Welcome to the MCAS Ninja Blog Series!
Matt Soseman, Senior Security Architect, One Commercial Partner @ Microsoft Background: Take a step back in time with me and think about what technology was like when you entered the workforce. For me, when I started ~20 years ago, I was accessing corporate apps that were in my company owned datacenter, behind their firewall – from a locked down desktop computer in the corporate office building. Fast forward 20 years, and I am accessing business apps and data that are not in my company’s datacenter nor behind their firewall, from a smartphone/tablet/laptop (that the company does not manage), from locations other than the company’s office. Wow, times have changed. The Problem: As the way we do business has evolved over the last 20 years, so have our end-user’s expectations of IT services; they expect to get their job done at anytime, anywhere and on any device. One trend that is growing rapidly is the use of Software as a Service (SaaS) where users are storing corporate owned data and consuming it from a variety of public apps (that are not controlled by the user’s IT department) be it cloud storage, online meetings, collaboration, accounting, CRM more. This drastically increases the organizations cyber security risk and may negatively impact their compliance posture if not managed properly. The Solution: This is where a Cloud Access Security Broker (CASB) can help save the day. CASBs help enable you to discover what SaaS apps are in use, provide security and governance for those apps, and enforce policies to maintain your security and compliance posture. They are designed specifically for cloud-based applications and with the right design and configuration strategy, can provide the security/compliance IT requires and the flexibility the end users are expecting. A Cloud Access Security Broker is an amazing tool for any IT professional to add to their toolbelt in mitigating today’s modern threats and risks. This tool can contain many different moving parts from firewall and desktop integration, to connecting to SaaS apps, configuring, and deploying policy, tuning alerts, identity controls, data governance, data loss prevention, and more. As a result, due to the complexity of a CASB, they can be intimidating and sometimes too complex to know where or even how to get started. Welcome to the CASB Ninja Blog Series! I want to arm you with the knowledge you need to be successful with a CASB and ultimately be a CASB ninja to your organization! I will be sharing my knowledge and experience with you in a new blog series called MCAS Ninja. In the blogs we will discuss how the Microsoft CASB, Microsoft Cloud App Security (MCAS), can be used across the following 5 topic areas: Shadow IT Discovery & Control Information Protection Threat Protection Real-time Access Management Cloud Security Posture Management We will dive deep into use cases, architecture design, implementation and configuration best practices, operations, and more. I am excited to have you on this journey and to contribute to your success! I am also excited to help you better understand how MCAS integrates with the rest of the Microsoft security portfolio: The Journey Begins: To kick off the series, I will start with going deeper into the business justification of why a CASB is needed, the opportunity for IT and the end-user, business outcomes, and how a CASB delivers its capabilities. Armed with this knowledge, the next stop in your journey will be starting with discovering and mitigating shadow IT in your organization. Keep an eye out for both posts in the coming weeks! (I will update this post you are reading with the links once they become available but be sure to subscribe so you can be notified when they are live.) Attention Microsoft Partners! My role at Microsoft is to enable our partners to develop and deliver world-class enterprise grade security solutions using Microsoft Security and Compliance technology to their clients. Building that foundation starts with a CASB and managing cloud security posture. Throughout this blog series, I will also be diving into partner specific topics (such as ideas for managed services, reporting dashboards, playbooks, and more) that you can use to help your clients be successful with Microsoft Cloud App Security. I am honored to have you on this journey with me, see you soon! --Matt Soseman http://aka.ms/SosemanTV P.S. Stay up to date on all the MCAS Ninja training at http://aka.ms/MCASNinjaMicrosoft Defender for Cloud Apps SaaS Security AMA
If you're interested in learning more about Defender for Cloud Apps and have any questions around our SaaS capabilities or on SaaS Security in general, join our Ask Me Anything event to get your questions answered by our product experts! An AMA is a live text-based online event similar to an "Ask Me Anything," on Reddit. This AMA gives you the opportunity to connect with members of the Defender for Cloud Apps product group who will be on hand to answer your questions and listen to feedback. Feel free to post your questions about Defender for Cloud Apps anytime in the comments beforehand!MCAS Ninja: What’s a CASB and Why Do I Need One?
SaaS apps are mission critical components to successful operations for an organization and provides the organization with the modern technology to meet business needs, without a large infrastructure investment. However, SaaS needs to be trusted by the IT department and be carefully considered as part of a security and compliance strategy.
