Microsoft Cloud App Security Now Generally Available - InformationWeek
IoT
IoT
IT Leadership // Security & Risk Strategy
News
4/6/2016
02:05 PM
Connect Directly
Twitter
LinkedIn
Google+
RSS
E-Mail
50%
50%

Microsoft Cloud App Security Now Generally Available

Microsoft rolls out Cloud App Security, a new service designed to bring deeper visibility and stronger control to IT and security teams managing cloud apps.

7 Reasons To Convert To A Private Cloud
7 Reasons To Convert To A Private Cloud
(Click image for larger view and slideshow.)

Microsoft is making its Cloud App Security service generally available to help businesses gain greater protection, deeper visibility, and stronger control over their cloud applications.

Industry trends indicate most modern companies use cloud-based apps. Soon, more corporate data will be stored in the cloud rather than on-premises, explained Microsoft in a blog post on the release.

As businesses increase their cloud usage, so too do consumers. Even companies without official SaaS applications have significant shadow IT usage of cloud. Microsoft noted past consumer surveys have revealed over 80% of employees use unapproved SaaS for business -- and those are just the participants who admitted to it.

[Microsoft Outlook Premium has entered beta testing.]

The enterprise security risk of Shadow IT is growing. An average employee uses 17 cloud apps, but their employers have no idea what they're using or whether anything they are using meets security and compliance requirements.

In 91% of businesses, workers give their personal accounts access to the corporate cloud storage, according to Microsoft.

Learn to integrate the cloud into legacy systems and new initiatives. Attend the Cloud Connect Track at Interop Las Vegas, May 2-6. Register now!

Cloud App Security is a cloud-delivered service built for security, and IT teams, to gain more visibility into how cloud apps are used and control them via policy. Teams can design a process for securing cloud use -- a process that ranges from discovery and investigation capabilities to more detailed management control.

There are two main components to Cloud App Security: cloud usage discovery and app control.

The service identifies all cloud apps across the network, and across all devices, through a feature called App Discovery. It also provides ongoing risk assessment, risk-scoring, and analytics.

Data Control is another capability that lets admins focus on sanctioned apps. This gives them the option to use API-based integration to set controls for data-sharing and loss prevention. Teams can opt to use out-of-the-box policies or to create their own.

Cloud App Security also comes with threat protection for enterprise cloud apps, which uses behavioral analytics and anomaly detection to pinpoint areas of risk.

The need for greater visibility and control with cloud apps is nothing new. However, most customers limit their tools to basic discovery capabilities and fail to maximize their use of cloud control, Microsoft explained. There is still a need for a solution that can address security issues across data, devices, apps, and identity.

(Image: Microsoft)

(Image: Microsoft)

The creation of Cloud App Security is a result of Microsoft's investment in Adallom, an Israeli cloud security firm Redmond purchased for $320 million in July 2015. Adallom's focus was on cloud access security.

At the time its acquisition was first reported, people familiar with the deal reported Adallom's 90 employees would continue operating from Israel and work on Microsoft's cyber-security operations there. The Adallom purchase marked the latest in a string of acquisitions for Microsoft, which had previously snapped up Aorato and Equivio.

The rollout of Cloud App Security marks the latest addition to a secure platform Microsoft is building, first announced in February. In a blog post detailing the need for new technologies to protect and detect security posture, Microsoft CISO Bret Arsenault promised Cloud App Security would be available in April 2016.

Those interested in testing Cloud App Security can request a trial period for the service, and also access technical documents to help along the way.

Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial ... View Full Bio

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Charlie Babcock
50%
50%
Charlie Babcock,
User Rank: Author
4/7/2016 | 3:28:02 PM
Best user practices on a plate
What Microsoft has done here is far-sighted. It's taken over some responsibility for security on the user side of the fence and made it available as a service. All public cloud providers should be doing this, and some third parties are doing it for Amazon Web Services. But there's probably much more to be done. The cloud represents a split in security responsibilities between customer and provider, and Microsoft has offered some best practices on a plate to customers.
News
A Data-Centric Approach to the US Census
James M. Connolly, Executive Managing Editor, InformationWeekEditor in Chief,  10/12/2018
News
10 Top Strategic Predictions for 2019
Jessica Davis, Senior Editor, Enterprise Apps,  10/17/2018
Commentary
AI & Machine Learning: An Enterprise Guide
James M. Connolly, Executive Managing Editor, InformationWeekEditor in Chief,  9/27/2018
Register for InformationWeek Newsletters
Video
Current Issue
The Next Generation of IT Support
The workforce is changing as businesses become global and technology erodes geographical and physical barriers.IT organizations are critical to enabling this transition and can utilize next-generation tools and strategies to provide world-class support regardless of location, platform or device
White Papers
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll