Additional insight on Gmail use in MCAS

PHancke · ‎Mar 24 2020

We use Exchange Online for business e-mail, but are seeing high volumes of users and traffic to Gmail on MCAS. What options do we have to get more insights for Gmail use in MCAS?

- We do not use Google Docs and have not federated with Google/Gmail so a Google Docs connector is not possible

- As we are not federated Conditional Access App Controls seems to be out of the question

Are we are limited to Microsoft Defender ATP where we can check for AIP labelled data, or alternatively Windows Information Protection? Any other MCAS native insights to Gmail?

Boris_Kacevich · ‎Mar 30 2020

Hi @PHancke

MCAS is bound to the information provided by MDATP or any other network appliance (SWG, Firewall and etc.).

You are able to monitor the app's usage patterns such as the number of users using the apps, the amount of data being uploaded and downloaded and etc.

By using the Sanctioned/Uns-anctioned tag, you are then able to set automated policy-based alerts to be notified when a certain app's (in this case Gmail) usage patterns violate company regulations.

We are planning to provide visibility into file hashes that are being uploaded to any of the monitored apps and protect sensitive data upload to Risky/Un-sanctioned apps. No ETA yet.

More information can be found here:

https://docs.microsoft.com/en-us/cloud-app-security/tutorial-shadow-it

https://docs.microsoft.com/en-us/cloud-app-security/tutorial-flow

I suggest taking the AIP/MDATP question in MDATP forums.

Best,

Boris K

Products (50)

Special Topics (27)

Video Hub (462)

Most Active Hubs

Most Active Hubs

Video Hub

Additional insight on Gmail use in MCAS

Additional insight on Gmail use in MCAS

Re: Additional insight on Gmail use in MCAS