Microsoft marches forward with its security plan, releasing Cloud App Security

As Microsoft works its way toward implementing the security plan that CEO Satya Nadella outlined in a talk last Fall in DC, part of that has been creating tools and part buying them. Today, it announced that Adallom, a company it bought last year was becoming generally available and renamed Microsoft Cloud App Security.

While the new name lacks the pizazz of the original, it does convey to customers and sales alike what the product actually does a bit more clearly, and that’s help companies detect cloud apps in use in a company — whether from Microsoft or a third party. That last part speaks to the new philosophy in play at Microsoft that when it makes sense, its products won’t be “all Microsoft, all the time” as they have in the past, but will work cross-product and cross-platform, even when those products may compete directly or indirectly with Microsoft.

With a product like this, it wouldn’t have made sense to work any other way.

It allows IT admins to look across the company and see any cloud apps that are in use in the organization. This is a useful exercise in itself to see how broadly employees are using unsanctioned apps — and chances are it’s quite a bit, says Assaf Rappaport co-founder CEO of the company formerly known as Adallom.

According to the company’s research, based on using its own product, the average employee uses 17 cloud apps at work and IT doesn’t know about most of them. Of course, this tool isn’t the first to do this kind of detection, but it takes it beyond pure detection to give visibility into how much data is moving outside the organization, in some cases in violation of security or compliance rules.

Finally once there is a preliminary usage map, the customer can put some controls into place to protect the organization in cases where it is warranted.

When it comes to control, Rappaport is careful to point out this is not about controlling user behavior or getting in the way of running the business, but applying controls where it makes most sense for the organization such as preventing unauthorized confidential information from being shared in the cloud or controlling access from unknown networks.

As for why he chose to sell his startup to Microsoft, he says he saw a company with a common vision and an ability to give his company scale on a level that would have likely been impossible as an independent company.

As part of Microsoft, his company gets access to the entire Azure security stack, its security graph data and all that entails in terms of further developing his product. It also gets access to Microsoft’s massive worldwide sales and marketing organization with scale and access to security and IT executives that would have taken years to develop on its own.

“When you have a small sales team, you usually approach Fortune 100 or 500 because your sales team is small. That’s what’s so great with Microsoft. We can now reach out to any organization on the planet,” he said.