Microsoft Cloud App Security Now Generally Available - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IT Leadership // Security & Risk Strategy
02:05 PM
Connect Directly

Microsoft Cloud App Security Now Generally Available

Microsoft rolls out Cloud App Security, a new service designed to bring deeper visibility and stronger control to IT and security teams managing cloud apps.

7 Reasons To Convert To A Private Cloud
7 Reasons To Convert To A Private Cloud
(Click image for larger view and slideshow.)

Microsoft is making its Cloud App Security service generally available to help businesses gain greater protection, deeper visibility, and stronger control over their cloud applications.

Industry trends indicate most modern companies use cloud-based apps. Soon, more corporate data will be stored in the cloud rather than on-premises, explained Microsoft in a blog post on the release.

As businesses increase their cloud usage, so too do consumers. Even companies without official SaaS applications have significant shadow IT usage of cloud. Microsoft noted past consumer surveys have revealed over 80% of employees use unapproved SaaS for business -- and those are just the participants who admitted to it.

[Microsoft Outlook Premium has entered beta testing.]

The enterprise security risk of Shadow IT is growing. An average employee uses 17 cloud apps, but their employers have no idea what they're using or whether anything they are using meets security and compliance requirements.

In 91% of businesses, workers give their personal accounts access to the corporate cloud storage, according to Microsoft.

Learn to integrate the cloud into legacy systems and new initiatives. Attend the Cloud Connect Track at Interop Las Vegas, May 2-6. Register now!

Cloud App Security is a cloud-delivered service built for security, and IT teams, to gain more visibility into how cloud apps are used and control them via policy. Teams can design a process for securing cloud use -- a process that ranges from discovery and investigation capabilities to more detailed management control.

There are two main components to Cloud App Security: cloud usage discovery and app control.

The service identifies all cloud apps across the network, and across all devices, through a feature called App Discovery. It also provides ongoing risk assessment, risk-scoring, and analytics.

Data Control is another capability that lets admins focus on sanctioned apps. This gives them the option to use API-based integration to set controls for data-sharing and loss prevention. Teams can opt to use out-of-the-box policies or to create their own.

Cloud App Security also comes with threat protection for enterprise cloud apps, which uses behavioral analytics and anomaly detection to pinpoint areas of risk.

The need for greater visibility and control with cloud apps is nothing new. However, most customers limit their tools to basic discovery capabilities and fail to maximize their use of cloud control, Microsoft explained. There is still a need for a solution that can address security issues across data, devices, apps, and identity.

(Image: Microsoft)

(Image: Microsoft)

The creation of Cloud App Security is a result of Microsoft's investment in Adallom, an Israeli cloud security firm Redmond purchased for $320 million in July 2015. Adallom's focus was on cloud access security.

At the time its acquisition was first reported, people familiar with the deal reported Adallom's 90 employees would continue operating from Israel and work on Microsoft's cyber-security operations there. The Adallom purchase marked the latest in a string of acquisitions for Microsoft, which had previously snapped up Aorato and Equivio.

The rollout of Cloud App Security marks the latest addition to a secure platform Microsoft is building, first announced in February. In a blog post detailing the need for new technologies to protect and detect security posture, Microsoft CISO Bret Arsenault promised Cloud App Security would be available in April 2016.

Those interested in testing Cloud App Security can request a trial period for the service, and also access technical documents to help along the way.

Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial ... View Full Bio

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Charlie Babcock
Charlie Babcock,
User Rank: Author
4/7/2016 | 3:28:02 PM
Best user practices on a plate
What Microsoft has done here is far-sighted. It's taken over some responsibility for security on the user side of the fence and made it available as a service. All public cloud providers should be doing this, and some third parties are doing it for Amazon Web Services. But there's probably much more to be done. The cloud represents a split in security responsibilities between customer and provider, and Microsoft has offered some best practices on a plate to customers.
InformationWeek Is Getting an Upgrade!

Find out more about our plans to improve the look, functionality, and performance of the InformationWeek site in the coming months.

Becoming a Self-Taught Cybersecurity Pro
Jessica Davis, Senior Editor, Enterprise Apps,  6/9/2021
Ancestry's DevOps Strategy to Control Its CI/CD Pipeline
Joao-Pierre S. Ruth, Senior Writer,  6/4/2021
IT Leadership: 10 Ways to Unleash Enterprise Innovation
Lisa Morgan, Freelance Writer,  6/8/2021
White Papers
Register for InformationWeek Newsletters
Current Issue
Planning Your Digital Transformation Roadmap
Download this report to learn about the latest technologies and best practices or ensuring a successful transition from outdated business transformation tactics.
Flash Poll