Skip Navigation

Case Studies:Establishing Full Visibility of Shadow IT for Large Insurance Company

The Challenge

This large insurance organization faced a challenge of having full visibility of cloud app usage in their organization. Making sound decisions became difficult, as data sources derived from monitoring and reporting from several security services, resulting in known gaps with security & compliance requirements.

The Solution

AIS deployed Microsoft Defender for Cloud Apps (formerly Microsoft Cloud App Security) to gather insight on all cloud app usage from various security data points, such as firewalls, web proxies, and endpoints.

The Results

Microsoft Defender for Cloud Apps empowered the IT cybersecurity team with a single glass pane of cloud app usage and insights correlating with associated identities, enabling IT leadership to make sound decisions on cloud apps leveraged for business processes and establishing an app rationalization program where cloud apps must meet specific security & compliance requirements.

Our client is one of the largest national and top ten global providers of term life insurance. Their teams partnered with AIS for several engagements, including an email migration from Exchange on-premises to Microsoft 365, onboarding mobile devices and configuring mobile app protection via Microsoft Endpoint Manager (formerly Intune), and onboarding Windows desktop OS and Windows/Linux server OS systems via Microsoft Defender for Endpoint. The immediate challenge was identifying cloud app usage across the entire organization and analyzing risk based on organizational security & compliance requirements.

We tackled a few large tasks during the engagement when deploying Microsoft Defender for Cloud Apps:

  • Finding an initial balance of applying security best practices and business & organizational requirements
  • Ensuring optimal user experience with Microsoft 365 and other third-party cloud apps
  • Solidifying the best process approach to security operations while leveraging a cloud application security broker (CASB).

AIS structured the engagement in several phases, including:

  • Discovery & Design
  • Build & Test
  • Data Collection
  • Implementation

Microsoft Defender to the Rescue

During the two-week discovery & design phase, AIS inventoried all security services and appliances. These included firewalls, web proxies, SIEM, DLP, endpoint protection, and any cloud apps leveraging Azure Active Directory as an identity provider for SAML-based authentication. We then designed a solution for the security services & appliances feeding into a log collector to allow for automatic log upload to Microsoft Defender for Cloud Apps.

During the two-week build & test phase, AIS configured Microsoft Defender for Cloud Apps. We began ingesting syslogs from the log collector and confirmed successful data received and continuous analysis observed from the Microsoft CASB solution. The one-week data collection phase consisted of reviewing executive reports with key stakeholders. This group included top non-compliant and high-risk cloud apps leveraged by the organization, resulting in the implementation plan’s finalization. We connected third-party cloud apps via Conditional Access App Control and App Connectors in Microsoft Defender for Cloud Apps during the four-week implementation phase.

Our team then applied session policies to monitor and restrict certain browser activities (e.g., cut, copy, paste, print, etc.). The implementation plan consisted of structuring a cloud app discovery policy for automated app tagging (i.e., sanctioned, unsanctioned, and monitored). This allowed for reporting and further actions taken against cloud apps tagged as unsanctioned.

Customer Satisfaction Achieved

The insurance provider was able to realize complete customer satisfaction. AIS armed the customer’s cybersecurity team with insights on shadow IT in their organization and the ability to make sound business decisions, satisfying security & compliance requirements while maintaining user experience. We brought a plethora of skills and expertise in delivering security solutions and implementations to customers, including shadow IT elimination, Zero Trust Framework, and regulatory compliance and auditing programs for CMMC and NIST.

As a Microsoft Gold Partner, AIS specializes in delivering solutions revolving around the security & compliance areas, both commercial and federal. Customer engagement is a large focus for AIS. We engage with the customer to understand, recognize, and acknowledge the organizational security & compliance standards and identify the industry compliance regulatory standards. In addition, AIS continues to upskill in the security & compliance pillar, leveraging Microsoft security products and providing excellent customer satisfaction before, during, and after an engagement.

Seeking similar outcomes?

Learn how AIS can help you implement technology solutions that deliver real business results.

Contact Us to Get Started