Forum Discussion
EMS E3 CAS Discovery Functionality
When I look at the O365 EM+S E3 license setting in the O365 Admin Center, it shows Cloud App Security Discovery as an option. This page https://support.office.com/en-us/article/get-ready-for-office-365-cloud-app-security-d9ee4d67-f2b3-42b4-9c9e-c4529904990a?ui=en-US&rs=en-US&ad=US clearly states that we need E5 to get CAS, but does not mention Cloud App Security Discovery.
Can someone please provide me the definitive answer about what is actually possible with EMS E3 regarding CAS.
- Nicholas DiCola (SECURITY JEDI)
Microsoft
Hi
Cloud App Security Discovery as part of EMS E3 was announced at Ignite. You get the discovery features of CAS as part of your EMS E3 License.
Thanks, I understand that the announcement was made and I have seen the presentations, but what I don't understand is what that functionality includes. I can't find any documentation that describes this. Here is another example of information that causes confusion https://www.microsoft.com/en-us/cloud-platform/enterprise-mobility-security-pricing. It clearly shows that CAS is not included in EMS E3.
Also, the instructions at https://support.office.com/en-us/article/overview-of-office-365-cloud-app-security-81f0ee9a-9645-45ab-ba56-de9cbccab475?ui=en-US&rs=en-US&ad=US clearly state than an E5 is needed (there is no mention of what can be done with just the E3)
To add a little more detail, here is what I am seeing. I am trying to figure out exactly what happens when the CAS Discover setting is activate or deactivated.
Niv Goldenberg Ryan Heffernan Nicholas DiCola (SECURITY JEDI)
- Niv Goldenberg
Hi Dean,
I understand why it might be confusing. Let me try to clarify that.
Cloud App Security powers 3 different Discovery solution using the same engine.
Discovery in MCAS (EMS E5) - The full blown Shadow IT Discovery solution. Documented here: https://docs.microsoft.com/en-us/cloud-app-security/set-up-cloud-discovery
Discovery in AAD (EMS E3) - known as CAD. Similar functionality to MCAS but doesn't include risk assessment and anomaly detection in discovered usage. Documented here: https://docs.microsoft.com/en-us/azure/active-directory/cloudappdiscovery-get-started
You can see the comparison between Discovery in AAD CAD and MCAS here: https://docs.microsoft.com/en-us/cloud-app-security/editions-cloud-app-security-aad
When you activate CAS Discovery (in the screenshot you attached in the pervious message), you enable CAD.
Discovery in OCAS (Office365 E5) - Covers only cloud apps with similar functionality to Office 365. Does not include risk assessment and anomaly detection in discovered usage, automated upload, and more features. Documented here: https://support.office.com/en-us/article/overview-of-office-365-cloud-app-security-81f0ee9a-9645-45ab-ba56-de9cbccab475?ui=en-US&rs=en-US&ad=US#dashboard
You can see the comparison between Discovery in MCAS and OCAS here: https://docs.microsoft.com/en-us/cloud-app-security/editions-cloud-app-security-o365
