Presentation is loading. Please wait.

Presentation is loading. Please wait.

Using the Cloud App Marketplace Monitoring cloud app migrations

Similar presentations


Presentation on theme: "Using the Cloud App Marketplace Monitoring cloud app migrations"— Presentation transcript:

1 Using the Cloud App Marketplace Monitoring cloud app migrations
2/16/2019 8:16 AM Discovering Shadow IT Using the Cloud App Marketplace Monitoring cloud app migrations Enforcing cloud app policies Identify anomalous usage Let’s begin with Discovering Shadow IT. Discovery © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

2 Customer Problem Discovering Shadow IT
2/16/2019 8:16 AM Customer Problem People use potentially risky cloud applications without IT approval or knowledge. Discovering Shadow IT IT has limited visibility into how these apps are used. When a user makes use of a cloud application without notifying or getting approval from their IT department, this is a problem for the IT personnel. This is one example of what we mean when we talk about the end of the perimeter; users being able to use any application they want and most IT departments will never know about it. The IT folks need to know who is using which applications, and wants to make sure that their users only use secure applications. Two examples: One, is users installing and using Slack as an instant messaging solution for work related collaboration. This is something that is happening in many organizations, and Cloud App Security can easily identify it. The other example is large file transfer, where people are trying to move large files and start using a cloud storage or file transfer application they choose themselves. Most CISOs and IT professionals understand this scenario. What makes people use a risky application instead of the enterprise-approved application is not that they are evil or want to harm the organization, they find an application that solves their business need easily, and use it. Most, though, are not aware that this exposes their organization to a range of threats. Assessing the risk of cloud applications requires special knowledge and research. Definitely a challenge for the IT team. Assessing cloud apps requires special knowledge and research. © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

3 Sample Use Case Discovering Shadow IT
IT admin discovers significant cloud app usage, including a risky storage app. The admin tags the cloud apps as unsanctioned, then generates a blocking script for Blue Coat firewall. Discovering Shadow IT Let’s step through this use case to see how Cloud App Security helps organizations discover risky cloud storage applications in their environments. We are starting after Cloud App Discovery is deployed, you have successfully uploaded the relevant logs, and log data is flowing into the portal. © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

4 Implementing with Cloud App Security
2/16/2019 8:16 AM Implementing with Cloud App Security 1 Use the Cloud Discovery dashboard to see current cloud app usage. 2 List the specific cloud storage apps in use, rank them by risk, and review the details of that risk score. 3 List the users who use the identified app. 4 Tag the identified app as unsanctioned so it can be monitored. For this use case, we will use the Cloud Discovery dashboard to see current cloud app usage. Then we will identify the cloud storage apps in use, rank them by level of risk, and view detailed information to understand why that risk level was assigned. For a risky storage app, we will identify who is using it, mark the app as unsanctioned, and then block the app at the firewall by exporting a configuration script for a Blue Coat firewall appliance. Then we will review usage by user including which apps are in use, amount of data transferred, and the IP addresses used. 5 Block the app at the firewall by generating a script to import into Blue Coat. 6 Review usage by user including which apps, amount of data transferred, and which IP addresses were used. © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

5 1 We’ll start at the Cloud Discovery dashboard.
2/16/2019 8:16 AM Click Discover, and then click Cloud Discovery dashboard We’ll start at the Cloud Discovery dashboard. On the Dashboard page, click Discover to display the available Discovery pages. Then click Cloud Discovery dashboard. The dashboard gives you an overview of cloud application usage. We’ll start at the Cloud Discovery dashboard. On the Dashboard page, click Discover to display the available Discovery pages. Then click Cloud Discovery dashboard. The dashboard gives you an overview of cloud application usage. © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

6 1 2/16/2019 8:16 AM On the Discovered apps tab you will find a detailed list of all of the identified cloud applications. We are looking for cloud storage applications, so… On the Discovered apps tab you will find a detailed list of all of the identified cloud applications. We are looking for cloud storage applications, so… © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

7 1 Scroll down and on the Categories list, click Cloud storage
2/16/2019 8:16 AM Scroll down and on the Categories list, click Cloud storage Click Cloud storage Scroll down and on the Categories list, click Cloud storage © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

8 2 2/16/2019 8:16 AM This filters the Discovered apps list to show only cloud storage applications and we can sort these by Risk Score to easily see which apps you should focus on first. MEGA, for example, has a risk score of 4. This score tells us an app is risky, but does not tell us why. This filters the Discovered apps list to show only cloud storage applications and we can sort these by Risk Score to easily see which apps you should focus on first. MEGA, for example, has a risk score of 4. A low risk score tells us an app is risky, but not why. © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

9 2 Clicking on MEGA will give us a detailed view. Click MEGA
2/16/2019 8:16 AM Clicking on MEGA will give us a detailed view. Click MEGA Clicking on MEGA will give us a detailed view. © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

10 2 2/16/2019 8:16 AM The risk assessment describes the detailed criteria used to evaluate applications. Risk assessments are continuously updated with information about each cloud application including the security measures used by the provider and implemented in the application as well as the compliance methods in use and active certifications. The risk assessment describes the detailed criteria used to evaluate applications. Risk assessments are continuously updated with information about each cloud application including the security measures used by the provider and implemented in the application as well as the compliance methods in use and active certifications. © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

11 2 Clicking the application name will show usage information…
Click MEGA Clicking the application name will show usage information… Clicking the application name will show usage information… © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

12 2 2/16/2019 8:16 AM Click Users …including the number of people in the organization using the application, the network traffic it consumes, number of transactions, and more. Click the Users tab… …including the number of people in the organization using the application, the network traffic it consumes, number of transactions, and more. On the Users tab… © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

13 3 2/16/2019 8:16 AM You can see the names of the organization accounts using the application and statics on their usage. There may be a good reason for this application to be used. Our use case organization is Contoso, and these users all have Fabricam accounts. In our scenario these users came to the organization through an acquisition, where they may have been using that application regularly. You can see the names of the organization accounts using the application and statics on their usage. There may be a good reason for this application to be used. Our use case organization is Contoso, and these users all have Fabricam accounts. In our scenario these users came to the organization through an acquisition, where they may have been using that application regularly. © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

14 3 2/16/2019 8:16 AM You can choose to notify the users in this list, letting them know they should stop using the application. You should also block this application for all users Cloud App Security makes it easy to do that. You can choose to notify the users in this list, letting them know they should stop using the application. You should also block this application for all users Cloud App Security makes it easy to do that. © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

15 4 On the Discovered apps portal, mark the application as unsanctioned.
2/16/2019 8:16 AM On the Discovered apps portal, mark the application as unsanctioned. First, back on the Discovered apps portal, mark the application as unsanctioned. © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

16 4 2/16/2019 8:16 AM This will make the application unsanctioned throughout your organization. Choose Unsanction app This will make the application unsanctioned throughout your organization. © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

17 Click unsanctioned apps
4 2/16/2019 8:16 AM On the left, click unsanctioned apps Click unsanctioned apps On the left, click unsanctioned apps © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

18 4 This displays a list of the unsanctioned applications.
2/16/2019 8:16 AM Click the export icon This displays a list of the unsanctioned applications. If you use the Bluecoat firewall, you can use this view to export a blocking script. This displays a list of the unsanctioned applications. If you use the Bluecoat firewall, you can use this view to export a blocking script. © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

19 5 2/16/2019 8:16 AM A blocking script makes it simple to configure the firewall to block these applications. A blocking script makes it simple to configure the firewall to block these applications. © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

20 Click Export Bluecoat block script
5 2/16/2019 8:16 AM Click Export Bluecoat block script Cloud App Security supports creating blocking scripts for Bluecoat firewalls. We are extending this functionality to more firewall services and appliances, prioritizing by customer request. Today, Cloud App Security supports creating blocking scripts for Bluecoat firewalls. We are extending this functionality to more firewall services and appliances, prioritizing by customer request. © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

21 5 2/16/2019 8:16 AM The export process creates a script file that is downloaded to your computer. Import the file to your appliance to begin blocking the cloud application. The export process creates a script file that is downloaded to your computer. You then import the file to your appliance to begin blocking the cloud application. Click Save © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

22 5 2/16/2019 8:16 AM So far, we’ve been investigating the cloud application, but you can also pivot on the user account. So far, we’ve been investigating the cloud application. But you can also pivot on the user account. © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

23 Under Discover, click Users
6 2/16/2019 8:16 AM Under Discover, click Users Click Users on the Discover menu. Let’s click Users on the Discover menu. © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

24 6 A list of all Contoso users is displayed. 2/16/2019 8:16 AM
© 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

25 6 Click on an account name to view that user's page.
You will see the user’s detailed cloud application usage. Click an account name Click on an account name to view that user's page where you can see that user’s cloud application usage. © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

26 6 2/16/2019 8:16 AM This view shows how many applications are being used, including how many of them are risky. This view shows how many applications are being used, including how many of them are risky. © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

27 Click IP address history
6 2/16/2019 8:16 AM Click IP address history You can also see the recent IP addresses from which this user has accessed the network. Click the IP address history tab. You can also see the recent IPs from which this user has accessed the network. Click the IP address history tab. © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

28 6 2/16/2019 8:16 AM Users can connect from many different IP addresses as they move from one network to another. This can be useful information when investigating usage; how users cloud application usage changes as they move from location to location and network to network. Users can connect from many different IPs as they move from one network to another. This can be useful information when investigating usage; how users cloud application usage changes as they move from location to location and network to network. © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.


Download ppt "Using the Cloud App Marketplace Monitoring cloud app migrations"

Similar presentations


Ads by Google