Shadow IT Assessment Workshop (Full - 4 consulting days, 3 days onsite) | IT Partner

IT Partner

Building a future with Microsoft Cloud Technologies

Shadow IT Assessment Workshop (Full - 4 consulting days, 3 days onsite)

category by product:
category by type:
  • Duration: 3 weeks;
  • Price: $4,500;
  • SKU: ITPWW160TRNOT;

Shadow IT is a term that refers to applications and infrastructure that are managed and utilized without the knowledge of the enterprise’s IT department. The Shadow IT Assessment is a structured engagement helping customers discover Shadow IT. The assessment uses Microsoft Cloud App Security to evaluate usage of cloud applications and services from within an organization network.

  1. IT Partner is responsible for
  2. Client is responsible for
  3. Prerequisites
  4. Plan
  5. Example Schedule
  6. Results

Our objective is to deliver the Shadow IT Assessment, including:

  • Good security principals cover people, process and technology solutions.
  • Improve the security posture when it comes to usage of cloud applications and services.
  • The Assessment is based on the discovery of usage of cloud applications and services

IT Partner is responsible for

  • Gain an understanding of customer’s cloud security objectives and requirements towards cloud usage and verify them against real usage of cloud applications and services
  • Provide guidance, recommendations and best practices on how to successfully use Microsoft Cloud App Security (CAS) to mitigate security threats that are associated with usage of cloud application and services
  • Provide a prioritized and actionable road-map for the customer containing proposed actions based on user impact and implementation cost
  • Map Microsoft CAS capabilities and partner services to assessment findings, taking into account customer’s security objectives and requirements

Client is responsible for

  • Information: This includes accurate, timely (within three business days or as mutually agreed upon), and complete information.
  • Access to people. This includes access to knowledgeable Customer personnel, including business user representatives, and access to funding if additional budget is needed to deliver project scope. Access to knowledgeable personnel who manage the firewalls, can provide credentials for log extraction, and can alter firewall rules if necessary.
  • Access to systems. This includes access to all necessary Customer work locations, networks, systems, and applications (remote and onsite)
  • A work environment. This consists of suitable work spaces, including desks, chairs, and Internet access.

Prerequisites

  • Office 365 tenant and Microsoft Cloud App Security service.Either customer production Office 365 tenant with CAS (through E5 license) or trial Office 365 tenant and CAS trial (for up to 30 day).
  • Access to logs from customer firewalls or proxies.
  • Infrastructure to host Log Collector (if applicable) More info .

Plan

The Shadow IT Assessment typically consists of an up to a two-hour remote kick-off meeting followed by on-site assessment workshops split into three days (Day 1, 2 and 3) over up to four consecutive weeks, preceded by preparations and followed by clean-up activities.

Week One – Kick-Off

  • Introduction to the engagement: objectives, flow, responsibilities and governance.
  • Provide and explain pre-assessment questionnaire to the customer.
  • Make key decisions on resources and tools that will be used in the engagement.

Week Two – Day 1

Day 1 – Education & Setup, whole-day on-site workshop

  • Review of questionnaire in order to get mutual understanding, especially over customer’s cloud usage and associated security objectives and requirements.
  • Provide education and readiness on Microsoft Cloud App Security.
  • Technical Setup of tools (tenant setup, log upload, Log Collector).

Week Three or Four – Day 2

Day 2 – Exploration & Discovery, whole-day on-site workshop

  • Review of the CAS report(s) with the customer.
  • Exploration of specific use cases of cloud usage in the portal.
  • Creation of final report from engagement highlighting discovered cases of Shadow IT (usage of unapproved cloud applications or services).
  • Creation of Cloud Usage Visibility and Control road-map.

Week Three or Four – Day 3

Day 3 – Review & Road-map, half-day on-site (or remotely delivered) workshop

  • Presentation and discussion of of final report from engagement highlighting discovered cases of Shadow IT (usage of unapproved cloud applications or services).
  • Review of Cloud Usage Visibility and Control road-map.

Week Three or Four – Day 3

  • Removing uploaded logs.
  • Decommissioning of Log Collector.
  • Closing Office 365 and CAS trials (if needed).

Please note. There’s a specific need for extra time to be inserted:

  • between Kick-off and Day 1 – at least 1 week – time necessary for customer to prepare and fill in the questionnaire, as well as time for the IT Partner to prepare some engagement tools (trial Office 365 tenant and trial CAS)
  • between Day 1 and Day 2:
    • at least 2 – 3 days if using the manual method of uploading logs to CAS – this time is needed for CAS to parse and analyze logs .
    • at least 2 (ideally 3) weeks if logs are uploaded to CAS automatically via the Log Collector – this time is needed to collect, parse and analyze a reasonable amount of logs.
  • between Day 2 and Day 3 – these days can potentially be adjacent, but in case of more sophisticated customers it is advisable to insert a day or two to allow the partner delivery resource to work on preparation of engagement deliverables.

Example Schedule

Day One

Workshop

Description

Outcome

Customer attendees

Time

On-site Engagement Overview

Provides an overview of the on-site agenda and goals as well as an opportunity to cover Q&A and project governance.

Agreed plan and schedule for the on-site assessment.

All project team

60 minutes

Review Questionnaire

Review the completed questionnaire.

Prioritized list of security requirements.

All project team

60 minutes

Introduction to Cloud App Security

Overview of Microsoft CAS outlining Microsoft‘s approach to getting visibility and control over cloud usage.

Sets the stage and provides a high-level overview of Microsoft CAS features.

Security Architects

Security Engineers

Network Engineers (if applicable)

O365 Tenant Admin

60 minutes

Lunch

60 minutes

Demonstrate Cloud App Security visibility and control over cloud usage

Get a better understanding of Microsoft‘s approach to getting visibility and control over cloud usage.

Deep dive into selected of Microsoft CAS features (especially ”Discovery”).

Security Architects

Security Engineers

Network Engineers (if applicable)
O365 Tenant Admin

60 minutes

Technical Setup with the customer

Setting up O365 and CAS for Shadow IT discovery.

Logs from customer’s firewalls/proxies provided to CAS for analysis.
Log Collector deployed, if needed.

Security Engineers

Network Engineers (if applicable)

O365 Tenant Admin

180 minutes

Day Two

Workshop

Description

Outcome

Customer attendees

Time

Guided exploration with the customer

Review of the CAS report(s) with the customer.
Exploration of specific use cases of cloud usage in the portal.

Visibility into cloud usage in customer’s environment.

Security Architects

Security Engineers

O365 Tenant Admin

180 minutes

Lunch

60 minutes

Create Shadow IT Discovery report

Creation of final report from engagement highlighting discovered cases of Shadow IT (usage of unapproved cloud applications or services).

Discovery report.

None.

NOTE: occasional access to O365 Tenant Admin might be necessary.

180 minutes

Create Cloud Usage Visibility and Control roadmap

Creation of prioritized and actionable roadmap for the customer containing proposed actions, considering user impact and implementation cost


NOTE: actions can include: user awareness campaigns / training, blocking/control mechanisms, deployment of discovery/control through Microsoft CAS deployment

Cloud Usage Visibility and Control roadmap.

None.

60 minutes

Day Three

Workshop

Description

Outcome

Customer attendees

Time

Review of Shadow IT Discovery report

Presentation and discussion of final report from engagement highlighting discovered cases of Shadow IT (usage of unapproved cloud applications or services).

Mutual understanding of Discovery report.

All project team

120 minutes

Review of Cloud Usage Visibility and Control roadmap

Presentation and discussion of prioritized and actionable roadmap for the customer containing proposed actions, considering user impact and implementation cost

Mutual understanding of Cloud Usage Visibility and Control roadmap.

All project team

30 minutes

Project close-out and Next steps

Summary and discussion of next steps.

Provide an engagement summary and clear steps with tangible outcomes.

All project team

30 minutes

Lunch

60 minutes

Project CleanUp

Removing uploaded logs, decommissioning of Log Collector, closing O365 and CAS trials.

Customer environment left in clean state.

O365 Tenant Admin

60 minutes

Results

  • Kick-off Presentation (work product), overview of the engagement covering vision and objectives, requirements and next steps.
  • Pre-Assessment Questionnaire (work product), a questionnaire containing questions on cloud usage/adoption, security requirements and objectives, regulations and frameworks.
  • Shadow IT Discovery Report (deliverable), a document containing a list of discovered possible Shadow IT usage, and recommendations for further investigation of these.
  • Cloud Usage Visibility and Control Road-map, a prioritized, actionable road-map for addressing discovered cloud usage, especially its Shadow IT aspect, including mapping capabilities of Cloud App Security in customer environment.

Do you have questions? Want to discuss your project? Please schedule a call back.

Request a call back