Reviewing Microsoft Cloud App Security Reports on G Suite Identities

Download Sample M365 Risk Assessment
Akins IT • September 20, 2019

AUTOMATING ONBOARDING STUDENTS AND USING MICROSOFT TO MANAGE G SUITE


PART 4: REVIEWING MICROSOFT CLOUD APP SECURITY REPORTS ON G SUITE IDENTITIES


PROBLEM


The typical IT admin in this scenario requires their School Information System (SIS) to synchronize student data their on-prem AD, Azure AD, and G-Suite. Currently, they feel that neither Microsoft nor Google has provided them with a convenient method with which to both effectively and efficiently manage the identities in these seemingly disparate environments


OBJECTIVE


By integrating Azure Active Directory with G-suite, we will be able to administratively manage an organization's on-prem AD, Azure AD, and G-suite identities from a single portal. In addition, with G-suite's identity management being delegated to Azure AD, we can redirect the SIS's synchronization from G-suite to either the on-prem AD or Azure AD.


In this way, we will have a continuous stream of data flowing from one entry point, that is reflected in all relevant directories. Such a seamless system will make the provisioning of identities, access permissions, and group memberships a simple process for IT administrators.


PART IV: REVIEWING MICROSOFT CLOUD APP SECURITY REPORTS ON G SUITE IDENTITIES

In this section we will be highlighting the following items:


  • Monitoring G Suite Identities with Microsoft Cloud App Security (MCAS)
  • Overview of Microsoft Cloud App Security Reports


With our G Suite Identities being managed by Azure AD, we also gain instant visibility into the sign-in activity log of our G Suite Users.

Firstly, from the screenshot above that was taken from our MCAS activity log , we can see that the user was successfully able to complete his login, as a failed login would indicate a failed attempt in both the Description and Type field.

Taking a closer look at the activity details of this user, we can see that this logged activity was a log on attempt to our G Suite app for which Azure AD SSO was configured:

Looking farther to the right of the expanded activity view of this user, we can also garner additional information on the type of device that was used to login to G Suite, and the location from which the user’s connection is originated:

Now this is but a fraction of the oversight and management of G Suite identities that can be had with Microsoft Cloud App Security. By adding G Suite as one of our connected apps directly through the MCAS portal, we can gain even more administrative control over our G Suite accounts and data:

With that said, reviewing the MCAS logs for our G Suite identities once we have Azure AD managing them is a great place to start to acquire some familiarity with its capabilities.


CREATE CONDITIONS FOR LEARNING- LEARN MORE ABOUT INTUNE FOR EDUCATION

DOWNLOAD THE INTUNE FOR EDUCATION INFOGRAPHIC
CONTACT US TO LEARN MORE ABOUT THIS TOPIC OR TO SCHEDULE A CALL

Improve Productivity with Copilot and Akins IT

By Shawn Akins December 13, 2024
Unleashing Productivity: Maximizing Potential with Copilot for Microsoft 365 and Akins IT

Collaborate Securely with Akins IT

By Shawn Akins November 25, 2024
Security Insights

Navigating the End of the Microsoft Enterprise Agreement: What It Means for Our Customers

By Shawn Akins November 13, 2024
One of the most impactful changes is the upcoming end of the Microsoft Enterprise Agreement (EA) framework, set to take effect on January 1, 2025.
More Posts