Microsoft Takes on Shadow IT with Cloud App Security
Microsoft has announced the general availability of Cloud App Security, its attempt to help IT teams gain visibility and control of cloud app usage in the enterprise.
Cloud App Security is based on technology gleaned from Redmond’s acquisition of Adallom last year and features three main elements.
First, it uses log-based traffic analysis to discover all cloud apps being used inside an organization – many of which may previously have slipped under the radar of IT. It also provides risk scoring and ongoing risk assessment and analytics for said apps.
Second, once IT admins have decided which apps to allow in the organization, Cloud App Security will enable them to set controls and policy for data sharing and DLP, thanks to API-based integration. Managers can use pre-built policies or customize their own, Microsoft said.
Finally, there’s threat protection for cloud apps courtesy of the product’s behavioral analytics and anomaly detection capabilities.
Judging by the blog post introducing the technology, Microsoft is hoping Cloud App Security will act as a comprehensive Cloud Access Security Broker (CASB), enabling a “paradigm shift from classic network-based security to something new.”
The computing giant was also at pains to stress the size of the shadow IT problem facing firms – one which the product will seek to address by giving IT staff greater visibility into cloud app usage.
“Cloud applications are in use by most enterprises today, and we will soon reach the time where more corporate data will be stored in the cloud than on-premises,” it noted.
“Moreover, everyone is using the cloud, and even companies without official SaaS apps in use have substantial shadow IT usage of cloud. We know from past customer surveys that over 80% of employees admitted to using unapproved SaaS apps for corporate usage.”
Citing “brand new data from Microsoft Cloud App Security,” Microsoft claimed that on average each employee uses 17 cloud apps.
Further, in 91% of cases, employees allow personal accounts to access the organization’s cloud storage, while 70% of companies allow cloud admin activity from non-corporate, unsecured networks, it claimed.
According to a report last year from Skyhigh Networks, the average financial services organization uses 1004 cloud services – over 15-times more than IT estimates.
Source: Information Security Magazine