Microsoft Goes Live with Cloud App Security Service

Microsoft is now selling its Cloud App Security service.

This service, generally available as of Wednesday, is specifically focused on tracking the use of software-as-as-service (SaaS) applications in organizations. The idea is that organizations don't know what services are being accessed by end users.

Use of those services could add to an organization's security risks, so Microsoft's Cloud App Security service provides a SaaS-app discovery service, as well as a ranking system, to address the potential security hazards.

The service uses an organization's traffic logs to find out what SaaS apps are being used. It taps proxies and firewalls for the discovery process. It pulls information using the APIs of the SaaS apps. Microsoft then ranks the risks of using these SaaS apps via a scoring system based on "regulatory certifications, industry standards and best practices," per Microsoft's TechNet description of the Cloud App Security service.

Microsoft claims there's data privacy during the inspection process. "Data is downloaded for purposes of inspection, but data privacy is enforced," the TechNet articles states.

Organizations can act on the information obtained by the service, but the actions tend to vary per SaaS app. For instance, the ability to quarantine files is possible with Office 365 and Box, but not with the Service Now, and AWS services, per a table in this TechNet article.

The service is based on Microsoft's purchase of Adallom, a company that made security solutions for tracking services and data sharing using cloud infrastructure. Microsoft bought Adallom for about $250 million in September.

"Cloud App Security is the Adallom technology," a Microsoft spokesperson clarified via e-mail. "It was renamed Cloud App Security after the acquisition."

Microsoft and its partners currently sell the Cloud App Security service on a subscription basis. It's priced at $5 per user per month and available in U.S. and Canadian markets. An organization needs to meet Azure Rights Management Service (RMS) requirements to use it. Only Azure Active Directory or Office 365 global administrators can set it up, per the spokesperson:

Organizations need a Microsoft Azure subscription that supports Microsoft Cloud App Security. For more information see Cloud subscriptions that support Azure RMS. Then, to set up Cloud App Security, you must be a Global Administrator in Azure Active Directory or Office 365. You can find more info here.

The Cloud App Security service isn't the same thing as Microsoft's Azure Active Directory Cloud App Discovery service, although both services use the Azure cloud infrastructure.

"They're different," the spokesperson indicated. "Cloud App Security provides visibility into employee login events and data usage, as well as governance policies and proactive protection. Cloud App Security does this for popular SaaS applications as well as for custom applications and IaaS environments."

In contrast, the Azure Active Directory Cloud App Discovery service is "a feature of Azure Active Directory (AD) Premium," according to the spokesperson. It requires the use of agents that run in an organization's computing environment.

About the Author

Kurt Mackie is senior news producer for the 1105 Enterprise Computing Group.


  • How To Replace an Aging Domain Controller

    If the hardware behind your domain controllers has become outdated, here's a step-by-step guide to performing a hardware refresh.

  • Azure Backup for SQL Server 2008 Available at Preview Stage

    Microsoft added the option of using the Azure Backup service to provide recovery support for SQL Server 2008 and SQL Server 2008 R2 when those workloads are hosted on Azure virtual machines.

  • Microsoft Suggests Disabling Old Protocols with Exchange Server 2019

    Exchange Server 2019 with Cumulative Update 2 (CU2) can help organizations rid themselves of old authentication protocols, which constitute a potential security risk.

  • Microsoft Previews New Edge Browser on Windows 7 and Windows 8.1

    Microsoft announced this week that it has released previews of its Chromium-based Microsoft Edge Web browsers for use on Windows 7, Windows 8 and Windows 8.1 systems.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.