As more enterprises adopt Office 365, new questions are arising about the security and compliance of corporate data. In moving to the cloud, enterprises outsource server management, upgrades, and datacenter operations to Microsoft. However, they only partially outsource their security responsibilities. Operating under a shared responsibility model, Microsoft takes responsibility for intrusions to the Office 365 platform. However, Office 365 customers are still responsible for actions users take that can expose corporate data to loss or create compliance violations.
Enter the cloud access security broker (CASB). CASBs provide enterprises with a single, cross-cloud control point that consolidates many different security and compliance capabilities into a single platform. In many ways, these controls mirror the ones enterprises have already deployed to secure their data in on-premises applications, databases, and email systems. Some of the security technologies enterprises deployed to protect on-premises data include:
- Data loss prevention (DLP) to enforce external sharing policies and prevent the unintended disclosure of sensitive corporate data, primarily via email
- Intrusion prevention systems (IPS) to detect third-party compromise of corporate data, in some cases using compromised credentials
- Security incident and event management (SIEM) to record events and provide a tool for security analysts to perform forensic investigations
- User and entity behavior analytics (UEBA) to identify malicious or careless users via machine learning and big data analytics
McAfee (formerly Skyhigh Networks) has extensive experience helping enterprises ensure their Office 365 environments are secure and compliant. This experience has revealed patterns in what use cases enterprises look to a CASB to solve. After working with hundreds of enterprises to help address security and compliance requirements as corporate data migrates to Office 365, McAfee has surfaced the seven primary use cases enterprises look to fulfill with a CASB.
Some use cases are more common than others, as summarized in this list in descending order of frequency. In the full ebook, we describe each use case in detail, explain McAfee’s approach to addressing the use case, discuss the CASB deployment architecture(s) that support the use case, and offer evaluation criteria as you consider a CASB to help you secure Office 365. Download a free copy of the Top 7 Office 365 Security Use Cases for a CASB ebook today.
About the Author
Categories: Cloud Security