![]() ![]() You can also detect anomalies in the usage of cloud apps. You can create custom tags in the Settings pane. You can tag the application to trigger other polices within Cloud App Security, for example. You can kick off a Power Automate playbook or send an alert by email or text message.Īdditionally, you can take governance actions. Once you specified the parameters, you can configure the alert action. You could also create extra conditions such as the number of IP addresses, machines, or users. You can adjust the amount of data that will trigger the alert. ![]() In this example, were are selecting the continuous reports that we created in the previous blog. Select the report that the policy applies to. You can add additional specifications, for example to only alert on cloud storage apps. If needed, add some description to clarify the purpose of the policy You can adjust the name of the policy to make it easy to recognize. If you are using an existing policy, all values will be replaced with the template. Select Apply template to load the pre-configured settings. In this example, I’ll pick New high upload volume app. You can select one of the templates, or select no template to build your own policy. Head over to your Cloud App Security Portal and create a new policy. (what can I say?) Using app discovery alerts, the company becomes aware of this behaviour and can take the right steps to remediate this. At some point, the users start using Zoom instead, because they like some of the features better. Let’s say that a company implemented Microsoft Teams for online meetings. I’ve selected some random templates that you can pick from to give you an idea: There are a lot of templates available to get you started, but you can build your policy from scratch. What are App discovery policies?Īpp discovery policies can detect any new app that is being used by your users. If you are new to Cloud App Discovery, I suggest you read my previous blog first. Today, we take a look at the app discovery policies that are available. Earlier I showed how MCAS can help you to discover shadow IT in your organization by ingesting your firewall and proxy log files. Set automated notifications for new and trending cloud applications in your organization With Cloud Discovery policies, you can set alerts that notify you when new apps are detected within your organization.Īnd again, we’re back at Cloud App Security. Here is a list of all the articles in this series:Ġ2 – Require MFA for administrative rolesĠ4 – Ensure all users can complete multi-factor authentication for secure accessĠ6 – Enable policy to block legacy authenticationĠ8 – Use Cloud App Security to detect anomalous behaviorĠ9 – Do not allow users to grant consent to unmanaged applicationsġ0 – Discover trends in shadow IT application usageġ3 – Set automated notifications for new and trending cloud applications in your organizationġ4 – Designate more than one global admin The articles vary in case of impact and complexity and cover multiple categories. In this series, I’ll pick out random actions and try to make it as simple as possible, backed with notes from the field.Īrticles in this series can be read separately since they are written at random order. In the end, Microsoft Secure Score is meant to strengthen your security, not a contest to reach the highest score possible. Some actions might not even have value for your organization. Although Microsoft does a great job on telling you what to do, some actions have a much bigger impact and need to be balanced against business needs. In this series, I’ll be covering the Microsoft Secure Score improvement actions.
0 Comments
Leave a Reply. |