Cloud App Security : the facts

Share on facebook
Share on google
Share on twitter
Share on linkedin
Share on pinterest
Share on print
Share on email
Table of Contents

introduction

first article of CAS we have got an overview of cloud app security 

this article we will keep discovering CAS fact 

CAS Area

  CAS has two flavors :

  • CAS for office 365
  • MS CAS which is simply success security brokers that support
    • Log collector
    • API connectors like drobox
    • Reverse proxy for apps inside on-premise network

CAS capabilities

  • Discover and manage shadow IT
  • Detect suspicious user activity with UEBA
  • Investigate risky users
  • Investigate risky OAuth apps
  • Discover and protect sensitive information
  • Protect any app in your organization in real time
  • Block downloads of sensitive information
  • Manage cloud platform security
  • Protecting your files with admin quarantine
  • Apply Azure Information Protection labels automatically
  • Extend governance to endpoint remediation

Compliance with international standard  

CAS is compliant with the following international standards 

Title

Description

CSA STAR Attestation

Azure and Intune were awarded Cloud Security Alliance STAR Attestation based on an independent audit.

CSA STAR Certification

Azure, Intune, and Power BI were awarded Cloud Security Alliance STAR Certification at the Gold level.

EU Model Clauses

Microsoft offers EU Standard Contractual Clauses, guarantees for transfers of personal data.

HIPAA/HITECH

Microsoft offers Health Insurance Portability & Accountability Act Business Associate Agreements (BAAs).

ISO 9001

Microsoft is certified for its implementation of these quality management standards.

ISO/IEC 27001

Microsoft is certified for its implementation of these information security management standards.

ISO/IEC 27018

Microsoft was the first cloud provider to adhere to this code of practice for cloud privacy.

PCI DSS

Azure complies with Payment Card Industry Data Security Standards Level 1 version 3.1.

SOC 1 and SOC 2 Type 2 Reports

Microsoft cloud services comply with Service Organization Controls standards for operational security.

SOC 3

Microsoft cloud services comply with Service Organization Controls standards for operational security.

UK G-Cloud

The Crown Commercial Service renewed the Microsoft cloud services classification to Government Cloud v6.

CAS alters retention period

CAS data retained for the following  period

  • Activity log : 180 days
  • discovery data : 90 days
  • alert : 180 days
  • governance log : 120 days

which cloud service supported by CAS

Beside of fully support Microsoft 365 apps : CAS has also  integration with  cloud service APIs such as:

  • AWS
  • GCP
  • G Suite
  • Office 365
  • Okta
  • Salesforce
  • ServiceNow
  • Webex
  • Workday
  • Azure
  • Box
  • Dropbox
Share this post
Share on facebook
Share on google
Share on twitter
Share on linkedin
Share on pinterest
Share on print
Share on email

About Me

Our Power in Numbers

 17 

Courses

321

Articles

3,882

Images
and All configurations images are proudly made in Pioneers Lab

Articles By Course

Recent Articles

Subscribe

Contact us

have a challenge ? don’t hesitate to contact us