Introduction To Microsoft Cloud App Security

Introduction

Security is the million-dollar question for organizations who are moving to the cloud from on-premise. They want their data and applications to be as secure as possible from attacks like phishing, hacking, data breaches, insecure APIs, and recent threats that have come up, namely Ransomware and WannaCry. Like other IT giants, Microsoft is working hard to get its cloud security tight using various tools and technologies, and one of them is Cloud App Security.

Cloud App Security is a solution that gives organizations visibility and control with high-level protective measures for their applications and data. With this solution, you have features like disclosing shadow IT, finding risks, applying the best security policies and managing alerts.

Technical Explanation

Technically, it has three frameworks that do all the jobs. They are,

  1. Cloud Discovery
    It takes care of discovering the Shadow IT and performing risk assessments to applications and files.

  2. Data Protection
    This part of CAS manages alerts, policies, and visibility of threats.

  3. Threat Protection
    This part of CAS finds the anomalies and security threats.

If we look at the architecture of CAS, we can have an idea of how these above-mentioned frameworks work and are inter-connected.

Cloud App Security

In simple words, here is what is happening in the above architecture,

  • The Cloud Apps (i.e. Office 365 Apps, Google Drive, Box, Dropbox etc) are connected via APIs.
  • These APIs use App Connectors to get the data from their respective servers.
  • Cloud Discovery then assess the data, manages risk assessment.
  • Sanction and Un-sanction the applications from Cloud App Catalog which currently has over 15000 applications registered.
  • Proxy protection in CAS prevents attacks on files or applications. For example, blocking the downloads, gain visibility for unmanaged devices and suspicious IP addresses etc.

Endnote

There is a lot more to explore in Cloud App Security. For that, I suggest you to start using CAS by activating its 30-day trial. Go ahead and visit this link to get your Cloud App Security trial.