Protiviti / SharePoint Blog

SharePoint Blog

June 21
The Power of the Microsoft Cloud App Security Broker, MCAS, Solution

​As anyone in IT can tell you, what was true yesterday in terms of capabilities will most likely not be true in a year.  In fact, heavily adopted platforms like Cloud technology will more than likely not have the same limited set of features in three months' time as they do today. 

The Cloud is changing and the major players are competing in that market space.  That means one thing for sure, change will be constant.  Here are just a few updates for the Azure platform as of today.  Keep in mind these are big changes made on a global scale.  For more information on the rapid pace of change read here:
https://azure.microsoft.com/en-us/updates/
Image1.PNG

There has been a proliferation of comparisons between various Cloud Application Security Broker solutions.  A traditional CASB solution allows you to protect, track and control how your organizations data is being used in both on-premises and in the Cloud.   Influencers such as Gartner and Forrester are regularly churning out comparisons of top vendors such as Netskope, Microsoft, McAfee and Symantec.   Part of the reason for this new focus on CASB solutions has to do with the recognition in the Enterprise of the following:
1.    Users will and have been adopting the use of Shadow IT to facilitate business needs.  Unmanaged Shadow IT represents a risk to organizations.
2.    The Internet of Things has expanded incredibly while at the same time the list of regulations controlling sensitive data has also expanded.  Corporations are being pushed to comply with laws such as NYDFS, PII, GDPR, HIPAA, and SOX not to mention the slew of regulations imposed by other countries such as the UK and Germany.
3.    The need to collaborate with vendors and partners has increased with a consistent focus on real time updates and access to shared data.  Platforms such as OneDrive, Box, Drop Box, Google G suite, Salesforce and Service Now are critical to collaboration, but still must be regulated and controlled.
 
As a team, we have reviewed quite a few comparisons of Cloud Application Security Brokers and some appear to be biased toward or against particular vendors based on who the author is and whether or not specific vendors paid to participate and/or took part in the comparisons.  
 
Here is a snippet of a public comparison available now.  While these comparisons are useful there are pitfalls in relying on these alone to guide your business investments.
Image2.PNG

Today, I want to address a few key areas where the Microsoft Cloud Application Security Broker solution may be graded a little lower than you might expect in these types of comparisons.  An important reason the MCAS solution may get a little lower rating then one might expect is because the Microsoft Cloud platform is constantly being improved.  This is a good thing, but this rapid change process often leaves authors at a disadvantage when it comes to maintaining a current understanding of the most cutting edge features available.  A good example of the rapid pace Microsoft has undertaken in the Cloud is easily seen considering the many new features available since BPOS was first introduced. Taking into consideration that Microsoft started BPOS in 2010 and was mainly focused on mail and files use, not security, the new focus of the Cloud towards Governance and Control is easily observed.   Since 2010 we have been given new features focused on control such as Identity Protection, Identity Management, Information Protection, Conditional Access and Multifactor Authentication.  The pace that Azure and O365 continues to expand its feature set is impressive.  Access to this bevy of resources is available in your Azure Dashboard or at the newly revamped MCAS administration site.
 Image3.PNG

Image4.PNG

Here is a look at key features that make the MCAS solution a compelling choice especially when your cloud platform is O365, Box or Google G Suite.  New enhancements are in the works to fully manage other 3rd party platforms such as AWS, Service Now and Salesforce so stay tuned.
 
Encryption and Quarantine:  MCAS is given a very low score here vs other vendors.  Microsoft has recently added in enhancements to connect Azure Information Protection to the MCAS solution.  In short, you can apply a number of encryption / protection options on data in the O365 Cloud as well as on external 3rd party cloud applications.  This was done in the past using Active Directory Rights Management Services.  Microsoft has now improved on this offering in the cloud and continues to make advances.  A real win here is the ease in which you can create Protection labels and apply them to any of the content in O365.
 
 
Reporting:  In terms of reporting, there are numerous built in graphs and charts that should meet most reporting needs.  In the past, it could be argued that there wasn't much focus on reporting,  but Microsoft has turned that around with its investments in PowerBI.  If custom reporting is needed, logs can be accessed and utilized to create virtually any custom report using SSRS, tableau or other reporting tools.
Image5.PNG

Integration:  The key advantage of the MCAS solution is that it easily incorporates in the other Azure / O365 features including:  Privileged Identity Management, Identity Protection, Information Protection, Conditional Access, Multifactor Authentication, Data Loss Prevention, Advanced Threat Protection and Windows Defender as well as B2B and B2C solutions. 

If you are using Azure and O365 it will be hard to beat the MCAS solution.  As noted, other apps where MCAS is very powerful are Box, Google G Suite and Salesforce.   New integrations are being developed for AWS, DropBox and ServiceNow that should be ready in the next 6 – 12 months that will make MCAS even more attractive.
Image6.PNG

Scalability:  The MCAS solution can be configured to cover on-premise, Azure/O365 as well as key 3rd party solutions.  It is also easily configured for thousands of users using Azure Dynamic Groups.  The Microsoft Azure global infrastructure is nothing less than magnificent.  With redundancy built into every location it can compete with any other vendor.
Image7.PNG
User Actions:  User actions are tracked and monitored including upload, download, editing and unusual activity.  As an example, the MCAS platform is intelligent enough to baseline and understand what normal activity is and then alert when anomalous activity occurs.  Machine learning is being put to good use in the Microsoft Cloud.
 Image8.PNG

In short, the MCAS solution should be getting a higher ranking.  As mentioned, part of the difficulty for the authors is that Microsoft has been following a very aggressive release schedule not this year, but over the last three years.  They are on a role and I don’t suspect they are going to slow down as they move more and more into not the Cloud CASB market space. 

Our best advice is to be aware, keep reading and partner with an organization that is committed to staying on top of the many changes happening in the Cloud Platform space.   This will help you to make the best choices for your organization based on the latest information available as well as comparisons you may find online.  And most important, keep in mind that when it comes to the cloud, a comparison online can become quickly outdated.
 
If you would like more information reach out to ECM@Protiviti.com.

Quick Launch


© Protiviti 2019. All rights reserved.   |   Privacy Policy