Threat Response Strategy
Cloud Access Security Broker
Cloud App Security
This course will explore best practices and fundamentals using Microsoft 365’s Secure Score as a primary barometer to measure protection and readiness as well as timely and effective responses to threat incidents. After completing lessons and watching video demos, students should be equipped with the knowledge and skills to protect themselves and their organizations.
- Evaluate and manage Microsoft Office 365 tenant security using Secure Score
- Manage incident investigation
- Review and manage Microsoft 365 security alerts
- General cybersecurity enthusiasts who want to stay current with best practices
- People studying for the Microsoft MS-101 exam
- Cyber security professionals/administrators responsible for the safety of an organization
- Basic understanding of Office/Microsoft 365
- Basic understanding of computer networking
- General knowledge of different threat types
In this video, we'll be discussing Microsoft's CASB solution. So, if you didn't already know, CASB, C-A-S-B, is an acronym that stands for Cloud Access Security Broker. Now, what exactly is a Cloud Access Security Broker? Well, the technical definition provided to us by Gartner, who actually coined the term, is that CASBs are on-premise or cloud-based security policy enforcement points placed between cloud Service consumers and cloud service providers to combine and interject enterprise security policies as the cloud-based resources are accessed.
Now, that's a lot of fancy technical mumbo-jumbo. I like to think of CASBs as a crossing guard directing two-way oncoming traffic, including pedestrians crossing the street, making sure that everybody is safe and no one gets hurt. Now in the IT world, a CASB is something that is the responsibility of your organization, specifically your IT team. And in this video, we're going to introduce Microsoft's CASB solution called Cloud App Security.
In this day and age, many of us no longer have a data center where all our apps and services are stored. Instead, we've moved them into the cloud, across dozens, hundreds, maybe even thousands of server forms. This enables the flexibility and convenience of accessing those resources from virtually any location and on any device. But with this increased flexibility and convenience also comes a new challenge and complexities for keeping your organization safe and secure.
So, as previously mentioned, the trick is to find the right balance of supporting access and convenience while maintaining a certain degree of control to protect critical data. The first step is to use Microsoft's Cloud App Security to identify Shadow IT, which are applications unsanctioned by your organization. Fortunately, Microsoft Cloud App Security provides us a feature with cloud discovery that helps us quickly identify which apps are being used and what their risk levels are. This is a frequently underestimated aspect of cybersecurity posture. And your average organization has about 80% of employees utilizing shadow IT, or non-sanctioned apps, that no one has reviewed and may not be compliant with your company's security policies. And because employees also have access to corporate resources and data from outside the network, it's no longer enough to have rules and policies on your firewall.
After gathering data on all shadow IT, you can move on to the second step, which is evaluation and analysis. We need to check the compliance of each application to make sure they meet our organization's standards, such as the HIPAA or GDPR compliance protocols, for example. So, you can determine whether or not you want the app to be used and allowed in your organization and investigate how it's being used all to make an informed decision. And lastly, we can tag these apps to classify them specifically for monitoring purposes or to deny access to certain cloud applications. And for continuous compliance, we can define policies that monitor all of the above. In the next video, we will jump into a demo and take a look at a few use cases.
Aaron has been in the IT industry for 10 years servicing a variety of industries, from small retail businesses to multi-billion dollar hedge funds. Specializing in workflow optimization, he has helped users at all levels increase their productivity and efficiency ranging from tasks like taking medical offices to paperless, to administering patch management, JIRA, Confluence, and other project management platforms.
Prior to starting his IT career, Aaron was a test prep teacher, helping high school students improve their standardized test scores for college admissions. He joins Cloud Academy to combine his two passions, technology and teaching.