Cloud App Security and Office 365 Advanced Security Management are very comparable Microsoft products, and many of our clients are confused over the difference between them. Both were acquired by Microsoft through the acquisition of Adallom and give users the capability to create security policies and receive alerts when those policies are breeched. In addition, each of the products give users the ability to set manual or automation remediation. Focused on Office 365, Advanced Security Management (ASM) does that work automatically.
In contrast, Cloud App Security covers a wide range of SaaS-based applications - including competitor’s services like Box, Salesforce, and Amazon Web Services. Cloud App Security also adds more functionality including its own data loss prevention, ability to automatically add new applications, and integration with Security Information Event Management (SIEM) products.
The below chart provides additional details on when each product includes:
Contact Interlink today to discuss your needs and which solutions would be a fit for your organization.
Companies want to continue to use the most advanced technology to enable their employees to achieve more, but all of these new and different products have resulted in a licensing headache. We hear constantly that attempting to navigate around Microsoft licensing can be challenging and frustrating. Microsoft created the Enterprise Cloud Suite (ECS) a few years ago in an attempt to simplify this process. It was a single licensing option that included E3, the Enterprise Mobility + Security Suite and Windows Desktop upgrade. Building upon this initial base Microsoft is now continuing to simplify this process with the introduction of the Secure Productive Enterprise. This will be bringing together Office 365, Windows 10 Enterprise upgrade, and the Enterprise Mobility + Security suite into a single licensing offering called the Secure Productive Enterprise. This will be replacing the Enterprise Cloud Suite and Microsoft will be introducing even more options by also offering an Office 365 E5 option in the bundle.
Moving forward Microsoft will be standardizing packaging offers across Office 365, Windows 10 Enterprise, and the Enterprise Mobility + Security Suite by offering two tiers of the Secure Productive Enterprise: E3 and E5. This is what it will look like:
Microsoft will continue to evolve the Windows E5 edition by adding more functionality. The first difference is the introduction of Windows Defender Advanced Threat Protection for end point breach detection.
Interlink can help guide you through your options and help figure out what works for your users. We can help profile your users - remember that you don’t have to license everyone with the same license bundle in the cloud.
The new Advanced eDiscovery tool from Microsoft is groundbreaking while it uses machine learning to find the most valuable data quickly and without the use of expensive outside legal assistance.
eDiscovery, short for electronic discovery, is the process of finding, gathering and generating electronically stored information (ESI) in response to a civil litigation that is carried out in electronic formats. It includes , but is not limited to, emails, instant messaging, documents, presentations, CAD/CAM files, databases, voicemail, audio and video files, social media, and web sites, and any other electronic information that could be significant evidence in a lawsuit. It can be an expensive, time consuming process, but Microsoft has created a solution that allows you to quickly and efficiently investigate and meet legal obligations with Office 365 Advanced eDiscovery.
Office 365 Advanced eDiscovery utilizes Equivio machine learning, predictive coding, and text analytics to analyze large, unstructured data sets and focus the data that's most relevant to a legal case. Utilizing these tools, Advanced eDiscovery sorts through thousands of messages, emails, and documents to find relevant files. The application also eliminates duplicate files, reconstructs email threads, and identify themes and data relationships that are the most relevant to your case. This reduces many of the legal and compliance challenges companies face when trying to manage large quantities of electronic data.
With predictive coding in Advanced eDiscovery you can "train" the system to automatically determine if a data element is relevant or not by making decisions on a small set of the data. The system then looks to see what decision you made and applies that logic towards making decisions on relevancy for the larger data set. With that logic in place, it will also look to create a relevance ranking so that you can see what documents will most likely be the most relevant to your particular case.
When you have teams constantly working on documents and sending them back and forth, odds are you will have multiple versions of the same document across your platform. Typically, you'd have to take one of your current employees off of their usual tasks or hire outside legal teams to review each of these documents and those costs can quickly add up. Even if the resources are there to support individual sorting, you could have different employees looking at different versions of the same document, which is a huge waste of valuable time! With near-duplicate detection you can have resource review a group of similarly structured documents, eliminating the manpower, time, and money normally needed.
We all know the feeling of receiving an email in our inbox that is at least five emails long with the same information from every reply, creating an incredibly long thread. Within advanced eDiscovery, the system looks to identify the unique messages from the email thread, eliminates duplicate messages, which allows you to focus on unique messages instead of the same ones over and over again.
Export for Review
When you export your case data with Advanced eDiscovery from Office 365, it includes a CSV file that contains all your document properties from the exported data along with the analytics metadata. After exporting, you can load the CSV file into the eDiscovery review application and maintain the analytics information. The export can then be imported to create searches in the eDiscovery review application.
How does this differ from E3?
The Office 365 E3 plans include the ability to do eDiscovery across a customer’s 365 information. The eDiscovery tool also has the ability to define searches based on a number of criteria including from, to, date
range, subject line, etc. However, it lacks a way to score, filter, or remove duplicates from the search like the Advanced eDiscovery tool.
Get Started with Advanced eDiscovery Today
Microsoft’s Office 365 Advanced eDiscovery, which is a part of the new Office 365 E5 plan and is available for purchase as add-on services to all Office 365 Enterprise plans. Advanced eDiscovery can be added for individual users and does not need to be purchased for every mailbox being searched.
Have any additional questions? – Contact us today!
Always Encrypted: Exactly how it sounds, Always Encrypted means your data remains encrypted…all the time to help you protect sensitive data. Data is encrypted in transit, in memory, on a disk, and during query processing.
Transparent Data Encryption: For those of us constantly keeping up on compliance regulations and requirements, this encrypts databases with associated backups as well as transaction log files without needing changes to your applications. The audit trail is clear in order to stay in compliance while keeping data safe from any breach.
Row-Level Security: This feature can limit access to individual rows of data based on a user's identity, role, or query execution context to ensure only the right people can view that data. This also simplifies the application code so that data isn’t accidently shared in any situation.
Azure Active Directory (AD) Authentication: Different from SQL Authentication, Azure AD Authentication simplifies password management by allowing you to access a number of Azure services using the same identity. This does not compromise the level of security. It reduces the amount of IT time spends on retrieving lost passwords and login details while maintaining access control every step of the way.
Dynamic Data Masking: Another, more sophisticated, form of encryption allows users to define masking patterns on actual database columns. For example, users can set a masking rule that masks all but the last four digits of any social security number in the result set of any query to ensure that sensitive data is truly safe.
Both features are great examples of how users can monitor and quickly respond to risk. Advanced Threat Analyticsis yet another approach to helping users stay ahead of sophisticated malware attacks.
Another (bonus) reason to consider Azure SQL Database that’s best shared through this diagram, courtesy of Microsoft Azure, is that SQL Server’s track record speaks for itself. When you’re in the cloud, you can’t be vulnerable and SQL Server lives up to that motto…six years running!
Data security in the cloud isn’t a set it and forget it process. It is a constant work in progress because the security risks keep changing and technology keeps advancing. Choosing Microsoft as your partner in mitigating those risks is a smart and educated decision in keeping your data safe.
As business changes and technology evolves, the majority of organizations depend on IT systems to store their data and run critical workflows. Unfortunately, these systems can be a prime target for cyber-attacks as sophisticated hackers put the enterprise in a vulnerable position. Just take note of these especially stunning stats:
76% of attacks stem from compromised user credentials
The average cost of a data breach to a company is $3.5 million and total cost of cybercrime on a global scale is as high as $500 billion
The reality is, businesses need to pay attention and adapt to this changing nature of data security threats.
Now available in the Enterprise Mobility Suite, Microsoft Advanced Threat Analytics (ATA) helps to protect your company from attacks by leveraging machine learning. It uses behavioral analytics to uncover suspicious behavior, internally or from external attacks. It also detects known security issues and risks , the goal is to stay one (or two, or three) steps ahead of the attackers.
When you think of security software, your mind might immediately turn to configuring system rules and alerting. All of which take time and commitment from your team. With ATA, you don’t need to create rules, baselines, or thresholds. It’s streamlined from setup and works immediately. Once a threat is detected, it’s also easy to view a timeline of when the attack hit. It can help pinpoint where the breach took place. All of this insight can better prepare you for future attacks.
The thought of being hacked and not even knowing it is scary enough, but ATA also helps identify internal threats like why a user would be accessing files in accounting if they’re in the marketing department? Combined with online security reports, ATA can show anomalies for logins. It will help detect when user credentials have been compromised by reporting geographically distant logins that occur at the time time – like a single user being logged in from Ohio and from Romania at the same time.
The high-level benefits of using ATA at your business are obvious. Peace of mind goes a long way, and you also want it to help you adapt as cyber-attacks grow in frequency and sophistication. The features of ATA are even more appealing when you see exactly how it works for your business. Here are a few of our favorites:
Timeline: We’ve already mentioned that timeline, but it’s worth noting again. In addition to listing the activities as they occur, ATA provides recommendations on how to handle that alert.
Organizational Security Graph: This maps out entity interactions which represents the context and activities of the users, devices, and resources. This will be a big driver in managing security for each of your users.
Email Alerts: There’s no need for one person to be continuously monitoring for cyber-attacks. With ATA, you can have emails sent to users or groups when suspicious activity is detected.
Leveraging the Cloud: Microsoft cloud based correlation engine helps more quickly identify new attacks and reduce the amount of false positives.
The cyber-attack threat is real and ATA can help you adapt to the changing cyber-attack world we live in.
All content provided on this blog is for informational purposes only. The owner of this blog makes no representations or warranties regarding the information from our partners or other external sources.