ALERT! New Blog Series: MCAS Data Protection

Published 10-19-2020 12:39 PM 4,048 Views


Blog Series: MCAS Data Protection


October 2020


Welcome Video 


Hi! Welcome to the kickoff of the Microsoft Cloud App Security (MCAS) Data Protection Blog Series! My name is Sarahzin Chowdhury and I am one of the MCAS and Defender for Identity Program Managers on the Cloud + AI Security Customer Experience Engineering (CxE) team. I know, it is a mouthful… but it really is a wonderful group of folks… I’m definitely not biased at all! To learn more about my team, check out our latest CxE podcast where we introduce ourselves, answer top MCAS questions, and present a brief roadmap!


Now, since I’m relatively new to blogging, I wanted to give you a little background about myself. If you already know me, go ahead and skip this section to jump to the blog links at the end of this article! I’ve been in the cybersecurity industry for about 6.5 years, first starting out in the Government realm; my focus was of course, data protection. Since joining Microsoft early 2019, I’ve been focusing on MCAS and Microsoft Information Protection (MIP). I joined the CxE team several months ago and am very excited to be a part of this organization!


Throughout this series, I’ll be walking you through how to protect your data using MCAS. I’ll be covering some of our top use cases and top customer questions using both real-time (Conditional Access App Control) and near real-time (API-based App Connectors) MCAS mechanisms. In addition, I’ll be covering any of the scenarios requested within the comments below!


As one of the pillars of MCAS, data protection is a popular customer want. Throughout MCAS, data protection can be implemented in many areas. From using our data classification service or the built-in service to scan all the files in Office 365 and third party connected apps, to implementing data loss prevention (DLP) using our Proxy, there are multiple facets of data protection that build upon each other to bring our customers a robust DLP experience. In addition, MCAS and Azure Information Protection (AIP) are rolled up into our Microsoft Information Protection (MIP) service offering. This blog series’ initial focus will be discussing the end user’s experience with each of the connected apps. We’ll first start off with Box.




MCAS Data Protection Blog Links (Updated with Each Blog):

1. Protect Box (Part 1: Near Real-Time Data Protection) (October)

2. Protect Box (Part 2: Real-Time Data Protection) (November)

3. Do I use MCAS or MIP? (December)

4. MCAS DLP Walk-Through (March)




Let us know if you have any feedback or relevant use cases/requirements for this portion of Cloud App Security by emailing and mention the core area of concern.


Learn more 

For further information on how your organization can benefit from Microsoft Cloud App Security, connect with us at the links below: 

Join the conversation on Tech Community.  

Stay up to date—subscribe to our blog.  

Upload a log file from your network firewall or enable logging via Microsoft Defender for Endpoint to discover Shadow IT in your network. 

Learn more—download Top 20 use cases for CASB

Connect your cloud apps to detect suspicious user activity and exposed sensitive data. 

Search documentation on Microsoft Cloud App Security.  

Enable out-of-the-box anomaly detection policies and start detecting cloud threats in your environment. 

Understand your licensing options .  

Continue with more advanced use cases across information protection, compliance, and more. 

Follow the Microsoft Cloud App Security Ninja blog and learn about Ninja Training.  

Go deeper with these interactive guides: 

·         Discover and manage cloud app usage with Microsoft Cloud App Security 

·         Protect and control information with Microsoft Cloud App Security 

·         Detect threats and manage alerts with Microsoft Cloud App Security 

·         Automate alerts management with Microsoft Power Automate and Cloud App Security  


To experience the benefits of full-featured CASB, sign up for a free trial—Microsoft Cloud App Security. 


Follow us on LinkedIn as #CloudAppSecurity. To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us at @MSFTSecurity on Twitter, and Microsoft Security on LinkedIn for the latest news and updates on cybersecurity. 




Regular Visitor

Can we detect any specific content that is being uploaded to a widget or application within MS teams ? ex : whiteboard app ?


@Abhilash_Kondodi, unfortunately, we cannot do this with MCAS for our Teams thick client. We can only do file inspection with browser based sessions using Conditional access app control. (Example: copying/pasting can be prevented within the Wiki itself for Teams (Browser). In addition to overall copy/paste for apps using the browser session for those widgets (Planner, Forms, etc.). 

Respected Contributor

Please add information about protecting data that may be sent to other apps like Workplace from Facebook


@Dean Gross Great idea, yes, absolutely!

Regular Visitor

@Sarahzin Thank you so much, so is that a gap that will be filled by Microsoft in future, or should we risk accept that is a way data can be breached if its through Thick Client. Essentially company will have to block availability of such applications within Teams.

Very few would use thin client the web version for access teams or the widgets.

New Contributor

Hello @Sarahzin 

Thanks for your share, very impressive. Where can I find the Microsoft DLP framework in depth?


Hi @Riyad Amin! Overall Microsoft DLP can be found at


Overall Microsoft Information Protection info can be found at


Hope this helps!


Hi @Abhilash_Kondodi! I missed your message. Although MCAS can’t do Teams thick client, we have Microsoft DLP that does the Teams Thick Client. All these offerings work together to give you a holistic data protection strategy.

New Contributor

Hi @Sarahzin 

Thank you for your guideline and help. 

New Contributor

Hello, thank you for the great blog. I just just had a quick question around file policies in MCAS. Do file policies account for files in the thick clients or will this only account for browser based sessions? 

Respected Contributor

@bsieff91 i recommend reposting your question as its own post so that it gets better attention 


Hi @bsieff91! So, the files are being pulled from the APIs. They're near realtime. If the files are being stored in the original app at the enterprise level, then they'll be pulled into MCAS if they're a connected app that offers the files information through the API (like Box). The browser based sessions are for the real time session policies using conditional access app control. 


I hope this helps!

Regular Visitor

Hi @Sarahzin , Hope you are doing well. Looking forward to go through the entire series. Is there a series for Microsoft Native DLP specific ?

Version history
Last update:
‎May 11 2021 02:05 PM
Updated by: