In the last couple of years, Microsoft has demonstrated its extraordinary ability to turn vision into reality, as witnessed by Microsoft’s repeatedly being named as a Leader in Gartner’s Magic Quadrant, in both the security and business intelligence landscapes.
In the Microsoft Cloud App Security and Power BI teams (two of the named leaders in the Cloud Access Security Broker (CASB), and Analytics and BI markets, respectively), we have identified an opportunity to provide an even more comprehensive solution. By bringing these two technologies together, we provide security administrators the tools they need to safely onboard business users to a large cloud workload such as Power BI (which has become an even greater key service for businesses in “work-from-home” mode during the COVID-19 crisis), while enjoying peace of mind with respect to the threats and risks inherent in using cloud services.
Using Cloud App Security, it is possible to detect and control risky Power BI sessions as they occur, thus reducing the threat that arises when malicious actors try to access content and data.
This partnership, first publicly announced at the end of 2019, has continued to evolve and deepen. We’d like to take the opportunity here to recap the capabilities that currently exist and are available to organizations that (or might be do so in the future). Some of these capabilities you may have already tried; others have been launched just recently.
The capabilities covered in this article are:
With Cloud App Security, organizations can monitor and control, in real time, risky Power BI sessions such as user access from unmanaged devices or infrequent locations. Security administrators can define policies to control user actions, such as downloading reports with sensitive information.
For example, if a user connects to Power BI from outside of their country, the session can be monitored by Cloud App Security’s real-time controls, and risky actions, such as downloading data tagged with a “Highly Confidential” sensitivity label, can be blocked immediately.
The Cloud App Security activity log includes a large portion of the Power BI activity as captured in the Office 365 audit log, which contains information about all user and admin activities, as well as sensitivity label information for relevant activities such as apply, change, and remove label.
Cloud App Security brings you the following added value:
After you’ve investigated user activity, be it in the Office 365 audit log or in the Cloud App Security activity log, you probably have a good understanding of which, how, and by whom content is being accessed and modified.
The next step is to leverage Cloud App Security’s activity policy feature to define your own custom rules, to help you detect user behavior that deviates from the norm, and even possibly act upon it automatically, if it seems too dangerous.
Some examples of scenarios that can be detected using activity policies:
Cloud App Security's anomaly detection policies provide out-of-the-box user behavioral analytics and machine learning so that you are ready from the outset to run advanced threat detection across your cloud environment. When an anomaly detection policy identifies a suspicious behavior, it triggers a security alert. For example:
Cloud App Security provides an app-specific admin role that can be used to grant Power BI admins only the permissions they need to access Power BI-relevant data in the portal, such as alerts, users at risk, activity logs, and other Power BI-related information.
However, it doesn’t stop there; this role not only provides access to the information listed above - it can also be used to create custom policies and detections such as those presented earlier in this article.
Cloud App Security admins, you are encouraged to let Power BI admins in your organization into the Cloud App Security portal, to start and help securing the next cloud workload on your list.
Let us know if you have any feedback or relevant use cases and requirements for this portion of Cloud App Security by emailing CASFeedback@microsoft.com and mention the Power BI integration.
To experience the benefits of full-featured CASB, sign up for a free trial—Microsoft Cloud App Security.
Follow us on LinkedIn as #CloudAppSecurity. To learn more about Microsoft Security solutions visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us at @MSFTSecurity on Twitter, and Microsoft Security on LinkedIn for the latest news and updates on cybersecurity.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.