GETTING STARTED WITH CLOUD APP SECURITY
APPS, DASHBOARDS & ALERTS
This course explores Microsoft Cloud App Security, including what it is, what it offers, and how it's configured. You'll learn about Cloud Discovery and how to configure Microsoft Cloud App Security. You’ll learn about access policies, policy templates, and how to manage OAuth apps, before diving into Cloud App Security log uploads.
We'll also look at app connectors and at the Cloud App Catalog before moving on to the Cloud App Security dashboard and ways to manage alerts. Finally, we'll cover data management reports.
- Get a solid understanding of Microsoft Cloud App Security including what it is, what it offers, and how it's configured
- Learn how to set up access policies and access templates
- Learn how to manage OAuth apps and Cloud App Security uploads
- Understand how app connectors and the Cloud App Catalog add security to your apps
- Learn about Cloud App Security dashboard, how to manage alerts, and how to generate management reports
This course is intended for those who wish to learn how to use Cloud App Security in Microsoft 365.
To get the most out of this course, you should already have some basic knowledge of Microsoft 365.
Hello and welcome to Cloud App Security. What we are going to do in this lesson is take a look at what Cloud App Security is, and at what it offers. We’ll also take a quick look at the architecture of a Cloud App Security deployment.
When an organization moves to the cloud, it needs to find the right balance of simplifying things for end users, but it also has to maintain control and ensure that critical data remains protected.
Microsoft Cloud App Security is a tool that allows organizations to do just that.
Microsoft Cloud App Security is what is known as a Cloud Access Security Broker, or CASB, that offers log collection, API connectors, and a reverse proxy. It’s a tool that provides organizations with control over data travel and analytics that can be used to identify and mitigate cyberthreats across all Microsoft and third-party cloud services.
So, what exactly is a Cloud Access Security Broker anyway?
A Cloud App Security Broker is used to protect an organization's use of cloud services. It does so by enforcing established enterprise security policies. A Cloud App Security Broker is essentially a gatekeeper that controls access to cloud resources in real time. It sits between users and the cloud resources that they use.
What a Cloud App Security Broker does is identify Shadow IT use and app use. It monitors user activity for suspect behavior, and controls access to resources. Using a Cloud App Security Broker allows you to classify sensitive information and to prevent leakage of that information. This provides a layer of protection against bad actors, and helps you assess the compliance of cloud services.
As a Cloud App Security Broker, the Cloud App Security offering addresses security gaps in an organization's use of cloud services. It offers granular visibility into, and control over, not only user activities, but also sensitive data.
When you deploy Cloud App Security, it uses Cloud Discovery to map your cloud environment. It also identifies the cloud apps that are in use within your organization. It allows you to sanction and unsanction apps in your cloud.
Cloud App Security uses app connectors to provide visibility and governance of apps that users connect to.
In addition to providing real-time visibility into cloud apps that are in use, Conditional Access App Control protection also provides control over access to those apps, as well as any activities performed within those cloud apps.
The diagram on your screen depicts the typical architecture of Cloud App Security and where it sits within your organization.
Notice how traffic to protected apps moves through the proxy access to Cloud App Security. App Connectors leverage APIs for the protected cloud apps to protect them, while Cloud Discovery identifies cloud apps that are in use, logs them, and enforces configuration scripts.
It is this architecture that allows Cloud App Security to provide organizations with control over data travel and analytics that can be used to identify and mitigate cyberthreats across all Microsoft and third-party cloud services.
I should point out that Microsoft Cloud App Security is a user-based subscription service. This means that it’s licensed on a per user, per month basis. Microsoft Cloud App Security can be licensed as a standalone product or as part of quite a few different licensing plans. The URL on your screen links out to the Licensing Datasheet for Microsoft Cloud App Security, so I would refer you to that document for specific licensing requirements:
Once you’ve procured a license for Cloud App Security, you'll receive an activation email. The link to the Cloud App Security portal is shown on your screen:
You must be a Global Administrator or a Security Administrator in Azure Active Directory or Office 365, in order to set up Cloud App Security. To run the Cloud App Security portal, Microsoft recommends that you use Internet Explorer 11, the latest version of Microsoft Edge, the latest version of Google Chrome, the latest version of Firefox, or the latest version of Apple Safari.
Tom is a 25+ year veteran of the IT industry, having worked in environments as large as 40k seats and as small as 50 seats. Throughout the course of a long an interesting career, he has built an in-depth skillset that spans numerous IT disciplines. Tom has designed and architected small, large, and global IT solutions.
In addition to the Cloud Platform and Infrastructure MCSE certification, Tom also carries several other Microsoft certifications. His ability to see things from a strategic perspective allows Tom to architect solutions that closely align with business needs.
In his spare time, Tom enjoys camping, fishing, and playing poker.