Microsoft hopes to shine light on shadow IT

The first fruits of Microsoft's 2015 acquisition of Adallom are ripening with Redmond announcing its Cloud App Security offering is now generally available.

The idea of Cloud App Security is to cover off the data loss danger in “shadow IT” – the use of cloud apps that people have contracted using the departmental credit card, but somehow neglected to tell the IT department about.

With “80 per cent” of staff using some kind of unapproved software-as-a-service (SaaS) for corporate usage, Microsoft says in this blog post, the day is coming where there's more data stored off-premises than in official enterprise IT systems.

With a claimed support for 13,000 cloud apps, it's no surprise that Cloud App Security needs training to work out what's in use in a customer environment.

Training starts with feeding it firewall and proxy system logs from vendors like Blue Coat, Cisco, Zscaler, Palo Alto, Juniper Networks and others (full list here).

With apps identified, sysadmins can then analyse usage (down to the individual user level) and apply policy control to app usage.

Cloud App Security also includes App Connectors, which use the cloud providers' APIs to support policy enforcement and threat detection.

Once apps are connected, an OAuth token is created so Cloud App Security can get to work.

Redmond's acquisition of Adallom meant it inherited development work for Ariba, AWS, SalesForce, Dropbox and others.

In the move to G/A, Cloud App Security also unboxes support for Google Apps (minimal capabilities on an Apps Enterprise license, but Microsoft notes there are more capabilities in Google Apps Unlimited license environments). ®