• Latest
  • Trending
  • All
  • News
  • Business
  • Politics
  • Science
  • World
  • Lifestyle
  • Tech
Microsoft extends security for Azure Storage file shares, data lakes

Cloud computing security: These two Microsoft tools can help you battle shadow IT

November 18, 2020
How to use Microsoft Sysmon, Azure Sentinel to log security events

Microsoft Cloud Announces Three New Vertical Cloud Solutions

February 26, 2021
Innovative solutions for IT workers at home

Privacera Announces Partnership with Talend for Rapid Cloud Data Integration and Governance with Automated Privacy and Compliance

February 26, 2021
Innovative solutions for IT workers at home

What is database encryption?

February 26, 2021
A moment of reckoning: the need for a strong and global cybersecurity response

Microsoft Releases Azure Firewall Premium in Public Preview

February 26, 2021
Telecom Provider Migrates Confidently to Microsoft Azure with Fortinet’s Dynamic Cloud Security Solutions

Veeam Backup & Replication 11: Enhanced data management for a multi-cloud environment

February 25, 2021
8×8 makes raft of updates to platform

Advancing the Orchestration of Distributed Edge Applications, ZEDEDA Integrates with Microsoft Azure IoT

February 25, 2021
A moment of reckoning: the need for a strong and global cybersecurity response

Cloud Security in Banking Market to Witness Huge Growth by 2026 | Microsoft Azure, Trend Micro, Salesforce

February 25, 2021
Innovative solutions for IT workers at home

ZEDEDA Announces Integration with Microsoft Azure IoT to Seamlessly and Securely Orchestrate Distributed Edge Computing Workloads at Scale

February 24, 2021
A moment of reckoning: the need for a strong and global cybersecurity response

ZEDEDA integrates with Microsoft Azure IoT to provide full lifecycle management capabilities

February 24, 2021
Innovative solutions for IT workers at home

SolarWinds Attack: Proof That On-Premises Active Directory Still an Effective Initial Access Vector

February 23, 2021
A moment of reckoning: the need for a strong and global cybersecurity response

Microsoft Affirms Solorigate Attackers Saw Azure, Intune and Exchange Source Code

February 23, 2021
How to use Microsoft Sysmon, Azure Sentinel to log security events

OPS101 – Securing your Hybrid environment – Part 1 – Azure Security Center

February 22, 2021
  • About
  • Advertise
  • Privacy & Policy
  • Contact
Sunday, February 28, 2021
  • Login
Azure Security News
  • Home
    • Home – Layout 1
    • Home – Layout 2
    • Home – Layout 3
    • Home – Layout 4
    • Home – Layout 5
  • News
    • All
    • Business
    • Politics
    • Science
    • World
    How to use Microsoft Sysmon, Azure Sentinel to log security events

    Microsoft Cloud Announces Three New Vertical Cloud Solutions

    Innovative solutions for IT workers at home

    Privacera Announces Partnership with Talend for Rapid Cloud Data Integration and Governance with Automated Privacy and Compliance

    Innovative solutions for IT workers at home

    What is database encryption?

    A moment of reckoning: the need for a strong and global cybersecurity response

    Cloud Security in Banking Market to Witness Huge Growth by 2026 | Microsoft Azure, Trend Micro, Salesforce

    Innovative solutions for IT workers at home

    ZEDEDA Announces Integration with Microsoft Azure IoT to Seamlessly and Securely Orchestrate Distributed Edge Computing Workloads at Scale

    A moment of reckoning: the need for a strong and global cybersecurity response

    ZEDEDA integrates with Microsoft Azure IoT to provide full lifecycle management capabilities

    Innovative solutions for IT workers at home

    SolarWinds Attack: Proof That On-Premises Active Directory Still an Effective Initial Access Vector

    A moment of reckoning: the need for a strong and global cybersecurity response

    Microsoft Affirms Solorigate Attackers Saw Azure, Intune and Exchange Source Code

    8×8 makes raft of updates to platform

    Indonesian Mobile Operator Selects NTT for Microsoft Security Project

    Microsoft To Build New Azure Cloud Data Centers In Greece

    NTT completes Microsoft security project for Indonesian mobile operator

    Trending Tags

    • Donald Trump
    • Future of News
    • Climate Change
    • Market Stories
    • Election Results
    • Flat Earth
  • Tech
    • All
    • Apps
    • Gear
    • Mobile
    • Startup
    A moment of reckoning: the need for a strong and global cybersecurity response

    Microsoft Releases Azure Firewall Premium in Public Preview

    Telecom Provider Migrates Confidently to Microsoft Azure with Fortinet’s Dynamic Cloud Security Solutions

    Veeam Backup & Replication 11: Enhanced data management for a multi-cloud environment

    8×8 makes raft of updates to platform

    Advancing the Orchestration of Distributed Edge Applications, ZEDEDA Integrates with Microsoft Azure IoT

    How to use Microsoft Sysmon, Azure Sentinel to log security events

    OPS101 – Securing your Hybrid environment – Part 1 – Azure Security Center

    A moment of reckoning: the need for a strong and global cybersecurity response

    Microsoft Ending Azure Information Protection Connections to Microsoft Defender for Endpoint

    Microsoft To Open Azure Cloud Data Center Region In Spain

    EMC Corporation Townsend security Hewlett-Packard Enterprise Gemalto N.V. Microsoft Azure Google Thales e-security International Business Machines (IBM) Broadcom

    A moment of reckoning: the need for a strong and global cybersecurity response

    Azure Engineer at VillageMD

    Innovative solutions for IT workers at home

    How to Sync On-Premise Active Directory Passwords with Office 365 and Google Apps in Real-Time

    Microsoft Azure Forms Collaboration to Enhance AI in Healthcare

    Azure Defender is now available for all IoT and OT devices

    Telecom Provider Migrates Confidently to Microsoft Azure with Fortinet’s Dynamic Cloud Security Solutions

    Google and Microsoft ID Group Targeting Security Researchers

    Trending Tags

    • Flat Earth
    • Sillicon Valley
    • Mr. Robot
    • MotoGP 2017
    • Golden Globes
    • Future of News
  • Entertainment
    • All
    • Gaming
    • Movie
    • Music
    • Sports
    Microsoft Flight Simulator Continues to Look Stunning in New Snow Video

    Microsoft Flight Simulator Continues to Look Stunning in New Snow Video

    Meet the woman who’s making consumer boycotts great again

    New campaign wants you to raise funds for abuse victims by ditching the razor

    Twitter tweaks video again, adding view counts for some users

    A beginner’s guide to the legendary Tim Tam biscuit, now available in America

    People are handing out badges at Tube stations to tackle loneliness

    Trump’s H-1B Visa Bill spooks India’s IT companies

    Magical fish basically has the power to conjure its own Patronus

    This Filipino guy channels his inner Miss Universe by strutting in six-inch heels and speedos

    Oil spill off India’s southern coast leaves fisherman stranded, marine life impacted

  • Lifestyle
    • All
    • Fashion
    • Food
    • Health
    • Travel
    Microsoft Seriously Beefs Up Security in Windows Server 2019

    Microsoft Offers More ‘Solorigate’ Advice Using Microsoft 365 Defender Tools

    A moment of reckoning: the need for a strong and global cybersecurity response

    Solar Winds, Office 365 & Shipbuilding…

    Aruba ClearPass Policy Manager Integrates with Microsoft

    Imprivata Expands Collaboration with Microsoft on New Digital Identity Innovations

    Microsoft Seriously Beefs Up Security in Windows Server 2019

    Microsoft Canada’s 10 biggest stories of 2020

    FAA issues new proposed Boeing 737 MAX pilot training procedures

    FAA issues new proposed Boeing 737 MAX pilot training procedures

    AMD breaks revenue records for 2019 and 4Q

    AMD breaks revenue records for 2019 and 4Q

    Microsoft and Analog Devices pair on 3D imaging tech

    Microsoft and Analog Devices pair on 3D imaging tech

    Microsoft is killing off insecure Cloud App Security cipher suites

    Microsoft is killing off insecure Cloud App Security cipher suites

    Rap group call out publication for using their image in place of ‘gang’

    Meet the woman who’s making consumer boycotts great again

    Trending Tags

    • Golden Globes
    • Mr. Robot
    • MotoGP 2017
    • Climate Change
    • Flat Earth
No Result
View All Result
Azure Security News
No Result
View All Result
Home Uncategorized

Cloud computing security: These two Microsoft tools can help you battle shadow IT

by AZURE SECURITY NEWS EDITOR
November 18, 2020
in Uncategorized
0
Microsoft extends security for Azure Storage file shares, data lakes
496
SHARES
1.4k
VIEWS
Share on FacebookShare on Twitter

Finding what cloud services employees are using is half the battle–integrating Microsoft Cloud App Security and Defender Advanced Threat Protection lets you track, block, or audit cloud app usage.

Shadow IT used to mean someone writing Excel macros or setting up an unofficial file server for their team. Now, putting AWS and Salesforce subscriptions on the company credit card or using Dropbox to share documents with suppliers and partners is just the tip of the iceberg. The average enterprise has over 1,500 cloud apps in use, most of them not provisioned by the IT team, and is uploading more than 80GB a month to cloud services from within the business.

There are various tools that promise to detect cloud services in use inside your network, usually by scanning network traffic and checking firewall logs (although services like Zylo plug into financial systems to find SaaS subscriptions that departments are buying directly without going through IT). Not only is that cumbersome and likely to impact network speed, but it doesn’t help with remote users: you can only detect and block web applications by sending everyone through your corporate network — something that will be both unpopular and hard to enforce.

You get more control by analysing and controlling cloud app usage on the device directly. Microsoft Cloud App Security (MCAS, a Cloud Application Service Broker, which is itself a cloud service) now includes a shadow IT discovery tool that integrates with Defender ATP to discover cloud app and service usage on any managed device. Defender already monitors what processes are running and what files are being opened as it checks for malware, and that same information lets it report back on what cloud services are being used. It’s an automated process that creates a catalog of cloud apps that are in use, by which users and on which devices, with security and compliance risk scores for each app.

But because MCAS is integrated with Defender, you get the option to block and whitelist apps directly on the device. That works for all devices, not just the ones on the corporate network — and it even lets you enforce read-only access to your corporate resources for external users like suppliers and partners.

Defender ATP can look at the labels you apply with Azure Information Protection, so you can tell when data tagged as sensitive or confidential is being sent to a cloud service (or if files have been downloaded and stored on a device) — in real time, or later on, even if that device is no longer connected for you to scan or available for you to look at physically. Niv Goldenberg, principal group PM manager for cloud security, compares it to a flight recorder: the data is stored for six months in your cloud tenant, so you can go back and audit which files were accessed and what happened to the data if you need to do an investigation, which is an additional layer of protection even for approved cloud applications. 

Once you find shadow IT in use you might block it, but you might also just keep an eye on it.
Image: Microsoft

Cloud app reputation

The idea is to give organisations back the visibility and control over users and data that they lost when SaaS services arrived, Goldenberg told TechRepublic. “If I want to start using a new application, all I need to do is open my browser and type in a URL and I’m using an application that the IT department probably isn’t familiar with and doesn’t have any visibility or control over. Knowing what applications employees are using is one thing, but before you can decide if this is an application I want to encourage employees to use, or an application that I want to block, you need to know whether the application is secure enough. Based on the metrics we see of our customers, typically organisations use more than 1,500 cloud applications and there’s no way an IT admin knows all these applications and how secure they are.”

Shadow IT detection is easy to set up from within the portal where you manage Microsoft Defender ATP.
Image: Microsoft

Getting an audit of even official and approved apps that are in use is often a slow and tedious process, so just being able to see so quickly what cloud apps are being used is handy. But the security and compliance ratings in MCAS also help you understand how cloud services use and protect data, Goldenberg says. “Which of my data goes to the cloud? How is the data stored? Does it encrypt data at rest? Do I have sensitive files that are now publicly shared Is all my data, labelled and protected accurately? What is the risk am I exposing myself to as an organisation when someone uses this application?”

Some of that information is gathered through Microsoft’s automated tools, and by the company’s security researchers who look at new vulnerabilities and new compliance regulations like GDPR or the new California Consumer Privacy Act (CCPA). As a cloud service, MCAS will see new applications being accessed by customers at scale. “We see new URLs and new IPs and we can tell if this is a new application, a new signature for an existing application or something that’s not actually a cloud application,” says Goldenberg. Software vendors can also submit details and customers can ask Microsoft to check a service and rank it (both of those happen within two business days).

You can filter the list of applications by category or drill into the details that make up the overall risk score, down to whether it uses TLS and secure HTTP connections, how often it’s patched, what the data usage policy of the service is and who it’s owned by.

MCAS shows how many users are using how many different applications.
Image: Microsoft

Dashboards show which applications are used and how widely, and what percentage of usage is approved applications versus shadow IT. You’ll also get an alert if vulnerabilities are found in cloud apps that your employees are using.

The Defender information is integrated here too, so you can drill down to individual users, devices and IP addresses and see the volume of data being uploaded or downloaded through the application. “If you see lots of traffic going to a risky application, you can pin down the specific machine initiating this traffic,” Goldenberg says. You can also see if users have different application behaviour on different devices, which might be suspicious — or might tell you that the official app you want everyone to use is just too slow on older desktops, making employees work around it.

With so many cloud services available, the security and compliance ratings are very useful.
Image: Microsoft
Drill in and see the details of why a cloud app gets the security and compliance ranking it does.
Image: Microsoft
Track how many users have seen warnings or been blocked from using a cloud service.
Image: Microsoft

Just blocking a service like that without explaining the problem to employees, or giving them a safe alternative, is setting yourself up for an unending game of ‘whack-a-mole’, because you’ll just have to keep blocking more services. Managing shadow IT is an ongoing process because new applications are always coming along, people change the way they use the cloud over time, and previously approved apps may need to be deprecated later.

Start by tracking what cloud applications are being used, whether they’re the ones you expect, and how they fit in with your application governance policies — which might include temporarily blocking applications while they go through legal review or technical qualification. “If there’s an application that the financial department recently paid a lot of money for and bought a large number of licences, you can track whether it’s actually being used,” says Goldenberg. “If there’s an application you want to deprecate in your organisation because you decided to standardise on Office 365, you can check that the usage of alternatives that aren’t sanctioned — or that you want to stop paying for — is decreasing.”

Changing user behaviour takes more than blocking: you can also warn users so they understand the risk, and redirect them to a company portal listing preferred applications.

“We also have ‘break the glass [in emergency]’ scenarios where you can show the warning so users know this isn’t an application they should use, but they can click to confirm that they have a reason to use something the organisation does not recommend and then they have full access,” Goldenberg says. In future, that will include options to have employees provide a justification for why they need to use that cloud app, or to have their request sent to a manager for approval, with a portal where they can file access requests in advance. Goldenberg also suggests that access will get more granular in future — “It might be allowing limited access for so many minutes or so many days,” he says.

Coaching employees to use those apps is often more effective at a department level: admins can create PDF reports to send to managers showing how many cloud apps their teams are using, and how much data is going through them. You can also analyse the application usage data in Power BI.

Power BI reports let you see more detail or share trends without identifying users and devices.
Image: Microsoft

Collecting this much information about who uses what apps and opens which files could reveal quite a lot about your business, so all the data collected is encrypted and can be anonymised for employee privacy, with multiple roles depending on how much you want admins to see. “We provide the ability to anonymise the data and only de-anonymise it based on a specific business justification, and this is also audited,” Goldenberg says. You can also enable different levels of access in Power BI: a department manager might get to see which machines a particular cloud app is used on, but a firewall or network admin might only get high-level statistics about network usage.

The shadow IT tool is currently available for endpoints running Windows 10 1709 and later (although you’ll need to install an optional update on versions before 1903). It relies on the Defender agent, which Microsoft has already brought to Macs, and Mac support is on the roadmap. “This is security from Microsoft not for Microsoft, and we’ll be expanding these capabilities, as we expand Defender ATP to non-Windows devices,” Goldenberg says.

The same risk assessment is happening for the application marketplaces associated with Microsoft services. MCAS already rates all the applications in the Teams marketplace, and that’s being extended to other Microsoft application ecosystems like Office 365, because add-ons and plugins get access to the data in your tenant. That would give customers more confidence about adopting partner applications in Dynamics, and could be particularly useful if it’s extended to browser extensions for the new Edge.

Reference: https://www.techrepublic.com/article/cloud-computing-security-these-two-microsoft-tools-can-help-you-battle-shadow-it/

Share198Tweet124Share50
AZURE SECURITY NEWS EDITOR

AZURE SECURITY NEWS EDITOR

Related Posts

Microsoft’s CyberX Acquisition Boosts Security of Azure IoT Lineup

Azure Digital Twins now generally available: Create IoT solutions that model the real world

by AZURE SECURITY NEWS EDITOR
December 18, 2020
0

Today, organizations are showing a growing appetite for solutions that provide a deeper understanding of not just assets, but also...

What’s New: Reduce alert noise with Incident settings and alert grouping in Azure Sentinel

by AZURE SECURITY NEWS EDITOR
December 6, 2020
0

This installment is part of a broader series to keep you up to date with the latest features in Azure...

What’s New: Cross Workspace Incident View in Public Preview!

by AZURE SECURITY NEWS EDITOR
December 6, 2020
0

This installment is part of a broader series to keep you up to date with the latest features in Azure...

Microsoft Seriously Beefs Up Security in Windows Server 2019

Get to know cloud IoT services on AWS, Azure and Google Cloud

by AZURE SECURITY NEWS EDITOR
December 6, 2020
0

AWS, Microsoft and Google offer a range of cloud IoT services, as each tries to gain a foothold in this...

  • Trending
  • Comments
  • Latest
Microsoft’s CyberX Acquisition Boosts Security of Azure IoT Lineup

AZURE DEFAULT RESOURCE GROUP AND DEFAULT WORKSPACE: WHAT ARE THEY?

December 14, 2020
Microsoft Seriously Beefs Up Security in Windows Server 2019

TCS Launches Cloud Exponence on Microsoft Azure

January 21, 2021
Microsoft Launches Host of Security Products in Time for RSA

Microsoft to add two new Microsoft 365 security, compliance bundles to its line-up

November 26, 2020

Lady Gaga Pulled Off One of the Best Halftime Shows Ever

0

Barack Obama’s Now Mainly Focusing on Wearing This Casual Backwards Hat

0

Watch Justin Timberlake’s ‘Cry Me a River’ Come to Life in Mesmerizing Dance

0
How to use Microsoft Sysmon, Azure Sentinel to log security events

Microsoft Cloud Announces Three New Vertical Cloud Solutions

February 26, 2021
Innovative solutions for IT workers at home

Privacera Announces Partnership with Talend for Rapid Cloud Data Integration and Governance with Automated Privacy and Compliance

February 26, 2021
Innovative solutions for IT workers at home

What is database encryption?

February 26, 2021
Azure Security News

Copyright © 2020 - Azure Security

Navigate Site

  • About
  • Advertise
  • Privacy & Policy
  • Contact

Follow Us

No Result
View All Result
  • Home
  • News
    • Politics
    • Business
    • World
    • Science
  • Entertainment
    • Gaming
    • Music
    • Movie
    • Sports
  • Tech
    • Apps
    • Gear
    • Mobile
    • Startup
  • Lifestyle
    • Food
    • Fashion
    • Health
    • Travel

Copyright © 2020 - Azure Security

Welcome Back!

Login to your account below

Forgotten Password?

Create New Account!

Fill the forms below to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In