Security News > 2020 > February > Cloud computing security: These two Microsoft tools can help you battle shadow IT
Finding what cloud services employees are using is half the battle-integrating Microsoft Cloud App Security and Defender Advanced Threat Protection lets you track, block, or audit cloud app usage.
Microsoft Cloud App Security now includes a shadow IT discovery tool that integrates with Defender ATP to discover cloud app and service usage on any managed device.
Niv Goldenberg, principal group PM manager for cloud security, compares it to a flight recorder: the data is stored for six months in your cloud tenant, so you can go back and audit which files were accessed and what happened to the data if you need to do an investigation, which is an additional layer of protection even for approved cloud applications.
"We see new URLs and new IPs and we can tell if this is a new application, a new signature for an existing application or something that's not actually a cloud application," says Goldenberg.
Dashboards show which applications are used and how widely, and what percentage of usage is approved applications versus shadow IT. You'll also get an alert if vulnerabilities are found in cloud apps that your employees are using.
News URL
Related news
- Week in review: Microsoft fixes two exploited zero-days, SOC teams are losing trust in security tools (source)
- Microsoft lost some customers’ cloud security logs (source)
- Microsoft Is Disabling Default ActiveX Controls in Office 2024 to Improve Security (source)
- Microsoft fixes 4 exploited zero-days and a code defect that nixed earlier security fixes (source)
- Cloud Access Security Broker Policy (source)
- Cloud Security Policy (source)
- Microsoft Identifies Storm-0501 as Major Threat in Hybrid Cloud Ransomware Attacks (source)
- Ransomware gang using stolen Microsoft Entra ID creds to bust into the cloud (source)
- Ransomware attackers hop from on-premises systems to cloud to compromise Microsoft 365 accounts (source)
- Microsoft overhauls security for publishing Edge extensions (source)