Microsoft Defender for Cloud Apps (formerly Microsoft Cloud App Security) is a multimode cloud access security broker.
N/A
Microsoft Enterprise Mobility + Security
Score 8.3 out of 10
N/A
Microsoft Enterprise Mobility + Security is a suite of applications supporting mobile device and application security, MDM, as well as conditional or privileged access with multi-factor authentication, and advanced security reporting. Products in the suite includes Microsoft Intune mobile device management, Azure Information Protection, Microsoft Identity Manager, Microsoft Cloud App Security, Azure Active Directory, and other ancillary applications.
The feature that helps us in detecting the sensitive information being shared has been very useful. In addition, the feature that allows [Microsoft Cloud App Security] to apply policies with SharePoint, Teams, and OneDrive is being used predominantly. It is a kind of unified solution. As compared to other solutions such as Netskope, Symantec, or McAfee, it provides a more unified reporting structure. It also integrates with other technologies. We have Azure Information Protection, and it goes well with the solutions that we are already using.
Overall it is well suited to a mid size Enviromint with a limited staff. If you have a limited amount of time you can dedicate to solutions then having one that is by default already included in the system and can be managed well then it makes for fast integration with low overhead
Azure AD Single Sign-On -- this is my favorite feature of EMS + Security. It is easy to setup and MS has simple instructions for most popular cloud services.
InTune -- the changeover from the old InTune Client/Silverlight Portal has been painful, but once you get Win10 devices setup with InTune, management is a breeze.
The interface is pretty simple and easy to use; however, you will need to do a lot of investigative research on your own to get comfortable with it. Originally, many of the Microsoft security tools had their own seperate consoles. Overtime, they have blended into one interface which is the ideal state. In some cases it is clear Microsoft had to pick which console a certain feature or setting was going to reside in and this leads to some confusion. For example, DLP is managed through Defender for Cloud Apps but you will also need to jump into Purview. For things like reverse proxy on your M365 tenant, you will need to go into Azure and setup conditional access rules. Not a big problem and I can understand why the settings are located where they are but for someone just starting out with Defender for Cloud Apps, it will take some time to figure out.
most features are pretty point and click simple. Some areas that are move detailed require some specialized training and knowledge to be able to navigate and get anything useful out of it. With some basic understanding you can gather tremendous amounts of data and have it available
I have not utilized actual support but the Sales and Product teams have been super helpful in moving our implementation forward and showing us the best practices.
More flexible and more features with easy integration with cloud services like Microsoft Azure and other cloud services. Overall both gives similar features but we prefer Microsoft cloud app security due to its high threat detection rate. mostly we have been able to stop the threat in very very less time.
Microsoft Enterprise Mobility + Security is better than any of the products I have used that do similar things. There is a huge convenience to all the things Microsoft Enterprise Mobility + Security brings together in one place. Also, the speed and streamlining nature of Intune helps with the management and set up of devices.
Cloud App Security saves us thousands of dollars finding and rectifying apps security issues
Identity Security Posture helps the organization identity stay in shape, saving thousands of dollars on security consultations
The cost of suffering a breach cannot be quantified, CAS helps minimize the chances of the attackers succeeding, with excellent historical logging for most operations