Tackling cloud app security with Microsoft 365

Your organisation may not be in the cloud, but I can guarantee your employees definitely are. Cloud apps are essential for today’s connected workforce, and while most organisations (53%) are forging ahead with some form of cloud1, 61% of cloud apps are not sanctioned by IT2. IT’s visibility into these cloud workloads is a growing problem. In fact, an overwhelming majority, 93% of respondents to a recent Cloud Security Threat Survey reported issues keeping tabs on their cloud workloads1.

Paired with 49% of those surveyed revealing their cloud security manpower as inadequate1, cloud applications introduce a unique and very real set of security challenges.

In this blog, we explore some of the security implications of cloud apps and how Microsoft 365 Enterprise E5 tackles those challenges. What you may not be aware of is that E5, has a strong set of security capabilities that you can leverage to protect your organisation.

Discover and assess shadow IT app risks

Gaining visibility to the applications that are being used by staff is a primary challenge of the proliferation of cloud services; knowing who is using what application in the organisation. It may sound obvious, but it is often overlooked (or ignored). The statistics are telling us, the average organisation believes its employees are using 452 cloud applications. However, according a 2019 study the actual number of Shadow IT apps is nearly four times higher at 1,8071. This disconnect between assumption and reality is an ongoing trend, 2018 results of the same study showed CIOs thought approximately 40 cloud apps were in use across their business, when in reality it was closer to 1,0001.

Departments and individual users often subscribe to a number of unapproved cloud services to help them get their work done. In addition, with BYOD now mainstream, and the blurred lines around device usage, employees access a range of personal cloud services from their business devices. This usage can present security challenges (what sensitive corporate data is being stored where), compliance (is the software legally licensed) and cost (are you paying for a Shadow IT application on a corporate credit card that is already licensed by the organisation with a like application?).

It’s never been more critical to deploy a robust cloud security solution.

Finding the cloud apps in use

So, how do you uncover apps you’re not aware of?

Microsoft’s Cloud App Security is a multimode Cloud Access Security Broker (CASB) solution, it can identify more than 16,000 applications that are traversing the perimeter of your network, with over 70 risk factors evaluated for each app. The assessment of each app is particularly crucial – a study of 33,000 apps revealed less than 1% had the built-in security requirements for regular business use and 39% were not suitable for business use at all1.

Cloud App Security provides the visibility that organisation are seeking to manage the Shadow IT dilemma that most IT departments are trying to combat. Combined with risk assessments and sophisticated analytics, this discovery tool provides far greater visibility into cloud security compared to what many organisations currently have.

Essentially, it takes the visibility, control, and protection you have come to expect on-premises and extends this to your cloud apps.

Screenshot of Microsoft's Cloud App Security Dashboard

How to get your hands on Cloud App Security

Cloud App Security comes standard with Microsoft 365 Enterprise E5, or as part of Enterprise Mobility & Security E5 (EMS E5).

Protect your information anywhere in the cloud with these top features

Control access to cloud services

Manage and limit cloud app access based on conditions and context, including user identity, device, and location. This means that you can identify particular cloud services that you don’t want employees to access in certain contexts. In addition, you can provide far greater and easier access for particular groups of users for specific use cases.

Protect your information

All Office 365 tools provide granular control over data and use built-in or custom policies for data sharing and data loss prevention. This means that not only can you detect which cloud services end users are accessing, you can also control what data they can access with those services, and when.

You also have control over data in transit, Cloud App Security helps you understand, classify and protect the exposure of sensitive information at rest, or you can chose to leverage out-of-the-box policies and automated processes to apply controls in real-time, to protect all your apps no matter where the data is stored and shared.

This is an important part of the picture in meeting compliance requirements like Payment Card Industry (PCI), Health Insurance Accountability and Portability Act (HIPAA), Sarbanes-Oxley (SOX), General Data Protection Regulation (GDPR), The Australian Privacy Act, Notifiable Data Breaches Amendment and others. Cloud App Security factors compliance with these regulations into the risk assessment score for each app, and helps you further control and protect sensitive files through policies and governance.

Detect and protect against threats

One of the challenges of managing security has always been that not only do you need capability to prevent known risks, you also need the ability to detect emerging risks with unexpected characteristics. Using the data access controls that I have outlined above, it is incredibly useful to be able to specify policies to prevent known risks.

Cloud App Security identifies high-risk usage and detects unusual behaviour using behavioural analytics, Microsoft threat intelligence, and anomaly detection capabilities. By learning how each user interacts with each SaaS app, it assesses the risks in each transaction and acts accordingly to eliminate the threat.

Some examples include, simultaneous logins from two different continents; the sudden download of terabytes of data; or multiple failed login attempts that may signify a brute force attack. Built-in policy templates can also detect potential ransomware activity and search for unique file extensions. You can specify governance actions to suspend suspect users and prevent further encryption of the user’s files.

Diagram of data travelling between cloud apps, Microsoft's Cloud App Security and the end users device.

A uniquely integrated CASB solution

Cloud App Security natively integrates with other leading Microsoft security solutions, providing simple deployment, centralised management and innovative automation capabilities with solutions such as:

Azure Active Directory

Identity-centric monitoring and control of user actions via conditional access and our reverse proxy.

Microsoft Flow

Centralised automation of security alerts via an ecosystem of more than 250 connectors.

Windows Defender ATP

Single-click enablement to extend the discovery of Shadow IT beyond your corporate network.

Microsoft Intune

Powerful MDM controls to define granular access and session policies for non-compliant devices.

Azure Security Center

Security configuration assessment and recommendations for your IaaS and PaaS environment.

Azure Sentinel

SIEM reinvented for a modern world. Intelligent security analytics for your entire enterprise.

Azure Information Protection

Unified information protection across endpoints, apps, cloud services, and on-premises data.

Azure Advanced Threat Protection

Unified SecOps experience to investigate advanced identity attacks across on-premises and cloud.

Like to know more?

As a Microsoft Gold Partner, Data#3 has unique capabilities to secure your Modern Workplace partner. We also offer a number of assessments, to help you understand your security posture, please contact a local Security Specialist to discuss or book a Security Strategy Workshop, Shadow Data Audit or any of our Security Threat Assessments today.

1 Symantec. (June, 2019). 2019 Cloud Security Threat Report. [Online] Available here:
2 Microsoft. (June 2019). Microsoft Cloud App Security. [Online] Available at:

Tags: Cloud, Cloud Access Security Broker (CASB), Cloud Security, Microsoft, Microsoft 365, Microsoft Office 365, Modern Workplace, Security



Cisco Global Award Win Data#3
Data#3 recognised as Cisco global leader for fourth year in a row

November 11, 2021; Brisbane, Australia: Leading Australian technology services and solutions provider, Data#3, is delighted to announce that it has…

Customer Story: Qenos

Digital Transformation at Qenos Delivers Substantial Business Efficiencies Project Objective Qenos sought a unified communications solution that would enable digital…

Azure Purview
Azure Purview is here, but is it right for your organisation?

There has never been a greater time than now to start thinking about data governance within your organisation. I see…

Data#3 named Dell Technologies Australian Solution Provider of the Year 2021

September 24, 2021; Brisbane, Australia: Leading Australian technology services and solutions provider, Data#3, is delighted to announce that it has…

HPE GreenLake Use Cases
HPE Greenlake use cases: Making sense of economical and operational drivers

Once upon a time it was an organisation’s responsibility to purchase and maintain the entirety of their infrastructure on-premises, and…

Deep Dive Into Azure Purview
A deep dive into Azure Purview

In collaboration with Microsoft’s Azure engineering team, Data#3 peels off the wrapping on Microsoft’s upcoming data governance platform, Purview. Our…

Customer Story: St Peter’s College

St Peter’s College innovates in the data decade For St Peter’s College, a leading independent boys primary and secondary…

Customer Story: A Cisco Firepower Case Study

Cisco Firepower Strengthens Organisational Cybersecurity Defences Objective As a large organisation that places a high priority on IT security to…