Identity-Driven Security - Microsoft Advanced Threat Analytics & Cloud App Security

Categories: Productivity
Tags: Microsoft 365 Microsoft Enterprise Mobility + Security
SUR18_Holiday_Contextual_1157

Microsoft Advanced Threat Analytics and Cloud App Security detect attacks before they can cause damage

In today’s workplace, a company’s data can be accessed across location via a range of devices. While clearly enhancing potential for productivity, this enhanced accessibility can, however, also have a downside in that It can leave a business’s networks exposed to possible malicious attack.

Figures for such attacks may be surprising:

  • More than 60 percent of network intrusions originate from compromised user credentials
  • On average, attackers remain in a network undetected for more than 140 days
  • The average cost of a data breach to a business is $3.5 million
  • Cybercrime costs the global economy an estimated $500 billion

Businesses need to be able to identify threats and act swiftly to protect against financial loss and damage to reputation.

Microsoft Advanced Threat Analytics and Cloud App Security, part of the Enterprise Mobility + Security (EM+S) suite, provides a means through which to identify attackers within an organisation.

Advanced Threat Analytics (ATA)

Microsoft Advanced Threat Analytics (ATA) enables a business to interpret network activities through identification of suspicious user and device activity via built-in intelligence and through provision of clear and pertinent threat information on a simple attack timeline.

Using deep packet inspection technology, ATA analyses all Active Directory traffic, to compile incidents of relevant events from SIEM and other sources. ATA then automatically starts learning and profiling behaviour, looking for anomalies that raise a red flag.

Set-up is simple, without requirement for creation of rules, baselines or thresholds. Once suspicious activity is detected, an attack timeline discloses exactly what happened, when.

Cloud App Security

The number of businesses recognising the cost and productivity benefits of moving to the cloud continues to grow.

But, the use of unapproved applications – ‘shadow IT’ – is commonplace. CIOs vastly underestimate extent of shadow IT reports the findings of a 2015 study and claims that a typical firm has 15 to 22 more cloud applications running in the workplace than authorised by the IT department. A further source puts an estimated 80 percent of employees using non-approved SaaS apps in their jobs (see the graphic below).

As a result, a business’s data could be at risk, with employees sharing files and putting sensitive company data outside company control. 

Microsoft Cloud App Security is designed to help an organisation extend the visibility and auditing of and control over on-premise applications to cloud applications.

Cloud App Security address the issue through the identification of a potential 13,000 cloud applications that could be running on a network, delivering risk scoring and ongoing assessment and analytics. In a simple process, requiring no agents as information is collected directly from firewalls and proxies, a business can see cloud and application use on its network.

With special focus on sanctioned apps, granular controls and policies for data sharing and data loss prevention (DLP) can be defined, to ensure employees are unable to send sensitive or critical information outside their corporate network.

Cloud App Security also integrates with Office and provides new advanced security management and transparency capabilities for Office 365.

“Enterprise mobility and the use of cloud apps have become ingrained in our working lives, and are key to employee productivity,” says Michael Frisby, Vuzion managing director.

“However, this has left organisations at risk from new types of malicious attacks. Microsoft Advanced Threat Analytics and Cloud App Security lets organisations get ahead of the threat and secure their environment – whether on-premise or in the cloud.”

Related Articles

Claiming Partner Of Record (CPOR) and Usage Incentives for Microsoft 365

CPOR is an incentive for partners to claim for Microsoft 365 usage, to reward partners for influencing and driving customer growth i...

Why Microsoft Azure Plan is a good thing for you

Microsoft's new commerce experience is part of an evolving commercial platform to help streamline the way customers engage with Micr...

Vuzion attending the Microsoft Global Education Partner Summit (GEPS) 2020!

As a key CSP Indirect Provider, Vuzion has been invited by Microsoft to attend GEPS 2020 11-13 February.

Speed up your Microsoft 365 Business Voice deployments

Microsoft has created the Getting Started Wizard to help make Microsoft 365 Business Voice deployments quick and easy to set up.