Microsoft Cloud App Security Helps Security Teams Combat Shadow IT

MVI Cloud App Security“I’m heading to my appointment/home/golf game/kid’s music program/you name it. Let me know when you’ve finished that proposal and I’ll take a look before the meeting.”

Ever heard something like that around the office? Each day the demand for more flexible work technology increases. Employees on the go want access to their corporate emails and the ability to share and edit documents from home and across wifi connections wherever they may be.

In addition, technology can be expensive — especially when outfitting an entire team. This means business owners and IT departments often have a hard time keeping up with the lightweight ultrabooks and latest smartphone models their employees purchase for themselves; technology that is often newer and more advanced than the equipment provided by the office, and therefore overwhelmingly preferred. Let’s face it: You’re not going to pull up that proposal on your work-issued Galaxy S4 when your new Surface Book is sitting right there on the couch!

But while great for collaboration and productivity, Bring Your Own Technology (BYOT) or Bring Your Own Device (BYOD) has the ability to threaten a company’s IT security and put sensitive business systems at risk if not fully understood and/or regulated. And unfortunately, the problem doesn’t stop there.

Shadow IT: a term used to describe IT systems and solutions built or used inside organizations without explicit organizational approval.

Just like using the fastest and most intuitive devices, the power of SaaS cloud collaboration and organization apps make them equally hard to resist. When IT departments move too slowly in reviewing and approving these apps, employees often take it upon themselves to install and start uploading corporate data to freemium versions of apps like Google Docs or Dropbox. This Shadow IT creates a dangerous blind spot for IT departments as they become unaware which different applications are being used and where corporate data is being stored.

Luckily, within Azure, Microsoft now offers Cloud App Security. First introduced in February and now generally available, Cloud App Security allows IT departments to discover which SaaS applications are being used on their networks, who is using them, and from which devices they are being accessed.

Detection, however, is merely the first step in taming Shadow IT. Therefore, Microsoft Cloud App Security also assigns a risk score for each app it uncovers. The risk score is based on Microsoft’s cloud app catalog which rates over 13,000 cloud applications on regulatory certification, industry standards, and best practices. This can be incredibly helpful to security teams struggling to keep up with the ever-expanding lineup of cloud collaboration tools. It provides a starting point for app evaluation, and aids in determining which ones align with the company’s security, privacy, and compliance requirements. From here, businesses can put in place official policies to either block or sanction the app for organizational use, put controls on these applications, and thereby take back control of corporate data.

For tips and tech news delivered right to your inbox SIGN UP FOR OUR NEWSLETTER.