Cloud App Security: Extend Control Over Your Data to the Cloud
At Ignite, Microsoft had showcased the integration between Cloud App Security and Azure Information Protection in the Cloud App Security session and Azure Information Protection session. We are excited to share more about this integration and also demonstrate how it helps in extending security for your data as it travels to the cloud.
With the digital transformation that organizations are going through, data is traveling to more locations than ever before, increasing users’ productivity and ability to access data and collaborate with others. With Azure Information Protection, we’re focused on providing our customers an innovative information protection solution which is adapted to the mobile and cloud-first world and can protect company data wherever it is.
One of the key challenges for information protection solutions today is the lack of visibility and control for data as it is moves to cloud applications. Cloud applications pose a huge challenge for legacy information protection solutions which are not adapted to the cloud. They also create new challenges such as the need to monitor and control sharing of sensitive data with external parties.
Cloud App Security provides a holistic solution to discover, monitor, control and protect activities and data in cloud applications. With this integration, the service can leverage the classification labels set by Azure Information Protection natively and enforce automatic governance actions such as file quarantine and remove sharing based on classification and sharing level of the file. With this integration, Azure Information Protection helps extend control over your data throughout the complete data lifecycle – from creation to storage on-premises and in cloud services to sharing internally or externally to monitoring the distribution of files and finally responding to unexpected activities.
This integration provides following key capabilities:
Visibility into data sharing
When data is created, it is classified and labeled based on its sensitivity, either automatically or manually using Azure Information Protection. This process of classification adds a label to the data, that will persist throughout its entire lifecycle. Users can upload such files to cloud applications and attempt sharing with people inside or outside of their organization. Cloud App Security identifies the sensitivity level of these files, based on their labels set by Azure Information Protection and help you monitor and control such activities. Ex. Admins can query for all Confidential files that are shared publicly over DropBox, Box, SharePoint Online and other cloud services, and take an action upon these activities, such as log, alert, notify the end-user, or even prevent from such files from being shared.
In the below example, a user is working on a file that’s labeled “Confidential”.
He now uploads this file to an internal folder in Box.
He then shares this file, sending the link to the shared file to a colleague at another company. This file now can be accessed freely by any user that has this link.
An action like this can put sensitive organizational data at risk and expose business information.
The security admin in the user’s organization wants to analyze the use of cloud applications employees are using. He logs in to the Cloud App Security console and gets details of all the files that are shared by employees publicly. He sees that the user uploaded a Confidential file into a shared folder in Box. The admin can view all previous access event to this file, and immediately remediate by removing its collaboration rights.
Policies to control sharing
Admins can use the Cloud App Security console to set policies for files sharing – based on their level of sensitivity to the business as set by Azure Information Protection. In case of unexpected sharing of sensitive files, one of the following actions can occur automatically to prevent data loss –
* Files can be put in quarantine
* Sharing can be restricted for the files
* Notification can be sent to users who shared the files
Ex. A policy can be created that looks for classified files that are externally shared and automatically quarantine these files.
Alerts for anomalous behavior
Alerts can be setup to notify admins in case sensitive files are shared unexpectedly. Activities such as sensitive files being shared externally, sensitive files being downloaded from unrecognized locations, or anything that’s considered abnormal in your environment can fire alerts to help admins with proactive investigation.
Cloud App Security and Azure Information Protection together help you gain deeper visibility and control over your data as it travels to the cloud, extending protection for your data throughout the entire data lifecycle. And this is achieved while maintaining user productivity and collaboration.
These capabilities are available today. You can use the Enterprise Mobility + Security E5 trial to try it out. Or email us at [email protected]
- February 2019 (1)
- September 2018 (1)
- August 2018 (2)
- July 2018 (2)
- June 2018 (3)
- May 2018 (2)
- April 2018 (1)
- March 2018 (2)
- February 2018 (2)
- January 2018 (1)
- December 2017 (1)
- November 2017 (2)
- October 2017 (2)
- September 2017 (2)
- August 2017 (2)
- July 2017 (2)
- June 2017 (1)
- May 2017 (3)
- April 2017 (1)
- March 2017 (3)
- February 2017 (2)
- January 2017 (3)
- December 2016 (2)
- November 2016 (2)
- October 2016 (3)
- September 2016 (1)
- July 2016 (1)
- June 2016 (3)
- May 2016 (2)
- April 2016 (5)
- March 2016 (2)
- February 2016 (1)
- January 2016 (4)
- December 2015 (5)
- November 2015 (5)
- October 2015 (5)
- September 2015 (4)