How to discover and control all the cloud applications your company uses
Security is a critical aspect for any company that is in the cloud. According to a study conducted by Microsoft, companies use an average of 17 applications in the cloud, sometimes some, with knowledge of IT managers but often without their authorization (for example, Facebook, Gmail, Dropbox, etc.). ..), exposing companies to unknown security risks and breaches of privacy policies. Faced with this situation, many IT managers consider how can we control the cloud applications that users use from our organizations?
The solution: Cloud App Security
Cloud App Security provides the IT departments with visibility and control over the applications in the cloud used by the company, allowed by the IT department and not allowed, being able to restrict the use of them or monitor the actions that are carried out with them, with the In order to strengthen the company's security. All this through a set of discovery, research, control and protection capabilities.
What does it offer?
- Application detection: Monitor your network traffic in real time and detect applications in the cloud used, get visibility of unauthorized and evaluate the risk.
- Visibility of user activity in cloud applications : Through Cloud Discovery you can obtain detailed information on activities, users, traffic and files used in the cloud, as well as personalized reports of activity records in the cloud by user.
- Greater control and protection of your critical data : Control the use of your company's data through access and data sharing directives and data loss prevention (DLP). For example, your company may have a file policy enabled that alerts you when a user has shared a company document with an external domain.
- Smart Protection: Cloud App Security counts on the information of millions of unique data received by the device signals of Microsoft's customer base to detect incidents and anomalous behavior patterns of the user that may be indicative of a security risk for your company. .
- Application risk assessment: Cloud App Security counts on the information of millions of signals received from Microsoft client devices to detect anomalous incidents and behavior patterns of the user that may be indicative of a security risk for your company.
- Integration with Azure AD: You can consolidate the various identifiers that Cloud App Security collects from a user when accessing different applications in the cloud and unify them with their identification name in the Active Directory of your company. In this way you can control more easily the activity in the cloud and can also create customized reports by groups of users or departments (This functionality requires a configuration in the Firewall of the company)
The panels of Cloud App Security provide an overview of the activities and features of the applications in the cloud that are being used and allow you to measure that use by the number of users, the volume of traffic or the IPs from which it is accessed. To help you investigate the applications in your environment you can consult:
- Main panel: General information about the status in the cloud (users, files and activities), as well as the necessary actions (alerts, activity infractions and content infractions)
- Data: Analysis of the data stored in the application; breakdown by file type and by level of file sharing.
- Files: File detail, possibility of filtering by owner, level of shared use, etc., as well as carrying out government actions (such as quarantining)
- Third-party applications: Detail of third-party applications implemented in the company, such as G Suite, and definition of policies for those applications.
- User: Complete general information of the user profile in the cloud, including groups, locations, recent activities, related alerts and used browsers.
From this tab you can perform a detailed analysis of the applications used in the company and perform actions with unwanted ones, as they are considered risky applications or because they violate company policies, marking them as Unauthorized .
Once an application is marked as unauthorized, you can perform two types of actions on them:
- Do not prevent it from being used but more easily supervise its use through Cloud Discovery reports.
- Prevent its use by blocking access to the application throughout the company (this function requires a specific configuration in the company's firewall)
Through this view you can connect applications and keep track of the actions performed in them such as:
- Consult the map of active users and monitoring in real time
- Control the actions that are carried out (data or documents)
- Display user accounts that use the application
- Apply your policy policies
Cloud App Security uses the APIs provided by cloud application providers to connect and gain control over them.
Policy policy to control applications
The actions that employees perform with applications can be managed and controlled based on directivesand, if necessary, apply the necessary policies to mitigate the risks in your company. For example, through directives you can allow users to access certain applications in the cloud from the company, but prohibit documents from being downloaded.
There are several types of policies that correlate with the different types of information you want to collect about the cloud environment and the types of corrective actions you want to perform:
- Activity policy: They allow to monitor specific activities carried out by different users or follow unexpectedly high levels of traffic of a certain type of activity.
- Anomaly detection policy: Allows you to search for unusual activities in the cloud to issue alerts when something other than the baseline of the organization or the user's normal activity occurs.
- Application detection policy: Allows you to set alerts that notify when new applications used in the organization's network are detected.
- Cloud Discovery Anomaly Discovery Policy : This directive examines the network traffic of the company and looks for anomalous behavior. For example, when a user who has never used Dropbox suddenly charges 600 GB or when there are many more transactions than usual in a given application.
- File directive: Allows you to examine applications in the cloud to detect file types or specific files (shared, shared with external domains), data (property information, personal information, credit card information, etc.) and apply policies necessary to comply with the regulations of the company.
Do you want to see Cloud App Security in action?
Watch this video to know in detail how Cloud App Security helps you.
Cloud App Security is available as a stand-alone subscription and is also a component of Microsoft Enterprise Mobility + Security E5, the most cost-effective way to acquire all security solutions, including Azure Active Directory Premium , Azure Information Protection , Microsoft Advanced Threat Analytics and Intune .
With Cloud App Security you can benefit from the advantages of the cloud with confidence, while remaining safe, protected and complying with regulations.
Do you want to know more about Microsoft Cloud App Security? Contact us!