Identify and protect overexposed data in the cloud with Microsoft Cloud App Security
Articles,  Blog

Identify and protect overexposed data in the cloud with Microsoft Cloud App Security


Kim Kischel: In this video, we’ll show you how Microsoft Cloud App Security can help you identify overexposed data in your organization and define automatic remediation options. The cloud enables collaboration inside a company and lets you easily share documents with external contributors. While this improves productivity, it also poses the risk of overexposing sensitive information. Let’s take a look at how Microsoft Cloud App Security can help you identify and mitigate these risks across your cloud apps. In the left navigation pane, go to control and select policies. On the policies page, click create policy and choose file policy from the dropdown. Now, fill in a name and optionally, you can also provide a description. Now, use the filters section to scope it to the applications that you want to protect as well as any other filters you might want. In this particular case, let’s use the access level filter and set it to public and public internet, which means that this policy will identify all files that are publicly exposed. You can further scope the policy to only apply to specific folders within an app, for example, if you have known locations with business critical files. Now, choose the relevant inspection method. Microsoft Cloud App Security has a built-in DLP engine, but we recommend leveraging the data classification service, which provides a consistent experience across Office 365 DLP, Azure Information Protection, and Microsoft Cloud App Security and allows you to leverage more than 90 built-in sensitive information types or create custom ones. Here, I’m going to select all information types that are relevant to financial by using the filter at the top and then select all in page and click done. Finally, you can define governance options for when an overexposed sensitive file is detected. For Box, you have a wide variety of governance options, such as placing the file in admin quarantine. Then click create. Once you’ve configured the policy, Microsoft Cloud App Security will start scanning all data in your Box environment based on the criteria that you have defined. It will gradually scan data at rest as well as new data that is uploaded to the app. And once a match is found, the file will be placed in admin quarantine for further investigation and governance by your admin.

Leave a Reply

Your email address will not be published. Required fields are marked *