Enable Microsoft Cloud App Security and Connect to O365

Microsoft Cloud App Security (MCAS) is a cloud security tool that, among many other things, can scan your cloud storage for protected data (such as PII, PCI, HIPAA, etc.). This post will detail enabling MCAS, delegating access, and connecting Office 365. Come back later in the week for a post on configuring a policy to scan OneDrive for files containing an SSN.

There are several ways to license MCAS. You can buy it standalone, bundle it with EMS E3 or A3, EMS E5/A5, M365 E5/A5 Security, or with full M365 E5/A5. There are also subsets of features available when purchasing Office 365 E5/A5 and Azure AD Premium P1 or P2.

Enable MCAS

Like most Azure services, enabling MCAS is pretty simple. An Azure AD global administrator needs to login to https://portal.cloudappsecurity.com and go through the step of turning on the tenant. That’s it.

Delegate Admin Access

If the AAD global administrator will also be the MCAS administrator, then you don’t need to go through the section. If you need to delegate access to someone else, then follow these steps.

  1. Click the Gear in the up-right corner.
  2. Click Manage admin access.
  1. Find the user in the first box (sorry, as of this writing, there is no group support).
  1. Select the appropriate role of the new admin.
  1. Click Add Admin.

Now you’ve delegated access to another user.

Connect to Office 365

To connect MCAS to O365, follow these steps.

  1. Hover over the Glasses icon in the left toolbar, and select Connected Apps.
  1. Click the + button and select Office 365.
  1. Click Connect Office 365.

O365 is now connected to MCAS. MCAS will start looking at the data contained in O365, but will not start creating alerts or flagging files until we create a policy. Come back later in the week for a post about creating a policy to flag American social security numbers.

For information on connecting other providers, see https://docs.microsoft.com/en-us/cloud-app-security/enable-instant-visibility-protection-and-governance-actions-for-your-apps.

All content provided on this blog is for information purposes only. Windows Management Experts, Inc makes no representation as to accuracy or completeness of any information on this site. Windows Management Experts, Inc will not be liable for any errors or omission in this information nor for the availability of this information. It is highly recommended that you consult one of our technical consultants, should you need any further assistance.



Contact Us

On Key

More Posts

WME Security Briefing 27 May 2024

Kinsing Hacker Group Exploits Docker Vulnerabilities Overview Recent investigations have shown that the hacker group Kinsing is actively exploiting Docker vulnerabilities to gain unauthorized access to systems. The modified hacker group targets misconfigured Docker API ports deployed with cryptocurrency mining malware.

Read More »
WME Cybersecurity Briefings No. 010
Cyber Security

WME Security Briefing 20 May 2024

Advanced Persistent Threats: North Korean Hackers Launch Golang Malware Overview A new malware strain, called Titan Stealer, is currently actively circulating in the threat landscape, targeting a variety of personal data and linked to North Korean state-sponsored cyber espionage

Read More »
WME Cybersecurity Briefings No. 009
Cyber Security

WME Security Briefing 08 May 2024

Exploitable vulnerability in Microsoft Internet Explorer, used to deploy VBA Malware Overview Cybersecurity researchers discovered a severe exploitation targeting a bug that had already been patched in the Microsoft Internet Explorer browser. Their report added that

Read More »
Be assured of everything

Get WME Services

Stay ahead of the competition with our Professional IT offerings.