We’ve renamed Microsoft Cloud App Security. It’s now called Microsoft Defender for Cloud Apps. In the coming weeks, we’ll update the screenshots and instructions here and in related pages. For more information about the change, see this announcement. To learn more about the recent renaming of Microsoft security services, see the Microsoft Ignite Security blog.
As a major HCM solution, Workday holds some of the most sensitive information in your organization such as employees’ personal data, contracts, vendor details, and more. Preventing exposure of this data requires continuous monitoring to prevent any malicious actors or security unaware insiders from exfiltrating the sensitive information.
Connecting Workday to Defender for Cloud Apps gives you improved insights into your users’ activities and provides threat detection for anomalous behavior.
- Compromised accounts and insider threats
- Data leakage
- Insufficient security awareness
- Unmanaged bring your own device (BYOD)
How Defender for Cloud Apps helps to protect your environment
- Detect cloud threats, compromised accounts, and malicious insiders
- Use the audit trail of activities for forensic investigations
Control Workday with built-in policies and policy templates
You can use the following built-in policy templates to detect and notify you about potential threats:
|Built-in anomaly detection policy||Activity from anonymous IP addresses
Activity from infrequent country
Activity from suspicious IP addresses
|Activity policy template||Logon from a risky IP address|
For more information about creating policies, see Create a policy.
Automate governance controls
Currently, there are no governance controls available for Workday. If you are interested in having governance actions for this connector, you can send the Defender for Cloud Apps team feedback with details of the actions you want.
For more information about remediating threats from apps, see Governing connected apps.
Protect Workday in real time
Review our best practices for securing and collaborating with external users and blocking and protecting the download of sensitive data to unmanaged or risky devices.