Link Search Menu Expand Document

Application Protect

Table of contents

Introduction

Moving to the cloud increases flexibility for employees and IT alike. However, it also introduces new challenges and complexities for keeping your organization secure. To get the full benefit of cloud apps and services, an IT team must find the right balance of supporting access while maintaining control to protect critical data.

Wortell uses Cloud App Security by Microsoft to protect modern cloud services (SaaS applications) Microsoft Cloud App Security is a Cloud Access Security Broker (CASB). According to Gartner, a cloud access security broker (CASB) is an on-premises or cloud-based security policy enforcement point that is placed between cloud service consumers and cloud service providers to combine and interject enterprise security policies as cloud-based resources are accessed. Think of the CASB as the sheriff that enforces the laws set by the cloud service administrators.

SKU’s

Feature Application Protect (Standard)
Visibility in used cloud services +
Extended coverage (with Usecases) +
Compliant with NEN & ISO +
24/7 alert and incident follow-up +

Features

Visibility in used cloud services

Companies need visibility and control across both managed and unmanaged cloud services. Rather than take an “allow” or “block” stance on all cloud services, cloud brokerage should enable IT to say “yes” to useful services while still governing access to activities and data within services.

This could mean offering full access to a sanctioned suite like Microsoft Office 365 to users on corporate devices, but web-only email to users on unmanaged devices. It could also mean enforcing a “no sharing outside of the company” policy across a category of unsanctioned services. While cloud security is the key focus of a cloud access security broker, another value provided is helping you get your arms around cloud spend. A CASB can help you discover all cloud services in use, report on what your cloud spend is, and find redundancies in functionality and license costs.

A CASB can produce valuable business and financial information as well as protection. As part of application protect, Wortell will provide

Organizations need to ensure their employees aren’t introducing or propagating cloud malware and threats through vectors such as cloud storage services and their associated sync clients and services. This means being able to scan and remediate threats across internal and external networks, in real-time when an employee tries to share or upload an infected file. This also means detecting and preventing unauthorized user access to cloud services and data, which can help to identify compromised accounts.

Wortell will follow-up alerts that are created by cloud app security.

Extended Coverage (with Usecases)

Wortell conducts it’s own security research. The goal of this ongoing security research is to understand the way how attackers operate and use that knowledge to build usecases for these attacks. A usecase, in the security world, covers an attack method or analysis. The usecase contains all the logic (instructions) to detect the attack and tasks te respond on this attack. Security products that are being used by Wortell Managed Detection and Response cover a wide range of attacks. By conducting our own security research and usecase development Wortell is able to add value on top of these security products.

Security research and usecase development is an ongoing process; new usecases will be added periodically.

Compliant with NEN & ISO

ISO/IEC 27001 is widely known, providing requirements for an information security management system (ISMS). Using it enables organizations of any kind to manage the security of assets such as financial information, intellectual property, employee details, or information entrusted by third parties.

24/7 alert and incident follow-up

Cloud Services are important, and attacks are happening during the day and nighttime. Therefore, Wortell has a team of cybersecurity engineers available 24/7.

Wortell has organized the availability of the experts as follows:

  • Tier 1: Eyes on-screen during business hours and outside of business hours
  • Tier 2: Eyes on-screen during business hours, stand-by outside of business hours
  • Tier 3: Eyes on-screen during business hours, stand-by outside of business hours

Cost Calculation

The cost will be calculated based on the number of users that have a Cloud App Security (or equivalent) license assigned. Once per month the number of licenses assigned will get fetched.

License Requirements

The following prerequisites need to be met to deliver this service:

  • Per-user at least one of the following licenses needs to be present:
    • Microsoft 365 E5 / A5
    • Microsoft 365 E5 / A5 Security
    • Enterprise Mobility & Security E5
    • Standalone license for Cloud App Security

Microsoft Licenses are not part of Wortell Protect and need to be purchased separately.

Product Requirements

The following requirements are necessary before onboarding this product to our MDR service:

Requirements MoSCoW
Microsoft Defender for Cloud Apps is configured and in use Must have

Wortell Managed Detection and Response has an extensive onboarding program that will help customers to get compliant with the above requirements. You can read more about our onboarding program over here.