Image by Gilles Lambert

Microsoft Cloud App Security

Microsoft Cloud App Security

MCAS is a multimode Cloud Access Security Broker (CASB). It gives you rich visibility, enables you to control how your data travels, and provides sophisticated analytics to identify and combat cyber threats – across all of your cloud services. It helps you discover, protect and respond to threats.


By definition, CASB provides security and monitoring of activity between users and cloud applications and enforces data security policies.  A CASB may deliver security, the management or both, "security" is the prevention of high-risk events, whilst "management" is the monitoring and mitigation of high-risk events.

The Cloud App Security framework

  • Discover and control the use of Shadow IT: Identify the cloud apps, IaaS, and PaaS services used by your organization. Investigate usage patterns, assess the risk levels and business readiness of more than 16,000 SaaS apps against more than 80 risks. Start managing them to ensure security and compliance.

  • Protect your sensitive information anywhere in the cloud: Understand, classify, and protect the exposure of sensitive information at rest. Leverage out-of-the box policies and automated processes to apply controls in real-time across all your cloud apps.

  • Protect against cyberthreats and anomalies: Detect unusual behavior across cloud apps to identify ransomware, compromised users or rogue applications, analyze high-risk usage and remediate automatically to limit the risk to your organization.

  • Assess the compliance of your cloud apps: Assess if your cloud apps meet relevant compliance requirements including regulatory compliance and industry standards. Prevent data leaks to non-compliant apps, and limit access to regulated data.

Image by CoWomen
Image by Pakata Goh

How Cloud App Security works?

Microsoft Cloud App Security gives you visibility into all the files from your connected apps. After you connect Microsoft Cloud App Security to an app using the App connector, Microsoft Cloud App Security scans all the files, for example, all the files stored in OneDrive and Salesforce. Then, Cloud App Security rescans each file every time it’s modified.

The Below diagram depicts the complete life cycle of Microsoft Cloud App Security deployment:

Microsoft Cloud App Security deployment

Phase 1: 

Discover and identify Shadow IT

Discover Shadow IT: Identify your organization's security posture by running Cloud Discovery in your organization to see what's actually happening in your network. MCAS integrates with Microsoft Defender ATP and third-party proxies including zscaler.


Identify the risk levels of your apps: Use the Cloud App Security cloud app catalog to dive deeper into the risks that are involved with each discovered apps. Cloud App Security's risk catalog includes over 16,000 apps that are assessed using over 70 risk factors.

Phase 2: 

Evaluate and analyse

Evaluate compliance: Check whether the apps are certified as compliant with your organization's standards, such as HIPAA, SOC2, GDPR.


Analyse usage: Understand the usage patterns and identify high risk of volume users

Phase 3: 

 Manage your apps

Manage cloud apps: Cloud App Security helps you with the process for managing app use in your organization. By creating new custom app tags in order to classify each app according to its business status or justification.


Continuous monitoring: by setting up policies that monitor the apps and provide control where needed.

Microsoft Cloud App Security