SlideShare a Scribd company logo

Techorama - Shadow IT with Cloud Apps

David De Vos
David De Vos

My Techorama session on Information Protection and Cloud App Security integration

Technology
1 of 42
Download to read offline
INFORMATION PROTECTION & CLOUD APP SECURITY
About me .. @vrykodee David De Vos Solutions Architect / Security Evangelist Synergics David.DeVos@synergics.be
Microsoft Enterprise Mobility + Security Apps Risk MICROSOFT INTUNE Make sure your devices are compliant and secure, while protecting data at the application level AZURE ACTIVE DIRECTORY Ensure only authorized users are granted access to personal data using risk-based conditional access MICROSOFT CLOUD APP SECURITY Gain deep visibility, strong controls and enhanced threat protection for data stored in cloud apps AZURE INFORMATION PROTECTION Classify, label, protect and audit data for persistent security throughout the complete data lifecycle MICROSOFT ADVANCED THREAT ANALYTICS Detect breaches before they cause damage by identifying abnormal behavior, known malicious attacks and security issues ! Device ! Access granted to data CONDITIONAL ACCESS Classify LabelAudit Protect ! ! Location
Authentication & collaboration RMS connector Authorization requests via federation (optional) Data protection for organizations at different stages of cloud adoption Ensures security because sensitive data is never sent to the RMS server Integration with on-premises assets with minimal effort Hold your key on premises AAD Connect ADFS HYOK Service supplied Key BYOK Azure Information Protection Architecture
Azure Information Protection Classification
Azure Information Protection SECRET CONFIDENTIAL INTERNAL NOT RESTRICTED IT admin can set policies, templates, and rules. Classifications, labels and encryption can be applied automatically based on file source, context, and content EMS extends Office 365 manual protection of files with automatic protection to ensure policy compliance Encryption stays with the file wherever it goes, internally and externally Files can be tracked by sender and access revoked if needed Classification and labeling Classify data based on sensitivity and add labels—manually or automatically Protection Encrypt sensitive data & define usage rights, add visual markings when needed Monitoring Detailed tracking and reporting to maintain control over shared data
PERSONAL HIGHLY CONFIDENTIAL CONFIDENTIAL GENERAL PUBLIC You can override a classification and optionally be required to provide a justification. Manual reclassification Policies can be set by IT Admins for automatically applying classification and protection to data. Automatic classification Users can choose to apply a sensitivity label to the email or file they are working on with a single click. User-specified classification Types of classification Based on the content you’re working on, you can be prompted with suggested classification. Recommended classification
Azure Information Protection Protection
VIEW EDIT COPY PASTE Email attachment FILE Protect data needing protection by: Encrypting data Including authentication requirement and a definition of use rights (permissions) to the data Providing protection that is persistent and travels with the data Granular Information Protection Personal apps Corporate apps
User based protection Manual (right-click) and protection for non-Office files Label and protect any file through the windows shell-explorer Select either one file, multiple files or a folder and apply a label
AIP PowerShell and Scanner Bulk classification for data at rest using PowerShell Scan and classify your on-premises file shares using PowerShell Query for file labels and protection attributes Scan folders in report-only mode Set a label and/or protection for documents stored locally or on file shares
Azure Information Protection Scanner Information protection for hybrid scenario  Crawl files stored on file servers and CIFS based storage  Crawl the content of SharePoint Server on prem  Use AIP policies configured to determine classification  Run in “report” or “Label and protect” mode Native Unified Anywhere
Automatic Protection SharePoint Online document labels
Automatic Protection Discover personal data with auto-classification Data is auto-classified based on content Sensitive data is automatically detected
Automatic Protection Exchange Online mail protection
O365 Message Encryption Anyone, on any Device in any Email client Inside your organization Between your business partners With any of your customers
Office Encrytped Email Tip
Azure Information Protection Monitoring
Monitoring Analyze the flow of personal and sensitive data and detect risky behaviors. Distribution visibility Track who is accessing documents and from where. Access logging Prevent data leakage or misuse by changing or revoking document access remotely. Access revocation
Monitoring
Monitoring
Admin Experience
Best Practices For Getting Started Deploy Azure Information Protection client. During summer it becomes part of Office suites. Start by creating only one or two labels only! Add more labels when they are necessary. It’s easy to create additional labels during evaluation period. Avoid deleting or changing label policies. Use the tool tips and recommendation in Office instead and make sure there is a clear description. Don’t started automation too early, but validate thoroughly with key personas. Make sure to allow automatic label overrides for users. Monitor the frequency and monitor motivations to gather feedback on label automations. Track the protected documents for an unauthorized attempts to open the documents. Last but not least, educate your users on the impact of labels and the importance
End user Experience
Shadow IT Insights Cloud App Security
Architecture and how it works Discovery • Use traffic logs to discover and analyze which cloud apps are in use • Manually or automatically upload log files for analysis from your firewalls and proxies (Un)Sanctioning • Sanction or block apps in your organization using the cloud app catalog App connectors • Leverage APIs provided by various cloud app providers • Connect an app and extend protection by authorizing access to the app. Cloud App Security queries the app for activity logs and scans data, accounts, and cloud content App connectors Cloud discoveryProtected Cloud apps Cloud traffic Cloud traffic logs Firewalls Proxies Your organization from any location API Cloud App Security
Microsoft Cloud App Security Discovery Discover all cloud usage in your organization Information protection Monitor and control your data in the cloud Threat detection Detect usage anomalies and security incidents In-session control Control and limit user access based on session context DISCOVER INVESTIGATE CONTROL PROTECT
Discovery Anomalous usage alerts New apps and trending apps alerts Alert on risky cloud usage Discover cloud apps in use across your networks Investigate users and source IP cloud usage Un-sanction, sanction and protect apps Shadow IT discovery Cloud app risk assessment Risk scoring for 13,000+ cloud apps ~60 security and compliance risk factors CASB integration with: Your network appliances
Information protection for cloud apps Identify policy violations Investigate incidents and related activities Quarantine and permissions removal Get alerts and investigate Visibility to sharing level and classification labels Quantify exposure and risk Detect and manage 3rd apps access Gain cloud data visibility Enforce DLP policies & control sharing Govern data in the cloud with granular DLP policies: automated or based on classification labels Leverage Microsoft and 3rd party DLP engines for classification CASB integration with: Azure Information Protection, Office 365 Information Protection, 3rd party DLP (private preview)
Threat detection Leverage Microsoft Intelligent Security Graph Unique insights, informed by trillions of signals across Microsoft Threat Intelligence Identify anomalies in your cloud environment which may be indicative of a breach Leverage behavioral analytics (each user’s interaction with SaaS apps) to assess risk in each transaction Behavioral analytics Advanced investigation Advanced incident investigation tools Pivot on users, file, activities and locations Customize detections based on your findings Integrates with Microsoft Intelligent Security Graph, 3rd party SIEM
Conditional Access: Proxy Control access to cloud apps based on user, location, device and app Identify managed devices via VPN (location based), Domain joined devices, Intune compliant devices or client certificates Supports any SAML-based app, any OS Context-aware session policies Investigate & enforce app and data restrictions Enforce browser-based “view only” mode for low-trust sessions Limit access to sensitive data Classify, label and protect on download Visibility into unmanaged device activity Integrates with Azure Active Directory Unique integration with Azure AD Integral component of Azure AD Conditional Access Simple deployment directly from your Azure AD portal Leverages existing device management mechanisms, no additional deployment required
Cloud App Security in-session control Control access to cloud apps based on user, location, device and app Supports any SSO, any SAML- based app, any OS Context-aware session policies Limit sessions of unmanaged devices Enforce browser-based “view only” mode for risky sessions Limit access to sensitive data Integrates with: Azure Active Directory Also works with: 3rd party IDaaS solutions
Require MFA Allow access Deny access Force password reset****** Monitor and control access to cloud apps Cloud apps CLOUD APP SECURITY Limit access Policy Proxy
Require MFA Allow access Deny access Force password reset****** Monitor and control access to cloud apps Cloud apps CLOUD APP SECURITY Limit access Policy Proxy
Cloud App Security Proxy Conditional Access – Protect on Upload USER Role: Marketing Mgr Group: Marketing Users Client: Mobile Config: Corp Proxy Location: London, UK Last Sign-in: 5 hrs ago Platform: Windows Health:Fully patched Config:Managed Last seen: London, UK DEVICE SESSION RISK APP Classification Engine
Cloud App Security Proxy Conditional Access – Block on download USER Role: Marketing Mgr Group: Marketing Client: Mobile Config: Open Location: UNKNOWN Last Sign-in: 8 hrs ago Platform: Windows Health:Fully patched Config:Managed Last seen: London, UK DEVICE SESSION RISK APP Unfamiliar IP address. Block on download
Cloud App Security Policies & Alerting Access/Session policies Activity Policies Anomaly Detection/Discovery Policies App Discovery Policies File Policies
O365 Cloud App Security vs. Microsoft Cloud App Security Microsoft Cloud App Security Office 365 Cloud App Security Cloud Discovery Discovered apps 15,000 + cloud apps 750+ cloud apps with similar functionality to Office 365 Deployment for discovery analysis Manual and automatic log upload Manual log upload Log anonymization for user privacy Yes Yes Access to full Cloud App Catalog Yes Cloud app risk assessment Yes Cloud usage analytics per app, user, IP address Yes Ongoing analytics & reporting Yes Anomaly detection for discovered apps Yes Information Protection Data Loss Prevention (DLP) support Cross-SaaS DLP and data sharing control Uses existing Office DLP (available in Office E3 and above) App permissions and ability to revoke access Yes Yes Policy setting and enforcement Yes Integration with Azure Information Protection Yes Integration with third party DLP solutions Yes Threat Detection Anomaly detection and behavioral analytics For Cross-SaaS apps including Office 365 For Office 365 apps Manual and automatic alert remediation Yes Yes SIEM connector Yes. Alerts and activity logs for cross-SaaS apps. Yes. Office 365 alerts only. Integration to Microsoft Intelligent Security Graph Yes Yes Activity policies Yes Yes https://docs.microsoft.com/en-us/cloud-app-security/
Let’s see it .. in action
Thank you https://www.synergics.be http://getsecure.today/blog

Recommended

Microsoft Cloud Application Security Overview
Microsoft Cloud Application Security Overview Microsoft Cloud Application Security Overview
Microsoft Cloud Application Security Overview Syed Sabhi Haider
 
Cloud App Security
Cloud App SecurityCloud App Security
Cloud App SecurityAlvaro Rezende
 
Microsoft Cloud App Security CASB
Microsoft Cloud App Security CASBMicrosoft Cloud App Security CASB
Microsoft Cloud App Security CASBAmmar Hasayen
 
Microsoft Cloud App Security Demo
Microsoft Cloud App Security DemoMicrosoft Cloud App Security Demo
Microsoft Cloud App Security DemoCheah Eng Soon
 
How to protect your corporate from advanced attacks
How to protect your corporate from advanced attacksHow to protect your corporate from advanced attacks
How to protect your corporate from advanced attacksMicrosoft
 
Azure Security Center
Azure Security CenterAzure Security Center
Azure Security CenterMicrosoft
 
Azure Information Protection
Azure Information ProtectionAzure Information Protection
Azure Information ProtectionMicrosoft
 
Cloud Security Demo
Cloud Security DemoCloud Security Demo
Cloud Security DemoCheah Eng Soon
 

Recommended

Microsoft Cloud Application Security Overview
Microsoft Cloud Application Security Overview Microsoft Cloud Application Security Overview
Microsoft Cloud Application Security Overview Syed Sabhi Haider
 
Cloud App Security
Cloud App SecurityCloud App Security
Cloud App SecurityAlvaro Rezende
 
Microsoft Cloud App Security CASB
Microsoft Cloud App Security CASBMicrosoft Cloud App Security CASB
Microsoft Cloud App Security CASBAmmar Hasayen
 
Microsoft Cloud App Security Demo
Microsoft Cloud App Security DemoMicrosoft Cloud App Security Demo
Microsoft Cloud App Security DemoCheah Eng Soon
 
How to protect your corporate from advanced attacks
How to protect your corporate from advanced attacksHow to protect your corporate from advanced attacks
How to protect your corporate from advanced attacksMicrosoft
 
Azure Security Center
Azure Security CenterAzure Security Center
Azure Security CenterMicrosoft
 
Azure Information Protection
Azure Information ProtectionAzure Information Protection
Azure Information ProtectionMicrosoft
 
Cloud Security Demo
Cloud Security DemoCloud Security Demo
Cloud Security DemoCheah Eng Soon
 
Identity-Driven Security with Forsyte I.T. Solutions - Demos and Discovery
Identity-Driven Security with Forsyte I.T. Solutions - Demos and DiscoveryIdentity-Driven Security with Forsyte I.T. Solutions - Demos and Discovery
Identity-Driven Security with Forsyte I.T. Solutions - Demos and DiscoveryForsyte I.T. Solutions
 
Get ahead of cybersecurity with MS Enterprise Mobility + Security
Get ahead of cybersecurity with MS Enterprise Mobility + Security Get ahead of cybersecurity with MS Enterprise Mobility + Security
Get ahead of cybersecurity with MS Enterprise Mobility + Security Kjetil Lund-Paulsen
 
Importance of Identity Management in Security - Microsoft Tech Tour @Towson
Importance of Identity Management in Security - Microsoft Tech Tour @TowsonImportance of Identity Management in Security - Microsoft Tech Tour @Towson
Importance of Identity Management in Security - Microsoft Tech Tour @TowsonAdam Levithan
 
Microsoft Cloud App Security
Microsoft Cloud App SecurityMicrosoft Cloud App Security
Microsoft Cloud App SecurityMicrosoft
 
B2 - The History of Content Security: Part 2 - Adam Levithan
B2 - The History of Content Security: Part 2 - Adam LevithanB2 - The History of Content Security: Part 2 - Adam Levithan
B2 - The History of Content Security: Part 2 - Adam LevithanSPS Paris
 
1 Modern Security - Keynote
1 Modern Security - Keynote1 Modern Security - Keynote
1 Modern Security - KeynoteAndrew Bettany
 
Protect your business with identity and access management in the cloud
Protect your business with identity and access management in the cloudProtect your business with identity and access management in the cloud
Protect your business with identity and access management in the cloudMicrosoft
 
Azure information protection
Azure information protectionAzure information protection
Azure information protectionKjetil Lund-Paulsen
 
EMS Diagram Click Through Web
EMS Diagram Click Through WebEMS Diagram Click Through Web
EMS Diagram Click Through WebEric Inch
 
MCAS High Level Architecture May 2021
MCAS High Level Architecture May 2021MCAS High Level Architecture May 2021
MCAS High Level Architecture May 2021Matt Soseman
 
Azure Information Protection
Azure Information ProtectionAzure Information Protection
Azure Information ProtectionRobert Crane
 
Decriminalize Your Colleagues - How to Address Shadow IT in the Enterprise
Decriminalize Your Colleagues - How to Address Shadow IT in the EnterpriseDecriminalize Your Colleagues - How to Address Shadow IT in the Enterprise
Decriminalize Your Colleagues - How to Address Shadow IT in the EnterpriseBoxHQ
 
2 Modern Security - Microsoft Information Protection
2 Modern Security - Microsoft Information Protection2 Modern Security - Microsoft Information Protection
2 Modern Security - Microsoft Information ProtectionAndrew Bettany
 
Secure File Sharing Basics - What Every File Sharing Provider Should Have
Secure File Sharing Basics - What Every File Sharing Provider Should HaveSecure File Sharing Basics - What Every File Sharing Provider Should Have
Secure File Sharing Basics - What Every File Sharing Provider Should HaveBoxHQ
 
4 Modern Security - Integrated SecOps and incident response with MTP
4 Modern Security - Integrated SecOps and incident response with MTP4 Modern Security - Integrated SecOps and incident response with MTP
4 Modern Security - Integrated SecOps and incident response with MTPAndrew Bettany
 
Power Saturday 2019 E1 - Office 365 security
Power Saturday 2019 E1 - Office 365 securityPower Saturday 2019 E1 - Office 365 security
Power Saturday 2019 E1 - Office 365 securityPowerSaturdayParis
 
An introduction to Office 365 Advanced Threat Protection (ATP)
An introduction to Office 365 Advanced Threat Protection (ATP)An introduction to Office 365 Advanced Threat Protection (ATP)
An introduction to Office 365 Advanced Threat Protection (ATP)Robert Crane
 
[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...
[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...
[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...☁️ Gustavo Magella
 
Microsoft Advanced Security & Compliance
Microsoft Advanced Security & ComplianceMicrosoft Advanced Security & Compliance
Microsoft Advanced Security & ComplianceChris Genazzio
 
Microsoft threat protection + wdatp+ aatp overview
Microsoft threat protection + wdatp+ aatp overviewMicrosoft threat protection + wdatp+ aatp overview
Microsoft threat protection + wdatp+ aatp overviewAllessandra Negri
 
Get Ahead of Cyber Attacks with Microsoft Enterprise Mobility + Security
Get Ahead of Cyber Attacks with Microsoft Enterprise Mobility + SecurityGet Ahead of Cyber Attacks with Microsoft Enterprise Mobility + Security
Get Ahead of Cyber Attacks with Microsoft Enterprise Mobility + SecurityDavid J Rosenthal
 
Information protection & classification
Information protection & classificationInformation protection & classification
Information protection & classificationDavid De Vos
 

More Related Content

What's hot

Identity-Driven Security with Forsyte I.T. Solutions - Demos and Discovery
Identity-Driven Security with Forsyte I.T. Solutions - Demos and DiscoveryIdentity-Driven Security with Forsyte I.T. Solutions - Demos and Discovery
Identity-Driven Security with Forsyte I.T. Solutions - Demos and DiscoveryForsyte I.T. Solutions
 
Get ahead of cybersecurity with MS Enterprise Mobility + Security
Get ahead of cybersecurity with MS Enterprise Mobility + Security Get ahead of cybersecurity with MS Enterprise Mobility + Security
Get ahead of cybersecurity with MS Enterprise Mobility + Security Kjetil Lund-Paulsen
 
Importance of Identity Management in Security - Microsoft Tech Tour @Towson
Importance of Identity Management in Security - Microsoft Tech Tour @TowsonImportance of Identity Management in Security - Microsoft Tech Tour @Towson
Importance of Identity Management in Security - Microsoft Tech Tour @TowsonAdam Levithan
 
Microsoft Cloud App Security
Microsoft Cloud App SecurityMicrosoft Cloud App Security
Microsoft Cloud App SecurityMicrosoft
 
B2 - The History of Content Security: Part 2 - Adam Levithan
B2 - The History of Content Security: Part 2 - Adam LevithanB2 - The History of Content Security: Part 2 - Adam Levithan
B2 - The History of Content Security: Part 2 - Adam LevithanSPS Paris
 
1 Modern Security - Keynote
1 Modern Security - Keynote1 Modern Security - Keynote
1 Modern Security - KeynoteAndrew Bettany
 
Protect your business with identity and access management in the cloud
Protect your business with identity and access management in the cloudProtect your business with identity and access management in the cloud
Protect your business with identity and access management in the cloudMicrosoft
 
EMS Diagram Click Through Web
EMS Diagram Click Through WebEMS Diagram Click Through Web
EMS Diagram Click Through WebEric Inch
 
MCAS High Level Architecture May 2021
MCAS High Level Architecture May 2021MCAS High Level Architecture May 2021
MCAS High Level Architecture May 2021Matt Soseman
 
Azure Information Protection
Azure Information ProtectionAzure Information Protection
Azure Information ProtectionRobert Crane
 
Decriminalize Your Colleagues - How to Address Shadow IT in the Enterprise
Decriminalize Your Colleagues - How to Address Shadow IT in the EnterpriseDecriminalize Your Colleagues - How to Address Shadow IT in the Enterprise
Decriminalize Your Colleagues - How to Address Shadow IT in the EnterpriseBoxHQ
 
2 Modern Security - Microsoft Information Protection
2 Modern Security - Microsoft Information Protection2 Modern Security - Microsoft Information Protection
2 Modern Security - Microsoft Information ProtectionAndrew Bettany
 
Secure File Sharing Basics - What Every File Sharing Provider Should Have
Secure File Sharing Basics - What Every File Sharing Provider Should HaveSecure File Sharing Basics - What Every File Sharing Provider Should Have
Secure File Sharing Basics - What Every File Sharing Provider Should HaveBoxHQ
 
4 Modern Security - Integrated SecOps and incident response with MTP
4 Modern Security - Integrated SecOps and incident response with MTP4 Modern Security - Integrated SecOps and incident response with MTP
4 Modern Security - Integrated SecOps and incident response with MTPAndrew Bettany
 
Power Saturday 2019 E1 - Office 365 security
Power Saturday 2019 E1 - Office 365 securityPower Saturday 2019 E1 - Office 365 security
Power Saturday 2019 E1 - Office 365 securityPowerSaturdayParis
 
An introduction to Office 365 Advanced Threat Protection (ATP)
An introduction to Office 365 Advanced Threat Protection (ATP)An introduction to Office 365 Advanced Threat Protection (ATP)
An introduction to Office 365 Advanced Threat Protection (ATP)Robert Crane
 
[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...
[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...
[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...☁️ Gustavo Magella
 
Microsoft Advanced Security & Compliance
Microsoft Advanced Security & ComplianceMicrosoft Advanced Security & Compliance
Microsoft Advanced Security & ComplianceChris Genazzio
 
Microsoft threat protection + wdatp+ aatp overview
Microsoft threat protection + wdatp+ aatp overviewMicrosoft threat protection + wdatp+ aatp overview
Microsoft threat protection + wdatp+ aatp overviewAllessandra Negri
 

What's hot (20)

Identity-Driven Security with Forsyte I.T. Solutions - Demos and Discovery
Identity-Driven Security with Forsyte I.T. Solutions - Demos and DiscoveryIdentity-Driven Security with Forsyte I.T. Solutions - Demos and Discovery
Identity-Driven Security with Forsyte I.T. Solutions - Demos and Discovery
 
Get ahead of cybersecurity with MS Enterprise Mobility + Security
Get ahead of cybersecurity with MS Enterprise Mobility + Security Get ahead of cybersecurity with MS Enterprise Mobility + Security
Get ahead of cybersecurity with MS Enterprise Mobility + Security
 
Importance of Identity Management in Security - Microsoft Tech Tour @Towson
Importance of Identity Management in Security - Microsoft Tech Tour @TowsonImportance of Identity Management in Security - Microsoft Tech Tour @Towson
Importance of Identity Management in Security - Microsoft Tech Tour @Towson
 
Microsoft Cloud App Security
Microsoft Cloud App SecurityMicrosoft Cloud App Security
Microsoft Cloud App Security
 
B2 - The History of Content Security: Part 2 - Adam Levithan
B2 - The History of Content Security: Part 2 - Adam LevithanB2 - The History of Content Security: Part 2 - Adam Levithan
B2 - The History of Content Security: Part 2 - Adam Levithan
 
1 Modern Security - Keynote
1 Modern Security - Keynote1 Modern Security - Keynote
1 Modern Security - Keynote
 
Protect your business with identity and access management in the cloud
Protect your business with identity and access management in the cloudProtect your business with identity and access management in the cloud
Protect your business with identity and access management in the cloud
 
Azure information protection
Azure information protectionAzure information protection
Azure information protection
 
EMS Diagram Click Through Web
EMS Diagram Click Through WebEMS Diagram Click Through Web
EMS Diagram Click Through Web
 
MCAS High Level Architecture May 2021
MCAS High Level Architecture May 2021MCAS High Level Architecture May 2021
MCAS High Level Architecture May 2021
 
Azure Information Protection
Azure Information ProtectionAzure Information Protection
Azure Information Protection
 
Decriminalize Your Colleagues - How to Address Shadow IT in the Enterprise
Decriminalize Your Colleagues - How to Address Shadow IT in the EnterpriseDecriminalize Your Colleagues - How to Address Shadow IT in the Enterprise
Decriminalize Your Colleagues - How to Address Shadow IT in the Enterprise
 
2 Modern Security - Microsoft Information Protection
2 Modern Security - Microsoft Information Protection2 Modern Security - Microsoft Information Protection
2 Modern Security - Microsoft Information Protection
 
Secure File Sharing Basics - What Every File Sharing Provider Should Have
Secure File Sharing Basics - What Every File Sharing Provider Should HaveSecure File Sharing Basics - What Every File Sharing Provider Should Have
Secure File Sharing Basics - What Every File Sharing Provider Should Have
 
4 Modern Security - Integrated SecOps and incident response with MTP
4 Modern Security - Integrated SecOps and incident response with MTP4 Modern Security - Integrated SecOps and incident response with MTP
4 Modern Security - Integrated SecOps and incident response with MTP
 
Power Saturday 2019 E1 - Office 365 security
Power Saturday 2019 E1 - Office 365 securityPower Saturday 2019 E1 - Office 365 security
Power Saturday 2019 E1 - Office 365 security
 
An introduction to Office 365 Advanced Threat Protection (ATP)
An introduction to Office 365 Advanced Threat Protection (ATP)An introduction to Office 365 Advanced Threat Protection (ATP)
An introduction to Office 365 Advanced Threat Protection (ATP)
 
[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...
[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...
[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...
 
Microsoft Advanced Security & Compliance
Microsoft Advanced Security & ComplianceMicrosoft Advanced Security & Compliance
Microsoft Advanced Security & Compliance
 
Microsoft threat protection + wdatp+ aatp overview
Microsoft threat protection + wdatp+ aatp overviewMicrosoft threat protection + wdatp+ aatp overview
Microsoft threat protection + wdatp+ aatp overview
 

Similar to Techorama - Shadow IT with Cloud Apps

Get Ahead of Cyber Attacks with Microsoft Enterprise Mobility + Security
Get Ahead of Cyber Attacks with Microsoft Enterprise Mobility + SecurityGet Ahead of Cyber Attacks with Microsoft Enterprise Mobility + Security
Get Ahead of Cyber Attacks with Microsoft Enterprise Mobility + SecurityDavid J Rosenthal
 
Information protection & classification
Information protection & classificationInformation protection & classification
Information protection & classificationDavid De Vos
 
Security As A Service
Security As A ServiceSecurity As A Service
Security As A ServiceOlav Tvedt
 
Xylos Clients Day - Public cloud and security go hand in hand, if you approac...
Xylos Clients Day - Public cloud and security go hand in hand, if you approac...Xylos Clients Day - Public cloud and security go hand in hand, if you approac...
Xylos Clients Day - Public cloud and security go hand in hand, if you approac...Karim Vaes
 
Securing your Organization with Microsoft 365
Securing your Organization with Microsoft 365Securing your Organization with Microsoft 365
Securing your Organization with Microsoft 365Ravikumar Sathyamurthy
 
Value Microsoft 365 E5 English
Value Microsoft 365 E5 EnglishValue Microsoft 365 E5 English
Value Microsoft 365 E5 EnglishGuillaume Lagache
 
Microsoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewMicrosoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewDavid J Rosenthal
 
Identity and Data protection with Enterprise Mobility Security in ottica GDPR
Identity and Data protection with Enterprise Mobility Security in ottica GDPRIdentity and Data protection with Enterprise Mobility Security in ottica GDPR
Identity and Data protection with Enterprise Mobility Security in ottica GDPRJürgen Ambrosi
 
Sikkerhed & Compliance i en cloud-verden
Sikkerhed & Compliance i en cloud-verdenSikkerhed & Compliance i en cloud-verden
Sikkerhed & Compliance i en cloud-verdenMicrosoft
 
Enterprise Mobility+Security Overview
Enterprise Mobility+Security Overview Enterprise Mobility+Security Overview
Enterprise Mobility+Security Overview Chris Genazzio
 
Microsoft Intune y Gestión de Identidad Corporativa
Microsoft Intune y Gestión de Identidad Corporativa Microsoft Intune y Gestión de Identidad Corporativa
Microsoft Intune y Gestión de Identidad Corporativa Plain Concepts
 
Protect your data in / with the Cloud
Protect your data in / with the CloudProtect your data in / with the Cloud
Protect your data in / with the CloudGWAVA
 
One name unify them all
One name unify them allOne name unify them all
One name unify them allBizTalk360
 
Combatting Cyberthreats with Microsoft Defender 365 - CollabDays Finland 2023
Combatting Cyberthreats with Microsoft Defender 365 - CollabDays Finland 2023Combatting Cyberthreats with Microsoft Defender 365 - CollabDays Finland 2023
Combatting Cyberthreats with Microsoft Defender 365 - CollabDays Finland 2023Michael Noel
 
Microsoft 365 eEnterprise E5 Overview
Microsoft 365 eEnterprise E5 OverviewMicrosoft 365 eEnterprise E5 Overview
Microsoft 365 eEnterprise E5 OverviewDavid J Rosenthal
 
How to Extend Security and Compliance Within Box
How to Extend Security and Compliance Within BoxHow to Extend Security and Compliance Within Box
How to Extend Security and Compliance Within BoxElastica Inc.
 

Similar to Techorama - Shadow IT with Cloud Apps (20)

Get Ahead of Cyber Attacks with Microsoft Enterprise Mobility + Security
Get Ahead of Cyber Attacks with Microsoft Enterprise Mobility + SecurityGet Ahead of Cyber Attacks with Microsoft Enterprise Mobility + Security
Get Ahead of Cyber Attacks with Microsoft Enterprise Mobility + Security
 
Information protection & classification
Information protection & classificationInformation protection & classification
Information protection & classification
 
Security As A Service
Security As A ServiceSecurity As A Service
Security As A Service
 
Xylos Clients Day - Public cloud and security go hand in hand, if you approac...
Xylos Clients Day - Public cloud and security go hand in hand, if you approac...Xylos Clients Day - Public cloud and security go hand in hand, if you approac...
Xylos Clients Day - Public cloud and security go hand in hand, if you approac...
 
Securing your Organization with Microsoft 365
Securing your Organization with Microsoft 365Securing your Organization with Microsoft 365
Securing your Organization with Microsoft 365
 
Microsoft Zero Trust
Microsoft Zero TrustMicrosoft Zero Trust
Microsoft Zero Trust
 
Value Microsoft 365 E5 English
Value Microsoft 365 E5 EnglishValue Microsoft 365 E5 English
Value Microsoft 365 E5 English
 
Microsoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewMicrosoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 Overview
 
Identity and Data protection with Enterprise Mobility Security in ottica GDPR
Identity and Data protection with Enterprise Mobility Security in ottica GDPRIdentity and Data protection with Enterprise Mobility Security in ottica GDPR
Identity and Data protection with Enterprise Mobility Security in ottica GDPR
 
Sikkerhed & Compliance i en cloud-verden
Sikkerhed & Compliance i en cloud-verdenSikkerhed & Compliance i en cloud-verden
Sikkerhed & Compliance i en cloud-verden
 
CIO Forum June Microsoft.pdf
CIO Forum June Microsoft.pdfCIO Forum June Microsoft.pdf
CIO Forum June Microsoft.pdf
 
Gestión de identidad
Gestión de identidadGestión de identidad
Gestión de identidad
 
Enterprise Mobility+Security Overview
Enterprise Mobility+Security Overview Enterprise Mobility+Security Overview
Enterprise Mobility+Security Overview
 
Microsoft Intune y Gestión de Identidad Corporativa
Microsoft Intune y Gestión de Identidad Corporativa Microsoft Intune y Gestión de Identidad Corporativa
Microsoft Intune y Gestión de Identidad Corporativa
 
Protect your data in / with the Cloud
Protect your data in / with the CloudProtect your data in / with the Cloud
Protect your data in / with the Cloud
 
One name unify them all
One name unify them allOne name unify them all
One name unify them all
 
Combatting Cyberthreats with Microsoft Defender 365 - CollabDays Finland 2023
Combatting Cyberthreats with Microsoft Defender 365 - CollabDays Finland 2023Combatting Cyberthreats with Microsoft Defender 365 - CollabDays Finland 2023
Combatting Cyberthreats with Microsoft Defender 365 - CollabDays Finland 2023
 
Security management
Security managementSecurity management
Security management
 
Microsoft 365 eEnterprise E5 Overview
Microsoft 365 eEnterprise E5 OverviewMicrosoft 365 eEnterprise E5 Overview
Microsoft 365 eEnterprise E5 Overview
 
How to Extend Security and Compliance Within Box
How to Extend Security and Compliance Within BoxHow to Extend Security and Compliance Within Box
How to Extend Security and Compliance Within Box
 

Recently uploaded

A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGSujit Pal
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 

Recently uploaded (20)

A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAG
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 

Techorama - Shadow IT with Cloud Apps

  • 1.
  • 2. INFORMATION PROTECTION & CLOUD APP SECURITY
  • 3. About me .. @vrykodee David De Vos Solutions Architect / Security Evangelist Synergics David.DeVos@synergics.be
  • 4. Microsoft Enterprise Mobility + Security Apps Risk MICROSOFT INTUNE Make sure your devices are compliant and secure, while protecting data at the application level AZURE ACTIVE DIRECTORY Ensure only authorized users are granted access to personal data using risk-based conditional access MICROSOFT CLOUD APP SECURITY Gain deep visibility, strong controls and enhanced threat protection for data stored in cloud apps AZURE INFORMATION PROTECTION Classify, label, protect and audit data for persistent security throughout the complete data lifecycle MICROSOFT ADVANCED THREAT ANALYTICS Detect breaches before they cause damage by identifying abnormal behavior, known malicious attacks and security issues ! Device ! Access granted to data CONDITIONAL ACCESS Classify LabelAudit Protect ! ! Location
  • 5. Authentication & collaboration RMS connector Authorization requests via federation (optional) Data protection for organizations at different stages of cloud adoption Ensures security because sensitive data is never sent to the RMS server Integration with on-premises assets with minimal effort Hold your key on premises AAD Connect ADFS HYOK Service supplied Key BYOK Azure Information Protection Architecture
  • 7. Azure Information Protection SECRET CONFIDENTIAL INTERNAL NOT RESTRICTED IT admin can set policies, templates, and rules. Classifications, labels and encryption can be applied automatically based on file source, context, and content EMS extends Office 365 manual protection of files with automatic protection to ensure policy compliance Encryption stays with the file wherever it goes, internally and externally Files can be tracked by sender and access revoked if needed Classification and labeling Classify data based on sensitivity and add labels—manually or automatically Protection Encrypt sensitive data & define usage rights, add visual markings when needed Monitoring Detailed tracking and reporting to maintain control over shared data
  • 8. PERSONAL HIGHLY CONFIDENTIAL CONFIDENTIAL GENERAL PUBLIC You can override a classification and optionally be required to provide a justification. Manual reclassification Policies can be set by IT Admins for automatically applying classification and protection to data. Automatic classification Users can choose to apply a sensitivity label to the email or file they are working on with a single click. User-specified classification Types of classification Based on the content you’re working on, you can be prompted with suggested classification. Recommended classification
  • 10. VIEW EDIT COPY PASTE Email attachment FILE Protect data needing protection by: Encrypting data Including authentication requirement and a definition of use rights (permissions) to the data Providing protection that is persistent and travels with the data Granular Information Protection Personal apps Corporate apps
  • 11. User based protection Manual (right-click) and protection for non-Office files Label and protect any file through the windows shell-explorer Select either one file, multiple files or a folder and apply a label
  • 12. AIP PowerShell and Scanner Bulk classification for data at rest using PowerShell Scan and classify your on-premises file shares using PowerShell Query for file labels and protection attributes Scan folders in report-only mode Set a label and/or protection for documents stored locally or on file shares
  • 13. Azure Information Protection Scanner Information protection for hybrid scenario  Crawl files stored on file servers and CIFS based storage  Crawl the content of SharePoint Server on prem  Use AIP policies configured to determine classification  Run in “report” or “Label and protect” mode Native Unified Anywhere
  • 15. Automatic Protection Discover personal data with auto-classification Data is auto-classified based on content Sensitive data is automatically detected
  • 17. O365 Message Encryption Anyone, on any Device in any Email client Inside your organization Between your business partners With any of your customers
  • 20. Monitoring Analyze the flow of personal and sensitive data and detect risky behaviors. Distribution visibility Track who is accessing documents and from where. Access logging Prevent data leakage or misuse by changing or revoking document access remotely. Access revocation
  • 24. Best Practices For Getting Started Deploy Azure Information Protection client. During summer it becomes part of Office suites. Start by creating only one or two labels only! Add more labels when they are necessary. It’s easy to create additional labels during evaluation period. Avoid deleting or changing label policies. Use the tool tips and recommendation in Office instead and make sure there is a clear description. Don’t started automation too early, but validate thoroughly with key personas. Make sure to allow automatic label overrides for users. Monitor the frequency and monitor motivations to gather feedback on label automations. Track the protected documents for an unauthorized attempts to open the documents. Last but not least, educate your users on the impact of labels and the importance
  • 26.
  • 27. Shadow IT Insights Cloud App Security
  • 28. Architecture and how it works Discovery • Use traffic logs to discover and analyze which cloud apps are in use • Manually or automatically upload log files for analysis from your firewalls and proxies (Un)Sanctioning • Sanction or block apps in your organization using the cloud app catalog App connectors • Leverage APIs provided by various cloud app providers • Connect an app and extend protection by authorizing access to the app. Cloud App Security queries the app for activity logs and scans data, accounts, and cloud content App connectors Cloud discoveryProtected Cloud apps Cloud traffic Cloud traffic logs Firewalls Proxies Your organization from any location API Cloud App Security
  • 29. Microsoft Cloud App Security Discovery Discover all cloud usage in your organization Information protection Monitor and control your data in the cloud Threat detection Detect usage anomalies and security incidents In-session control Control and limit user access based on session context DISCOVER INVESTIGATE CONTROL PROTECT
  • 30. Discovery Anomalous usage alerts New apps and trending apps alerts Alert on risky cloud usage Discover cloud apps in use across your networks Investigate users and source IP cloud usage Un-sanction, sanction and protect apps Shadow IT discovery Cloud app risk assessment Risk scoring for 13,000+ cloud apps ~60 security and compliance risk factors CASB integration with: Your network appliances
  • 31. Information protection for cloud apps Identify policy violations Investigate incidents and related activities Quarantine and permissions removal Get alerts and investigate Visibility to sharing level and classification labels Quantify exposure and risk Detect and manage 3rd apps access Gain cloud data visibility Enforce DLP policies & control sharing Govern data in the cloud with granular DLP policies: automated or based on classification labels Leverage Microsoft and 3rd party DLP engines for classification CASB integration with: Azure Information Protection, Office 365 Information Protection, 3rd party DLP (private preview)
  • 32. Threat detection Leverage Microsoft Intelligent Security Graph Unique insights, informed by trillions of signals across Microsoft Threat Intelligence Identify anomalies in your cloud environment which may be indicative of a breach Leverage behavioral analytics (each user’s interaction with SaaS apps) to assess risk in each transaction Behavioral analytics Advanced investigation Advanced incident investigation tools Pivot on users, file, activities and locations Customize detections based on your findings Integrates with Microsoft Intelligent Security Graph, 3rd party SIEM
  • 33. Conditional Access: Proxy Control access to cloud apps based on user, location, device and app Identify managed devices via VPN (location based), Domain joined devices, Intune compliant devices or client certificates Supports any SAML-based app, any OS Context-aware session policies Investigate & enforce app and data restrictions Enforce browser-based “view only” mode for low-trust sessions Limit access to sensitive data Classify, label and protect on download Visibility into unmanaged device activity Integrates with Azure Active Directory Unique integration with Azure AD Integral component of Azure AD Conditional Access Simple deployment directly from your Azure AD portal Leverages existing device management mechanisms, no additional deployment required
  • 34. Cloud App Security in-session control Control access to cloud apps based on user, location, device and app Supports any SSO, any SAML- based app, any OS Context-aware session policies Limit sessions of unmanaged devices Enforce browser-based “view only” mode for risky sessions Limit access to sensitive data Integrates with: Azure Active Directory Also works with: 3rd party IDaaS solutions
  • 35. Require MFA Allow access Deny access Force password reset****** Monitor and control access to cloud apps Cloud apps CLOUD APP SECURITY Limit access Policy Proxy
  • 36. Require MFA Allow access Deny access Force password reset****** Monitor and control access to cloud apps Cloud apps CLOUD APP SECURITY Limit access Policy Proxy
  • 37. Cloud App Security Proxy Conditional Access – Protect on Upload USER Role: Marketing Mgr Group: Marketing Users Client: Mobile Config: Corp Proxy Location: London, UK Last Sign-in: 5 hrs ago Platform: Windows Health:Fully patched Config:Managed Last seen: London, UK DEVICE SESSION RISK APP Classification Engine
  • 38. Cloud App Security Proxy Conditional Access – Block on download USER Role: Marketing Mgr Group: Marketing Client: Mobile Config: Open Location: UNKNOWN Last Sign-in: 8 hrs ago Platform: Windows Health:Fully patched Config:Managed Last seen: London, UK DEVICE SESSION RISK APP Unfamiliar IP address. Block on download
  • 39. Cloud App Security Policies & Alerting Access/Session policies Activity Policies Anomaly Detection/Discovery Policies App Discovery Policies File Policies
  • 40. O365 Cloud App Security vs. Microsoft Cloud App Security Microsoft Cloud App Security Office 365 Cloud App Security Cloud Discovery Discovered apps 15,000 + cloud apps 750+ cloud apps with similar functionality to Office 365 Deployment for discovery analysis Manual and automatic log upload Manual log upload Log anonymization for user privacy Yes Yes Access to full Cloud App Catalog Yes Cloud app risk assessment Yes Cloud usage analytics per app, user, IP address Yes Ongoing analytics & reporting Yes Anomaly detection for discovered apps Yes Information Protection Data Loss Prevention (DLP) support Cross-SaaS DLP and data sharing control Uses existing Office DLP (available in Office E3 and above) App permissions and ability to revoke access Yes Yes Policy setting and enforcement Yes Integration with Azure Information Protection Yes Integration with third party DLP solutions Yes Threat Detection Anomaly detection and behavioral analytics For Cross-SaaS apps including Office 365 For Office 365 apps Manual and automatic alert remediation Yes Yes SIEM connector Yes. Alerts and activity logs for cross-SaaS apps. Yes. Office 365 alerts only. Integration to Microsoft Intelligent Security Graph Yes Yes Activity policies Yes Yes https://docs.microsoft.com/en-us/cloud-app-security/
  • 41. Let’s see it .. in action