Microsoft has unveiled a cloud-based service the company says is targeted at curbing Shadow IT usage across the enterprise.
Microsoft Cloud App Security is a comprehensive cloud-delivered service that the Redmond, Wash.-based software vendor says is built for enterprise security teams to help control Shadow IT, which refers to solutions built and used inside organizations without explicit organizational approval.
The cloud-delivered offering, now generally available, is based on its recent acquisition of cloud security vendor Adallom. The solution aims at boosting security by enabling admins to view the cloud apps that staff are using and how they are using them within the enterprise.
The Cloud App Security offering includes the following features:
- App Discovery: Cloud App Security identifies all cloud applications in your network—from all devices—and provides risk scoring and ongoing risk assessment and analytics
- Data Control: With a focus on sanctioned apps, users can set granular controls and policies for data sharing and loss prevention (DLP) leveraging API-based integration. Admins can use either out-of-the box policies or build and customize their own
- Threat Protection: Cloud App Security provides threat protection for cloud applications leveraging user behavioral analytics and anomaly detection
According to Microsoft, employees use 17 cloud apps on average, but many organizations don’t know what is in use, or whether these apps meet security, privacy and compliance requirements; the company also claims that 75 per cent of privileged cloud accounts are inactive, accounts that might be “eating up the cost of a license, or worse, increasing the attack surface of the organization.”
A 2015 survey by the Cloud Security Alliance revealed 72 per cent of respondents noted they were unsure of the precise number of Shadow IT apps within their respective companies.