Implementing Zero Trust: A Guide to Securing Your Data
Data protection is critical for organizations to ensure sensitive information is always protected. Implementing a Zero Trust strategy is an effective way to protect your data. In this guide, we will walk you through the three key components of a data protection strategy and the initial deployment goals for Zero Trust. Learn about what has to be considered to ensure your data is safe at all times, from discovering and classifying your data through monitoring and cleanup.Data Protection for SAP Solutions
Data protection is key for all (SAP) customers. We must find an optimal way to protect data against data corruption caused by hardware or software defects, accidentally deletion of data, external and internal data fraud. Also important is how do we setup HA (high availability) and DR (disaster recovery).
Microsoft Purview: Comprehensive solutions for data governance, protection, compliance & management.
Microsoft Purview provides a unified data governance solution to help manage and govern your on-premises, multicloud, and software as a service (SaaS) data, Office Apps, Microsoft Office 365 services, Devices and Cloud Apps. Easily create a holistic, up-to-date map of your data landscape with automated data discovery, sensitive data classification, and end-to-end data lineage. Enable data consumers to access valuable, trustworthy data management.Recording of Cloud App Security Intro Webinar
Thanks to those of you who joined our introductory webinar for Microsoft Cloud App Security. For those who couldn't make it, you can find the recording at https://youtu.be/dUoicG0Hc-o. Also, thanks to Sebastien Molendijk for an informative presentation. If you'd like to ensure you're notified of future calls, please join our community using the instructions at https://aka.ms/SecurityCommunity.
MCAS Regex Engine
Maybe you have a Quick answer. We are currently evaluating DLP Capabilities with MCAS. As we are now implementing Use Cases, we discovered that the Regex Engine from Microsoft is somewhat special. Me and my colleagues understand that this is a mass amount engine and therefore has its limitations regarding the Quantifiers. Now, the Docs are kind of clear but only very less. How does the Regex Engine actually works, what are the limitations? We can investigate every single regex match but how do we validate false positives for a amount of matches? (Probability Score or Reducing the max. Matches per day) Some example use cases from the customer: - Leveraging regex to look for http headers - Look for Cookies (e.g. Look for "Set-Cookie") - Regex hunting base64 encoded jwt id or access tokens or other custom tokens with various file types - pci data (can be covered by MCAS) - aws session token (SessionToken AND base64 encoded data in the vicinity) - MIP labeled documents ( can be covered by MCAS) Hope someone can help
Announcement: Unified suffix domain for proxy
Hi folks, I wanted to share an important and exciting new feature that we are rolling out for Session Controls in Microsoft Cloud App Security, with impact to current users of Session Controls. We are making big improvements to our architecture for our proxy-based session controls, to leverage one unified suffix, without a named region (i.e., for commercial customers, “*.[region].cas.ms” will become “*.mcas.ms”). This change will start to hit customer tenants as early as June 7 th , but will continue to roll out gradually. This is important for several reasons: Customers who blacklist domains by default in their network appliance or gateway will need to ensure they whitelist all the domains listed here: https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fcloud-app-security%2Fnetwork-requirements%23access-and-session-controls&data=02%7C01%7CAlex.Esibov%40microsoft.com%7Ce8bde6704ea94964bc5b08d7fdd32ff9%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637256955955371191&sdata=gmaH9FjrazjvU1p4JHuq4CGXsWzzSWA83shXmRy3tpU%3D&reserved=0 Note 1: during initial deployment and roll-out of this feature, customers may transition from the previous, geo-specific domains to the unified suffix domains. Therefore, it’s important to whitelist all domains listed on this page. Note 2: If a customer is whitelisting specific IPs, they must whitelist all IPs currently listed in the network requirements across all listed Data centers. Note 3: Customers should continue to check this page for the latest information on new IP addresses, as we are constantly increasing our region sizes to scale with demand. Our architecture becomes more scalable – one region will serve any DC, meaning when we deploy a new region, it’s automatically available to any customer in MCAS Users will see a new suffix URL when Session Controls are applied, and should be aware of these changes, if the IT/IS admins in the org choose to do so. Users will no longer see DC name in the URL, which has often been confused with the location of the proxy node (which it’s not) Here is a GIF showing the new domain for Commercial customers: Let me know if you have any questions. Thanks, AlexUsing flow Cloud App Security Alert trigger
I have a DLP rule in Offi e 365 that triggers an alert when PCI data is detected. I want t use Flow to send an email to the person who owns the detected file\s, providing them the file name and location (this info is in the alerts when you view them in Cloud App Security) and asking them to remove the PCI data. I setup the API token, a Cloud App Security trigger and then attached a basic email action to my and attached that to the alert as a Flow action just so I know when the DLP picks up PCI it runs the configured alert which then runs the configured Flow and I get the test email. This works perfectly. Next step then is to customize it to the file owner. Here is where I'm having problems. I need to put the file owner email address in the To field and at a minimum the file\s detected in the body. My problem is I cant find any doco that explains what each of the dynamic content options actually are so I don't know which one give me the person and the file\s info. I tried to just add all of them and wait for a triggered event but some I believe are arrays so it adds a "For each" action which I don't want. How can i work out the dynamic content fields I need?File Policies - Requesting a new pre-set expression
Hi Team, I would like to request the addition of a new pre-set expression for content inspection in file policies. It is for New Zealand "Social Welfare Numbers". I have the algorithm which unfortunately cannot be implemented in a REGEX. What is the best way to go about submitting this request? Cheers KevinSAP System Refresh and Cloning operations on Azure NetApp Files with SnapCenter
Discover the power of SAP HANA on Azure NetApp Files with seamless system refresh and cloning operations using SnapCenter. This innovative solution leverages Azure NetApp Files snapshot and volume cloning capabilities to provide end-to-end workflows for data protection and SAP system refresh operations. Whether you need to create system copies for testing, address logical corruption, or perform disaster recovery failover tests, SnapCenter ensures quick and efficient processes, saving you time and resources.New blog post: Protect your data in Box environments with Microsoft Cloud App Security
Last week researchers found dozens of companies had inadvertently exposed sensitive corporate and customer data in their corporate Box accounts, because employees had created public sharing links to files and folders . Check our our latest blog post and find out how you can make sure that your Box envrionment is safe!
