ESG Brief: Microsoft Cloud App Security: Detect, Control, and Enhance Threat Protection

Abstract:

ESG’s 2018 IT spending intentions research indicates that 63% of organizations will increase cybersecurity spending in 2018,1 and it’s safe to assume that data security concerns at least helped to influence these more bullish general security investment positions. Companies that do not want to fall victim to potentially disastrous situations are prioritizing investments in solutions such as Microsoft Cloud App Security. Microsoft shops are likely to find Cloud App Security a welcome enhancement to their environments.

Cloud Access Security Broker (CASB), Helping IT Take Back Control

Just because you can’t see something doesn’t mean it’s not there. Or is it? When data is moved to the cloud and consumed on mobile devices, you can’t visibly see it—and it’s common wisdom that what you can’t see, you can’t control—never mind protect. This is likely one of the primary reasons that 23% of IT professionals surveyed by ESG indicated that strengthening cybersecurity tools and processes is their most important IT initiative in 2018.

Over the past several years, the threat landscape has changed considerably and Microsoft is upping its game to secure devices, applications, and identities. We all see that businesses are experiencing an increase in cloud consumption models, mobile device usage, and cybersecurity threats. The days of the predictable end-user environment are waning, and Microsoft is enhancing how it can help its customers embrace cloud and mobility with strong security. In fact, ESG’s 2018 IT spending intentions research indicates that 63% of organizations will increase cybersecurity spending in 2018, and it’s safe to assume data security concerns at least helped to influence these more bullish general security investment positions. In fact, data security was highlighted among ESG respondents as an area in which they expect to make significant investments over the next 12-18 months. While a number of solutions attempt to solve the challenges that occur when employees use non-sanctioned applications (think issues involving identity and access management, mobile device management, and data loss protection, for starters), many of these solutions only address one aspect of the problem.

So how can over-extended IT professionals efficiently mitigate risk and protect business-critical information that is increasingly associated with the use of a wide range of cloud applications?

CASB. Over the past several years, cloud access security broker (CASB) technology has helped mitigate this constant, angst- filled challenge. How? In a nutshell, by offering a secure gateway for data moving to and from the cloud. CASB products offer a number of security measures, such as access control, anti-malware, data loss prevention (DLP), encryption, firewall, identity management, user behavior analytics, threat management, etc.

Microsoft Cloud App Security

Microsoft’s Cloud App Security builds on its acquisition of Adallom (2015). With this solution, organizations are able to extend their control access to third-party applications including Dropbox, Box, and Amazon Web Services, as well as via integration with Azure Active Directory. It’s hard to ignore the horsepower Microsoft possesses as they:

  • Can detect more than 15,000 applications and the risks they pose. Applications are assessed on 60 risk factors that are security-related and compliance-related. Organizations can customize their risk exposure and identify new and trending applications.
  • Capture user behavior data from 14B logons and detect attacker behavior data from millions of attacks each day.
  • Receive threat data from applications,industry partners,researchers,and law enforcement.
  • Fed botnet data from Microsoft’s Digital Crimes Unity.
  • Seize malware data from Windows Defender.

The solution is sold standalone, or as part of the Microsoft E5 Enterprise Mobility and Security suite. The Cloud App Security solution offers the following:

  • Cloud application discovery (i.e.,visibilityintocloudapplications) and risk assessment. Use traffic logs to identify and analyze cloud applications on the network; gain visibility into shadow IT; and assess risks. Use app connectors to leverage providers’ APIs.
  • Real-time access control. Manage and limit cloud-based access via user identity, device, and location.
  • Data loss protection. Gain control over data; use standard or custom policies for data sharing and DLP. Extend existing DLP solutions to the cloud, while maintaining a unified policy across on-premises and cloud. For SIEM, automate security procedures between on-premises and cloud-based events.
  • Compliance. Control and protect sensitive information; comply with government regulations, including GDPR, HIPAA, PCI-DSS, and SOX.
  • Threatdetection. Identify high risk use, suspicious application behaviors, and files in the cloud via Microsoft threat intelligence and research; and easily remediate threats and security issues.

The Bigger Truth

Microsoft Cloud App Security is an example of where businesses are jumping on board to discover, control, detect, and protect against data loss and cloud-born threats. The breadth of Microsoft offerings is attractive to IT organizations that require real-time visibility and control (especially in an environment in which IT is rapidly losing control). And, as the security perimeter continues to expand, the capabilities of Microsoft Cloud App Security can enable IT organizations to achieve a level of normalcy.

It’s no secret businesses are constantly contending with a litany of possible risks including ransomware, insider threats, compliance, and cybersecurity threats. Companies that do not want to fall victim to these and other potentially disastrous situations and that still need to embrace their adoption of cloud services are prioritizing investments in solutions such as Microsoft Cloud App Security. Microsoft shops are likely to find Cloud App Security a welcome enhancement to their environments, as well as an opportunity to protect themselves without having to deal with the time and expense of adding new staff and skillsets. Additionally, Cloud App Security gives IT operations a chance to provide multiple organizational alignment opportunities within the information security group to help improve the company’s overall security posture.

1. Source: ESG Master Survey Results, 2018 IT Spending Intentions Survey, December 2017.

DOWNLOAD PDF REPORT

ESG Brief - Microsoft Cloud App Security: Detect, Control, and Enhance Threat Protection

Not a client? Contact us to learn more.

 

Topics: Cybersecurity Enterprise Mobility Cloud Services & Orchestration