Identity-Driven Security - Microsoft Advanced Threat Analytics & Cloud App Security

Categories: Productivity
Tags: Microsoft 365 Microsoft Enterprise Mobility + Security
SUR18_Holiday_Contextual_1157

Microsoft Advanced Threat Analytics and Cloud App Security detect attacks before they can cause damage

In today’s workplace, a company’s data can be accessed across location via a range of devices. While clearly enhancing potential for productivity, this enhanced accessibility can, however, also have a downside in that It can leave a business’s networks exposed to possible malicious attack.

Figures for such attacks may be surprising:

  • More than 60 percent of network intrusions originate from compromised user credentials
  • On average, attackers remain in a network undetected for more than 140 days
  • The average cost of a data breach to a business is $3.5 million
  • Cybercrime costs the global economy an estimated $500 billion

Businesses need to be able to identify threats and act swiftly to protect against financial loss and damage to reputation.

Microsoft Advanced Threat Analytics and Cloud App Security, part of the Enterprise Mobility + Security (EM+S) suite, provides a means through which to identify attackers within an organisation.

Advanced Threat Analytics (ATA)

Microsoft Advanced Threat Analytics (ATA) enables a business to interpret network activities through identification of suspicious user and device activity via built-in intelligence and through provision of clear and pertinent threat information on a simple attack timeline.

Using deep packet inspection technology, ATA analyses all Active Directory traffic, to compile incidents of relevant events from SIEM and other sources. ATA then automatically starts learning and profiling behaviour, looking for anomalies that raise a red flag.

Set-up is simple, without requirement for creation of rules, baselines or thresholds. Once suspicious activity is detected, an attack timeline discloses exactly what happened, when.

Cloud App Security

The number of businesses recognising the cost and productivity benefits of moving to the cloud continues to grow.

But, the use of unapproved applications – ‘shadow IT’ – is commonplace. CIOs vastly underestimate extent of shadow IT reports the findings of a 2015 study and claims that a typical firm has 15 to 22 more cloud applications running in the workplace than authorised by the IT department. A further source puts an estimated 80 percent of employees using non-approved SaaS apps in their jobs (see the graphic below).

As a result, a business’s data could be at risk, with employees sharing files and putting sensitive company data outside company control. 

Microsoft Cloud App Security is designed to help an organisation extend the visibility and auditing of and control over on-premise applications to cloud applications.

Cloud App Security address the issue through the identification of a potential 13,000 cloud applications that could be running on a network, delivering risk scoring and ongoing assessment and analytics. In a simple process, requiring no agents as information is collected directly from firewalls and proxies, a business can see cloud and application use on its network.

With special focus on sanctioned apps, granular controls and policies for data sharing and data loss prevention (DLP) can be defined, to ensure employees are unable to send sensitive or critical information outside their corporate network.

Cloud App Security also integrates with Office and provides new advanced security management and transparency capabilities for Office 365.

“Enterprise mobility and the use of cloud apps have become ingrained in our working lives, and are key to employee productivity,” says Michael Frisby, Vuzion managing director.

“However, this has left organisations at risk from new types of malicious attacks. Microsoft Advanced Threat Analytics and Cloud App Security lets organisations get ahead of the threat and secure their environment – whether on-premise or in the cloud.”

Related Articles

Vuzion awarded Acronis Best Cloud Service Provider 2019

Few businesses do not now have security as a top-agenda item - and which is why we partner with Acronis, a global leader in cyber pr...

Windows Virtual Desktop now available – find out more from Vuzion

Delivering a multi-user Windows 10 experience, partners "can deploy and scale your Windows desktops and apps on Azure in minutes,” B...

Vuzion’s Chris Hoard speaking at Microsoft Ignite 2019

I’m delighted to have been asked to speak at Microsoft’s largest annual technical-focused event, Ignite, held this year in Orlando, ...

Azure reservations monthly payment now available

Customers can now opt to pay for Azure Reserved Instances monthly, while taking advantage of the same discount previously offered on...