In my recent blog posts, I explained few features of azure cloud app security. In this post also, I am going to explain another feature of it. if you not read my previous posts you still can access it using,

Step-by-Step guide to manage Impossible travel activity alert using Azure cloud app security – http://www.rebeladmin.com/2018/09/step-step-guide-manage-impossible-travel-activity-alert-using-azure-cloud-app-security/

Step-by-Step guide to block data download using Azure Cloud App security – http://www.rebeladmin.com/2018/09/step-step-guide-block-data-download-using-azure-cloud-app-security/

In applications, we are using different type of data. Some of these types of data are very sensitive. Credit card numbers, social security numbers, phone numbers are some examples for that. using cloud app security, we can control access to files contains sensitive data. In my demo environment I have salesforce app. it contains some files with credit card information. I do not want anyone to download these files. Let’s see how we can do it using cloud app security.

Before we start, we need to integrate salesforce with cloud app security. I have explain it in details in my previous post http://www.rebeladmin.com/2018/09/step-step-guide-block-data-download-using-azure-cloud-app-security/ so I am not going to repeat it in here ?.

1. Once integration is done, go to https://portal.cloudappsecurity.com and login as global administrator

2. Go to Settings | Conditional Access App Control

3. Now we should be able to see salesforce under conditional access app control apps tab.

4. Click on session control to create new session control policy.

5. Then under create policy click on Session policy