%3CLINGO-SUB%20id%3D%22lingo-sub-1812822%22%20slang%3D%22en-US%22%3ERe%3A%20ALERT!%20New%20Blog%20Series%3A%20MCAS%20Data%20Protection%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1812822%22%20slang%3D%22en-US%22%3E%3CP%3ECan%20we%20detect%20any%20specific%20content%20that%20is%20being%20uploaded%20to%20a%20widget%20or%20application%20within%20MS%20teams%20%3F%20ex%20%3A%20whiteboard%20app%20%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1814104%22%20slang%3D%22en-US%22%3ERe%3A%20ALERT!%20New%20Blog%20Series%3A%20MCAS%20Data%20Protection%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1814104%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F843754%22%20target%3D%22_blank%22%3E%40Abhilash_Kondodi%3C%2FA%3E%2C%26nbsp%3Bunfortunately%2C%20we%20cannot%20do%20this%20with%20MCAS%20for%20our%20Teams%20thick%20client.%20We%20can%20only%20do%20file%20inspection%20with%20browser%20based%20sessions%20using%20Conditional%20access%20app%20control.%20(Example%3A%20copying%2Fpasting%20can%20be%20prevented%20within%20the%20Wiki%20itself%20for%20Teams%20(Browser).%20In%20addition%20to%20overall%20copy%2Fpaste%20for%20apps%20using%20the%20browser%20session%20for%20those%20widgets%20(Planner%2C%20Forms%2C%20etc.).%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1814947%22%20slang%3D%22en-US%22%3ERe%3A%20ALERT!%20New%20Blog%20Series%3A%20MCAS%20Data%20Protection%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1814947%22%20slang%3D%22en-US%22%3E%3CP%3EPlease%20add%20information%20about%20protecting%20data%20that%20may%20be%20sent%20to%20other%20apps%20like%20Workplace%20from%20Facebook%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1823906%22%20slang%3D%22en-US%22%3ERe%3A%20ALERT!%20New%20Blog%20Series%3A%20MCAS%20Data%20Protection%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1823906%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F1096%22%20target%3D%22_blank%22%3E%40Dean%20Gross%3C%2FA%3E%26nbsp%3BGreat%20idea%2C%20yes%2C%20absolutely!%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1875334%22%20slang%3D%22en-US%22%3ERe%3A%20ALERT!%20New%20Blog%20Series%3A%20MCAS%20Data%20Protection%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1875334%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F708110%22%20target%3D%22_blank%22%3E%40Sarahzin%3C%2FA%3E%26nbsp%3BThank%20you%20so%20much%2C%20so%20is%20that%20a%20gap%20that%20will%20be%20filled%20by%20Microsoft%20in%20future%2C%20or%20should%20we%20risk%20accept%20that%20is%20a%20way%20data%20can%20be%20breached%20if%20its%20through%20Thick%20Client.%20Essentially%20company%20will%20have%20to%20block%20availability%20of%20such%20applications%20within%20Teams.%3C%2FP%3E%3CP%3EVery%20few%20would%20use%20thin%20client%20the%20web%20version%20for%20access%20teams%20or%20the%20widgets.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1796898%22%20slang%3D%22en-US%22%3EALERT!%20New%20Blog%20Series%3A%20MCAS%20Data%20Protection%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1796898%22%20slang%3D%22en-US%22%3E%3CP%20class%3D%22lia-align-left%22%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20class%3D%22lia-align-left%22%3E%3CSTRONG%3EBlog%20Series%3A%20MCAS%20Data%20Protection%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%20class%3D%22lia-align-left%22%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20class%3D%22lia-align-left%22%3EOctober%202020%3C%2FP%3E%0A%3CP%20class%3D%22lia-align-left%22%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20class%3D%22lia-align-left%22%3E%3CA%20title%3D%22Welcome%20Video%22%20href%3D%22https%3A%2F%2Faka.ms%2FMCAS-Data-Protection-Intro%22%20target%3D%22_self%22%20rel%3D%22noopener%20noreferrer%22%3EWelcome%20Video%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20class%3D%22lia-align-left%22%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20class%3D%22lia-align-left%22%3EHi!%20Welcome%20to%20the%20kickoff%20of%20the%20Microsoft%20Cloud%20App%20Security%20(MCAS)%20Data%20Protection%20Blog%20Series!%20My%20name%20is%20Sarahzin%20Chowdhury%20and%20I%20am%20one%20of%20the%20MCAS%20and%20Defender%20for%20Identity%20Program%20Managers%20on%20the%20Cloud%20%2B%20AI%20Security%20Customer%20Experience%20Engineering%20(CxE)%20team.%20I%20know%2C%20it%20is%20a%20mouthful%E2%80%A6%20but%20it%20really%20is%20a%20wonderful%20group%20of%20folks%E2%80%A6%20I%E2%80%99m%20definitely%20not%20biased%20at%20all!%20To%20learn%20more%20about%20my%20team%2C%20check%20out%20our%20latest%20%3CA%20href%3D%22https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3DTsDmuVuF-dY%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noreferrer%22%3ECxE%20podcast%3C%2FA%3E%20where%20we%20introduce%20ourselves%2C%20answer%20top%20MCAS%20questions%2C%20and%20present%20a%20brief%20roadmap!%3C%2FP%3E%0A%3CP%20class%3D%22lia-align-left%22%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20class%3D%22lia-align-left%22%3ENow%2C%20since%20I%E2%80%99m%20relatively%20new%20to%20blogging%2C%20I%20wanted%20to%20give%20you%20a%20little%20background%20about%20myself.%20If%20you%20already%20know%20me%2C%20go%20ahead%20and%20skip%20this%20section%20to%20jump%20to%20the%20blog%20links%20at%20the%20end%20of%20this%20article!%20I%E2%80%99ve%20been%20in%20the%20cybersecurity%20industry%20for%20about%206.5%20years%2C%20first%20starting%20out%20in%20the%20Government%20realm%3B%20my%20focus%20was%20of%20course%2C%20data%20protection.%20Since%20joining%20Microsoft%20early%202019%2C%20I%E2%80%99ve%20been%20focusing%20on%20MCAS%20and%20Microsoft%20Information%20Protection%20(MIP).%20I%20joined%20the%20CxE%20team%20several%20months%20ago%20and%20am%20very%20excited%20to%20be%20a%20part%20of%20this%20organization!%3C%2FP%3E%0A%3CP%20class%3D%22lia-align-left%22%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20class%3D%22lia-align-left%22%3EThroughout%20this%20series%2C%20I%E2%80%99ll%20be%20walking%20you%20through%20how%20to%20protect%20your%20data%20using%20MCAS.%20I%E2%80%99ll%20be%20covering%20some%20of%20our%20top%20use%20cases%20and%20top%20customer%20questions%20using%20both%20real-time%20(%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fcloud-app-security%2Fproxy-intro-aad%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EConditional%20Access%20App%20Control%3C%2FA%3E)%20and%20near%20real-time%20(%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fcloud-app-security%2Fenable-instant-visibility-protection-and-governance-actions-for-your-apps%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EAPI-based%20App%20Connectors%3C%2FA%3E)%20MCAS%20mechanisms.%20In%20addition%2C%20I%E2%80%99ll%20be%20covering%20any%20of%20the%20scenarios%20requested%20within%20the%20comments%20below!%3C%2FP%3E%0A%3CP%20class%3D%22lia-align-left%22%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20class%3D%22lia-align-left%22%3EAs%20one%20of%20the%20pillars%20of%20MCAS%2C%20data%20protection%20is%20a%20popular%20customer%20want.%20Throughout%20MCAS%2C%20data%20protection%20can%20be%20implemented%20in%20many%20areas.%20From%20using%20our%20data%20classification%20service%20or%20the%20built-in%20service%20to%20scan%20all%20the%20files%20in%20Office%20365%20and%20third%20party%20connected%20apps%2C%20to%20implementing%20data%20loss%20prevention%20(DLP)%20using%20our%20Proxy%2C%20there%20are%20multiple%20facets%20of%20data%20protection%20that%20build%20upon%20each%20other%20to%20bring%20our%20customers%20a%20robust%20DLP%20experience.%20In%20addition%2C%20MCAS%20and%20Azure%20Information%20Protection%20(AIP)%20are%20rolled%20up%20into%20our%20%3CA%20href%3D%22https%3A%2F%2Fwww.microsoft.com%2Fen-us%2Fsecurity%2Fbusiness%2Finformation-protection%23%3A~%3Atext%3D%2520Microsoft%2520Information%2520Protection%2520%25201%2520Identify%2520and%2Cand%2520privacy%2520posture%2520to%2520comply%2520with...%2520More%2520%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EMicrosoft%20Information%20Protection%3C%2FA%3E%20(MIP)%20service%20offering.%20This%20blog%20series%E2%80%99%20initial%20focus%20will%20be%20discussing%20the%20end%20user%E2%80%99s%20experience%20with%20each%20of%20the%20connected%20apps.%20We%E2%80%99ll%20first%20start%20off%20with%20Box.%3C%2FP%3E%0A%3CP%20class%3D%22lia-align-left%22%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20class%3D%22lia-align-left%22%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-center%22%20image-alt%3D%22Box.png%22%20style%3D%22width%3A%20999px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F227765i410C3A5A3A909066%2Fimage-size%2Flarge%3Fv%3D1.0%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22Box.png%22%20alt%3D%22Box.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%20class%3D%22lia-align-left%22%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20class%3D%22lia-align-left%22%3E%3CSPAN%20style%3D%22font-family%3A%20inherit%3B%22%3EMCAS%20Data%20Protection%20Blog%20Links%20(Updated%20Monthly)%3A%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%20class%3D%22lia-align-left%22%3E1.%20%3CA%20title%3D%22Protect%20Box%20(Part%201%3A%20Near%20Real-Time%20Data%20Protection)%22%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fmicrosoft-security-and%2Fprotect-box-part-1-near-real-time-data-protection%2Fba-p%2F1797206%22%20target%3D%22_self%22%3EProtect%20Box%20(Part%201%3A%20Near%20Real-Time%20Data%20Protection)%3C%2FA%3E%26nbsp%3B(October)%3C%2FP%3E%0A%3CP%20class%3D%22lia-align-left%22%3E2.%20%3CA%20title%3D%22Protect%20Box%20(Part%202%3A%20Real-Time%20Data%20Protection)%22%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fmicrosoft-security-and%2Fmcas-data-protection-blog-series-box-real-time-protections%2Fba-p%2F1943256%22%20target%3D%22_blank%22%3EProtect%20Box%20(Part%202%3A%20Real-Time%20Data%20Protection)%3C%2FA%3E%26nbsp%3B(November)%3C%2FP%3E%0A%3CP%20class%3D%22lia-align-left%22%3E3.%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fmicrosoft-security-and%2Fmcas-data-protection-blog-series-do-i-use-mcas-or-mip%2Fba-p%2F2011039%22%20target%3D%22_self%22%3EDo%20I%20use%20MCAS%20or%20MIP%3F%3C%2FA%3E%20(December)%3C%2FP%3E%0A%3CP%20class%3D%22lia-align-left%22%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20class%3D%22lia-align-left%22%3ETBD%3A%3C%2FP%3E%0A%3CP%20class%3D%22lia-align-left%22%3E4.%20Protect%20Office%20365%3C%2FP%3E%0A%3CP%20class%3D%22lia-align-left%22%3E5.%20Protect%20Dropbox%3C%2FP%3E%0A%3CP%20class%3D%22lia-align-left%22%3E6.%20Protect%20GitHub%3C%2FP%3E%0A%3CP%20class%3D%22lia-align-left%22%3E7.%20Protect%20G%20Suite%3C%2FP%3E%0A%3CP%20class%3D%22lia-align-left%22%3E8.%20Protect%20Salesforce%3C%2FP%3E%0A%3CP%20class%3D%22lia-align-left%22%3E9.%20Protect%20WebEx%3C%2FP%3E%0A%3CP%20class%3D%22lia-align-left%22%3E10.%20Protect%20ServiceNow%3C%2FP%3E%0A%3CP%20class%3D%22lia-align-left%22%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20class%3D%22lia-align-left%22%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-TEASER%20id%3D%22lingo-teaser-1796898%22%20slang%3D%22en-US%22%3E%3CP%20class%3D%22lia-align-center%22%3EWelcome%20to%20the%20kickoff%20of%20the%20Microsoft%20Cloud%20App%20Security%20(MCAS)%20Data%20Protection%20Blog%20Series!%20%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-center%22%20image-alt%3D%22Box.png%22%20style%3D%22width%3A%20999px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F227765i410C3A5A3A909066%2Fimage-size%2Flarge%3Fv%3D1.0%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22Box.png%22%20alt%3D%22Box.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%20class%3D%22lia-align-center%22%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-TEASER%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1796898%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3ECloud%20Security%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EData%20Loss%20Prevention%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EInformation%20Protection%20%26amp%3B%20Governance%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EMicrosoft%20Cloud%20App%20Security%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Microsoft

 

Blog Series: MCAS Data Protection

 

October 2020

 

Welcome Video 

 

Hi! Welcome to the kickoff of the Microsoft Cloud App Security (MCAS) Data Protection Blog Series! My name is Sarahzin Chowdhury and I am one of the MCAS and Defender for Identity Program Managers on the Cloud + AI Security Customer Experience Engineering (CxE) team. I know, it is a mouthful… but it really is a wonderful group of folks… I’m definitely not biased at all! To learn more about my team, check out our latest CxE podcast where we introduce ourselves, answer top MCAS questions, and present a brief roadmap!

 

Now, since I’m relatively new to blogging, I wanted to give you a little background about myself. If you already know me, go ahead and skip this section to jump to the blog links at the end of this article! I’ve been in the cybersecurity industry for about 6.5 years, first starting out in the Government realm; my focus was of course, data protection. Since joining Microsoft early 2019, I’ve been focusing on MCAS and Microsoft Information Protection (MIP). I joined the CxE team several months ago and am very excited to be a part of this organization!

 

Throughout this series, I’ll be walking you through how to protect your data using MCAS. I’ll be covering some of our top use cases and top customer questions using both real-time (Conditional Access App Control) and near real-time (API-based App Connectors) MCAS mechanisms. In addition, I’ll be covering any of the scenarios requested within the comments below!

 

As one of the pillars of MCAS, data protection is a popular customer want. Throughout MCAS, data protection can be implemented in many areas. From using our data classification service or the built-in service to scan all the files in Office 365 and third party connected apps, to implementing data loss prevention (DLP) using our Proxy, there are multiple facets of data protection that build upon each other to bring our customers a robust DLP experience. In addition, MCAS and Azure Information Protection (AIP) are rolled up into our Microsoft Information Protection (MIP) service offering. This blog series’ initial focus will be discussing the end user’s experience with each of the connected apps. We’ll first start off with Box.

 

Box.png

 

MCAS Data Protection Blog Links (Updated Monthly):

1. Protect Box (Part 1: Near Real-Time Data Protection) (October)

2. Protect Box (Part 2: Real-Time Data Protection) (November)

3. Do I use MCAS or MIP? (December)

 

TBD:

4. Protect Office 365

5. Protect Dropbox

6. Protect GitHub

7. Protect G Suite

8. Protect Salesforce

9. Protect WebEx

10. Protect ServiceNow

 

 

5 Comments

Can we detect any specific content that is being uploaded to a widget or application within MS teams ? ex : whiteboard app ?

Microsoft

@Abhilash_Kondodi, unfortunately, we cannot do this with MCAS for our Teams thick client. We can only do file inspection with browser based sessions using Conditional access app control. (Example: copying/pasting can be prevented within the Wiki itself for Teams (Browser). In addition to overall copy/paste for apps using the browser session for those widgets (Planner, Forms, etc.). 

Respected Contributor

Please add information about protecting data that may be sent to other apps like Workplace from Facebook

Microsoft

@Dean Gross Great idea, yes, absolutely!

@Sarahzin Thank you so much, so is that a gap that will be filled by Microsoft in future, or should we risk accept that is a way data can be breached if its through Thick Client. Essentially company will have to block availability of such applications within Teams.

Very few would use thin client the web version for access teams or the widgets.