Microsoft Cloud App Security Unmasks Shadow IT

Microsoft's upcoming Cloud App Security offering will help administrators uncover other cloud services that might be used to leak data.

Microsoft,cloud security

Last year, Microsoft acquired Adallom, a security software company focused on safeguarding data in multi-cloud environments. Soon, Adallom's tech will feature in Microsoft's forthcoming Cloud App Security product.

"Today, we are announcing Microsoft Cloud App Security, based on the Adallom technology, will become generally available in April 2016," said Microsoft Chief Information Security Officer Bret Arsenault, in a Feb. 25 announcement. "Microsoft Cloud App Security brings the same level of visibility and control that IT departments have in their on-premises network to their SaaS applications, including apps like Box, Salesforce, ServiceNow, Ariba, and of course, Office 365."

Billing Microsoft Cloud App Security as a cloud access security broker (CASB) solution, the offering will help enterprises lift the veil on shadow IT.

"Office 365 cloud app discovery gives you the ability to understand which other cloud services your users are connecting to. From the Office 365 admin portal, you can view a dashboard on network activity," blogged Rudra Mitra, partner director of program management for Office 365 Information Protection. "For example, you can see where users are storing and collaborating on documents and how much data is being uploaded to apps or services outside of Office 365."

Shadow IT is a massive blind spot for enterprise organizations. According to a recent analysis by Cisco, IT departments severely underestimate the number of public cloud services used in their environments. The average large enterprise is linked to a staggering 1,220 public clouds, about 25 times more than the number that IT departments are keeping track of, the analysis shows.

Administrators also will be warned of behavior that places their potentially sensitive information at risk. "Office 365 advanced security alerts alert you to anomalous and suspicious activity so that you can take action," Mitra noted. "The system notifies you of unusual behavior, such as if a user takes an administrative action (like creating a new user) from a location they have never logged onto before."

Finally, administrators will soon have tools to manage access to the ever-growing list of apps that offer Office 365 integrations.

"Office 365 app permissions gives you the ability to approve or revoke permissions for applications accessing Office 365," Mitra added. "For example, you may have users who have approved their CRM [customer relationship management] application to access Office 365 contact data. If that CRM application is a non-sanctioned app that doesn't comply with your business policy, you may want to revoke access."

Microsoft also announced that next week the company will be launching a public beta of its cloud-based Azure Active Directory (AD) Identity Protection service.

"Azure AD Identity Protection helps prevent the use of compromised credentials and user accounts using industry leading, machine learning based, real time detection and automatic mitigation, helping protect all of the cloud and on-premises applications our customers use with Azure AD," explained Microsoft program managers Alex Simons and David Howell in joint Active Directory Team Blog post.

Pedro Hernandez

Pedro Hernandez

Pedro Hernandez is a contributor to eWEEK and the IT Business Edge Network, the network for technology professionals. Previously, he served as a managing editor for the network of...