Learn what CAS does and why it's important.
- [Instructor] Shadow IT is one of the big buzz words these days with it being so easy for people to be able to purchase IT services now that they're all hosted in the cloud. When end users need to be able to get something done, before they would go to IT and they would have to wait for however long it took for their request to be fulfilled. Today, they can take their credit card and they can purchase something online, and be up and running in a matter of minutes. While this is great for productivity and from the end users' perspective, from the business and the IT perspective there's a huge amount of risk to this. Company data and intellectual property now live someplace that IT has no control over and all the risks that come with this, whether it's the risk of something being leaked, or a secret being discovered, or a compliance risk, or anything like that, there's no way for IT to protect the business from that.
Of course, that's typically unacceptable. Microsoft Cloud App Security is potentially a solution to this. It's a cloud based service that Microsoft hosts and runs, and what it lets you do is it gives you a ton of insight and control into what cloud apps people are accessing, as well as what they're doing in those applications. You can think of Cloud App Security as a platform that you can build rules on top of, can meet your compliance requirements, can meet your security requirements and so forth. Because it's able to look into what cloud apps people are using, and in the case of certain cloud apps to actually look into what's happening inside that application, you can use it to identify risks and create alerts based on that, and even take action automatically based on the behaviors that you detect.
For example, perhaps someone uploads a document to Box that includes data that the company doesn't allow to be stored in a cloud service. Cloud App Security can automatically detect that and take action so that you can respond. The way Cloud App Security does this, it integrates with your firewalls, your firewalls send log data to Cloud App Security, Cloud App Security is able to use that log data to figure out what websites and SAS applications end users are accessing, and provide that in a really useful dashboard.
For all the cloud apps that Cloud App Security knows about, it's able to supply risk scores so that you can sort that list and decide which ones are worth time investigating. Based on those risk scores, you can even create alerts, so that you're automatically notified when people are accessing these applications. On top of this, there are certain applications that Cloud App Security is able to look directly into, so you get even deeper insight, not only into what applications people are accessing, what they're doing as well. With this information, you can now manage risk either through alerts to IT or on an automatic basis.
Based on the data that's in play and the roles that you've configured, you can let Cloud App Security make decisions for you and do things like control whether or not users have access to that data or take action to remove high-risk data from cloud sites where it doesn't belong. You can even configure this to work with Azure Information Protection, so that you can apply protection dynamically to data that matches roles in Cloud App Security.
- Authentication options with Azure AD
- Configuring Azure AD Connect for sync and authentication
- Securing remote access with the Azure Application Proxy
- Managing apps and devices with Intune
- Building and deploying a basic Intune policy for iOS or Android
- Protecting data beyond the firewall with Azure Information Protection (AIP)
- Configuring AIP classification labels and protection
- Integrating Exchange and SharePoint with AIP
- Managing risk with Advanced Threat Analytics
- Connecting Office 365 to cloud app security