls and policy setting for access, data sharing, and DLP
Threat detection
Identify high-risk usage and security incidents, detect abnormal user behavior, and prevent threats

47. Information Protection
Microsoft Ignite 2016
7/18/2018 1:32 PM
Microsoft Cloud App Security: gain visibility and control of data in cloud apps
Cloud Discovery
Discover 14K+ cloud apps in your environment, gain visibility into shadow IT and assess risk
Information Protection
Shape your cloud environment with granular controls and use
out-of-the-box or custom policies for data sharing, and data loss prevention
Threat Protection
Identify high-risk usage and cloud security issues, detect abnormal user behavior, and prevent threats
Discovery
Risk Assessment
Ongoing analytics ! !
Behavioral Analytics
Identify anomalies in your cloud environment that may be indicative of a breach
Collect logs from firewalls and proxies - no agents required on user devices
Policy Setting
DLP & Data Sharing
Policy Enforcement
Policies
Policy Enforcement
Activity
Scan for advanced alerts
Enhanced by Microsoft Intelligent Security Graph
Protect file
Anomaly Detection
App Discovery
Quarantine
Leverage Microsoft’s threat intelligence to detect anomalies, prevent threats, and stop risky behavior right away.
Discovery Anomaly
Make private
File
Remove a collaborator
Integrated with Azure Information Protection
Create policies for files classified by Azure Information Protection and govern sensitive data in the cloud
Investigate and gather unique insights Gain a deeper understanding of what's happening in your cloud environment by pivoting on users, files, accounts, apps and activities.
Use log anonymization to protect employee privacy while uncovering Shadow IT
© 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

48. Microsoft Enterprise Mobility + Security
Technology
Benefit E3 E5
Azure Active Directory Premium P1
Secure single sign-on to cloud and on-premises app MFA, conditional access, and advanced security reporting ●
Azure Active Directory Premium P2
Identity and access management with advanced protection for users and privileged identities
Microsoft Intune
Mobile device and app management to protect corporate apps and data on any device
Azure Information Protection P1
Encryption for all files and storage locations
Cloud-based file tracking
Azure Information Protection P2
Intelligent classification and encryption for files shared inside and outside your organization
Microsoft Cloud App Security
Enterprise-grade visibility, control, and protection for your cloud applications
Microsoft Advanced Threat Analytics
Protection from advanced targeted attacks leveraging user and entity behavioral analytics
Identity and access management
Managed mobile productivity
Information
protection
Threat protection

49. Our FastTrack Momentum
7/18/2018 1:32 PM
Our FastTrack Momentum
“We saw what Microsoft was putting into Intune and saw that it could do everything that we wanted ... and that it would grow with our future needs… … the other thing, and this is a huge part not to be diminished, was the magnitude of positive experience and support from the FastTrack Center.”
Willem Bagchus
Messaging and Collaboration Specialist, United Bank
40k+
6.3 PB+
6.8 M+
189.5
Customers enabled
Data migrated
Seats migrated
Customer satisfaction (NSAT)
800+
51k+
53%
FastTrack Engineers worldwide
Success plans
Faster Time to Value
© Microsoft Corporation. All rights reserved.

50. Solution comes in two different flavors:
Office 365 Cloud App Security
Microsoft Cloud App Security
Enhanced visibility and control for Office 365
Advanced security alerts
Productivity app discovery
App permissions and control
Available in Office E5
Integrated security suite across identity, device, apps and data
Discovery of Shadow IT
Unified Information protection
Automated detection and remediation
Available standalone and as a part of EMS E5

51. Office 365 Cloud App Security vs. Microsoft Cloud App Security
Office 365 Advanced Security Management
Cloud Discovery
Discovered apps
15,000 + cloud apps
750+ cloud apps with similar functionality to Office 365
Deployment for discovery analysis
Manual and automatic log upload
Manual log upload
Log anonymization for user privacy
Yes
Access to full Cloud App Catalog
Cloud app risk assessment
Cloud usage analytics per app, user, IP address
Ongoing analytics & reporting
Anomaly detection for discovered apps
Information Protection
Data Loss Prevention (DLP) support
Cross-SaaS DLP and data sharing control
Uses existing Office DLP (available in Office E3 and above)
App permissions and ability to revoke access
Policy setting and enforcement
Integration with Azure Information Protection
Integration with third party DLP solutions
Threat Detection
Anomaly detection and behavioral analytics
For Cross-SaaS apps including Office 365
For Office 365 apps
Manual and automatic alert remediation
SIEM connector
Yes. Alerts and activity logs for cross-SaaS apps.
Yes. Office 365 alerts only.
Integration to Microsoft Intelligent Security Graph
Activity policies

52. Microsoft’s Information Protection solution
Devices +
On-premise’s servers
Office 365
Cloud apps
Office 365 Security & Compliance Center
Azure Information Protection
Microsoft Cloud App Security
Microsoft’s Information Protection organization policies
Classify
Label
Protect

53. Microsoft Ignite 2016
7/18/2018 1:32 PM
From SaaS providers
“At Box, we believe in a modern content management and collaboration experience where information can move easily and securely between individuals and organizations and across devices and applications. By working closely with Microsoft Cloud App Security, we're providing businesses with stronger controls and deeper visibility around their cloud apps, and protecting unwanted access to critical business content." 
ROGER MURFF
Vice President of Technology Partnerships at Box
BOX
© 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

54. Complete framework to secure your cloud apps
Microsoft Ignite 2016
7/18/2018 1:32 PM
Complete framework to secure your cloud apps
Cloud discovery
Information protection
Threat detection
Conditional Access
Discover all cloud usage in your organization
Monitor and control your data in the cloud
Detect usage anomalies and security incidents
Control and limit user access based on session context
Extend Microsoft security
To your cloud apps
Threat detection: Microsoft Intelligent Security Graph, Office ATP
Information Protection: Office 365 & Azure Information Protection
Identity: Azure AD and Conditional Access
+ more
© 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

55. Cloud App Security: Ignite Announcements
Cloud App Security: proxy-enforced session restrictions
Control and limit access to cloud apps: Using proxy-enforced app restrictions with Azure Active Directory Conditional Access. Public Preview in October
Scan, classify sensitive data and apply AIP labels automatically
Automatic labeling and protection will be in public preview in October Cloud App Security will classify file leveraging Microsoft’s Information Protection solution and capabilities starting Q
Support for Azure West Europe region
Cloud App Security is also be available in Azure West Europe region to better serve our customers in Europe and support their compliance requirements
New Cloud App Discovery experience in Azure AD
Cloud App Discovery in Azure AD’s now enhanced to provide deeper visibility into cloud app usage, no agents required, with ongoing analysis and alerts, powered by Cloud App Security. Available to Azure AD customers.

56. Please evaluate this session
Tech Ready 15
7/18/2018
Please evaluate this session
From your
Please expand notes window at bottom of slide and read. Then Delete this text box.
PC or tablet: visit MyIgnite
Phone: download and use the Microsoft Ignite mobile app
Your input is important!
© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.
The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.