Microsoft Cloud App Security, also known as MCAS, helps an IT of an organization by generating alerts for any suspicious activity/Policy violation/Misuse of data by their users; there are challenges in addressing the same in a timely manner due to the need of manual intervention by IT. This not only affects the overall resolution time of the alerts but may also affect the business for not addressing them on time. We can overcome this challenge by integrating Microsoft Teams with the MCAS to notify admins/Security Operation Center of any policy violations or suspicious activities being reported there, increasing the response and resolution time.
How it works?
MCAS has the ability to proactively monitor data and applications of an organization and then automatically enforce policies including classifying documents and messages that contain confidential and sensitive information like user’s credit card number and social security number etc. When we integrate the MCAS with Teams with the help of Microsoft Flow, it automatically notifies the admins/Security Operation Center about an issue by sending a message to a channel in Teams whenever an alert triggered in the MCAS.
Find the policy that you want to trigger under “Policy” the flow and select it
In the Alerts section, select “Send Alerts to Power Automate” and In the select Playbooks dropdown, choose the name of the flow you created in step 3 and click “Update”
Bio: Muniraja Krishnappa has 20+ years of experience across architecting, operations and maintenance of Microsoft Messaging, collaboration, and cloud Technologies. He is currently serving as a Sr. Infrastructure Architect with Cognizant Technology Solutions, with technical expertise across architecting and administration of Microsoft Exchange (On-premises), Microsoft 365(across Exchange Online, Cloud App Security, Azure AD, Power Automate platform and Graph API automation) and has been working for few of the Fortune 500 clients.