Note
We’ve renamed Microsoft Cloud App Security. It’s now called Microsoft Defender for Cloud Apps. In the coming weeks, we’ll update the screenshots and instructions here and in related pages. For more information about the change, see this announcement. To learn more about the recent renaming of Microsoft security services, see the Microsoft Ignite Security blog.
As a communication and collaboration platform, Cisco Webex Teams enables streamlined communication and collaboration across your organization. Using Cisco Webex for your data and assets exchange may expose your sensitive organizational information to external users, for example, in chat rooms where they may also be participating in a conversation with your employees.
Connecting Cisco Webex Teams to Defender for Cloud Apps gives you improved insights into your users’ activities, provides information protection detections, and enables automated governance controls.
Main threats
- Compromised accounts and insider threats
- Data leakage
- Insufficient security awareness
- Ransomware
- Unmanaged bring your own device (BYOD)
How Defender for Cloud Apps helps to protect your environment
- Enforce DLP and compliance policies for data stored in the cloud
- Limit exposure of shared data and enforce collaboration policies
- Use the audit trail of activities for forensic investigations
Control Cisco Webex Teams with built-in policies and policy templates
You can use the following built-in policy templates to detect and notify you about potential threats:
| Type | Name |
|---|---|
| Built-in anomaly detection policy | Activity performed by terminated user (requires AAD as IdP) Ransomware detection Unusual file deletion activities Unusual file share activities Unusual multiple file download activities |
| File policy template | Detect a file shared with an unauthorized domain Detect a file shared with personal email addresses Detect files with PII/PCI/PHI |
| Activity policy template | Mass download by a single user Potential ransomware activity |
For more information about creating policies, see Create a policy.
Automate governance controls
In addition to monitoring for potential threats, you can apply and automate the following Cisco Webex Teams governance actions to remediate detected threats:
| Type | Action |
|---|---|
| User governance | – Notify user on alert (via Azure AD) – Require user to sign in again (via Azure AD) – Suspend user (via Azure AD) |
| Data governance | – Trash file |
For more information about remediating threats from apps, see Governing connected apps.
Protect Cisco Webex Teams in real time
Review our best practices for securing and collaborating with external users and blocking and protecting the download of sensitive data to unmanaged or risky devices.