Implement information protection policies with Microsoft Defender for Cloud Apps
Microsoft Defender for Cloud Apps file policies continually monitor files to protect sensitive data. You can create policies to perform many tasks including:
- Detect or block external sharing of confidential or sensitive data.
- Detect and encrypt sensitive data at rest.
- Detect stale externally shared data.
- Detect data access from an unauthorized location.
- Detect and protect confidential data store in a non-compliant SharePoint site.
- Detect externally shared source code.
- Detect unauthorized access to group data.
- Detect publicly accessible Amazon Web Services S3 buckets.
- Block downloads for external users in real time.
- Enforce read-only mode for external users in real time.
- Block upload of unclassified documents in real time.
To manage policies, perform the following steps:
Navigate to https://portal.cloudappsecurity.com.
Select Control and select Policies.
Examples of managing specific policies are in subsequent units of this module.
The following video gives you an overview of how to protect cloud storage apps with Microsoft Defender for Cloud Apps: