MS CAS is a cloud-based service that aims to protect the work of cloud services, but it also allows you to monitor employees' personal devices, obtains information about the security of these devices, vulnerabilities, attempts to hack devices, the possibility of credentials being compromised, and suspicious activity. This service has convenient data visualization capabilities, can analyze data to identify threats, has flexible management policies, and automates security monitoring processes. All these features minimize the security specialist's workload while maintaining a high level of control and protection. MS CAS transparently integrates into the work of employees and does not create problems in their daily routine.
With this service, we are focused on using MS CAS in the Microsoft Cloud services protection scenario
- Data protection and privacy, including the use of the Conditional Access App Control
- Prevention of information theft
- Forced data encryption and control of the device network location
- Detection of suspicious and viral activity, possible attacks
- Bringing cloud infrastructure to match industry-standard requirements, including analysis of used applications and potential risks, user risk assessment, and data access restriction
Your company may have personalized requirements for customizing this solution and we will take these into consideration while implementing Microsoft Cloud App Security, allowing you to attain a reliable and secure, yet easy to manage, work environment.
IT Partner responsibilities #
- Gain an understanding of Client's cloud security objectives and requirements toward cloud usage and verify this against real usage of cloud applications and services
- Provide a prioritized and actionable road map for the customer containing proposed actions based on user impact and implementation cost
- Develop a plan and scenario of MS CAS
- Configure the Cloud App Security portal
- Configure integration with cloud services
- Deploy Microsoft Defender ATP using Group Policy or Microsoft Intune
- Configure the integration of Cloud Discovery and Windows 10 operating systems by integrating Microsoft Defender with Cloud App Security
- Configure Access Policies and Suspicious Activity Detection Policies
- Configure data management policies
- Configure application detection
- Configure reporting of Cloud App Security data
- Configure notifications of potentially dangerous and dangerous actions
Client responsibilities #
- Coordinate Client resources and staff schedules
- Provide a dedicated point of contact responsible for working with IT Partner
- Provide all the necessary information for the statement of work preparation
- Coordinate any outside vendor resources and schedules
- Configure all network equipment, such as load balancers, routers, firewalls, and switches
- Review and approve engagement deliverables in a timely manner
Additional cost items not provided by the project #
- Employee training (administrators, security professionals) to work with Cloud App Security
- Regular monitoring of reports and actions, as well as reaction to incidents
- Purchase of required product licenses
Please note that the client's refusal to purchase licenses that may be required for the implementation of the tasks set by the client is the responsibility of the client and cannot be considered as a reason for refusing to confirm the success of the project. In such a situation, a demo license for the appropriate product can be used; afterward, the client purchases a working license for the product independently or with the help of IT Partner.
Upon completion of the project, we will provide a project closeout report. This document will indicate the final project status including acceptance criteria matching, outstanding issues, and the final budget. If you require more extensive documentation, it can be provided for an additional fee.
Prerequisites #
- Microsoft 365 tenant and Microsoft Cloud App Security service. Either customer production Office 365 tenant with CAS (through E5 license) or trial Office 365 tenant and CAS trial (for up to 30 days)
- Windows 10 Corporate E5
- Microsoft 365 E5 (M365 E5) including Windows 10 Corporate E5
Plan #
The plan may vary depending on your needs.
- Kickoff meeting
- Collecting information about current infrastructure, users, applications, and devices
- Cloud App Security implementation planning
- Configuring the Cloud App Security portal
- Configuring integration with cloud services
- Deploying Microsoft Defender ATP using Group Policy or Microsoft Intune
- Configuring the integration of Cloud Discovery and Windows 10 operating systems by integrating Microsoft Defender with Cloud App Security
- Configuring policies and reports according to Cloud App Security data
- Configuring notifications of potentially dangerous and dangerous actions
- Verifying and fixing issues
Success Criteria #
- Client requirements for MS CAS operations defined
- A statement of work matching the implementation of customer requirements developed and provided (if they are able to be implemented in the current environment)
- MS CAS services configured according to the statement of work
- Administrators can view operative and analytic information from the MS CAS dashboard
Share
Related services
Exchange Server Decommissioning
Microsoft Exchange Server safe decommissioning in your organization.
Microsoft 365 Security Beyond Service
Microsoft 365 Security Beyond Service.