Please note, we have an onsite form of the workshop

Our objective is to deliver the Shadow IT Assessment, including:

• Good security principles covering people, process, and technology solutions
• Improve the security posture when it comes to usage of cloud applications and services
• The assessment is based on the discovery of usage of cloud applications and services

IT Partner responsibilities #

• Gain an understanding of customer's cloud security objectives and requirements toward cloud usage and verify them against real usage of cloud applications and services
• Provide guidance, recommendations, and best practices on how to successfully use Microsoft Cloud App Security (CAS) to mitigate security threats that are associated with usage of cloud application and services
• Provide a prioritized and actionable road map for the customer, containing proposed actions based on user impact and implementation cost
• Map Microsoft CAS capabilities and partner services to assessment findings, taking into account customer's security objectives and requirements

Client responsibilities #

• Information: This includes accurate, timely (within three business days or as mutually agreed upon), and complete information
• Access to people: This includes access to knowledgeable customer personnel, including business user representatives, and access to funding (if additional budget is needed to deliver project scope), as well as access to knowledgeable personnel who manage the firewalls, can provide credentials for log extraction, and can alter firewall rules if necessary.
• Access to systems: This includes access to all necessary customer work locations, networks, systems, and applications (remote and onsite)

Prerequisites #

• Microsoft 365 tenant and Microsoft Cloud App Security service. Either customer production Microsoft 365 tenant with CAS (through E5 license) or trial Microsoft 365 tenant and CAS trial (for up to 30 days)
• Access to logs from customer firewalls or proxies
• Log Collector should be configured and ready to work More info

Plan #

The Shadow IT Assessment typically consists of an up to two-hour remote kickoff meeting followed by remote assessment workshops.

Kickoff

• Introduction to the engagement: objectives, flow, responsibilities, and governance
• Provide and explain pre-assessment questionnaire to the customer

Webinar 1 -- Education & Setup

• Review of the questionnaire (should be ready by the time of the webinar) in order to get mutual understanding, especially around customer's cloud usage and associated security objectives and requirements
• Provide education and readiness on Microsoft Cloud App Security

Webinar 2 -- Exploration & Discovery

• Review of the CAS report(s) with the customer
• Exploration of specific use cases of cloud usage in the portal
• Creation of final report from the engagement, highlighting discovered cases of Shadow IT (usage of unapproved cloud applications or services)
• Creation of Cloud Usage Visibility and Control road map

Webinar 3 -- Review & Road Map

• Presentation and discussion of final report from the engagement, highlighting discovered cases of Shadow IT (usage of unapproved cloud applications or services)
• Review of Cloud Usage Visibility and Control road map

Results #

• Kickoff Presentation (work product): an overview of the engagement covering vision and objectives, requirements, and next steps
• Pre-Assessment Questionnaire (work product): a questionnaire containing questions on cloud usage/adoption, security requirements and objectives, regulations, and frameworks
• Shadow IT Discovery Report (deliverable): a document containing a list of discovered possible Shadow IT usage and recommendations for further investigation
• Cloud Usage Visibility and Control Road Map: a prioritized, actionable road map for addressing discovered cloud usage, especially its Shadow IT aspect, including mapping capabilities of Cloud App Security in a customer environment