SlideShare a Scribd company logo

Secure your Access to Cloud Apps using Microsoft Defender for Cloud Apps

Download as PPTX, PDF
Vignesh Ganesan I Microsoft MVP
Vignesh Ganesan I Microsoft MVP

Here's the slide deck from my session titled "Secure your Access to Cloud Apps using Microsoft Defender for Cloud Apps" which was presented on the Modern Workplace Conference Paris 2022 Virtual event.

Technology
1 of 32
Modern Workplace Conference Paris 2022 online #MWCP22 Coming soon! Share. Discover. Explore. Partager. Découvrir. Explorer. Modern Workplace Conference Paris 2022 online #MWCP22 24,25,26 Jan 2022
Suivez-nous tout au long de l’année ! Follow us all year round! https://aos.community https://twitter.com/mwcparis #MWCP22 https://modern-workplace.pro https://twitter.com/aOSComm https://www.linkedin.com/company/ ams-community https://www.linkedin.com/company/ mwcp https://www.facebook.com/ modernworkplaceconferenceparis https://www.facebook.com/ aOSCommunity (FR) https://www.facebook.com/ aosComm (EN)
Vignesh Ganesan Enterprise Cloud Architect & Technology Strategist NGUNGU JOEL Etudiant
About Me
Let’s get started
• User chooses apps (unsanctioned, shadow IT) • User can access resources from anywhere • Data is shared by user and cloud apps • IT has limited visibility and protection • Only sanctioned apps are installed • Resources accessed via managed devices/networks • IT had layers of defense protecting internal apps • IT has a known security perimeter Life with cloud Life before cloud On-premises Storage, corp data Users How the cloud changed the enterprise?
Cloud services require a new approach to security
Enterprise-class technology Secure identities to reach zero trust Identity & access management Security management Strengthen your security posture with insights and guidance Threat protection Help stop damaging attacks with integrated and automated security Locate and classify information anywhere it lives Information protection Infrastructure security
Microsoft Defender for Cloud Apps Discover and assess risks Control access in real time Detect threats Protect your information Identify cloud apps on your network, gain visibility into shadow IT, and get risk assessments and ongoing analytics. Manage and limit cloud app access based on conditions and session context, including user identity, device, and location. Identify high-risk usage and detect unusual behavior using Microsoft threat intelligence and research. Get granular control over data and use built-in or custom policies for data sharing and data loss prevention. Threat detection: Microsoft Intelligent Security Graph, Office ATP Information Protection: Office 365 & Azure Information Protection Identity: Azure AD and Conditional Access To your cloud apps Extend Microsoft security + more
Microsoft Defender for Cloud Apps
TOP CASB USE CASES Office 365 Salesforce Azure Box AWS Dropbox Facebook Twitter YouTube
Case study A company named Contoso is using Microsoft 365 for collaborating within themselves and other organizations . All their employees are currently on WFH due to COVID. Challenges • Users are downloading sensitive information to their personal PC • Users are downloading company confidential files to their personal PC • Users are uploading PII information to SPO • Customer’s PII data is being copied and shared with a competitor • Legal regulations state that Contract Employees/Contingent employees shouldn’t have access to Office 365 from their personal PC • Contoso would also like to control sharing of sensitive information from 3rd party apps such as Box • Block risky sign-ins
1. All the users in Contoso have a Microsoft 365 license and an Azure AD P1 license assigned to them . 2. They all have an Intune compliant/ Hybrid Azure AD joined PC given to them 3. Contoso is currently using cloud apps such as Office 365 , Box & Workplace by Facebook 4. Contoso has rolled out AIP & DLP for all its users and they also have Azure AD conditional access policies configured Contoso’s Current setup
Conditional Access App control
Cloud apps & services
Require MFA Allow access Deny access Force password reset ****** Monitor and control access to cloud apps Defender for Cloud Apps Limit access Policy Proxy
CONDITIONAL ACCESS APP CONTROL Microsoft Azure Active Directory Analyze Session Risk Check device compliance with Intune Check location Check user behavior Check user organization Enforce Relevant Policies with Conditional Access App Control Protect downloads from unmanaged devices with AIP Monitor and alert on actions when user activity is suspicious Enforce read-only mode in applications for partner (B2B) users Require MFA and define session timeouts for unfamiliar locations BOX.US.CAS.MS Defender for Cloud Apps integrates with: • Azure Active Directory • Azure Information Protection • Microsoft Intune to help protect any app in your organization. MICROSOFT DEFENDER FOR CLOUD APPS
Access policy and Session policy Access policies enable real-time monitoring and control over access to cloud apps based on user, location, device, and app Session policies enable real-time session- level monitoring, affording you granular visibility into cloud apps and the ability to take different actions depending on the policy set for a user session CONDITIONAL ACCESS APP CONTROL Prerequisites Azure AD Premium P1 license, or the license required by your identity provider (IdP) solution The relevant apps should be deployed with Conditional Access App Control Make sure you have configured your IdP solution to work with Defender for Cloud Apps App URL: myapp.com Replaced URL : myapp.com.mcas.ms
Conditional Access App Control – Architecture User SSO Azure AD (IdP) SAML Auth Request Is there an Azure AD Conditional Access policy matching this request? No Yes Yes No Yes No Data flow Azure Information Protection Is content inspection enabled for this session policy? OR is the Protect on Download action selected? Yes User attempts file download Block file download and monitor Protect file download and monitor Monitor No Is there a CAS Session Policy matching this request? Is there a CAS Access Policy that blocks this request? ACCESS DENIED .US.CAS.MS
Challenge 1: Users are downloading sensitive information to their personal PC
Challenge 2: Users are downloading company confidential files to their personal PC
Challenge 3:Users are uploading PII information to SPO
Challenge 4 : Customer’s PII data is being copied and shared with a competitor
Challenge 5 : Legal regulations state that Contract Employees/Contingent employees shouldn’t have access to Office 365 from their personal PC
Challenge 6 : Contoso would also like to control sharing of sensitive information from 3rd party apps such as Box
Challenge 7 : Block risky sign-ins
Users are downloading sensitive information to their personal PC Users are downloading company confidential files to their personal PC Users are uploading PII information to SPO Customer’s PII data is being copied and shared with a competitor Legal regulations state that Contract Employees/Contingent employees shouldn’t have access to Office 365 from their personal PC Contoso would also like to control sharing of sensitive information from 3rd party apps such as Box Microsoft Defender for Cloud Apps (Conditional Access App Control ) Block risky sign-ins
LICENSING OPTIONS Microsoft CAS CASB for any cloud app EMS E5 Office 365 CAS CASB for Office 365 Office 365 E5 CAS Discovery Discovery of Shadow IT AAD P1 (EMS E3)
Ref • https://docs.microsoft.com/en-us/defender-cloud-apps/ • https://techcommunity.microsoft.com/t5/security-compliance-and- identity/announcing-microsoft-defender-for-cloud-apps/ba-p/2835842 • https://docs.microsoft.com/en-us/defender-cloud-apps/proxy-intro-aad • https://docs.microsoft.com/en-us/defender-cloud-apps/access-policy-aad • https://docs.microsoft.com/en-us/defender-cloud-apps/session-policy-aad • https://docs.microsoft.com/en-us/defender-cloud-apps/proxy-deployment-aad • https://docs.microsoft.com/en-us/defender-cloud-apps/proxy-deployment-any- app • https://www.aka.ms/mcaslicensing • https://docs.microsoft.com/en-us/defender-cloud-apps/editions-cloud-app- security-o365
Merci pour votre attention ! Thanks for your attention!

Recommended

Microsoft Defender and Azure Sentinel
Microsoft Defender and Azure SentinelMicrosoft Defender and Azure Sentinel
Microsoft Defender and Azure SentinelDavid J Rosenthal
 
Microsoft 365 Security and Compliance
Microsoft 365 Security and ComplianceMicrosoft 365 Security and Compliance
Microsoft 365 Security and ComplianceDavid J Rosenthal
 
Azure Sentinel.pptx
Azure Sentinel.pptxAzure Sentinel.pptx
Azure Sentinel.pptxMohit Chhabra
 
Microsoft 365 Compliance and Security Overview
Microsoft 365 Compliance and Security OverviewMicrosoft 365 Compliance and Security Overview
Microsoft 365 Compliance and Security OverviewDavid J Rosenthal
 
Microsoft Office 365 Advanced Threat Protection
Microsoft Office 365 Advanced Threat ProtectionMicrosoft Office 365 Advanced Threat Protection
Microsoft Office 365 Advanced Threat ProtectionDavid J Rosenthal
 
Microsoft Zero Trust
Microsoft Zero TrustMicrosoft Zero Trust
Microsoft Zero TrustDavid J Rosenthal
 
Azure Information Protection
Azure Information ProtectionAzure Information Protection
Azure Information ProtectionRobert Crane
 
An introduction to Defender for Business
An introduction to Defender for BusinessAn introduction to Defender for Business
An introduction to Defender for BusinessRobert Crane
 

Recommended

Microsoft Defender and Azure Sentinel
Microsoft Defender and Azure SentinelMicrosoft Defender and Azure Sentinel
Microsoft Defender and Azure SentinelDavid J Rosenthal
 
Microsoft 365 Security and Compliance
Microsoft 365 Security and ComplianceMicrosoft 365 Security and Compliance
Microsoft 365 Security and ComplianceDavid J Rosenthal
 
Azure Sentinel.pptx
Azure Sentinel.pptxAzure Sentinel.pptx
Azure Sentinel.pptxMohit Chhabra
 
Microsoft 365 Compliance and Security Overview
Microsoft 365 Compliance and Security OverviewMicrosoft 365 Compliance and Security Overview
Microsoft 365 Compliance and Security OverviewDavid J Rosenthal
 
Microsoft Office 365 Advanced Threat Protection
Microsoft Office 365 Advanced Threat ProtectionMicrosoft Office 365 Advanced Threat Protection
Microsoft Office 365 Advanced Threat ProtectionDavid J Rosenthal
 
Microsoft Zero Trust
Microsoft Zero TrustMicrosoft Zero Trust
Microsoft Zero TrustDavid J Rosenthal
 
Azure Information Protection
Azure Information ProtectionAzure Information Protection
Azure Information ProtectionRobert Crane
 
An introduction to Defender for Business
An introduction to Defender for BusinessAn introduction to Defender for Business
An introduction to Defender for BusinessRobert Crane
 
Overview of Data Loss Prevention Policies in Office 365
Overview of Data Loss Prevention Policies in Office 365Overview of Data Loss Prevention Policies in Office 365
Overview of Data Loss Prevention Policies in Office 365Dock 365
 
2 Modern Security - Microsoft Information Protection
2 Modern Security - Microsoft Information Protection2 Modern Security - Microsoft Information Protection
2 Modern Security - Microsoft Information ProtectionAndrew Bettany
 
Azure Security Center- Zero to Hero
Azure Security Center- Zero to HeroAzure Security Center- Zero to Hero
Azure Security Center- Zero to HeroKasun Rajapakse
 
7 Experts on Implementing Microsoft 365 Defender
7 Experts on Implementing Microsoft 365 Defender7 Experts on Implementing Microsoft 365 Defender
7 Experts on Implementing Microsoft 365 DefenderMighty Guides, Inc.
 
Microsoft Azure Security Overview
Microsoft Azure Security OverviewMicrosoft Azure Security Overview
Microsoft Azure Security OverviewAlert Logic
 
Azure Sentinel Tips
Azure Sentinel Tips Azure Sentinel Tips
Azure Sentinel Tips Mario Worwell
 
Microsoft Azure Sentinel
Microsoft Azure SentinelMicrosoft Azure Sentinel
Microsoft Azure SentinelBGA Cyber Security
 
Microsoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewMicrosoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewDavid J Rosenthal
 
Azure Sentinel
Azure SentinelAzure Sentinel
Azure SentinelCheah Eng Soon
 
Deep dive into Microsoft Purview Data Loss Prevention
Deep dive into Microsoft Purview Data Loss PreventionDeep dive into Microsoft Purview Data Loss Prevention
Deep dive into Microsoft Purview Data Loss PreventionDrew Madelung
 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security OverviewDavid J Rosenthal
 
Microsoft 365 Security Overview
Microsoft 365 Security OverviewMicrosoft 365 Security Overview
Microsoft 365 Security OverviewRobert Crane
 
Microsoft Defender for Endpoint
Microsoft Defender for EndpointMicrosoft Defender for Endpoint
Microsoft Defender for EndpointCheah Eng Soon
 
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan David J Rosenthal
 
introduction to Azure Sentinel
introduction to Azure Sentinelintroduction to Azure Sentinel
introduction to Azure SentinelRobert Crane
 
Introduction to Azure Sentinel
Introduction to Azure SentinelIntroduction to Azure Sentinel
Introduction to Azure Sentinelarnaudlh
 
Adopting A Zero-Trust Model. Google Did It, Can You?
Adopting A Zero-Trust Model. Google Did It, Can You?Adopting A Zero-Trust Model. Google Did It, Can You?
Adopting A Zero-Trust Model. Google Did It, Can You?Zscaler
 
Office 365 Security Best Practices
Office 365 Security Best PracticesOffice 365 Security Best Practices
Office 365 Security Best PracticesCommunity IT Innovators
 
Microsoft 365 Compliance
Microsoft 365 ComplianceMicrosoft 365 Compliance
Microsoft 365 ComplianceDavid J Rosenthal
 
Microsoft Information Protection.pptx
Microsoft Information Protection.pptxMicrosoft Information Protection.pptx
Microsoft Information Protection.pptxChrisaldyChandra
 
Webinar: Securing Remote Workforce on the Microsoft Cloud
Webinar: Securing Remote Workforce on the Microsoft CloudWebinar: Securing Remote Workforce on the Microsoft Cloud
Webinar: Securing Remote Workforce on the Microsoft CloudWithum
 
Microsoft Cloud App Security CASB
Microsoft Cloud App Security CASBMicrosoft Cloud App Security CASB
Microsoft Cloud App Security CASBAmmar Hasayen
 

More Related Content

What's hot

Overview of Data Loss Prevention Policies in Office 365
Overview of Data Loss Prevention Policies in Office 365Overview of Data Loss Prevention Policies in Office 365
Overview of Data Loss Prevention Policies in Office 365Dock 365
 
2 Modern Security - Microsoft Information Protection
2 Modern Security - Microsoft Information Protection2 Modern Security - Microsoft Information Protection
2 Modern Security - Microsoft Information ProtectionAndrew Bettany
 
Azure Security Center- Zero to Hero
Azure Security Center- Zero to HeroAzure Security Center- Zero to Hero
Azure Security Center- Zero to HeroKasun Rajapakse
 
7 Experts on Implementing Microsoft 365 Defender
7 Experts on Implementing Microsoft 365 Defender7 Experts on Implementing Microsoft 365 Defender
7 Experts on Implementing Microsoft 365 DefenderMighty Guides, Inc.
 
Microsoft Azure Security Overview
Microsoft Azure Security OverviewMicrosoft Azure Security Overview
Microsoft Azure Security OverviewAlert Logic
 
Azure Sentinel Tips
Azure Sentinel Tips Azure Sentinel Tips
Azure Sentinel Tips Mario Worwell
 
Microsoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewMicrosoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewDavid J Rosenthal
 
Deep dive into Microsoft Purview Data Loss Prevention
Deep dive into Microsoft Purview Data Loss PreventionDeep dive into Microsoft Purview Data Loss Prevention
Deep dive into Microsoft Purview Data Loss PreventionDrew Madelung
 
Microsoft 365 Security Overview
Microsoft 365 Security OverviewMicrosoft 365 Security Overview
Microsoft 365 Security OverviewRobert Crane
 
Microsoft Defender for Endpoint
Microsoft Defender for EndpointMicrosoft Defender for Endpoint
Microsoft Defender for EndpointCheah Eng Soon
 
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan David J Rosenthal
 
introduction to Azure Sentinel
introduction to Azure Sentinelintroduction to Azure Sentinel
introduction to Azure SentinelRobert Crane
 
Introduction to Azure Sentinel
Introduction to Azure SentinelIntroduction to Azure Sentinel
Introduction to Azure Sentinelarnaudlh
 
Adopting A Zero-Trust Model. Google Did It, Can You?
Adopting A Zero-Trust Model. Google Did It, Can You?Adopting A Zero-Trust Model. Google Did It, Can You?
Adopting A Zero-Trust Model. Google Did It, Can You?Zscaler
 
Microsoft Information Protection.pptx
Microsoft Information Protection.pptxMicrosoft Information Protection.pptx
Microsoft Information Protection.pptxChrisaldyChandra
 

What's hot (20)

Overview of Data Loss Prevention Policies in Office 365
Overview of Data Loss Prevention Policies in Office 365Overview of Data Loss Prevention Policies in Office 365
Overview of Data Loss Prevention Policies in Office 365
 
2 Modern Security - Microsoft Information Protection
2 Modern Security - Microsoft Information Protection2 Modern Security - Microsoft Information Protection
2 Modern Security - Microsoft Information Protection
 
Azure Security Center- Zero to Hero
Azure Security Center- Zero to HeroAzure Security Center- Zero to Hero
Azure Security Center- Zero to Hero
 
7 Experts on Implementing Microsoft 365 Defender
7 Experts on Implementing Microsoft 365 Defender7 Experts on Implementing Microsoft 365 Defender
7 Experts on Implementing Microsoft 365 Defender
 
Microsoft Azure Security Overview
Microsoft Azure Security OverviewMicrosoft Azure Security Overview
Microsoft Azure Security Overview
 
Azure Sentinel Tips
Azure Sentinel Tips Azure Sentinel Tips
Azure Sentinel Tips
 
Microsoft Azure Sentinel
Microsoft Azure SentinelMicrosoft Azure Sentinel
Microsoft Azure Sentinel
 
Microsoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewMicrosoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 Overview
 
Azure Sentinel
Azure SentinelAzure Sentinel
Azure Sentinel
 
Deep dive into Microsoft Purview Data Loss Prevention
Deep dive into Microsoft Purview Data Loss PreventionDeep dive into Microsoft Purview Data Loss Prevention
Deep dive into Microsoft Purview Data Loss Prevention
 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security Overview
 
Microsoft 365 Security Overview
Microsoft 365 Security OverviewMicrosoft 365 Security Overview
Microsoft 365 Security Overview
 
Microsoft Defender for Endpoint
Microsoft Defender for EndpointMicrosoft Defender for Endpoint
Microsoft Defender for Endpoint
 
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan
 
introduction to Azure Sentinel
introduction to Azure Sentinelintroduction to Azure Sentinel
introduction to Azure Sentinel
 
Introduction to Azure Sentinel
Introduction to Azure SentinelIntroduction to Azure Sentinel
Introduction to Azure Sentinel
 
Adopting A Zero-Trust Model. Google Did It, Can You?
Adopting A Zero-Trust Model. Google Did It, Can You?Adopting A Zero-Trust Model. Google Did It, Can You?
Adopting A Zero-Trust Model. Google Did It, Can You?
 
Office 365 Security Best Practices
Office 365 Security Best PracticesOffice 365 Security Best Practices
Office 365 Security Best Practices
 
Microsoft 365 Compliance
Microsoft 365 ComplianceMicrosoft 365 Compliance
Microsoft 365 Compliance
 
Microsoft Information Protection.pptx
Microsoft Information Protection.pptxMicrosoft Information Protection.pptx
Microsoft Information Protection.pptx
 

Similar to Secure your Access to Cloud Apps using Microsoft Defender for Cloud Apps

Webinar: Securing Remote Workforce on the Microsoft Cloud
Webinar: Securing Remote Workforce on the Microsoft CloudWebinar: Securing Remote Workforce on the Microsoft Cloud
Webinar: Securing Remote Workforce on the Microsoft CloudWithum
 
Microsoft Cloud App Security CASB
Microsoft Cloud App Security CASBMicrosoft Cloud App Security CASB
Microsoft Cloud App Security CASBAmmar Hasayen
 
Securing Teams with Microsoft 365 Security for Remote Work
Securing Teams with Microsoft 365 Security for Remote WorkSecuring Teams with Microsoft 365 Security for Remote Work
Securing Teams with Microsoft 365 Security for Remote WorkPerficient, Inc.
 
October 2022 CIAOPS Need to Know Webinar
October 2022 CIAOPS Need to Know WebinarOctober 2022 CIAOPS Need to Know Webinar
October 2022 CIAOPS Need to Know WebinarRobert Crane
 
2018-10-23 2B - a deep dive into Microsoft 365 security - Muditha Chathuranga
2018-10-23 2B - a deep dive into Microsoft 365 security - Muditha Chathuranga2018-10-23 2B - a deep dive into Microsoft 365 security - Muditha Chathuranga
2018-10-23 2B - a deep dive into Microsoft 365 security - Muditha ChathurangaaOS Community
 
Utilizing Microsoft 365 Security for Remote Work
Utilizing Microsoft 365 Security for Remote Work Utilizing Microsoft 365 Security for Remote Work
Utilizing Microsoft 365 Security for Remote Work Perficient, Inc.
 
What is needed to start trusting the security of your applications in the cloud?
What is needed to start trusting the security of your applications in the cloud?What is needed to start trusting the security of your applications in the cloud?
What is needed to start trusting the security of your applications in the cloud?PECB
 
M365 Virtual Marthon: Protecting your Teamwork across Microsoft 365
M365 Virtual Marthon: Protecting your Teamwork across Microsoft 365M365 Virtual Marthon: Protecting your Teamwork across Microsoft 365
M365 Virtual Marthon: Protecting your Teamwork across Microsoft 365Joanne Klein
 
Power Saturday 2019 E1 - Office 365 security
Power Saturday 2019 E1 - Office 365 securityPower Saturday 2019 E1 - Office 365 security
Power Saturday 2019 E1 - Office 365 securityPowerSaturdayParis
 
Modern Management for Identiteter og Enheter – Azure AD, Intune og Windows 10
Modern Management for Identiteter og Enheter – Azure AD, Intune og Windows 10Modern Management for Identiteter og Enheter – Azure AD, Intune og Windows 10
Modern Management for Identiteter og Enheter – Azure AD, Intune og Windows 10MVP Dagen
 
Cloud App Security Customer Presentation.pdf
Cloud App Security Customer Presentation.pdfCloud App Security Customer Presentation.pdf
Cloud App Security Customer Presentation.pdfErikHof4
 
Intune Concept.pptx
Intune Concept.pptxIntune Concept.pptx
Intune Concept.pptxjmbrrvgzhr
 
Being more secure using Microsoft 365 Business
Being more secure using Microsoft 365 BusinessBeing more secure using Microsoft 365 Business
Being more secure using Microsoft 365 BusinessRobert Crane
 
EPC Group Intune Practice and Capabilities Overview
EPC Group Intune Practice and Capabilities OverviewEPC Group Intune Practice and Capabilities Overview
EPC Group Intune Practice and Capabilities OverviewEPC Group
 
Security As A Service
Security As A ServiceSecurity As A Service
Security As A ServiceOlav Tvedt
 
Mobile Device Management for Office 365 - Atidan
Mobile Device Management for Office 365 - AtidanMobile Device Management for Office 365 - Atidan
Mobile Device Management for Office 365 - AtidanDavid J Rosenthal
 
MMS 2015: Secure your data and apps with the enterprise
MMS 2015: Secure your data and apps with the enterpriseMMS 2015: Secure your data and apps with the enterprise
MMS 2015: Secure your data and apps with the enterprisePeter Daalmans
 
ECS19 - Nicki Borell - Microsoft Cybersecurity Reference Architecture
ECS19 - Nicki Borell - Microsoft Cybersecurity Reference ArchitectureECS19 - Nicki Borell - Microsoft Cybersecurity Reference Architecture
ECS19 - Nicki Borell - Microsoft Cybersecurity Reference ArchitectureEuropean Collaboration Summit
 
Securing Team, SharePoint, and OneDrive in Microsoft 365 - M365VM
Securing Team, SharePoint, and OneDrive in Microsoft 365 - M365VMSecuring Team, SharePoint, and OneDrive in Microsoft 365 - M365VM
Securing Team, SharePoint, and OneDrive in Microsoft 365 - M365VMDrew Madelung
 

Similar to Secure your Access to Cloud Apps using Microsoft Defender for Cloud Apps (20)

Webinar: Securing Remote Workforce on the Microsoft Cloud
Webinar: Securing Remote Workforce on the Microsoft CloudWebinar: Securing Remote Workforce on the Microsoft Cloud
Webinar: Securing Remote Workforce on the Microsoft Cloud
 
Microsoft Cloud App Security CASB
Microsoft Cloud App Security CASBMicrosoft Cloud App Security CASB
Microsoft Cloud App Security CASB
 
Securing Teams with Microsoft 365 Security for Remote Work
Securing Teams with Microsoft 365 Security for Remote WorkSecuring Teams with Microsoft 365 Security for Remote Work
Securing Teams with Microsoft 365 Security for Remote Work
 
October 2022 CIAOPS Need to Know Webinar
October 2022 CIAOPS Need to Know WebinarOctober 2022 CIAOPS Need to Know Webinar
October 2022 CIAOPS Need to Know Webinar
 
2018-10-23 2B - a deep dive into Microsoft 365 security - Muditha Chathuranga
2018-10-23 2B - a deep dive into Microsoft 365 security - Muditha Chathuranga2018-10-23 2B - a deep dive into Microsoft 365 security - Muditha Chathuranga
2018-10-23 2B - a deep dive into Microsoft 365 security - Muditha Chathuranga
 
Utilizing Microsoft 365 Security for Remote Work
Utilizing Microsoft 365 Security for Remote Work Utilizing Microsoft 365 Security for Remote Work
Utilizing Microsoft 365 Security for Remote Work
 
What is needed to start trusting the security of your applications in the cloud?
What is needed to start trusting the security of your applications in the cloud?What is needed to start trusting the security of your applications in the cloud?
What is needed to start trusting the security of your applications in the cloud?
 
M365 Virtual Marthon: Protecting your Teamwork across Microsoft 365
M365 Virtual Marthon: Protecting your Teamwork across Microsoft 365M365 Virtual Marthon: Protecting your Teamwork across Microsoft 365
M365 Virtual Marthon: Protecting your Teamwork across Microsoft 365
 
Power Saturday 2019 E1 - Office 365 security
Power Saturday 2019 E1 - Office 365 securityPower Saturday 2019 E1 - Office 365 security
Power Saturday 2019 E1 - Office 365 security
 
Modern Management for Identiteter og Enheter – Azure AD, Intune og Windows 10
Modern Management for Identiteter og Enheter – Azure AD, Intune og Windows 10Modern Management for Identiteter og Enheter – Azure AD, Intune og Windows 10
Modern Management for Identiteter og Enheter – Azure AD, Intune og Windows 10
 
Cloud App Security Customer Presentation.pdf
Cloud App Security Customer Presentation.pdfCloud App Security Customer Presentation.pdf
Cloud App Security Customer Presentation.pdf
 
Intune Concept.pptx
Intune Concept.pptxIntune Concept.pptx
Intune Concept.pptx
 
Being more secure using Microsoft 365 Business
Being more secure using Microsoft 365 BusinessBeing more secure using Microsoft 365 Business
Being more secure using Microsoft 365 Business
 
EPC Group Intune Practice and Capabilities Overview
EPC Group Intune Practice and Capabilities OverviewEPC Group Intune Practice and Capabilities Overview
EPC Group Intune Practice and Capabilities Overview
 
Security As A Service
Security As A ServiceSecurity As A Service
Security As A Service
 
Zero trust deck 2020
Zero trust deck 2020Zero trust deck 2020
Zero trust deck 2020
 
Mobile Device Management for Office 365 - Atidan
Mobile Device Management for Office 365 - AtidanMobile Device Management for Office 365 - Atidan
Mobile Device Management for Office 365 - Atidan
 
MMS 2015: Secure your data and apps with the enterprise
MMS 2015: Secure your data and apps with the enterpriseMMS 2015: Secure your data and apps with the enterprise
MMS 2015: Secure your data and apps with the enterprise
 
ECS19 - Nicki Borell - Microsoft Cybersecurity Reference Architecture
ECS19 - Nicki Borell - Microsoft Cybersecurity Reference ArchitectureECS19 - Nicki Borell - Microsoft Cybersecurity Reference Architecture
ECS19 - Nicki Borell - Microsoft Cybersecurity Reference Architecture
 
Securing Team, SharePoint, and OneDrive in Microsoft 365 - M365VM
Securing Team, SharePoint, and OneDrive in Microsoft 365 - M365VMSecuring Team, SharePoint, and OneDrive in Microsoft 365 - M365VM
Securing Team, SharePoint, and OneDrive in Microsoft 365 - M365VM
 

More from Vignesh Ganesan I Microsoft MVP

Secure your M365 resources using Azure AD Identity Governance
Secure your M365 resources using Azure AD Identity GovernanceSecure your M365 resources using Azure AD Identity Governance
Secure your M365 resources using Azure AD Identity GovernanceVignesh Ganesan I Microsoft MVP
 
Protect Identities and Access to resources with Azure Active Directory
Protect Identities and Access to resources with Azure Active Directory Protect Identities and Access to resources with Azure Active Directory
Protect Identities and Access to resources with Azure Active Directory Vignesh Ganesan I Microsoft MVP
 
Fundamentals of Microsoft 365 Security , Identity and Compliance
Fundamentals of Microsoft 365 Security , Identity and ComplianceFundamentals of Microsoft 365 Security , Identity and Compliance
Fundamentals of Microsoft 365 Security , Identity and ComplianceVignesh Ganesan I Microsoft MVP
 
What's new in Security and Compliance in SharePoint , OneDrive for Business &...
What's new in Security and Compliance in SharePoint , OneDrive for Business &...What's new in Security and Compliance in SharePoint , OneDrive for Business &...
What's new in Security and Compliance in SharePoint , OneDrive for Business &...Vignesh Ganesan I Microsoft MVP
 
Introduction to Microsoft 365 bookings and how to use bookings app in Teams f...
Introduction to Microsoft 365 bookings and how to use bookings app in Teams f...Introduction to Microsoft 365 bookings and how to use bookings app in Teams f...
Introduction to Microsoft 365 bookings and how to use bookings app in Teams f...Vignesh Ganesan I Microsoft MVP
 
Skype for business to Microsoft Teams- Guidance for a successful upgrade
Skype for business to Microsoft Teams- Guidance for a successful upgradeSkype for business to Microsoft Teams- Guidance for a successful upgrade
Skype for business to Microsoft Teams- Guidance for a successful upgradeVignesh Ganesan I Microsoft MVP
 
Live events in Microsoft Teams , Yammer and Stream- When to use what
Live events in Microsoft Teams , Yammer and Stream- When to use whatLive events in Microsoft Teams , Yammer and Stream- When to use what
Live events in Microsoft Teams , Yammer and Stream- When to use whatVignesh Ganesan I Microsoft MVP
 
What's new and what's next in SharePoint Development for Enterprise & SPFx
What's new and what's next in SharePoint Development for Enterprise & SPFx What's new and what's next in SharePoint Development for Enterprise & SPFx
What's new and what's next in SharePoint Development for Enterprise & SPFx Vignesh Ganesan I Microsoft MVP
 
Building solutions with SPFx that work across SharePoint and Teams
Building solutions with SPFx that work across SharePoint and TeamsBuilding solutions with SPFx that work across SharePoint and Teams
Building solutions with SPFx that work across SharePoint and TeamsVignesh Ganesan I Microsoft MVP
 
What's new in Azure Active Directory and what's coming new ?
What's new in Azure Active Directory and what's coming new ?What's new in Azure Active Directory and what's coming new ?
What's new in Azure Active Directory and what's coming new ?Vignesh Ganesan I Microsoft MVP
 
Introduction to Microsoft Kaizala And How to Empower Your Mobile Workforce us...
Introduction to Microsoft Kaizala And How to Empower Your Mobile Workforce us...Introduction to Microsoft Kaizala And How to Empower Your Mobile Workforce us...
Introduction to Microsoft Kaizala And How to Empower Your Mobile Workforce us...Vignesh Ganesan I Microsoft MVP
 
How to succesfully drive Office 365 adpotion in your organization ?
How to succesfully drive Office 365 adpotion in your organization ?How to succesfully drive Office 365 adpotion in your organization ?
How to succesfully drive Office 365 adpotion in your organization ?Vignesh Ganesan I Microsoft MVP
 
SharePoint Saturday Bangalore -Overview of SharePoint Server 2019
SharePoint Saturday Bangalore -Overview of SharePoint Server 2019SharePoint Saturday Bangalore -Overview of SharePoint Server 2019
SharePoint Saturday Bangalore -Overview of SharePoint Server 2019Vignesh Ganesan I Microsoft MVP
 

More from Vignesh Ganesan I Microsoft MVP (20)

Getting your enterprise ready for Microsoft 365 Copilot
Getting your enterprise ready for Microsoft 365 CopilotGetting your enterprise ready for Microsoft 365 Copilot
Getting your enterprise ready for Microsoft 365 Copilot
 
How to use Advanced eDiscovery for Microsoft Teams
How to use Advanced eDiscovery for Microsoft TeamsHow to use Advanced eDiscovery for Microsoft Teams
How to use Advanced eDiscovery for Microsoft Teams
 
Advanced eDiscovery with Microsoft Teams
Advanced eDiscovery with Microsoft TeamsAdvanced eDiscovery with Microsoft Teams
Advanced eDiscovery with Microsoft Teams
 
Secure your M365 resources using Azure AD Identity Governance
Secure your M365 resources using Azure AD Identity GovernanceSecure your M365 resources using Azure AD Identity Governance
Secure your M365 resources using Azure AD Identity Governance
 
Protect Identities and Access to resources with Azure Active Directory
Protect Identities and Access to resources with Azure Active Directory Protect Identities and Access to resources with Azure Active Directory
Protect Identities and Access to resources with Azure Active Directory
 
Securing your Azure Identity Infrastructure
Securing your Azure Identity InfrastructureSecuring your Azure Identity Infrastructure
Securing your Azure Identity Infrastructure
 
Fundamentals of Microsoft 365 Security , Identity and Compliance
Fundamentals of Microsoft 365 Security , Identity and ComplianceFundamentals of Microsoft 365 Security , Identity and Compliance
Fundamentals of Microsoft 365 Security , Identity and Compliance
 
What's new in Security and Compliance in SharePoint , OneDrive for Business &...
What's new in Security and Compliance in SharePoint , OneDrive for Business &...What's new in Security and Compliance in SharePoint , OneDrive for Business &...
What's new in Security and Compliance in SharePoint , OneDrive for Business &...
 
Introduction to Microsoft 365 bookings and how to use bookings app in Teams f...
Introduction to Microsoft 365 bookings and how to use bookings app in Teams f...Introduction to Microsoft 365 bookings and how to use bookings app in Teams f...
Introduction to Microsoft 365 bookings and how to use bookings app in Teams f...
 
Skype for business to Microsoft Teams- Guidance for a successful upgrade
Skype for business to Microsoft Teams- Guidance for a successful upgradeSkype for business to Microsoft Teams- Guidance for a successful upgrade
Skype for business to Microsoft Teams- Guidance for a successful upgrade
 
Live events in Microsoft Teams , Yammer and Stream- When to use what
Live events in Microsoft Teams , Yammer and Stream- When to use whatLive events in Microsoft Teams , Yammer and Stream- When to use what
Live events in Microsoft Teams , Yammer and Stream- When to use what
 
What's new in Microsoft Teams
What's new in Microsoft Teams What's new in Microsoft Teams
What's new in Microsoft Teams
 
What's new and what's next in SharePoint Development for Enterprise & SPFx
What's new and what's next in SharePoint Development for Enterprise & SPFx What's new and what's next in SharePoint Development for Enterprise & SPFx
What's new and what's next in SharePoint Development for Enterprise & SPFx
 
Building solutions with SPFx that work across SharePoint and Teams
Building solutions with SPFx that work across SharePoint and TeamsBuilding solutions with SPFx that work across SharePoint and Teams
Building solutions with SPFx that work across SharePoint and Teams
 
Getting started with Microsoft Search
Getting started with Microsoft Search Getting started with Microsoft Search
Getting started with Microsoft Search
 
What's new in Azure Active Directory and what's coming new ?
What's new in Azure Active Directory and what's coming new ?What's new in Azure Active Directory and what's coming new ?
What's new in Azure Active Directory and what's coming new ?
 
Introduction to Microsoft Kaizala And How to Empower Your Mobile Workforce us...
Introduction to Microsoft Kaizala And How to Empower Your Mobile Workforce us...Introduction to Microsoft Kaizala And How to Empower Your Mobile Workforce us...
Introduction to Microsoft Kaizala And How to Empower Your Mobile Workforce us...
 
How to succesfully drive Office 365 adpotion in your organization ?
How to succesfully drive Office 365 adpotion in your organization ?How to succesfully drive Office 365 adpotion in your organization ?
How to succesfully drive Office 365 adpotion in your organization ?
 
Overview of SharePoint Server 2019 Public Preview
Overview of SharePoint Server 2019 Public PreviewOverview of SharePoint Server 2019 Public Preview
Overview of SharePoint Server 2019 Public Preview
 
SharePoint Saturday Bangalore -Overview of SharePoint Server 2019
SharePoint Saturday Bangalore -Overview of SharePoint Server 2019SharePoint Saturday Bangalore -Overview of SharePoint Server 2019
SharePoint Saturday Bangalore -Overview of SharePoint Server 2019
 

Recently uploaded

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusZilliz
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxRemote DBA Services
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWERMadyBayot
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontologyjohnbeverley2021
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Zilliz
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 

Recently uploaded (20)

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 

Secure your Access to Cloud Apps using Microsoft Defender for Cloud Apps

  • 1.
  • 2. Modern Workplace Conference Paris 2022 online #MWCP22 Coming soon! Share. Discover. Explore. Partager. Découvrir. Explorer. Modern Workplace Conference Paris 2022 online #MWCP22 24,25,26 Jan 2022
  • 3. Suivez-nous tout au long de l’année ! Follow us all year round! https://aos.community https://twitter.com/mwcparis #MWCP22 https://modern-workplace.pro https://twitter.com/aOSComm https://www.linkedin.com/company/ ams-community https://www.linkedin.com/company/ mwcp https://www.facebook.com/ modernworkplaceconferenceparis https://www.facebook.com/ aOSCommunity (FR) https://www.facebook.com/ aosComm (EN)
  • 4. Vignesh Ganesan Enterprise Cloud Architect & Technology Strategist NGUNGU JOEL Etudiant
  • 7. • User chooses apps (unsanctioned, shadow IT) • User can access resources from anywhere • Data is shared by user and cloud apps • IT has limited visibility and protection • Only sanctioned apps are installed • Resources accessed via managed devices/networks • IT had layers of defense protecting internal apps • IT has a known security perimeter Life with cloud Life before cloud On-premises Storage, corp data Users How the cloud changed the enterprise?
  • 8. Cloud services require a new approach to security
  • 9. Enterprise-class technology Secure identities to reach zero trust Identity & access management Security management Strengthen your security posture with insights and guidance Threat protection Help stop damaging attacks with integrated and automated security Locate and classify information anywhere it lives Information protection Infrastructure security
  • 10.
  • 11. Microsoft Defender for Cloud Apps Discover and assess risks Control access in real time Detect threats Protect your information Identify cloud apps on your network, gain visibility into shadow IT, and get risk assessments and ongoing analytics. Manage and limit cloud app access based on conditions and session context, including user identity, device, and location. Identify high-risk usage and detect unusual behavior using Microsoft threat intelligence and research. Get granular control over data and use built-in or custom policies for data sharing and data loss prevention. Threat detection: Microsoft Intelligent Security Graph, Office ATP Information Protection: Office 365 & Azure Information Protection Identity: Azure AD and Conditional Access To your cloud apps Extend Microsoft security + more
  • 13. TOP CASB USE CASES Office 365 Salesforce Azure Box AWS Dropbox Facebook Twitter YouTube
  • 14. Case study A company named Contoso is using Microsoft 365 for collaborating within themselves and other organizations . All their employees are currently on WFH due to COVID. Challenges • Users are downloading sensitive information to their personal PC • Users are downloading company confidential files to their personal PC • Users are uploading PII information to SPO • Customer’s PII data is being copied and shared with a competitor • Legal regulations state that Contract Employees/Contingent employees shouldn’t have access to Office 365 from their personal PC • Contoso would also like to control sharing of sensitive information from 3rd party apps such as Box • Block risky sign-ins
  • 15. 1. All the users in Contoso have a Microsoft 365 license and an Azure AD P1 license assigned to them . 2. They all have an Intune compliant/ Hybrid Azure AD joined PC given to them 3. Contoso is currently using cloud apps such as Office 365 , Box & Workplace by Facebook 4. Contoso has rolled out AIP & DLP for all its users and they also have Azure AD conditional access policies configured Contoso’s Current setup
  • 17. Cloud apps & services
  • 18. Require MFA Allow access Deny access Force password reset ****** Monitor and control access to cloud apps Defender for Cloud Apps Limit access Policy Proxy
  • 19. CONDITIONAL ACCESS APP CONTROL Microsoft Azure Active Directory Analyze Session Risk Check device compliance with Intune Check location Check user behavior Check user organization Enforce Relevant Policies with Conditional Access App Control Protect downloads from unmanaged devices with AIP Monitor and alert on actions when user activity is suspicious Enforce read-only mode in applications for partner (B2B) users Require MFA and define session timeouts for unfamiliar locations BOX.US.CAS.MS Defender for Cloud Apps integrates with: • Azure Active Directory • Azure Information Protection • Microsoft Intune to help protect any app in your organization. MICROSOFT DEFENDER FOR CLOUD APPS
  • 20. Access policy and Session policy Access policies enable real-time monitoring and control over access to cloud apps based on user, location, device, and app Session policies enable real-time session- level monitoring, affording you granular visibility into cloud apps and the ability to take different actions depending on the policy set for a user session CONDITIONAL ACCESS APP CONTROL Prerequisites Azure AD Premium P1 license, or the license required by your identity provider (IdP) solution The relevant apps should be deployed with Conditional Access App Control Make sure you have configured your IdP solution to work with Defender for Cloud Apps App URL: myapp.com Replaced URL : myapp.com.mcas.ms
  • 21. Conditional Access App Control – Architecture User SSO Azure AD (IdP) SAML Auth Request Is there an Azure AD Conditional Access policy matching this request? No Yes Yes No Yes No Data flow Azure Information Protection Is content inspection enabled for this session policy? OR is the Protect on Download action selected? Yes User attempts file download Block file download and monitor Protect file download and monitor Monitor No Is there a CAS Session Policy matching this request? Is there a CAS Access Policy that blocks this request? ACCESS DENIED .US.CAS.MS
  • 22. Challenge 1: Users are downloading sensitive information to their personal PC
  • 23. Challenge 2: Users are downloading company confidential files to their personal PC
  • 24. Challenge 3:Users are uploading PII information to SPO
  • 25. Challenge 4 : Customer’s PII data is being copied and shared with a competitor
  • 26. Challenge 5 : Legal regulations state that Contract Employees/Contingent employees shouldn’t have access to Office 365 from their personal PC
  • 27. Challenge 6 : Contoso would also like to control sharing of sensitive information from 3rd party apps such as Box
  • 28. Challenge 7 : Block risky sign-ins
  • 29. Users are downloading sensitive information to their personal PC Users are downloading company confidential files to their personal PC Users are uploading PII information to SPO Customer’s PII data is being copied and shared with a competitor Legal regulations state that Contract Employees/Contingent employees shouldn’t have access to Office 365 from their personal PC Contoso would also like to control sharing of sensitive information from 3rd party apps such as Box Microsoft Defender for Cloud Apps (Conditional Access App Control ) Block risky sign-ins
  • 30. LICENSING OPTIONS Microsoft CAS CASB for any cloud app EMS E5 Office 365 CAS CASB for Office 365 Office 365 E5 CAS Discovery Discovery of Shadow IT AAD P1 (EMS E3)
  • 31. Ref • https://docs.microsoft.com/en-us/defender-cloud-apps/ • https://techcommunity.microsoft.com/t5/security-compliance-and- identity/announcing-microsoft-defender-for-cloud-apps/ba-p/2835842 • https://docs.microsoft.com/en-us/defender-cloud-apps/proxy-intro-aad • https://docs.microsoft.com/en-us/defender-cloud-apps/access-policy-aad • https://docs.microsoft.com/en-us/defender-cloud-apps/session-policy-aad • https://docs.microsoft.com/en-us/defender-cloud-apps/proxy-deployment-aad • https://docs.microsoft.com/en-us/defender-cloud-apps/proxy-deployment-any- app • https://www.aka.ms/mcaslicensing • https://docs.microsoft.com/en-us/defender-cloud-apps/editions-cloud-app- security-o365

Editor's Notes

  1. While hopefully none of these stats are particularly surprising, I always like to start the conversation with some insights that we have about the cloud use in organizations Our data shows that in the average organization, more than 1000 cloud services are regularly used by end user and that more than half of those are unmanaged and go unmonitored by IT *28%: https://dt-x.io/dtx/en/node/newsitem-ai-reveals-2018-s-biggest-cyber-threats:-part-one-the-rise-of-non-traditional-it **https://www.dsm.net/it-solutions-blog/cloud-security-statistics-every-cio-should-know
  2. Our investments here are guided by the four strategies for success with infrastructure based on Azure security to secure your data in the cloud. Let’s talk about Infrastructure Security first as this is woven throughout all of our 4 key areas and foundational to security.
  3. 11
  4. Microsoft has a CASB and here is why it’s unique Add 3rd party logos to emphasize our commitment there Add a datapoint to drive a perception on the recognition
  5. CASBs are used to address these security issues Here are some of the top CASB use cases Discovering the application Assess if the application meets company compliance Govern the applications by controlling access to the applications
  6. 17
  7. Conditional Access App Control uses a reverse proxy architecture and integrates with your IdP. When integrating with Azure AD Conditional Access, you can configure apps to work with Conditional Access App Control with just a few clicks, allowing you to easily and selectively enforce access and session controls on your organization's apps based on any condition in Conditional Access. The conditions define who (user or group of users) and what (which cloud apps) and where (which locations and networks) a Conditional Access policy is applied to. After you've determined the conditions, you can route users to Defender for Cloud Apps where you can protect data with Conditional Access App Control by applying access and session controls.