Matt Soseman, Senior Security Architect, One Commercial Partner @ Microsoft
Take a step back in time with me and think about what technology was like when you entered the workforce. For me, when I started ~20 years ago, I was accessing corporate apps that were in my company owned datacenter, behind their firewall – from a locked down desktop computer in the corporate office building. Fast forward 20 years, and I am accessing business apps and data that are not in my company’s datacenter nor behind their firewall, from a smartphone/tablet/laptop (that the company does not manage), from locations other than the company’s office. Wow, times have changed.
As the way we do business has evolved over the last 20 years, so have our end-user’s expectations of IT services; they expect to get their job done at anytime, anywhere and on any device. One trend that is growing rapidly is the use of Software as a Service (SaaS) where users are storing corporate owned data and consuming it from a variety of public apps (that are not controlled by the user’s IT department) be it cloud storage, online meetings, collaboration, accounting, CRM more. This drastically increases the organizations cyber security risk and may negatively impact their compliance posture if not managed properly.
This is where a Cloud Access Security Broker (CASB) can help save the day. CASBs help enable you to discover what SaaS apps are in use, provide security and governance for those apps, and enforce policies to maintain your security and compliance posture. They are designed specifically for cloud-based applications and with the right design and configuration strategy, can provide the security/compliance IT requires and the flexibility the end users are expecting.
A Cloud Access Security Broker is an amazing tool for any IT professional to add to their toolbelt in mitigating today’s modern threats and risks. This tool can contain many different moving parts from firewall and desktop integration, to connecting to SaaS apps, configuring, and deploying policy, tuning alerts, identity controls, data governance, data loss prevention, and more. As a result, due to the complexity of a CASB, they can be intimidating and sometimes too complex to know where or even how to get started.
Welcome to the CASB Ninja Blog Series!
I want to arm you with the knowledge you need to be successful with a CASB and ultimately be a CASB ninja to your organization! I will be sharing my knowledge and experience with you in a new blog series called MCAS Ninja. In the blogs we will discuss how the Microsoft CASB, Microsoft Cloud App Security (MCAS), can be used across the following 5 topic areas:
- Shadow IT Discovery & Control
- Information Protection
- Threat Protection
- Real-time Access Management
- Cloud Security Posture Management
We will dive deep into use cases, architecture design, implementation and configuration best practices, operations, and more. I am excited to have you on this journey and to contribute to your success! I am also excited to help you better understand how MCAS integrates with the rest of the Microsoft security portfolio:
The Journey Begins:
To kick off the series, I will start with going deeper into the business justification of why a CASB is needed, the opportunity for IT and the end-user, business outcomes, and how a CASB delivers its capabilities.
Armed with this knowledge, the next stop in your journey will be starting with discovering and mitigating shadow IT in your organization. Keep an eye out for both posts in the coming weeks! (I will update this post you are reading with the links once they become available but be sure to subscribe so you can be notified when they are live.)
Attention Microsoft Partners!
My role at Microsoft is to enable our partners to develop and deliver world-class enterprise grade security solutions using Microsoft Security and Compliance technology to their clients. Building that foundation starts with a CASB and managing cloud security posture. Throughout this blog series, I will also be diving into partner specific topics (such as ideas for managed services, reporting dashboards, playbooks, and more) that you can use to help your clients be successful with Microsoft Cloud App Security.
I am honored to have you on this journey with me, see you soon!
P.S. Stay up to date on all the MCAS Ninja training at http://aka.ms/MCASNinja