Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cloud Security

Cloud App Security – Microsoft’s Very Own CASB

Ask any chief information security officer (CISO) what worries him most about cloud migration and he is likely to reply, ‘visibility’. When data goes into the cloud, visibility into the data is usually lost; and what you cannot see, you cannot control. This visibility issue explains the two biggest concerns about cloud: security and compliance. 

Ask any chief information security officer (CISO) what worries him most about cloud migration and he is likely to reply, ‘visibility’. When data goes into the cloud, visibility into the data is usually lost; and what you cannot see, you cannot control. This visibility issue explains the two biggest concerns about cloud: security and compliance. 

Microsoft is making a concerted effort with Office 365 and Azure to first catch AWS, and then dominate the cloud. Its challenge is to solve the visibility issue, but preferably doing so under the Microsoft umbrella. The emerging cloud access security broker (CASB) technology solves the same problem, but for everyone. 

Cloud Visibility Concerns

This is the reasoning behind Microsoft’s newly available Cloud App Security. It is a CASB, developed from the acquisition of Adallom in September 2015—and it does what other CASBs do. Microsoft describes this as three primary capabilities:

App Discovery – it detects all of the cloud apps used by network users (but not, of course, those used by unprotected personal devices). In other words, it brings Shadow IT out of the shadows and applies risk scoring to the different apps. Detection is done by analyzing existing logs. 

Data Control – granular controls can be set on sanctioned apps via API-based integration. This allows the use of local security controls on cloud data. 

Threat Protection – applies behavioral analytics and anomaly detection to the cloud applications; providing the missing ‘visibility’.

One question is whether the emergence of Microsoft in the CASB market will affect other CASB vendors. Nigel Hawthorn, EMEA Marketing Director at Skyhigh Networks, believes there is room for everyone. “Gartner,” he told SecurityWeek, “expects that 85% of large enterprises will be using CASB by 2020.”

While there is the possibility that Cloud App Security will be a preferred option for some Office 365 enterprises – especially since this was Adallom’s primary strength before the acquisition by Microsoft, Hawthorn believes the market is so large that “one product is unlikely to fit the needs of every customer.”

Advertisement. Scroll to continue reading.

For its part, Microsoft told SecurityWeek that it is not aimed at just Microsoft users. “Microsoft will continue to sell and support Cloud App Security for non-Office 365 services including Salesforce, Box, AWS, Dropbox, Google Apps, and ServiceNow,” the software giant said.

SkyHigh’s Hawthorn suspects that many enterprises will welcome a separation between cloud service providers and the broker that monitors them. One concern for many companies considering migrating to the cloud is the availability of an escape route or extraction methodology. While it is relatively easy just to remove raw data back to on-premise or other cloud, the more provider-specific applications used in the cloud, the harder this becomes.

The Microsoft CASB will become an attractive option for those enterprises willing and able to commit themselves to Microsoft. Others might prefer an independent CASB. Either way, Hawthorn is not worried, and told SecurityWeek he would “welcome any bake-offs between ourselves and any competitor, Microsoft included. We are a strong technology partner with Microsoft,” he added, “and offer both reverse proxy and API integration with Office 365 – and we are continuing to invest in widening our support for O365 along with all of our other cloud services.”

The bottom line is that Cloud App Security is just another CASB.

Related Reading: Security, Compliance Remain Biggest Concerns Over Cloud

Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

CISO Conversations

SecurityWeek talks to Billy Spears, CISO at Teradata (a multi-cloud analytics provider), and Lea Kissner, CISO at cloud security firm Lacework.

Cloud Security

Cloud security researcher warns that stolen Microsoft signing key was more powerful and not limited to Outlook.com and Exchange Online.

CISO Strategy

Okta is blaming the recent hack of its support system on an employee who logged into a personal Google account on a company-managed laptop.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Application Security

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.

Cloud Security

Microsoft and Proofpoint are warning organizations that use cloud services about a recent consent phishing attack that abused Microsoft’s ‘verified publisher’ status.