What email address or phone number would you like to use to sign in to Docs.com?
If you already have an account that you use with Office or other Microsoft services, enter it here.
Or sign in with:
Signing in allows you to download and like content, and it provides the authors analytical data about your interactions with their content.
Embed code for: 17.01.26.O365Club_3c_End2EndDataGovernance_ASM
Select a size
Advanced Security Management
“How do you protect and manage your data in a modern cloud environment?“ (Part 2) Office365 Advanced Security Management
Office 365 Technical Professional
Patrick Van Asch
Office 365 Product Marketing Manager
Awareness and Insights
“How do you protect
and manage your data
in a modern cloud environment?“
Patrick Van Asch,
Office365 Product Marketing Manager,
Change is constant
Evolving threat landscape
Industry regulations and standards
Peoples work expectations
87% Of senior managers admit to regularly uploading work files to a personal email or cloud account
of enterprises indicated security as a top challenge holding back SaaS adoption
of all network intrusions are due to compromised user credentials
140+ The median number of days that attackers reside within a victim’s network before detection
80%+ of employees admit to using non-approved SaaS apps in their jobs
Enhanced visibility and control for Office 365
DISCOVERY & INSIGHT
Identify high-risk and abnormal usage, security incidents, and threats
Anomaly detection principles (session risk score / threshold / alert trigger)
Shape your Office 365 environment with granular security controls and policies
App Permissions (also 3rd Party)
Gain enhanced visibility and context into your Office 365 usage and shadow IT
no agents required
App Discovery Dashboard
Discovery & Insights
Insight into potential breaches
Identify anomalies in your Office 365 environment which may be indicative of a breach
Assess your risk
Leverage behavioral analytics to assess risk
Leverage Microsoft’s threat intelligence
Identify known attack pattern activities originating from risky sources leveraging Microsoft’s threat intelligence
Threat detection – experience
Easy to use and customizable
Use out of the box policies or customize your own
Visibility into violations
Identify policy violations, investigate alerts on a user, location, or activity level
Stop questionable activities
Enforce actions like user suspension
Lower your risk
Assess risk from apps that have permissions into Office 365 data and remove their rights centrally
Enhanced control – experience
Activity policy creation
Discovery and insights
View into your Office 365 usage
Easy to understand dashboard into Office 365 consumption
See what shadow IT is happening
Discover ~1000 productivity cloud applications
Nothing to install
No agent required on end points to gather data
Discovery and insights – experience
Productivity App Discovery Dashboard
Powered by Microsoft Cloud App Security, Advanced Security Management provides enhanced visibility and control for Office 365
Insight into potential breaches: Identify anomalies in your Office 365 environment which may be indicative of a breach
Assess your risk: Leverage behavioral analytics to assess risk
Leverage Microsoft’s threat intelligence: Identify known attack pattern activities originating from risky sources leveraging Microsoft’s threat intelligence
Easy to use and customizable: Use out of the box policies or customize your own
Visibility into violations: Identify policy violations, investigate alerts on a user, location, or activity level
Stop questionable activities: Enforce actions like user suspension
Lower your risk: Assess risk from apps that have permissions into Office 365 data and remove their rights centrally
View into your Office 365 usage: Easy to understand dashboard into Office 365 consumption
See what shadow IT is happening: Discover ~1000 productivity cloud applications
Nothing to install: No agent required on end points to gather data
Reviewing Anomaly Detection Alert
Creating an Anomaly Detection Policy
Creating an Activity
Want to know more?
CIE’ing = Believing: participate in a Customer Immersion Experience (CIE) session with a partner or Microsoft
REGISTER FOR UPCOMING EVENTS:
21 Feb - IT INSPIRATION DAY (Microsoft Zaventem):
28 Mar - OFFICE365 CLUB (EBC): GDPR Updates + Keep Pace with Security Challenges “(Enterprise Mobility + Security”-focus) –
25 Apr - IT INSPIRATION DAY (Microsoft Zaventem)
9 May - CIO ADVISORY BOARD
11-12 May - OFFICE365 CLUB (EBC): GDPR Updates + Windows focus (on Day1)
INDICATE ON YOUR EVAL FORM WHICH EVENT YOU LIKE TO REGISTER FOR
Try out Office 365 and The New Office
Contact your account manager to plan a proof of concept or pilot deployment
Request support through one of our partners or MCS, and FastTrack/Onboarding Services
Discover the #NewOffice on the
http://trust.office365.com/Office 365 Trust center
& OnDemand Viewing
© 2016 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.
The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Launching Advanced Security Management
Investigating Activity Logs
Creating an Activity Policy
© 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Microsoft Ignite 2016
“How do you protect and manage your data in a modern cloud environment? (Part 2)“
Part 2 continues to demonstrate you how Office 365 enables you to protect, monitor and manage your data end-to-end in a modern cloud environment answering to today’s EU data protection regulation including GDPR.
Dirk Gullentops, Office365 Technology Specialist, Microsoft BeLux
Patrick Van Asch, Office365 Product Marketing Manager, Microsoft BeLux
We all know that change is constant the only thing that does not change is change.
And we have seen that peoples work expectations have really changed a lot. They want to bring their own device to work. They want to have easy access to information wherever they are and from whatever device they have.
When you think about securing company data there is also an evolving threat landscape. The way that hackers are approaching hacking has really changed and so the ways that we need to protect ourselves have also changed.
And lastly industry regulations and standards have not only changed but also increased. As we have things like cloud computing we see people ask how do the existing and new industrial regulations and standards that companies have to comply with apply to this new world where customers don’t have the computing resources on premise.
© 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Many of these issues have influenced how organizations look at SaaS solutions.
For example, we have heard that 73% of enterprises indicated security as a top challenge holding back SaaS adoption. At Microsoft we try to help alleviate these concerns and we will talk more about this in a minute.
We also know that 80% of employees admit to using non-approved SaaS apps in their jobs and 87% of senior managers admit to regularly uploading work files to a personal email or cloud account. We have also heard that 75%+ of all network intrusions are due to compromised user credentials and that once someone in is, that the median number of days that attackers reside within a victim’s network before detection is over 140.
Many organizations tell us that they have limited if not any visibility and lack the controls necessary to help solve issues like these.
Cloud Security Alliance (CSA) survey, Cloud Adoption, Practices and Priorities Survey Report 2015 - https://downloads.cloudsecurityalliance.org/initiatives/surveys/capp/Cloud_Adoption_Practices_Priorities_Survey_Final.pdf
80% data point is from http://www.mcafee.com/us/resources/reports/rp-six-trends-security.pdf
87% quotes is from: http://www.strozfriedberg.com/wp-content/uploads/2014/01/Stroz-Friedberg_On-the-Pulse_Information-Security-in-American-Business.pdf
140+ days quote from Mandiant https://www.fireeye.com/current-threats/annual-threat-report/mtrends.html
75%+ quote is from http://www.verizonenterprise.com/resources/reports/rp_data-breach-investigations-report-2013_en_xg.pdf
To help organizations with this problem we built Office 365 Advanced Security Management which provides you with enhanced visibility and control into your Office 365 environment. At a high level, it does this in three ways.
You get the ability to detect threats by helping you identify high-risk and abnormal usage, security incidents, and threats.
Advanced Security Management also provides you with enhanced control by leveraging granular controls and security policies that can help you shape your Office 365 environment.
You also get enhanced visibility and context into your Office 365 usage and shadow IT though the discovery and insights that the solution provides, all without installing an end point agent.
Let’s go a bit deeper into each one of these areas starting with how we give you the ability to detect threats.
To provide the threat detection that some organizations are looking for, Advanced Security Management gives you a robust policy and alerting engine that provides insight into potential breaches by being able to setup anomaly detection policies for your Office 365 environment. Anomalies are detected by scanning user activity and evaluating its risk. The risk is determined by looking at over 70 different indicators. Some of the risk factors are things like: login failures, administrator activity, inactive accounts, location, impossible travel, and device and user agent.
Setting up an anomaly detection policy is fairly straight forward. Most of the work is around deciding which of the risk factors if not all you want to monitor for, what the sensitivity of the policy and the maximum amount of daily alerts you want to receive. The reason you might want to limit the number of alerts is an anomaly might not be an issue. For example, if your company opens up a new office, Advanced Security Management may see all the new logins from that office as an anomaly until it learns that this is normal.
Advanced Security Management also leverages behavioral analytics as part of anomaly detection to assess risk in what your users are doing. It does this by understanding how the user interacts with Office 365 on a daily basis. Once it has this baseline it can then determine if a user’s activity/session is suspicious and give it risk score to help you determine as part of your investigation if you should take further action.
Advanced Security Management is also enhanced with the vast amount of threat intelligence information that Microsoft has. Microsoft’s unique insights into the threat landscape, informed by trillions of signals from billions of sources uniquely positions them to better protect customers and their data.
Here is a quick look at an anomaly detection alert. You can see at the top that a user triggered a suspicious session with a very high risk score since the session was done over an anonymous proxy, the user is a admin, they used a ISP that they had not used before, there were multiple failed login attempts and the user was in an impossible travel scenario. You can also see the details of the user’s activity and dive into more aspects of it. For example, you can click on the IP address and see if there was other activity from this address. Note that if you decide that this set of combined activities are too risky, then you can suspend the user right from the alert.
As I mentioned earlier another big focus for Advanced Security Management is around providing enhanced controls which is done through another set of policies called activity policies. These policies give you the ability to track specific activities that you are interested in. This is done with out of the box there are templates that you can use to easily create policies that can help you see when someone is downloading a lot of data, has multiple failed logon attempts, or logs in from a new ip address. You will also likely want to create additional policies that are more customized to your unique environment and you can do this too. Using activity filters you can look for specific items like the location of the person, a user or group, the device type (mobile, PC, tablet), ip address, if a new user is created, or if someone is granted admin rights. Based on these activities happening once or a repeated number of times in a specific timeframe, you can create an alert, or notify or someone in IT.
The alerts are what give you the visibility into the activities that you want monitored and Advanced Security Management gives you an easy way to see all of these and start your investigation. Some alerts alone like a user logging in from a new location might not be an issue as they might be on vacation and leveraging Office 365 to check mail. However, you might want to check to see if they are doing other things that might be suspect like accessing documents that you know are sensitive, or failing to log in multiple times. To help you with this, Advanced Security Management give you the power to drill down and get additional details around what else the user was doing or the IP address being used as it might have additional activities that this user or other users have done.
Based on the investigation, you might deem that the behavior is risky and you want to stop the user from doing anything else. Instead of going into another section of the Office 365 management console to suspend the user’s account, you can do that directly from the alert. Microsoft also knows that sometimes the activities you are monitoring for are so risky that if they are discovered you may not want to wait for an IT Pro to review the alert and suspend the account. To help with this, you can configure a policy so that an account is automatically suspended if the activity takes place.
We have also heard from organizations that they are also looking for better control and visibility into applications that users are plugging into Office 365. Usually when users leverage applications they are unaware of what the app has permissions to. They are just trying to be more productive. To help IT Pro’s get better visibility and context into these apps we give them a way to see these apps, which users are using them, and the permissions they have. Based on this info, they have the ability to ban that applications use for all the users.
To help you better understand the process of creating an activity policy here is a quick screenshot of what the page looks like. As you can see the first drop down allows you to choose a template, but you can create your own custom one by choosing the right activity filers and customizing the match parameters
Here is also a quick look at the App Permissions feature where you can see the applications plugged into Office 365, the number of users using them, a summary view of the permissions level, what permissions it has and when it was added by users. You can also see the ability to approve or ban access.
Advanced Security Management also gives you the ability to discover information and get insights into your Office 365 usage and other cloud services to help you with any shadow IT problems. How this is done is through the Productivity App Discovery dashboard that makes it easy for you to get a snapshot of pertinent information around your Office 365 usage. You can see things like the amount of traffic your Office 365 use is generating and the number and who are the top users of O365.
It also gives you the ability to see if your users are leveraging other productivity cloud services. With the ability to discover about 1000 applications that fall into categories like collaboration, cloud storage, webmail, and others, you can better determine if there shadow IT happening in your organization. Advanced Security Management also gives you details around the top apps in each category. For example, you can see how much data is being sent to cloud storage services like OneDrive for Business, Box, Dropbox and other similar providers.
What is also great about this solution is that there is nothing to install on the user end points to collect this data. Microsoft knows that it is not always possible to install an agent on a device maybe because you have a BYOD program and you don’t want to install an agent on the user’s device. To load the data into the dashboard, all you have to do is take the logs from your network devices like your firewall or proxy and upload them via an easy to use UI. There is support for many network vendors like Blue Coat, Check Point, Cisco, Juniper, Microsoft, Palo Alto, and Websense.
To give you a better idea of what the dashboard looks like here is a screenshot. You can see at the top the high level stats, under that is the top categories and the amount of traffic that being sent to Office 365 and other apps. Near the bottom you can see the top apps for a specific category and data on their use.
As you can see Office 365 Advanced Security Management provides you with enhanced visibility and control into your Office 365 environment though:
The ability to detect threats by helping you identify high-risk and abnormal usage, security incidents, and threats.
Providing you with enhanced control by leveraging granular controls and security policies that can help you shape your Office 365 environment.
Giving you enhanced visibility and context into your Office 365 usage and shadow IT though the discovery and insights that the solution provides, all without installing an end point agent.
I would also note that as like all of our cloud services they get better over time and today we talked about all the scenarios that Advanced Security Management can help you solve. However as of today only the features available are the anomaly and activity policies, alerts for these policies and the ability to investigate the alerts. The app permissions and the cloud app discovery dashboard will be available in Q3 calendar year 2016.
Advanced Security Management has level A support in the Office 365 Compliance Framework which shows it strong privacy and security commitments to not mining customer data for advertising and no voluntary disclosure to law enforcement agencies. We are actively working toward moving toward level B though obtaining ISO and PCI certification in H2 of calendar year 2016 and SOC and HIPAA certifications in H1 of calendar year 2017.
Thanks for your time and happy to take any additional questions.
Advanced Security Management provides enhanced visibility and control to an organization’s Office 365 environment.
Today you will see some of the features included in Advanced Security Management.
Investigate an anomaly detection alert.
Create an anomaly detection policy using custom settings.
Create an activity policy using a template.
Explore the Productivity App Discovery Dashboard.
Now let’s get started!
Click anywhere on the slide to begin
To start things off, let’s navigate to the Advanced Security Management interface, from the Office 365 landing page.
Click Security and Compliance.
From here, expand the Alerts menu.
Then click on Manage advanced alerts.
Click Manage Advanced Alerts.
To start things off, let me show you where you can find Advanced Security Management. If you go to the Security and Compliance Center and find Manage advanced alerts under the alerts section, this will take you to the page where you can launch Advanced Security Management.
Click Go To Advanced Security Management.
Upon accessing the Advanced Security Management console, you will land on the Policies page.
Here you have visibility into all active policies, with an “at a glance” alert count and a severity rating for each of these policies.
Let’s take a look at the open alerts in the General anomaly detection policy by clicking on the alert counter.
Under the Count column, click 2 open alerts on the General anomaly detection line.
Let’s take a closer look at the anomaly alert regarding the user, firstname.lastname@example.org.
Click General anomaly detection email@example.com.
When we click on the alert we are presented with a summary of the alert and why it was generated.
As you can see from the alert summary:
The risk score calculated is 86%
The IP address used was from an anonymous proxy
The user firstname.lastname@example.org is an administrator
There were 3 failed login attempts
The fact that this type of activity is occurring on an administrative account is very concerning.
Now, if it is deemed necessary, we have the ability to take immediate action and suspend the user through the Resolution options.
Click Resolution options drop down menu.
Before taking action, let’s take one moment to review the Activity Log to be sure it is necessary.
Click outside of drop down menu to close.
Click scroll bar to scroll down.
The Activity log shows specific activities that were used to calculate the overall alert score.
Here you can see; there’s been quite a bit of suspicious activity that has occurred.
The Activity Log also provides you the capability to investigate the IP addresses used.
Let’s see what kind of information this IP address provides.
Click on the first 18.104.22.168. IP addresses.
As you can see, there are numerous users logging in from this same IP address.
It appears that all of the alerts seem to be logon related.
Let’s take a closer look at some of these failed login attempts.
Click on the first instance of Failed log on email@example.com.
The description shows that the user Jerry Nealy entered an invalid password several times.
This type of activity is very suspicious.
It’s not uncommon for a user to enter an invalid password a few times in a row. In this case, it is not an isolated incident involving a single user but is a repeated incident involving numerous users.
Now, let’s filter similar types of activities using the More information button.
On the far right side, click on the more options icon (3 vertically stacked dots).
Since this type of activity is very suspicious, let’s see how many other instances of this specific activity are occurring.
Click View activity of the same type.
As you can see, there are multiple failed logon attempts. This is a serious concern. Let’s scroll down to get a scope of the situation.
Through the power of the enhanced visibility provided by Advanced Security Management’s we’ve been able to discover, identify, and address various types of security concerns in a very short amount of time, reducing the amount of damage that a malicious user can cause.
After reviewing the results of an already-created policy, let’s see how easy it is to create one.
First, let’s create a custom Anomaly detection policy.
On the top navigation bar, click Control.
Click Create policy.
Click Anomaly detection policy.
For this policy creation, let’s use the following values:
Let’s leave policy template as No Template
The Policy Name will be Admin Activity
Click Policy name field.
Let’s set the description to Monitoring Admin Activity for Anomalies.
PowerPoint will type Admin Activity.
Once typing is complete, click Description field.
And the category will be left as Threat Detection.
PowerPoint will type Monitor Admin Activity for Anomalies.
We want to monitor administrative activity, so we’ll set All monitored activity to Administrative Activity
Under Activity filters, click All monitored activity drop down menu.
Click Selected activity.
Click Select a filter… drop down menu.
Click Administrative activity.
Now that the Activity filter has been set, let’s move on to the Risk Factor section.
This section contains a total of 7 subcategories:
Device and User Agent, and
All of the subcategories within the Risk factor section can be left to their default setting of on, as you see them now, or they can be turned off or applied to specific activities.
Click the Scrollbar to scroll down.
Now let’s move on to the Alerts section.
Within the Alerts section, we have the ability to set the Alerting threshold and enable email/text alerting.
To get a better understanding of Alerting threshold, let’s uncheck the Alerting threshold checkbox to expand this section.
Under Alerting threshold, uncheck the Use default severity threshold settings (recommended) checkbox.
Alerting threshold is a numeric value that will determine when alerts are generated.
The generation of alerts depends on what the Risk score bar below is set to.
The default score is 65, which means that any incidents with a Risk score of 65 or higher will generate an alert.
For this demonstration, let’s set the Risk score to 85.
Click Risk score bar.
Now let’s move on to the Alerts configuration section.
Here, we have the ability to alter how many alerts we receive daily and enable alerts by email and/or text message.
If you click on the Daily alert limit drop down menu, you can set your daily alert limit to any of several values.
Under Alerts configuration, click Daily alert limit drop down menu.
For today, let’s leave the daily alert limit as it’s default value of 5.
Click outside of the drop down menu.
Now let’s configure the email and text alerts.
To enable email alerts, first check the checkbox.
Click Send alert as email checkbox.
Then enter a valid corporate email address and hit Tab.
You are also able to enter multiple email addresses as well.
Click To: field.
Email alerts have been configured, let’s move on to configure the text message alerts.
Click Send alert as text message checkbox.
As you can see, the phone number field provides you a template to follow.
If you do not use the correct phone number format, you will receive an error message when you attempt to create the policy.
Click the phone number field.
Click the Scrollbar.
Now that the policy configuration is complete, it’s time to deploy it.
The policy has been successfully created. Now let’s move on to creating a new Activity policy using a template.
As you can see, we already have a policy to monitor for mass downloads by a single user. Now let’s see how that policy was created.
Click Activity policy.
First, let’s select a policy template from the Policy template drop down menu.
Click Policy template drop down menu.
As you can see there are a variety of templates to choose from.
For this demonstration, let’s use the Mass download by a single user template.
Click Mass download by a single user.
Click Apply template.
Now you can see that the template has been applied, filling out most of the essential fields.
Let’s continue reviewing the remaining policy settings.
Because this is a more specific policy, the parameters we monitor are more closely targeted.
This is where the Activity match parameter section comes into play, allowing us to select the specific conditions that will trigger an alert.
In this case:
The number of repeated activities is set to 30
The timeframe which this occurs (measured in minutes) is currently 5 minutes
The activity comes from a single user or the same user/app.
Under Activity match parameters, click from a single drop down menu.
Now let’s configure the Alerts.
For this policy, let’s enable the email alerts.
Click the Send alert as email checkbox.
Now that the Email alerts have been configured, let’s enable the Suspend user option by checking it’s checkbox. This will automatically suspend the user if the policy is triggered.
Under Governance: Office 365, click Suspend user checkbox.
Now the policy is ready for deployment.
With the email alerts and the suspend user features enabled, you now have peace of mind.
You will know that whenever a user violates this policy, he or she will automatically be suspended by the time you receive the email notification.
Now that you understand how straightforward it is to create and customize a policy, let’s move on to the Productivity App Discovery Dashboard.
On the top navigation bar, click Discover.
Click Discovery Dashboard.
The Productivity App Discovery dashboard provides you a high-level snapshot of pertinent information regarding your Office 365 and other productivity cloud services usage, such as the total number of apps being used (Office 365 or 3rd party), total number of users and total traffic (upload/download).
Each of the sections located on the Productivity App Discovery dashboard also provides some type of filtering, whether by specific category or a more generalized filter (apps, users, IPs, etc.).
Point Out (DO NOT CLICK): Apps, Users and Traffic.
In the Risk Levels section, click on the All Office 365 category drop-down menu.
This allowing you to acquire further details about your Office 365 usage.
On the right, click on the Traffic drop-down menu.
You also have the option to “Export to Excel”.
Point to (DO NOT CLICK): Export to Excel icon in each section . (This icon is to the right of the filter drop-down menu)
Click outside of the drop-down menu.
The Risk level section presents a graphical breakdown of your company’s application usage based on the application’s risk level.
You have either an “at a glance” view (the pie chart).
Point to (DO NOT CLICK): the pie chart.
Or the option to click on each app risk level, displaying the amount of data residing in that app risk level.
Under the Risk levels section, click on Traffic from high risk apps (1st option – Red).
Click on Traffic from medium risk apps (2nd option – Orange).
Click on Traffic from low risk apps (3rd option – Green).
The Office 365 Category section presents a breakdown of the actual amount of traffic being transmitted through Office 365 and other 3rd party apps, by clicking on the category bar.
There is also a color legend to easily identify Office 365 and 3rd party apps.
Point to (DO NOT CLICK): In the Office 365 categories section, the color legend under the Traffic drop-down menu.
Looking at the Collaboration category, most its usage is through Office 365 apps.
Under Office 365 categories section, click on the Collaboration comparison bar.
However, at a glance you can see this is not the case for Cloud Storage.
Click on the Cloud Storage comparison bar.
By clicking the Cloud Storage bar, you can see that of the 3.2 GBs of usage only 820 MBs is being stored within Office 365.
This section only provides a high-level overview of application usage.
However, the Discovered apps section breaks down application usage even further.
Let’s move on to the Discovered apps section and specify the filter to look for only cloud storage application traffic.
Under the Discovered Apps section, click the All Office 365 Categories drop-down menu.
Click Cloud Storage.
With this filter set, you can see there are a total of 50 cloud storage applications being used company-wide.
Point Out (DO NOT CLICK): To the left of the Cloud Storage drop-down menu, the total discovered Cloud Storage apps (50).
OneDrive only accounts for 820 MBs of data storage, which means the remaining 2.4 GBs is being distributed throughout the remaining 49 cloud storage applications.
To the left of the Cloud Storage drop-down menu, click the Next Page icon.
Closing remarks: As you can see Office 365 Advanced Security Management provides you with enhanced visibility and control into your Office 365 environment though:
Thank you for your time and I will be happy to take any additional questions.
Click anywhere to end the presentation.
[End of click-through] App Discovery dashboard provides you a high-level snapshot of pertinent information regarding your Office 365 and other productivity cloud services usage, such as the total number of apps being used (Office 365 or 3rd party), total number of users and total traffic (upload/download).
You have either an “at a glance” view