Preventing Shadow IT with Microsoft Cloud App Security

On average, every employee uses 17 cloud applications at work. But: The majority of people in a company tend to underestimate this number. And preventing shadow IT gets tricky when nobody seems to know how many applications are actually in use, and guesstimating just isn’t enough! We’ll show you how to achieve transparency, data control and threat protection using Microsoft Cloud App Security.

Relocating to the cloud helps you boost the efficiency of your staff and reduce your IT costs. So far, so good. However, doing so also brings new challenges to your company and you need to keep a keen eye on IT security in particular. So if your company hasn’t yet embarked on a new life in the cloud, don’t forget: It only takes a few clicks to use cloud applications. Next thing you know, you are “sharing things on-the-fly with external partners”, and – hey presto! – Dropbox, WeTransfer and Co. are suddenly part of your IT ecosystem. Employees find cloud applications convenient and a good way of getting around the often laborious internal application processes. This is great, but also one of the main reasons for the emergence of shadow IT.

According to a Microsoft Study

• 80% of employees use unauthorized cloud applications.
• Employees in 91% of companies allow their personal accounts to access the company’s cloud storage.
• 70% of companies allow cloud administrator activities from unsecured networks outside the company.
• On average, companies share 13% of their files with external associates; a quarter of this data is publicly accessible.

The risks and potentially even sanctions that this entails are usually unknown. In many cases, IT management has lost track and therefore the ability to control the data. Blocking cloud applications or cloud web addresses in such cases, is mostly an elaborate and usually inadequate undertaking. New apps are launched on the market almost daily, meaning that restrictions can only fight the fires, but not stop their causes. In order to use all the benefits of cloud applications, companies need to strike the right balance between permissive access and control for the protection of important data.

The Microsoft Cloud App Security takes action at precisely this point. The vendor-neutral SaaS (Software as a Solution) approach comes with tools to detect shadow IT, assess possible risks, enforce policies, analyze activities and stop threats. This way, you keep your important company data under control.

• Cloud Discovery: All cloud applications in your company network are identified on all devices, giving you shadow IT reports, as well as control and risk assessments.
• Data Protection: Monitor and control your data in the cloud. A particular focus is placed on applications for which you define granular controls and policies for the shared use of data and data loss protection (DLP) by means of API-based integration. You can either use ready-made policies out-of-the-box or develop and modify your own.
• Threat Protection: Detect anomalous uses and security threats. The use of behavioral analytics and advanced analysis tools lets you reduce risks and define policies to obtain maximum control over data traffic between the network and cloud.

When scanning content, Microsoft Cloud App Security does not store the file contents in the application database. Instead, Microsoft Cloud App Security only saves metadata for the file datasets and all identified breaches in its database.

Analysis and evaluation are based on the Microsoft Cloud App Catalog, which stores and describes more than 15,000 cloud applications and also classifies and assesses them based on over 60 criteria. The analysis results are shown clearly structured in the dashboard, with detailed findings down to the application level. The dashboard also contains information about the number of users, data traffic, upload volumes and many other metrics. You can access meticulous details on each of the listed cloud applications in order to get a deeper assessment of each. Microsoft Cloud App Security also contains links to the individual providers’ privacy policies. Measures can be taken to close security vulnerabilities very quickly using this clear overview of data, ensuring that your employees can enjoy all the benefits of your cloud applications.

In the future, it will be vital for companies to assess the solutions – and shadow IT – in use, in order to initiate suitable action to ensure security measures where necessary. Microsoft Cloud App Security offers a host of support options to make it possible.