Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated: 00:00:06 - 00:05:03 Cloud services are so widespread nowadays that you can find a cloud service for almost any computer related task. However, cloud services are fraught with threats. Their popularity and availability make them a prime target for attackers who may try to gain access to your data or distribute malware via cloud services. In addition, the user does not need to have administrator privileges on a device to use cloud services. Previously, the lack of permissions to install applications prevented the possibility of installing and using non-work related applications during working hours, but now you just need to have a browser to use a cloud service. The cloud discovery component of Kaspersky Endpoint Security Cloud allows you to monitor and control the use of cloud services on protected windows devices. To configure this component, go to the Cloud Discovery section of a security profile. Cloud discovery is disabled by default. Enable it and select the services that you want to prohibit. The services are grouped into five categories. Email file sharing, messengers, social media, and miscellaneous. You can search for a particular service or ban an entire category of services. You can permit or prohibit the use of each service in the list. By default, all services are allowed to check the effectiveness of cloud discovery. Lets prohibit the use of the VKontakte social network. Find it in the list and switch the access permission to blocked. Click save during the next synchronization. These security profile settings will be applied to the protected computers. Now when users try to open Seacom, they will see a message that access to this website is prohibited according to the social media rule. Office 365 cloud storages are closely related to employees work, which may involve business critical and sensitive data, information protected by GDPR or other similar laws, as well as business critical information, can be emailed and stored in SharePoint and OneDrive. If employees violate storage rules, such information may leak out, which may damage the company's reputation and result in very large fines. Wherever such information is stored. Access must be strictly controlled, and people for whom it is not intended must have no access to it. Kaspersky Endpoint Security Cloud is able to detect critical information in the files saved to an office 365 cloud storage. The data discovery tool can inform the administrator about files containing confidential data that are stored in office 365. Data discovery scans file contents and compares this information with multiple personal data templates. All files containing such data are added to a special list. You can activate the data discovery component either from the monitoring tab of the Kaspersky Endpoint Security Cloud main page, or from the Security Management Data Discovery page. To activate data discovery, specify the username and password of an office 365 administrator account and grant the DLP scanner component of Kaspersky Endpoint Security Cloud permissions to read all files, groups, directories, and user profiles. After that, data discovery will automatically start scanning office 365 storages for confidential information. A special office 365 test storage contains files with character sets that match templates of bank card numbers, driver's licenses, Social Security numbers, and others. When scanning is complete, you can see ten detected files that contain confidential information in the Data Discovery section of the Information Panel monitoring page. To open the complete list, click go to List of Detections. This link takes you to the Data Discovery Detections page. You can see the full list of detected files there. Detailed information is available for each file. The date of the last change. Category of detected sensitive data. File access permissions. File name who edited the file and in which office 365 service the file was detected. Click the file name to drill down. You will see the type of data found full path to the file and linked it. You can sort the list of detected files by the service where they were found, or use an extended filter that allows you to select files by date of the last change data categories access type who edited the file and the name of the service where the file was detected. From the security viewpoint, the administrator should pay attention to the type of access configured for confidential and critical data access that is open to the company or to everyone, means that not only the person working with the file can access that information, which may violate the company's data processing and storage policy. If administrators find a file that is not stored as stipulated by the policy, they can alert the employee to the violation and request that the type of file access is changed. To change the type of file access from company to private. Open the file menu in the office 365 interface. Select Manage Access and click Stop Sharing. After that, the file will be available only to its owner. Restricting access to confidential and critical files greatly reduces the ability of adversaries to steal them.5170